2267
Comment:
|
2256
grammar and rephrasing
|
Deletions are marked like this. | Additions are marked like this. |
Line 2: | Line 2: |
#acl Known:read Default | |
Line 11: | Line 10: |
Sensitive webpages such as phpMyAdmin and Webmail is only available over HTTPS. The certificate is a class 3 certificate from CAcert. If you do not have CAcert's root certificate installed in your browser, follow these instructions to get it: http://wiki.cacert.org/wiki/BrowserClients | Sensitive webpages such as phpMyAdmin and Webmail are only available over HTTPS. The certificate is a Class 3 certificate from CAcert. If you do not have CAcert's root certificate installed in your browser, follow these instructions to get it: http://wiki.cacert.org/wiki/BrowserClients |
Line 14: | Line 13: |
Do not use the same password for your shell account as you use for other services. Especially not services that communicate over non-secure protocols like IRC or webpages. | Do not use the same password for your shell account as you use for other services, especially those that communicate over non-secure protocols like IRC or webpages. |
Line 18: | Line 17: |
== Phising and trust == | == Phishing and trust == |
Line 23: | Line 22: |
Email can be sent from addresses other than one's own, so don't trust emails asking you to reply with your password or similar just because the sender address is from a trusted domain. | Emails can be sent from addresses other than one's own, so don't trust emails asking you to reply with your password or similar just because the sender address is from a trusted domain. |
Line 25: | Line 24: |
Use common sense and a certain ammount of paranoia and you will be allright :-) | Use common sense and a certain ammount of paranoia and you will be all right :-) |
Line 27: | Line 26: |
If you want me to send emails to you encrypted or signed with PGP, that's no problem, just ask. | If you want me to send you emails encrypted or signed with PGP, that's no problem, just ask. |
Line 34: | Line 33: |
---- CategoryInfo |
Security
Here you can find some general information and pointers about security in general and more specifically Blinkenshell.
Encryption
The shell server only accepts encrypted logins. For SSH, only protocol v2 is allowed.
Normal non-encrypted FTP is not supported, instead SFTP from the OpenSSH package is used to transfer files to and from the shell server.
Sensitive webpages such as phpMyAdmin and Webmail are only available over HTTPS. The certificate is a Class 3 certificate from CAcert. If you do not have CAcert's root certificate installed in your browser, follow these instructions to get it: http://wiki.cacert.org/wiki/BrowserClients
Passwords
Do not use the same password for your shell account as you use for other services, especially those that communicate over non-secure protocols like IRC or webpages.
Also, check out our password policy: PasswordPolicy
Phishing and trust
No one at Blinkenshell will ever ask you for your password. Do not ever give away your password, not even to someone saying he/she is an admin.
On IRC, there often is no really good way to protect your nickname, so anyone can use anyone else's nickname. Don't trust someone to be an admin just because of the username. Check things like connecting host and if the user is identified with NickServ.
Emails can be sent from addresses other than one's own, so don't trust emails asking you to reply with your password or similar just because the sender address is from a trusted domain.
Use common sense and a certain ammount of paranoia and you will be all right
If you want me to send you emails encrypted or signed with PGP, that's no problem, just ask.
You can download my OpenPGP public key signature on my personal page: JohanMarcusson. You can not fully trust this however, since you downloaded it over the internet. But I'll make sure that no one else publishes an OpenPGP signature on this website trying to say it's mine.
Read more
Pretty Good Privacy (PGP): http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Gnu Privacy Guard (GPG, Gnu PGP-thingy): http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html