How Do I Connect My Mac to Windows?

Reading Time: 1 minute

Mac users work in their native Unix environment are familiar with using the terminal to SSH into their Linux based servers. When using a Mac to log into a Windows environment, or vice versa,  the task is performed differently. Window machines use a different protocol, one aptly named RDP (Remote Desktop Protocol). For our tutorial, we’ll explore how to use your Mac to connect to a Windows server.  Let’s get started!

 

Pre-flight

 

Step 1:  Open Finder >> Applications >> App Store.  We’ll be going to the App Store to download Microsoft Remote Desktop.

 

Step 2. Use the search bar to locate Microsoft’s Remote Desktop. Select Get >> Install App. After installed, click on the Microsoft Remote Desktop icon in your Applications folder.

Note
iCloud is absolutely free, but they require a valid credit card on file, even for free apps.

 

Step 3: Launch the app by finding it in your Applications folder.

 

Step 4: For our connection select + New and fill out the information in the highlighted boxes for the Windows server.Connection Name: A nickname to identify this connection

PC Name: Window’s server IP address

User Name: Administrator

It seems counter-intuitive but close the edit window to save the settings. Immediately, you’ll see the server show up in your My Desktops list.

 

Step 5: Click on the server name to connect to your Windows environment. If all the information was correctly entered you’ll see the Window’s environment with the familiar Windows desktop background.

 

Troubleshooting: Can’t Resolve Hostname

Reading Time: 2 minutes

You may find the “can’t resolve hostname” or “temporary failure in name resolution” error when using retrieval command like wget, cURL, ping or nslookup. There are many reasons why these commands can cause an error, including file corruption.  For the sake of brevity, we look towards commonalities between these commands to solve the issue.

These commands connect to the Internet using gateways to communicate and provide information.   If the connection from your local machine, in this case, a CentOS server, is disconnected you’ll likely run into issues trying to access the world wide web. In this troubleshooting tutorial, we’ll show you some common solutions to connectivity issues.

Step 1: Amongst many other configuration tasks, the resolv.conf file is used to resolve DNS requests. Manually editing the resolv.conf file to configure name resolution will only do so temporarily. The Network Manager controls this essential /etc/resolv.conf file to create permanent changes. So, we’ll first stop and disable the Network Manager:

Note
Be sure to run these commands as the root user, or a privileged user using sudo before each command.

chkconfig NetworkManager off; service NetworkManager stop

 

Step 2: The method for permanent changes is to edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file instead of resolv.conf file. Open the file:

vim /etc/sysconfig/network-scripts/ifcfg-eth0

Next, we’ll set our DNS IP’s to use Google’s Public DNS (8.8.8.8 & 8.8.4.4).

DEVICE="em1"
BOOTPROTO="static"
DNS1="127.0.0.1"

DNS2="8.8.8.8"


DNS3="8.8.4.4"

GATEWAY="some_ip"
HWADDR="hwid"
IPADDR="some_ip"
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"

Save and quit the file using ESC and :wq.

 

Step 3: Enable and restart your network, using the commands associated with your server version.

CentOS 6, CloudLinux 6, RHEL 6:

chkconfig network on

service network start

 

CentOS 7, CloudLinux 7, RHEL 7:

systemctl enable network.service

systemctl start network.service

 

Step 4: Test the reachability of a host by using ping, curl, wget or any testing tool of your choice. In our example, we’ve successfully ping’d Google!  

ping google.com
PING google.com (172.217.4.46) 56(84) bytes of data.
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=1 ttl=57 time=6.65 ms
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=2 ttl=57 time=6.68 ms
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=3 ttl=57 time=6.68 ms

You don’t have to rack your brain over connectivity issues!  Liquid Web customers enjoy 24/7 support for our Managed products. Our knowledgable team of support techs have experience with solving errors of this nature.  Access our support team through a ticket, chat or phone call!

Troubleshooting: MySQL/MariaDB Error #1044 & #1045 Access Denied for User

Reading Time: 1 minute

When using phpMyAdmin, it’s essential to have the correct user permissions to create edits/writes to the database.  Otherwise insufficent permissions can lead to  errors like the ones pictured below “#1044 – Access denied for user …[using password: YES]” and “#1045 – Access denied for user…[using password: YES]”.  In our tutorial, we’ll show you how to correct this issue using the command line terminal.  Let’s get started! Continue reading “Troubleshooting: MySQL/MariaDB Error #1044 & #1045 Access Denied for User”

How to Setup Let’s Encrypt on Ubuntu 18.04

Reading Time: 3 minutes

Sites with SSL are needed more and more every day. It’s ubiquitious enforcement challenges website encryption and is even an effort that Google has taken up. Certbot and Let’s Encrypt are popular solutions for big and small businesses alike because of the ease of implementation.  Certbot is a software client that can be downloaded on a server, like our Ubuntu 18.04, to install and auto-renew SSLs. It obtains these SSLs by working with the well known SSL provider called Let’s Encrypt. In this tutorial, we’ll be showing you a swift way of getting HTTPS enabled on your site.  Let’s get started! Continue reading “How to Setup Let’s Encrypt on Ubuntu 18.04”

How to Install Apache 2 on Ubuntu 18.04

Reading Time: 2 minutes

Apache is the most popular web server software being used today.  Its popularity is earned through its stability, fast service, and security.  Most likely if you are building out a web page or any public facing app, you’ll be using Apache to display it. At the time of writing, the most current offering of Apache is 2.4.38, and it is the version we will be using to install on our Ubuntu 18.04 LTS server.  Let’s get started! Continue reading “How to Install Apache 2 on Ubuntu 18.04”

5 Android/iPhone Apps for IT Admins

Reading Time: 3 minutes

As administrators for our servers, we may find ourselves needing to do certain things while on the go. We may also not have a laptop or PC within reach. But one thing most of us have at all times is a cell phone. Whether we have an Android or an iPhone, most of us do possess a smartphone. One thing great about these smartphones is their constant connection to the Internet. Having that constant connection makes it simple to use various apps that assist with admin tasks through our smartphones. Here is a list of five applications available both on iPhone and Android. If you are interested in checking them out, click on your phone’s type next to the application name. You can also search for these applications by name in your smartphone’s app store. Continue reading “5 Android/iPhone Apps for IT Admins”

How Do I Secure My Linux Server?

Reading Time: 6 minutes

Our last article on Ubuntu security suggestions touched on the importance of passwords, user roles, console security, and firewalls. We continue with our last article and while the recommendations below are not unique to Ubuntu specifically (nearly all discussed are considered best practice for any Linux server) but they should be an important consideration in securing your server. Continue reading “How Do I Secure My Linux Server?”

Best Practices for Security on Your New Ubuntu Server: Users, Console and Firewall

Reading Time: 4 minutes

Thank you for taking the time to review this important information. You will find this guide broken down into six major sections that coincide with Ubuntu’s security policy guide. The major topics we talk on throughout these articles are as follows:

User Management

User management is one of the most important aspects of any security plan. Balancing your users’ access requirements against their everyday needs, versus the overall security of the server will demand a clear view of those goals to ensure users have the tools they need to get the job done as well as protect the other users’ privacy and confidentiality. We have three types or levels of user access:

  1. Root: This is the main administrator of the server. The root account has full access to everything on the server.  The root user can lock down or, loosen users roles, set file permissions, and ownership, limit folder access, install and remove services or applications, repartition drives and essentially modify any area of the server’s infrastructure. The phrase “with great power comes great responsibility” comes to mind in reference to the root user.
  2. A sudoer (user): This is a user who has been granted special access to a Linux application called sudo.  The “sudoer” user has elevated rights to run a function or program as another user. This user will be included in a specific user group called the sudo group. The rules this user has access to are defined within the “visudo” file which defines and limits their access and can only be initially modified by the root user.
  3. A user: This is a regular user who has been set up using the adduser command, given access to and, who owns the files and folders within the user /home/user/ directory as defined by the basic settings in the /etc/skel/.profile file.

Linux can add an extreme level of granularity to defined user security levels. This allows for the server’s (root user) administrator to outline and delineate as many roles and user types as needed to meet the requirements set forth by the server owner and its assigned task.

 

Enforce Strong Passwords

Because passwords are one of the mainstays in the user’s security arsenal, enforcing strong passwords are a must. In order to enact this guideline, we can modify the file responsible for this setting located here:  /etc/pam.d/common-password.

To enact this guideline, we can modify the file responsible for this setting by using the ‘chage’ command:

chage -m 90 username

This command simply states that the user’s password must be changed every 90 days.

/lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-2 dcredit=-2 ocredit=-1

 

Restrict Use of Old Passwords

Open ‘/etc/pam.d/common-password‘ file under Ubuntu/Debian/Linux Mint.
vi /etc/pam.d/common-passwordAdd the following line to ‘auth‘ section.

auth        sufficient  pam_unix.so likeauth nullok

Add the following line to ‘password‘ section to disallow a user from re-using last five of his or her passwords.

sufficient    pam_unix.so nullok use_authtok md5 shadow remember=5Only the last five passwords are remembered by the server. If you tried to use any of five old passwords, you would get an error like:
Password has been already used. Choose another.

 

Checking Accounts for Empty Passwords

Any account having an empty password means its opened for unauthorized access to anyone on the web and it’s a part of security within a Linux server. So, you must make sure all accounts have strong passwords, and no one has any authorized access. Empty password accounts are security risks, and that can be easily hackable. To check if there were any accounts with an empty password, use the following command.

cat /etc/shadow | awk -F: '($2==""){print $1}'

 

What is Console Security?

Console security simply implies that limiting access to the physical server itself is key to ensuring that only those with the proper access can reach the server. Anyone who has access to the server can gain entry to the server, reboot it, remove hard drives, disconnect cables or even power down the server! To curtail malicious actors with harmful intent, we can make sure that servers are kept in a secure location. Another step we can take is to disable the Ctrl+Alt+Delete function. To accomplish this run the following commands:

systemctl mask ctrl-alt-del.target
systemctl daemon-reload
This forces attackers to take more drastic measures to access the server and also limits accidental reboots.

What is UFW?

UFW is simply a front end for a program called iptables which is the actual firewall itself and, UFW provides an easy means to set up and design the needed protection. Ubuntu provides a default firewall frontend called UFW (Uncomplicated firewall). This is another line of defense to keep unwanted or malicious traffic from actually breaching the internal processes of the server.

 

Firewall Logs

The firewall log is a log file which creates and stores information about attempts and other connections to the server. Monitoring these logs for unusual activity and/or attempts to access the server maliciously will aid in securing the server.

When using UFW, you can enable logging by entering the following command in a terminal:

ufw logging on

To disable logging, simply run the following command:

ufw logging off

To learn more about firewalls, visit our Knowledge Base articles.

We’ve covered the importance of passwords, user roles, console security and firewalls all of which are imperative to protecting your Linux server. Let’s continue onto the next article where we’ll cover AppArmor, certificates, eCryptfs and Encrypted LVM.

 

Committing and Pushing to Github from Ubuntu 18.04

Reading Time: 2 minutes

In our previous tutorial, we showed you how to create and sync a Github repository to your Ubuntu 18.04 server.  Using the last tutorial as a springboard, we’ll continue on and show you how to commit and push a script from your Ubuntu server to your Github account. Continue reading “Committing and Pushing to Github from Ubuntu 18.04”