Archive for May, 2023

instalar ansible en debian 11

#   Instalacion parto de un debian 11 con esta guia
#   https://www.howtoforge.com/how-to-install-and-use-ansible-on-debian-11/

#   El controlador es uno y tiene su ip 192.168.0.10

sudo apt-get install gnupg2 curl wget -y
sudo vi /etc/apt/sources.list
deb http://ppa.launchpad.net/ansible/ansible/ubuntu focal main
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367

sudo apt-get update
sudo apt-get install ansible -y
ansible --version

vi .hosts

[servers]
ubuntu1 ansible_host=192.168.0.194 ansible_user=usuario ansible_ssh_pass=clave ansible_ssh_port=22

ansible -i .hosts -m ping all
ansible -i .hosts -m shell -a "free -m"

May 27, 2023 at 10:02 pm Deja un comentario

crowdsec

#   Me guio de https://docs.crowdsec.net/docs/getting_started/install_crowdsec/

curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash
sudo apt install crowdsec crowdsec-firewall-bouncer-iptables -y

May 21, 2023 at 2:31 am Deja un comentario

W: https://download.docker.com/linux/ubuntu/dists/focal/InRelease: Key is stored in legacy

#   Solucion sacada de 
#   https://itsfoss.com/key-is-stored-in-legacy-trusted-gpg/
#   El error
W: https://download.docker.com/linux/ubuntu/dists/focal/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
#   La solucion que me anduvo
sudo cp /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d

May 20, 2023 at 7:20 pm Deja un comentario

fail2ban en debian 11

#   Me guio de
#   https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-debian-11

#   Un update
sudo apt update
#   Instalo fail2ban y iptables
sudo apt install fail2ban iptables -y
#   Reviso que este funcionando el servicio
systemctl status fail2ban.service
#   Ingreso al directorio de configuracion
cd /etc/fail2ban
#   Copio el original y la copia la hago con otro nombre
sudo cp jail.conf jail.local
#   Uso esa copia
sudo vi jail.local

#   Algunas opciones basicas que uso
[DEFAULT]
bantime = 100d
findtime = 10m
maxretry = 3
#   Esto no lo necesito
#destemail = root@localhost
#sender = root@<fq-hostname>
#mta = sendmail
action = $(action_)s

[jail_to_enable]
enabled = true
#   Reinicio fail2ban
sudo systemctl restart fail2ban
#   Reviso las reglas de iptables
sudo iptables -S
#   Filtro lo que quiero de fail2ban en iptables
sudo iptables -S | grep f2b

#   La parte wordpress la saco de 
#   https://help.clouding.io/hc/es/articles/360019516239-C%C3%B3mo-a%C3%B1adir-una-jail-en-Fail2ban-para-WordPress

#   Edito mi filtro para wordpress
sudo vi /etc/fail2ban/filter.d/wordpress.conf
#   Esta es la definicion que busco en el log
[Definition]
  failregex = ^<HOST> .* "POST .*wp-login.php
              ^<HOST> .* "POST .*xmlrpc.php
#   Edito mi archivo de configuracion de fail2ban
sudo vi /etc/fail2ban/jail.local
#   Agrego el servicio a revisar
[wordpress]
enabled = true
filter = wordpress
port = http,https
action = iptables-multiport[name=wordpress, port="http,https", protocol=tcp]
logpath = /var/log/apache2/*error.log
maxretry = 3
findtime = 10m
bantime = 100d

#   Recargo configuracion de fail2ban
sudo systemctl reload fail2ban.service
#   Veo el estado de fail2ban client y de wordpress
sudo fail2ban-client status
sudo fail2ban-client status wordpress  
#   Para quitar un ban a una ip
fail2ban-client set wordpress unbanip DIRECCIONIP

May 18, 2023 at 12:08 am Deja un comentario

fail2ban

#   me guio de https://www.howtoforge.com/how-to-install-fail2ban-on-ubuntu-22-04/
sudo ufw status
sudo apt install ufw -y
sudo ufw allow ssh
sudo ufw enable
sudo ufw status
sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
sudo systemctl status fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local
ignoreip = 127.0.0.1/8 ::1 192.168.1.0/24 192.168.10.20
bantime  = 1d
findtime  = 10m
maxretry = 5
action = %(action_mw)s
destemail = admin@hwdomain.io
sender = root@hwdomain.io
banaction = ufw
[sshd]
enabled   = true
maxretry  = 3
findtime  = 1d
bantime   = 1w
port    = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
sudo systemctl restart fail2ban
sudo fail2ban-client status sshd
sudo fail2ban-client set sshd banip IP-ADDRESS
sudo fail2ban-client set sshd unbanip IP-ADDRESS
sudo fail2ban-client status sshd

May 17, 2023 at 1:33 am Deja un comentario

error al conectar por ssh 2 parte

#	La solucion la saco de 
#	https://cambiatealinux.com/error-al-conectar-por-ssh-no-matching-host-key-type-found
 
ssh -oKexAlgorithms=+diffie-hellman-group14-sha1 -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss root@10.2.0.160

May 8, 2023 at 2:24 pm Deja un comentario

bueno

May 2023
L M X J V S D
1234567
891011121314
15161718192021
22232425262728
293031  

Archivos