Posted on

RHEL5 ssh upgrade to 8.8p1

Before:

OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

Prepare:

1.1 downoad file:

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2.tar.gz

http://mirror.aarnet.edu.au/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz

http://prdownloads.sourceforge.net/libpng/zlib-1.2.11.tar.gz?download

1.2 compile from source:

tar -xzvf zlib-1.2.11.tar.gz
cd zlib-1.2.11
 ./configure --prefix=/usr/local/zlib-12.11 --disable-asm 
 make && make install
tar -zxvf libressl-3.4.2.tar.gz
cdlibressl-3.4.2
./configure--prefix=/usr/local
make && makeinstall
vim /etc/ld.so.conf.d/local.conf

/usr/local/lib

tar zxvf openssh-8.8p1.tar.gz

cd openssh-8.8p1

./configure –prefix=/usr/local/openssh-8.8p1 –sysconfdir=/etc/ssh –with-ssl-dir=/usr/local/ –with-zlib=/usr/local/zlib-1.2.11/ –with-pam

make && make install

1.4 setup start script

cp redhat/sshd.init /etc/init.d/sshd

vi /etc/init.d/sshd

SSHD=/usr/local/openssh-8.8p1/sbin/sshd

/usr/local/openssh-8.8p1/bin/ssh-keygen -A

chkconfig –add sshd
chkconfig sshd on
chkconfig –list sshd
service sshd restart

vim /etc/profile
export PATH=/usr/local/openssh-8.8p1/bin:/usr/local/openssh-8.8p1/sbin:$PATH
service sshd restart

1.5 update sssd
yum install sssd sssd-tools
vi /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP

[nss]

[pam]

[domain/LDAP]
ldap_id_use_start_tls = False
ldap_schema = ad
ldap_default_authtok_type = obfuscated_password
cache_credentials = False
id_provider = ldap
auth_provider = ldap
ldap_default_bind_dn = test
ldap_uri = ldap://192.168.100.1
ldap_user_object_class = user
ldap_user_name = sAMAccountName
ldap_group_object_class = group
ldap_group_name = cn
override_gid = 513
ldap_idmap_range_min = 100000
#ldap_user_principal=userPrincipalName
override_homedir = /home/%u
default_shell = /bin/bash

1.5.1 setup bind user and crendentinal
sss_obfuscate -d LDAP
1.5.2 enable sssd
authconfig –enablesssd –enablesssdauth –enablemkhomedir –enablepamaccess –update

1.6 Windows 2012 R2 setup
1.6.1 promote OS to Active domain
1.6.2 install certificate service

Posted on

java thread

import com.jcraft.jsch.Channel;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;

import java.io.*;

public class PrintUDisk extends JSch implements TestInterface, Runnable {
 int size = 1000;
 PrintUDisk(){
 size=33;
 }
 public int getFreeSize() {
 return size;
 }

 public Session getSession() throws JSchException {
 Session s = super.getSession(USER,HOST,PORT);
 s.setConfig("StrictHostKeyChecking","no");
 s.setPassword(PASS);
 return s;
 }

 public String uptime() throws JSchException, IOException {
 Session s = this.getSession();
 s.connect(3000);
 Channel c = s.openChannel("shell");
 PipedInputStream pipIn = new PipedInputStream();
 PipedOutputStream pipOut = new PipedOutputStream(pipIn);
 FileOutputStream fileOut = new FileOutputStream( file, true);

 c.setInputStream(pipIn);
 c.setOutputStream(fileOut);

// c.setInputStream(System.in);
// c.setInputStream(new FilterInputStream(System.in) {
// public int read(byte[] b, int off, int len) throws IOException {
// return in.read(b, off, (len > 1024 ? 1024 : len));
// }
// });
 c.connect();
 pipOut.write("sudo su\n".getBytes());
 pipOut.write("uptime\n".getBytes());
 pipOut.write("exit\n".getBytes());
 c.disconnect();
 s.disconnect();
 return "done";
 }

 @Override
 public void name() {

 }

 @Override
 public void type() {

 }

 @Override
 public void run() {
 while (size>0) {
 System.out.println(Thread.currentThread().getName() + ": " + size);
try {
Process exec = Runtime.getRuntime().exec("ping www.163.com");
InputStream ret = exec.getInputStream();
System.out.println(new String(ret.readAllBytes(),"GB2312")); 
size--;
 } catch (IOException e) { e.printStackTrace();}
 }
}
import com.jcraft.jsch.JSch;
import java.util.ArrayList;

public class TestObject {
    JSch jsch;
    public static void main(String[] args) {
        String s[] = {"a","z"};
        System.out.println(s[1]);
        PrintUDisk pu = new PrintUDisk();
        Thread th = new Thread(pu,"th");
        Thread th1 = new Thread(pu,"th1");
        th.start();
        th1.start();
    }
}
Posted on

postfix limit client send rate

smtpd_client_message_rate_limit = 2
anvil_rate_time_unit = 60s

The above settings will allow a given user to send a maximum of two messages per minute. Note that the anvil_rate_time_unit setting is also used to control other timeouts.

Posted on

windows 10 1909 security update kb number

https://www.catalog.update.microsoft.com/Search.aspx?q=Cumulative+Update+for+windows+10+Version+1909+for+x64-based+Systems

2019-11 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4524570)
2019-12 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4530684)
2020-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4528760)
2020-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4532695)
2020-02 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4532693)
2020-02 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4535996)
2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4540673)
2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4551762)
2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4541335)
2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4554364)
2020-04 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4549951)
2020-04 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4550945)
2020-05 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4556799)
2020-06 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4560960)
2020-06 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4567512)
2020-07 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565483)
2020-08 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565351)
2020-09 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4574727)
2020-10 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4577671)
2020-10 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4577671)
2020-11 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4586786)
2020-11 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4594443)
2020-11 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4594443)
2020-12 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4592449)
2021-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4598229)
2021-02 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4601315)
2021-02 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4601315)
2021-02 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001028)
2021-02 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001028)
2021-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5000808)
2021-03 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5000808)
2021-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001566)
2021-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001648)
2021-04 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001337)
2021-04 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5001337)
2021-05 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003169)
2021-05 Dynamic Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003169)
2021-06 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003635)