CRUD MYSQL Appinventor

30.6.19 ilham.sp 0 Comments

0 komentar:

Convert Private Key Format menggunakan Putty

30.6.19 ilham.sp 0 Comments



Before You Begin

Purpose

This tutorial shows you how to change your private key format, to use with PuTTY, which is a Secure Shell (SSH) client for Windows that can connect to a remote machine. If you're using SSH on Linux, then this tutorial isn't for you.

Time to Complete

Approximately 10 minutes

Background

PuTTY doesn't support the SSH private key format created by the Oracle Cloud wizards, so you have to convert the private key to the PuTTY required format. To connect to a remote machine with PuTTY, your private key should have a ppk format.

What Do You Need?

  • Windows
  • PuTTY http://www.PuTTY.org
  • An SSH private key file unzipped from the ssheybundle.zip, provided when you created an Oracle Cloud service instance
 

Run the PuTTYgen

After you download and install PuTTY:
  1. Make a copy of your private key just in case you lose it when changing the format.
  2. From the Start menu, go to All Programs then PuTTY and then PuTTYgen and run the PuTTYgen program.
  3. In the Parameters section:
    • For Type of Key to generate, select SSH-2 RSA.
    • For Number of bits in a generated key, leave the default value of 2048.
  4. Click Load.
  5. Oracle headquarters buildings
    Description of this image
 

Changing the Format of the SSH Key

For this tutorial, we assume that you already created an Oracle Cloud service instance named DB12C-ABC. and that you have a privateKey file unzipped from the sshkeybundle.zip that's generated when creating the service instance.
If you don't have these, then create a cloud service instance and generate a public/private key pair for it.
Note: Some Oracle Public Cloud services such as Oracle Storage Cloud Service don't provide access to their VMs with private keys. Instead you use REST API calls to access the service. This tutorial is for cloud services that allow SSH access to their VMs and therefore, you create a public/private key for the SSH access.
  1. Change the PuTTY Private Key Files (*.ppk) drop-down menu option to All Files (*.*).
  2. Oracle headquarters buildings
    Description of this image
  3. Find and select the Private Key file that you unzipped from the sshkeybundle.zip file, after you created an Oracle Cloud service instance. In this example, it's called privateKey.
  4. Oracle headquarters buildings
    Description of this image
  5. Click Open.
  6. In the PuTTYgen Notice dialog box, click OK.
  7. Oracle headquarters buildings
    Description of this image
  8. Change the key comment from imported-openssh-key to something meaningful. This comment appears on your PuTTY screen when you connect to your VM.
  9. Click Save private key.
  10. Oracle headquarters buildings
    Description of this image
  11. In the PuTTYgen Warning dialog box, click Yes.
  12. Oracle headquarters buildings
    Description of this image
    Note: The warning message suggests that you use a passphrase for extra privacy so no one can access the instance with just the private key. However, having a passphrase makes it complicated to automate, so decide whether or not to add a passphrase in the field.
    If you decide to enter a passphrase, then remember it, because you can't access the instance without it.
    Note: If you're planning to use the private key with the ppk format for a SOCKS5 proxy connection on Linux, then you must set a passphrase. An easier way is to use the private key without the ppk format.
  13. Name the privateKey.ppk file and save as type .ppk (PuTTY Private Key Files), by entering the .ppk extension. This ensures that you aren't overwriting the original private key.
  14. Oracle headquarters buildings
    Description of this image
  15. Click Save, close the PuTTY Key Generator window and remember the location of the private key file for future use.
    Another option is to convert the ppk format to an OpenSSH format using the PuTTygen program performing the following steps:
  1. Run the puTTygen program.
  2. Click Load.
  3. Select your private key that ends in .ppk and then click Open.
  4. Click the Conversions menu option.
  5. Click Export OpenSSH key.Oracle headquarters buildings
  6. If you want a passphrase, enter it in the Key passphrase field and confirm it. Ensure that you know this passphrase later, because it's not retrievable.
  7. If you didn’t choose a passphrase, confirm that you don’t want one.Oracle headquarters buildings
  8. Give your private key a new name. For example SSHprivateKey and then click Save.Oracle headquarters buildings
  9. Close the puTTygen program.
  10. Confirm that your new private key has been saved in the location that you specified.Oracle headquarters buildings

Sumber : https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/ggcs/Change_private_key_format_for_Putty/Change_private_key_format_for_Putty.html

0 komentar:

Menggenarate publik key menggunakan Putty

30.6.19 ilham.sp 0 Comments

Pada Windows


This page is about PuTTYgen on Windows. For the Linux version, see here.
PuTTYgen is an key generator tool for creating SSH keys for PuTTY. It is analogous to the ssh-keygen tool used in some other SSH implementations.
The basic function is to create public and private key pairs. PuTTY stores keys in its own format in .ppk files. However, the tool can also convert keys to and from other formats.
PuTTYgen.exe on Windows is a graphical tool. A command-line version is available for Linux.

PUTTYGEN DOWNLOAD AND INSTALL

PuTTYgen is normally installed as part of the normal PuTTY .msi package installation. There is no need for a separate PuTTYgen download. Download the PuTTY installation package. For detailed installation instructions, see PuTTY installation instructions.

RUNNING PUTTYGEN

Go to Windows Start menu → All Programs → PuTTY→ PuTTYgen.
PuTTYgen started

CREATING A NEW KEY PAIR FOR AUTHENTICATION

To create a new key pair, select the type of key to generate from the bottom of the screen (using SSH-2 RSA with 2048 bit key size is good for most people; another good well-known alternative is ECDSA).
Then click Generate, and start moving the mouse within the Window. Putty uses mouse movements to collect randomness. The exact way you are going to move your mouse cannot be predicted by an external attacker. You may need to move the mouse for some time, depending on the size of your key. As you move it, the green progress bar should advance.
Once the progress bar becomes full, the actual key generation computation takes place. This may take from several seconds to several minutes. When complete, the public key should appear in the Window. You can now specify a passphrase for the key.
You should save at least the private key by clicking Save private key. It may be advisable to also save the public key, though it can be later regenerated by loading the private key (by clicking Load).
PuTTYgen generating RSA SSH key
We strongly recommended using a passphrase be for private key files intended for interactive use. If keys are needed for automation (e.g., with WinSCP, then they may be left without a passphrase.
puttygen created key and asking for passphase to save private key

INSTALLING THE PUBLIC KEY AS AN AUTHORIZED KEY ON A SERVER

With both Tectia SSH and OpenSSH servers, access to an account is granted by adding the public key to a ~/.ssh/authorized_keys file on the server.
To install the public key, Log into the server, edit the authorized_keys file with your favorite editor, and cut-and-paste the public key output by the above command to the authorized_keys file. Save the file. Configure PuTTY to use your private key file (here keyfile.ppk). Then test if login works. See configuring public key authentication for PuTTY.

MANAGING SSH KEYS

In larger organizations, the number of SSH keys on servers and clients can easily grow to tens of thousands, in some cases to millions of keys. In large quantities, SSH keys can become a massive security risk and they can violate compliance requirements. In the worst case, they could be used to take down a Fortune 500.
The Universal SSH Key Manager can manage PuTTY keys in addition to OpenSSH and Tectia keys. It works with legacy keys on traditional servers as well as dynamic and keyless elastic environments in the cloud. Any larger organization should ensure they have proper provisioning and termination processes for SSH keys as part of their Identify and Access Management (IAM) practice.

CHANGING THE PASSPHASE OF A KEY

It is recommended that all SSH keys be regenerated and changed periodically. The Universal SSH Key Manager can automate this. Just changing the passphrase is no substitute, but it is better than nothing. These instructions can also be used to add a passphrase to a key that was created without one.
To change the passphrase, click on Load to load an existing key, then enter a new passphrase, and click Save private key to save the private key with the new passphrase. Be sure to properly destroy and wipe the old key file. Creating a new file with a new passphrase will not help if the old file remains available.

VIDEOS ILLUSTRATING USE OF PUTTYGEN

USING PUTTYGEN TO GENERATE AN SSH KEY

HOW TO SET UP PUTTY SSH KEYS FOR PASSWORDLESS LOGINS USING PAGENT


 Pada Linux


This page is about PuTTYgen on Linux. For the Windows version, see the PuTTYgen on Windows page.
Puttygen is the SSH key generation tool for the linux version of PuTTY. It works similarly to the ssh-keygen tool in OpenSSH.
The basic function is to create public and private key pairs. PuTTY stores keys in its own format in .ppk files. However, the tool can also convert key formats.

INSTALLATION

In some Linux distributions, the puttygen tool needs to be installed separately from the Putty client. For example, in Debian Linux, the following command will install it:
sudo aptitude install putty-tools

CREATING A NEW KEY PAIR FOR AUTHENTICATION

To create a new key pair for authentication from the command line, use something like:
puttygen -t rsa -b 2048 -C "user@host" -o keyfile.ppk
It is strongly recommended that a passphrase be used for key files intended for interactive use. Key files used for automation (e.g., with WinSCP should generally have an empty passphrase.

INSTALLING THE PUBLIC KEY AS AN AUTHORIZED KEY ON A SERVER

With both Tectia SSH and OpenSSH servers, access to an account is configured by generating a public key, copying the public key to the server, and adding the public key to a ~/.ssh/authorized_keys file.
To extract the public key, use:
puttygen -L keyfile.ppk
Then log into the server, edit the authorized_keys file with your favorite editor, and cut-and-paste the public key output by the above command to the authorized_keys file. Save the file. Configure PuTTY to use your private key file (here keyfile.ppk). Then test if login works. See configuring public key authentication for PuTTY.

CHANGING THE PASSPHASE OF A KEY

It is recommended that all SSH keys be regenerated and changed periodically. The Universal SSH Key Manager can automate this. Just changing the passphrase is no substitute, but it is better than nothing. These instructions can also be used to add a passphrase to a key that was created without one.
Use the following command to change the passphrase:
puttygen keyfile.ppk -P
This will prompt for the new passphrase, and write the result back to keyfile.ppk with the new passphrase.

EXPORTING A PRIVATE KEY TO TECTIA SSH OR OPENSSH

It is rarely necessary to export a private key from PuTTY to Tectia SSH or OpenSSH. However, the process is described here, as it can sometimes be necessary when, for example, an application is moved to Linux in the cloud and the destination server of a file transfer cannot easily be reconfigured to change an authorized key.
Tectia SSH and OpenSSH both support the OpenSSH private key file format, so using that key file format is described here. Tectia SSH also supports certain other formats.
To convert an existing PuTTY private key for Tectia or OpenSSH, use the command:
puttygen keyfile.ppk -O private-openssh -o keyfile
Then copy keyfile to the .ssh directory on the host where Tectia or OpenSSH will be run.

COMMAND LINE OPTIONS

The basic command line of PuTTYgen:
  • Specifies a key file to read or a key type and size to generate.
  • Optional action to perform (e.g., change passphrase)
  • Optional output type and output file.
The basic command line is:
puttygen [-t keytype [-b bits] [-q] | keyfile]
         [-C new-comment] [-P]
         [-O output-type | -p | -l | -L]
         [-o output-file]
The options are:
keyfile Name of existing key file to read, when modifying an existing key.
-t keytype Specifies to the type of a new key to generate. Acceptable values include rsa and dsarsa1 is also supported to generate legacy SSH-1 keys, but they should never be needed any more.
-b bits Specifies the number of bits in the key. For DSA keys, 1024 is a decent size. For RSA keys, 2048 or even 4096 bits are recommended.
-q Suppresses messages about progress during key generation.
-C new-comment Specifies comment to describe the key. The comment does not impact the operation of the key. The comment can be specified for new keys or for existing keys to change their comment. Typically the comment would be used to identify the key owner, but since any value can be specified, it cannot really be relied upon.
-P Requests to change the key's passphrase. The tool will prompt for a new passphrase. It is not possible to specify a passphrase on the command line. The passphrase will be used to encrypt the private key. See more details on passphrases and how to generate good ones.
--old-passphrase-file file Specifies a file from which to read the old passphrase of the key. This is only needed if manipulating an existing key that is protected by a passphrase.
--new-passphrase file Specifies new passphrase for the key. This can be used when creating a new key, or with the -P option to change the passphrase.
-O output-type Specifies what to output. By default, the private key is output. The following values can be specified:
  • private Save the private key in the proprietary PuTTY key format as a .ppk file.
  • fingerprint Outputs the fingerprint of the key. The fingerprint uniquely identifies the key and can, for example, be read over the phone to ensure the key is the intended one.
  • public Save the public key corresponding to the private key. For SSH2 keys, the public key will be output in the format specified by RFC 4716. This format is supported by, e.g., Tectia SSH. Keys in that format look like this:
    ---- BEGIN SSH2 PUBLIC KEY ---- Comment: user@example.comAAAAB3NzaC1yc2EAAAABIwAAAIEA1on8gxCGJJWSRT4uOrR13mUaUk0hRf4RzxSZ1zRb YYFw8pfGesIFoEuVth4HKyF8k1y4mRUnYHP1XNMNMJl1JcEArC2asV8sHf6zSPVffozZ 5TT4SfsUu/iKy9lUcCfXzwre4WWZSXXcPff+EHtWshahu3WzBdnGxm5Xoi89zcE= ---- END SSH2 PUBLIC KEY ----
  • public-openssh Save the public key ony, in OpenSSH's proprietary format. The format is also supported by Tectia SSH. like this:
    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN+Mh3U/3We4VYtV1QmWUFIzFLTUeegl1Ao5/QGtCRGAZn8bxX9KlCrrWISIjSYAwCajIEGSPEZwPNMBoK8XD8Q= cow@example.com
  • private-openssh Converts the private key to OpenSSH's format. This can only be used for SSH2 keys.
  • private-sshcom Converts the private key to the format used by Tectia SSH.
  • private-openssh Coverts the private key to the format used by OpenSSH. This format is also supported by Tectia SSH.
-l Same as -O fingerprint.
-L Same as -O public-openssh.
-p Same as -O public.
-o output-file Specifies the output file. This option is mandatory when generating a new key. Otherwise, when changing the passphrase or comment, the default is to overwrite the original file. When outputting a public key or fingerprint, the default is standard output.
-h or --help Outputs help text and usage summary.
-V or --version Outputs version number of the tool.
--pgpfp Outputs the fingerprints of the PGP Master keys used for signing new versions of PuTTY.

0 komentar:

Menggunakan Filezilla dengan mode SSH untuk mengantikan FTP Server

30.6.19 ilham.sp 0 Comments

Before proceeding, users must have:
1. Generated a private/public key pair.  On Windows, there are several ways to do this.  We have documented one way using PuTTY.  Instructions can be found here (Filezilla hanya mengenal private key yang ber ekstensi .ppk (private key yang di generate menggunakan putty).
2. Uploaded the PUBLIC key to the CCR identity management portal.  Instructions can be found here


Once these steps are complete, launch Filezilla and choose Site Manager from the File menu:


Hostname: transfer.ccr.buffalo.edu  NOTE: we recommend using the transfer server for faster networking; however, you can enter any CCR login server name here
Port: 22
Protocol: SFTP (select from drop down menu)

Logon Type: Key file (select from drop down menu)
User:  your_username
Key file:  Click browse and navigate to the location of your PRIVATE keyfile

Click Connect.


The Site Manager window will close and you'll see the the transfer window.  Your local files are on the left and your CCR home directory is on the right.:



0 komentar:

Seting Koneksi Mysql Workbench ke Mysql sever Via SSH yang menggunakan Private Key

30.6.19 ilham.sp 0 Comments

Once we have your SSH key on our server, configure MySQL Workbench to connect. First, open MySQL Workbench and click the + icon next to MySQL Connections.
mysqlb1
You will see a screen similar to this appear:
mysqlb-setup
For Connection Method, select Standard TCP/IP over SSH
Set the name to whatever you want, preferably an easily recognizable label.
Under the Parameters Tab, enter the following information:
SSH Hostname: Your server IP address or URL
SSH Username: {your SSH username}
SSH Password: leave blank/click “Clear” to be safe
SSH Keyfile: ~/.ssh/id_rsa (or if using Windows the keyfile generated by PuTTy)
MySQL Hostname:
 127.0.0.1
MySQL Port: 3306
Username: (We will provide this – your database username)
Password: (We will provide this – your database password)
Click the Advanced tab and make sure Use the old authentication protocol is checked.
mysqlb-advanced
Press Test Connection to see if it works. You should see a similar message:
success
If so, click OK and then double-click the entry to connect.

0 komentar:

Membuat Banner (Welocme Message) pada SSH Centos 7

30.6.19 ilham.sp 0 Comments


How to Setup Linux Login Banner on CentOS 6 / CentOS 7


Linux Login Banner
Most system administrators have applied linux login banner on their servers. The purpose of this linux login banner is to show some messages or warnings when ssh session connected and before entry. The message displayed in the linux login banner is dedicated either to the system administrator who wants to perform routine system maintenance or intruders who want to launch brute force attacks on the server.

Linux Login Banner on CentOS 6 / CentOS 7 / RHEl 7 / Oracle Linux 7

To enable this in ssh you have to follow this simple steps:
1. Create a /etc/mybanner file and fill it with your desired message as below
# vi /etc/mybanner
Unauthorized access to this machine is prohibited
Only authorized System Administrator can access to this system
Press  if you are not an authorized user
Save and Quit the mybanner file.
Optionally you can give warning as below if it is involved a server with highly confidential information:
This service is restricted to authorized System Administrator only. All activities on this system are logged. Unauthorized access will be fully investigated and reported to the appropriate law enforcement agencies.
2. Edit /etc/ssh/sshd_config, to look like this Banner /etc/mybanner
113
114
115 # default banner path
116 Banner /etc/mybanner
117
118
3. Restart sshd service sshd restart
4. Test your session
login as: root
Unauthorized access to this machine is prohibited
Only authorized System Administrator can access to this system
Press  if you are not an authorized user
root@192.168.2.5's password:

Sumber : https://webhostinggeeks.com/howto/linux-login-banner/

0 komentar: