LJ Archive

Current_Issue.tar.gz

Arrogance, the Biggest Linux Security Problem

Shawn Powers

Issue #283, November 2017

Linux is no longer an obscure platform avoided by those with malicious intent. It used to be that people with Windows 95 were the only ones getting viruses or experiencing security vulnerabilities, but that's before Linux migrated to the cloud. Now, basically everything runs on Linux, both inside and outside the office data center. That means network and OS security is more important than ever before, and now, Linux users need to be especially aware! The good news is, most Linux users know security is important and realize it's a topic that needs to be approached proactively. So this month, we look at some great ways to make our world a little more secure.

Our feature article is by Charles Fisher, and he explains how to use simple, but secure methods for maintaining multiple machines on your network using strong SSH keys and Parallel Distributed Shell. Although configuration management and system orchestration tools are powerful, sometimes it's important to strip back all the extraneous functionality and just execute remote commands on multiple computers over a secure connection. Charles describes how to configure your clients and perform tasks securely over the network.

I previously mentioned the cloud and how Linux is a vital part in almost all cloud-based computing. In light of that, Nathan R. Vance and William F. Polik discuss how to go a step further and not only use cloud computer instances, but also to create an entire cluster of computers in the cloud. When scalability is instant, it means your cluster can grow and shrink as you need it, saving tons of money in hardware investment and resource management. Plus, the authors include information on a hybrid cluster, where the head node is on local hardware and the compute instances are spun up in the cloud only as needed.

Kyle Rankin wrote a Lightning Hacks article this month to provide a handful of really great ideas in a really short amount of time. This time, Kyle's focus is on Qubes tips and how he does some pretty nifty things with it on his system. As with most of Kyle's work, these tips can be adapted if you don't happen to be a Qubes user, but regardless of the system you use, it's always worthwhile to read Kyle's column!

I finish off my series on Ansible this month, which is another tool you may or may not be using. Hopefully after following along on this four-part series, you've at least given Ansible a try in your own network. Even the smallest implementation can save hours of work, and the time required to get started is minimal.

We also have great information for coders and developing developers. Reuven M. Lerner continues teaching about Python this month, with particular focus on launching external processes from inside a Python script. Some tools in the Linux shell are invaluable, and often it's nice to utilize them inside the script of another language, like Python.

Dave Taylor follows Reuven with his shell scripting column, which teaches all about those convenient shell tools! This month, he explores using mathematical evaluation tools in order to make a guessing game. Along the way, you'll learn to make clear, readable code so your guessing game can be the foundation for more complicated and usable code. As usual, Dave teaches valuable skills while readers get to play command-line games.

We also have new products, reviews, tech tips and all the other goodies you've come to expect month after month from Linux Journal. So whether you're trying to secure your existing infrastructure or just starting to build that infrastructure and want to do it in a wise and secure fashion, this issue is here to serve. Enjoy, and we'll see you again next month!

Shawn Powers is the Associate Editor for Linux Journal. He's also the Gadget Guy for LinuxJournal.com, and he has an interesting collection of vintage Garfield coffee mugs. Don't let his silly hairdo fool you, he's a pretty ordinary guy and can be reached via email at info@linuxjournal.com. Or, swing by the #linuxjournal IRC channel on Freenode.net.

LJ Archive