Configuring Squid Proxy Server sudo apt-get update sudo apt-get install squid sudo apt-get install squid3 Change directory cd /etc/squid cd /etc/squid3 Open squid.conf nano squid.conf Search http_port 3128 Change the 3128 to any port eg. 5421 Uncomment: http_access deny all Add: http_access allow all acl Safe_ports port number(replace with port number) acl SSL_ports port number(replace with port number) These are the lines you add or change: http_port 5421 http_access allow all acl Safe_ports port number(replace with port number) acl SSL_ports port number(replace with port number) Restart Squid Server: sudo service squid restart sudo service squid3 restart

Configuring OpenVPN with UDP VPN + TCP VPN First, get the script and make it executable : curl -O [Hidden Content] chmod +x openvpn-install.sh Then run it : ./openvpn-install.sh Configuring Steps: Add IPTables: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.10.0.0/24 -o eth0 -j MASQUERADE iptables -A INPUT -i eth0 -p udp --dport port -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport port -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport port -j ACCEPT Copy Service: cp /lib/systemd/system/openvpn\@.service /etc/systemd/system/tcpvpn\@.service cp /lib/systemd/system/openvpn\@.service /etc/systemd/system/udpvpn\@.service cp /lib/systemd/system/openvpn\@.service /etc/systemd/system/squidvpn\@.service Duplicate Files: cd /etc/openvpn/ cp server.conf udpvpn.conf cp server.conf tcpvpn.conf cp server.conf squidvpn.conf Edit Files: nano udpvpn.conf [iCODE]---> Change 10.8.0.0 to 10.9.0.0[/iCODE] nano tcpvpn.conf [iCODE]---> Change 10.8.0.0 to 10.9.0.0[/iCODE] nano squidvpn.conf [iCODE] ---> Change 10.8.0.0 to 10.10.0.0[/iCODE] Restart Services: service openvpn@udpvpn restart service openvpn@tcpvpn restart service openvpn@squidvpn restart

Install openvpn using your linux distribution Go to etc/openvpn and remove client configuration cd /etc/openvpn rm client.conf Download easy rsa wget [Hidden Content] tar xvfz easy-rsa.tar.gz Edit vars and execute vi /etc/openvpn/easy-rsa/vars change KEY_PROVINCE, KEY_CITY, KEY_ORG,KEY_EMAIL . ./vars Generate keys ./clean-all (clean /etc/openvpn/easy-rsa/keys) ./build-ca (create root certificate, specify the Common Name ex. vpnserver) ./build-key server (create server certificate; same common name of root certificate) ./build-key client (create clients certificate; same common name of root certificate) ./build-dh (create DIFFIE-HELLMAN used by the server) openvpn --genkey --secret ta.key (ta.key to avid DoS/Flooding) mkdir /etc/openvpn/keys_server/ cd /etc/openvpn/easy-rsa/keys cp * /etc/openvpn/keys_server/ Keys for clients mkdir client_keys cp ca.crt client.crt client.key ta.key dh1024.pem client_keys tar czf client_keys.tar.gz client_keys/ Server configuration vi /etc/openvpn/server.conf daemon port 1194 proto tcp dev tun ca /etc/openvpn/keys_server/ca.crt cert /etc/openvpn/keys_server/server.crt key /etc/openvpn/keys_server/server.key dh /etc/openvpn/keys_server/dh1024.pem server 10.8.0.0 255.255.255.0 push "route 192.168.0.0 255.255.255.0" push "dhcp-option DNS 192.168.0.1" client-to-client keepalive 10 120 tls-auth /etc/openvpn/keys_server/ta.key 0 cipher BF-CBC comp-lzo max-clients 100 persist-key persist-tun status /home/log/openvpn-status.log log-append /home/log/openvpn.log verb 5 change push "route 192.168.0.0 255.255.255.0" and push "dhcp-option DNS 192.168.0.1" to suit your needs. chmod +x /etc/init.d/openvpn /etc/init.d/openvpn start to start the daemon vi /etc/iptables/config and add the line TCP_OPEN_PORTS_EXT="1194" chkconfig openvpn on 345 reboot Check if the daemon is running correctly after the reboot. Nat the port with your router, and check if you can connect with telnet public_ip 1194 Add a static route on your router, something like: Destination 10.8.0.0 Mask 255.255.255.0 Gateway internal_ip Interface LAN Note: pay attention to the file executed each time the stora boots /etc/init.d/oe-bootinit oe-bootinit: rm -rf /etc/openvpn/keys/* - this is why I saved the keys in /etc/openvpn/keys_server Client configuration - Linux client proto tcp dev tun # Server IP address/hostname port remote 123.123.123.123 1194 resolv-retry infinite nobind user nobody group nobody ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/client.crt key /etc/openvpn/keys/client.key tls-auth /etc/openvpn/keys/ta.key 1 cipher BF-CBC comp-lzo persist-key persist-tun verb 3 to start: cd /etc/openvpn openvpn --config client.conf Client configuration - Windows client proto tcp dev tun # Server IP address/hostname port remote 123.123.123.123 1194 resolv-retry infinite nobind ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/client.crt key /etc/openvpn/keys/client.key tls-auth /etc/openvpn/keys/ta.key 1 cipher BF-CBC comp-lzo persist-key persist-tun verb 3 to start: rename the file to something.ovpn right click on the .ovpn file 2 clarifications: 1) UDP has better performance than TCP with a normal home-adsl (remember to apply the relative changes to iptables/router), TCP works better with fiber and low latency lines. 2) For every client generate a different certificate (./build-key client1, ./build-key client2, ...) with a different common name, so the vpn server can recognize the different clients and assign a different IP address to each workstation. Credits: [Hidden Content]

Running two servers with different configuration I hardcoded like this After a clean install with UDP mode clone server.conf into server2.conf (manual edit UDP => TCP mode) in server2.conf, change ip 10.8.0.1 to 10.9.0.1 add 10.9.0.1 in IPtables at line 838 or close to it, add sed -i 's|server2.conf' /lib/systemd/system/openvpn/server2.service service openvpn@server restart and service openvpn@server2 restart try lsof -i:1194 your port number, you will see both UDP & TCP openvpn services are running

You can use the Windows® edition-servicing commands to change one edition of Windows to a higher edition of Windows. The edition packages for each potential target edition are staged in the Windows image. This is referred to as an edition-family image. You can use the command-line options to list potential target editions. Because the target editions are staged, you can service a single image, and the updates will be applied appropriately to each edition in the image. You need a product key to change the Windows edition online. Offline changes do not require a product key. If you change the image to a higher edition using offline servicing, you can add the product key by using one of the following methods: Enter the product key during the out-of-box experience (OOBE). Use an unattended answer file to enter the product key during the specialize configuration pass. Use Deployment Image Servicing and Management (DISM) and the Windows edition-servicing command-line option /Set-ProductKey after you set the edition offline. For more information about product keys, see Work with Product Keys and Activation. Find and Change Current Edition of Windows You can find the edition of Windows your image is currently set to by mounting the image and running DISM commands on the mounted image. To find the current edition Click Start, and type deployment. Right-click Deployment and Imaging Tools Environmentand then select Run as administrator. At the command prompt, type the following command to retrieve the name or index number for the image that you want to modify. Dism /Get-ImageInfo /ImageFile:C:\test\images Type the following command to mount the offline Windows image. Dism /Mount-Image /ImageFile:C:\test\images /Index:1 /MountDir:C:\test\offline An index or name value is required for most operations that specify an image file. Type the following command to find the edition of Windows your image is currently set to. Dism /Image:C:\test\offline /Get-CurrentEdition Note which edition of Windows your image is currently set to. If the image has already been changed to a higher edition you should not change it again. Use the lowest edition as a starting point. Unmount the image or continue with the next procedure. To unmount your image, type the following command. Dism /Unmount-Image /MountDir:C:\test\offline /Commit To change to a higher edition of Windows Type the following command to mount the offline Windows image (if it is not already mounted). Dism /Mount-Image /ImageFile:C:\test\images /Name:<Image_name> /MountDir:C:\test\offline Type the following command to find the editions of Windows that you can change your image to. Dism /Image:C:\test\offline /Get-TargetEditions Note the edition-ID for the edition you want to change to. Note You cannot set a Windows image to a lower edition. The lowest edition will not appear when you run the /Get-TargetEditions option. You should not use this procedure on an image that has already been changed to a higher edition. Type the following command specifying the edition-ID to change the Windows image to a higher edition. Dism /Image:C:\test\offline /Set-Edition:Professional Type the following command to unmount the image and commit your changes. Dism /Unmount-Image /MountDir:C:\test\offline /Commit Guide here: [Hidden Content]

6. DNS Advantage It’s one of the fastest DNS servers that provide you the best performance while browsing the Internet. It will help you to load websites quicker and safer. To use DNS Advantage, configure the preferred/alternate DNS servers with the following details below: 156.154.70.1 156.154.71.1 More details about DNS Advantage? Visit here to read. 7. OpenNIC Like many other DNS servers above, OpenNIC is a good alternative to replace your default DNS servers. It will protect your computer from the government and maintain your privacy. To use this DNS service, set your preferred and alternate DNS servers to be: 46.151.208.154 128.199.248.105 Visit the OpenNIC’s website to find more reliable DNS servers. 8. Dyn Dyn is the next best free third-party DNS server in the list. It provides amazing web experiences and protects your information from most phishing attacks. Set up your network settings with the below DNS IP addresses to use Dyn DNS server. 216.146.35.35 216.146.36.36 Visit www.dyn.com to read more details about Dyn DNS and tutorials to learn how to get started. 9. SafeDNS SafeDNS is another DNS service that based on the cloud. It will help you protect your computer as well as provide better web browsing experiences. To use SafeDNS, use the following DNS information below: 195.46.39.39 195.46.39.40 Find more details about free & premium DNS services from SafeDNS. 10. DNS.Watch The DNS.Watch is the last free public DNS service in this list. It provides uncensored, fast and reliable web browsing experience for free of cost. To configure your PC or router with “DNS.Watch”, use two DNS IP addresses below: 84.200.69.80 84.200.70.40 Visit here to read more details about DNS.Watch. Sometimes, if you aren’t able to surf the web properly, you can try to change the default DNS servers on your computer or router to these DNS servers. It will provide you better web browsing experience and also protect you from possible attacks. Credits: Whatsabyte: [Hidden Content]

3. Norton ConnectSafe Norton is not only providing antivirus and internet security programs. It is also offering DNS server service called Norton ConnectSafe. This cloud-based DNS service will help to protect your computer against phishing websites. Norton ConnectSafe comes with three pre-defined content filtering policies. It’s Security, Security + Pornography, and Security + Pornography + Other. You can take a look at the image below for further details on each pre-defined policy. Visit dns.norton.com for further information. 4. Comodo Secure DNS Comodo Secure DNS is a domain name server service that resolves your DNS requests via many global DNS servers. It provides a much faster and better Internet browsing experience than using the default DNS servers provided by your ISP. If you want to use Comodo Secure DNS, don’t need to install any hardware or software. Simply change your primary and secondary DNS servers to 8.26.56.26 and 8.20.247.20. Visit here to read more about Comodo Secure DNS. 5. Level3 Level3 is the next free DNS service in this list. It operates by Level 3 Communications. To use this free service, just configure your network settings with the below DNS IP addresses: 209.244.0.3 208.244.0.4 Visit level3.com for more details.

1. Google Public DNS Server This is one of the fastest DNS servers which many users are using on their computers. By using the Google’s DNS servers, you will get higher security and better browsing experience on your computer. To use Google Public DNS servers, configure network settings with the following IP addresses: 8.8.8.8 as your preferred DNS server 8.8.4.4 as your alternate DNS server Visit here to read more about Google Public DNS. 2. OpenDNS Alongside Google’s DNS servers, OpenDNS is one of the best cloud-based DNS servers. It will help to protect your computer from malicious attacks. To use OpenDNS, let’s configure your network settings with the following IP addresses: 208.67.222.222 208.67.222.220 OpenDNS also offers two free solutions for personal customers: OpenDNS Family Shield and OpenDNS Home. The OpenDNS Family Shield will come with pre-configured to block adult content. To use it, different DNS servers with the following IP addresses need to set up on your network settings. Preferred DNS server: 208.67.222.123 Alternate DNS server: 208.67.220.123 Meanwhile, OpenDNS Home comes with customizable filtering, theft & phishing protections. Click here to read more about OpenDNS.

Other Sources you can follow can be found here: [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] Tested and working: [Hidden Content]

You need to configure this with OpenVPN using the TCP Protocol In client.ovpn file. Change this [iCODE]remote SERVER-IP PORT[/iCODE] eg. lets say you have [iCODE]remote 234.345.34.56 1194[/iCODE] to [iCODE]remote localhost 1194[/iCODE] Add this line [iCODE]socks-proxy 127.0.0.1 1080[/iCODE] {It can be any Port} But it needs to be configure in BitWise SSH under Services to look like Options: Use SOCKS Host: 127.0.0.1 Port: 1080 Launch OpenVPN Gui and Connect to the client.ovpn file you just edited. It should connect successfully, else there is an issue with your server settings..

It is possible to configure most browsers to use a SOCKS proxy for outgoing HTTP connections. This makes it possible to forward web browser traffic over an encrypted SSH connection. The recommended browser for this purpose is Firefox, because it can be configured to resolve DNS names through the SOCKS proxy, so the names of the websites you're browsing don't leak out through DNS queries. You will need an account at an SSH server which allows you to use port forwarding. Configure Bitvise SSH Client to connect to that SSH server, and enable the SOCKS proxy feature under the Services tab. In Firefox, configure Bitvise SSH Client as the SOCKS proxy in Tools > Options > Advanced > Network > Connection > Settings. Use Manual proxy configuration, enter 127.0.0.1 under SOCKS proxy, and port 1080. (This is assuming you left SOCKS proxy settings in the SSH client at their defaults.) Open a blank Firefox tab and navigate to "about:config". Find the setting: [iCODE]network.proxy.socks_remote_dns[/iCODE] Set this setting to true. You are now done. Firefox will connect to websites through Bitvise SSH Client's SOCKS proxy feature, and your web traffic will be tunneled over the encrypted SSH connection between your SSH client and the SSH server. Note that the part of the traffic between the SSH server and the web server(s) will remain unencrypted. By using SSH tunneling, you are shielding your web traffic from prying eyes in your local network or at your local Internet Service Provider. However, the plaintext of your web sessions will now be available to the SSH server administrator, as well as to the ISP through which the SSH server connects to your destination web servers. Source: [Hidden Content]

RESERVED:

1. Introduction to Obfuscated OpenSSH The fact that you are on this page reading this text is evidence in itself that you most likely do not need any introduction on this topic. Nevertheless, for completeness' sake, here is some background info. Bruce Leidl (@brl) gave a detailed description of the reasons behind his proposal to obfuscate the handshake process of ssh connection. Go over it if you have the time. It's not long and fairly easy to understand. In short, ssh connection starts with a handshake between client and server, which is performed in clear text. The purpose of obfuscating openssh handshake is to make it more difficult for traffic analysis tools to identify this process. Consequently, blocking, interfering or eavesdropping application(s) or mechanism(s) that target ssh traffic by relying on such identification will not be triggered. More difficult, but not impossible, especially if obfuscation is performed without using a keyword (see configuration and securing below). In addition, there definitely exist other methods of identifying ssh traffic, so handshake obfuscation may not solve all your problems. Leidl's patches did not make into upstream. Fortunately, popular demand made sure that the patches live on outside upstream. In fact, the usefulness of handshake obfuscation have become so recognized that various non-openssh ssh client/server implementations have adopted this feature (see below). Over the years, a couple of guys have also attempted to port Leidl's patches to newer openssh versions with varying degrees of success. This project is based on Bruce Leidl's original patches against openssh-5.2p1 as well as arigo's patches against openssh-6.1p1, and intends to provide workable patches against all recent and upcoming openssh releases. 2. How to Use the Patches Obtain upstream OpenSSH Download from openssh.com a recent version (e.g. openssh-7.1p1.tar.gz) and extract the sources: tar xvf openssh-7.1p1.tar.gz Download and apply the patches You can download the patches as a zip archive and extract the matching patch (e.g. 7.0_7.1.diff for 7.0p1 and 7.1p1), or download only the matching patch from the github repo using copy and paste, or clone the git repo to your local machine. Assuming that you place the patch file in the parent folder of extracted openssh sources, apply the patch: cd openssh-7.1p1 patch -p1 < ../7.0_7.1.diff There should not be any error at this stage. If there is, check whether you have applied the patch that matches the openssh version. Build and Install OpenSSH has building dependencies that might vary between distros and versions. The easiest way to satisfy these dependencies is to build a distro version of OpenSSH first. In Debian/Ubuntu, this can be simplified using a single line of command: apt-get build-dep ssh For testing purpose, configure and build using the following commands from within the openssh source folder: ./configure --prefix=/usr/local --sysconfdir=/etc/obssh make && make install If these is no building errors, the executable binaries will be installed under /usr/local, while the config file will be installed to /etc/obssh, and new server and client keys will be generated. This allows you to test the obfuscated openssh installation while using your distro's normal openssh version. When you have finished testing and made sure that the obfuscated openssh works as expected, you can choose to install it to the usual locations: make uninstall ./configure --prefix=/usr --sysconfdir=/etc/ssh make && make install 3. Server Configuration Edit /etc/obssh/sshd_config, make sure these options are uncommented and specified with desired values: Port 22 ObfuscatedPort 222 ObfuscateKeyword key Remember to set different ports for obfuscated and non-obfuscated connections. It is strongly advised to use keyword for obfuscation, but please do change the default 'key' to something else! Then start the server in debug mode: /usr/loca/sbin/sshd -D -ddd 4. Connecting to Obfuscated OpenSSH Server First, test on the machine obfuscated openssh is built and installed: /usr/local/bin/ssh -z -Z yourkey -p 222 -v localhost This is assuming you have configured the server to listen on localhost interface in /etc/obssh/sshd_config. Remember to change the parameter of '-Z' option to the keyword specified in sshd_config. If all goes well, a connection should be established and you will be prompted to enter password for the connecting user. On both the server and client side, you should see debug messages telling you that obfuscation is enabled before handshake, and disabled after handshake. Once local testing passes, you can try connecting from another machine using an obfuscation-aware client. On Linux and MacOS, download and build a patched openssh as detailed above. On Windows, you can use the latest version of the free (as in beer) Bitvise ssh client. Patched versions of the open source PuTTY client named PoTTY are also available. Other clients in OpenSSH like sftp and scp, as well as non-OpenSSH clients that establish ssh connection using ssh, sftp or scp from locally installed OpenSSH package (e.g. sshuttle), are also obfuscation-aware if OpenSSH is built using these patches. Use or pass the proper -z and -Z commandline options to enable obfuscated handshake. On Linux, you can set default obfuscation options in ~/.ssh/config to avoid having to remember settings for each server like this: Host obssh1 HostName 1.2.3.4 Port 2234 ObfuscateHandshake yes ObfuscateKeyword mykey Then you can just input 'ssh obssh1' to connect to 1.2.3.4:2234 using obfuscation keyword 'mykey', equivalent to 'ssh -z -Z mykey -p 2234 1.2.3.4'. 5. Securing Server using Fail2ban A properly configured (e.g. MaxStartups value in sshd_config) ssh server and a tool like fail2ban can protect you from most attacks though ssh connection. However, handshake failure due to wrong keyword happens before any authentication attempts were made, and fail2ban is not supposed to handle such failures. To make fail2ban pick up ssh handshake failures and ban IPs repeatedly trying to connect with wrong keywords, add the following regex to 'failregex' definition in /etc/fail2ban/filter.d/sshd.conf: ^%(__prefix_line)sMagic value check failed \(\d*\) on obfuscated handshake from <HOST> port Remember to check proper indention as it's Python code. 6. Pre-built Binary Packages I have built patched versions of OpenSSH as Ubuntu source and binary packages and published them on launchpad. Use the following command to install the package corresponding to your versions of Ubuntu: apt-add-repository ppa:zinglau/obfuscated-openssh apt-get update apt-get install ssh Don't forget to edit /etc/ssh/sshd_config and restart ssh service after installation. On Debian, after adding the ppa using "apt-add-repository ppa:zinglau/obfuscated-openssh", manually edit /etc/apt/sources.list.d/zinglau-obfuscated-openssh-VERSION.list (where VERSION is jessie, wheezy, or squeeze), and change the Debian version to an Ubuntu version based on that version of Debian. For example, change the following: deb [Hidden Content] jessie main to: deb [Hidden Content] vivid main If you wish or have to, you can also download the source package and build binary packages for Debian yourself by following these instructions. 7. Bugs and Issues For serious bugs and issues, please report using github. For simple questions, just leave a comment below using Disqus. Resources: [Hidden Content] Credits to [Hidden Content]

welcome buddy!

Support OS : Debian 9 | Ubuntu 16 & 18 wget [Hidden Content] && chmod +x DebUntu && ./DebUntu Support OS : CentOS 7 yum -y install wget && wget [Hidden Content] && chmod +x CentOS7 && ./CentOS7 NOTE: It's better to install the menu first for easy access to the services. Known bug for CentOS 7 : Stunnel ssl / tls not working after rebooting vps ... solution, re-install. Services & Ports: OpenSSH Port: 22 Dropbear Port: 442, 109, 110 SSL / TLS Port: 443 BadVPN Port: 7300 OVPN Port: Depende kaiyo Squid Port: Depende ngiyo Nginx Port: 80 For more tutorials you can check out this Filipino Site [Hidden Content]

(OpenSSH, Dropbear, OpenVPN, Webmin, PPTP VPN, Squid Proxy) Centos 6 (32 bit): yum -y update && yum -y install wget && wget [Hidden Content] && chmod +x centos6-kvm.sh && ./centos6-kvm.sh && rm -f centos6-kvm.sh && history -c Centos 7 (32 bit): yum -y update && yum -y install wget && wget [Hidden Content] && chmod +x centos7-kvm.sh && ./centos7-kvm.sh && rm -f centos7-kvm.sh && history -c Debian 7 (32 bit): apt-get -y install wget && wget [Hidden Content] && chmod +x debian7-kvm.sh && ./debian7-kvm.sh && rm -f debian7-kvm.sh && history -c Debian 8 (32 bit): apt-get -y install wget && wget [Hidden Content] && chmod +x debian8-kvm.sh && ./debian8-kvm.sh && rm -f debian8-kvm.sh && history -c Premium Script Centos 6 (32 bit): Premium Script (Install/Update) yum -y update && yum -y install wget && wget [Hidden Content] && chmod +x install-premiumscript.sh && ./install-premiumscript.sh && rm -f install-premiumscript.sh Debian 7 (32 bit): Premium Script (Install/Update) apt-get -y install wget && wget [Hidden Content] && chmod +x install-premiumscript.sh && ./install-premiumscript.sh && rm -f install-premiumscript.sh

More resources can be found here [Hidden Content] [Hidden Content]

On Windows, you can create SSH keys in many ways. Windows requires an SSH client, but doesn’t have a default SSH client on their operating system. Note that Windows is currently testing a native OpenSSH application, but for your protection, we don’t advocate using beta applications in production environments. This document explains how to use two SSH applications, PuTTY and Git Bash. PuTTY PuTTY is an SSH client for Windows. You can use PuTTY to generate SSH keys. PuTTY is a free open-source terminal emulator that functions much like the Terminal application in macOS in a Windows environment. This section shows you how to manually generate and upload an SSH key when working with PuTTY in the Windows environment. About PuTTY PuTTY is an SSH client for Windows that you will use to generate your SSH keys. You can download PuTTY from www.chiark.greenend.org.uk. When you install the PuTTY client, you also install the PuTTYgen utility. PuTTYgen is what you will use to generate your SSH key for a Windows VM. Generating an SSH key To generate an SSH key with PuTTYgen, follow these steps: Open the PuTTYgen program. For Type of key to generate, select SSH-2 RSA. Click the Generate button. Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair. Type a passphrase in the Key passphrase field. Type the same passphrase in the Confirm passphrase field. You can use a key without a passphrase, but this is not recommended. Click the Save private key button to save the private key. You must save the private key. You will need it to connect to your machine. Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All. Right-click again in the same text field and choose Copy. PuTTY and OpenSSH use different formats of public SSH keys. If the text you pasted in the SSH Key starts with —— BEGIN SSH2 PUBLIC KEY, it is in the wrong format. Be sure to follow the instructions carefully. Your key should start with ssh-rsa AAAA…. Git Bash The Git installation package comes with SSH. Using Git Bash, which is the Git command line tool, you can generate SSH key pairs. Git Bash has an SSH client that enables you to connect to and interact with Triton containers on Windows. To install Git: (Download and initiate the Git installer]([Hidden Content]). When prompted, accept the default components by clicking Next. Choose the default text editor. If you have Notepad++ installed, select Notepad++ and click Next. Select to Use Git from the Windows Command Prompt and click Next. Select to Use OpenSSL library and click Next. Select to Checkout Windows-style, commit Unix-style line endings and click Next. Select to Use MinTTY (The default terminal of mYSYS2) and click Next. Accept the default extra option configuration by clicking Install. When the installation completes, you may need to restart Windows. Launching GitBash To open Git Bash, we recommend launching the application from the Windows command prompt: In Windows, press Start+R to launch the Run dialog. Type C:\Program Files\Git\bin\bash.exe and press Enter. Generating SSH keys First, create the SSH directory and then generate the SSH key pair. One assumption is that the Windows profile you are using is set up with administrative privileges. Given this, you will be creating the SSH directory at the root of your profile, for example: [iCODE]C:\Users\joetest[/iCODE] At the Git Bash command line, change into your root directory and type. [iCODE]mkdir .ssh[/iCODE] Change into the .ssh directory C:\Users\joetest\.ssh To create the keys, type: [iCODE]ssh-keygen.exe[/iCODE] When prompted for a password, type apassword to complete the process. When finished, the output looks similar to: Ssh-keygen.exe Generating public/private rsa key pair. Enter file in which to save the key (/c/Users/joetest/.ssh/id_rsa): /c/Users/joetest/.ssh/ Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /c/Users/joetest/.ssh/ Your public key has been saved in /c/Users/joetest/.ssh/ The key fingerprint is: SHA256:jieniOIn20935n0awtn04n002HqEIOnTIOnevHzaI5nak joetest@periwinkle The key's randomart image is: +---[RSA 2048]----+ |*= =+. | |O*=.B | |+*o* + | |o +o. . | | ooo + S | | .o.ooo* o | | .+o+*oo . | | .=+.. | | Eo | +----[sHA256]-----+ $ dir .ssh id_rsa id_rsa.pub

This has proven more secure over standard username/password authentication. You can generate an SSH key pair directly in cPanel, or you can generate the keys yourself and just upload the public one in cPanel to use with your hosting account. When generating SSH keys yourself under Linux, you can use the ssh-keygen command. To do so follow these steps: Open up the Terminal Type in the following command: [iCODE]ssh-keygen -t rsa[/iCODE] Next you will have to type in the location of the file where you would like to save the private key. Enter file in which to save the key (/home/youruser/.ssh/id_rsa): The public key will be saved in the same location, under the same file name, but with the .pub extension. Type in nothing to use the default location, which is /home/youruser/.ssh/id_rsa. Finally you will have to type in a password. This will be the password required to load the private key and use it to connect via SSH later on: [iCODE]Enter passphrase (empty for no passphrase):[/iCODE] The entire key pair generation process would look like this: user@localhost: ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/youruser/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_rsa. Your public key has been saved in id_rsa.pub. The key fingerprint is: 16:8e:e8:f2:1d:c9:b9:cf:43:9a:b3:3c:c1:1f:95:93 user@localhost This will create a private key written to /home/youruser/.ssh/id_rsa and a public key written to /home/youruser/.ssh/id_rsa.pub. The private key needs to be loaded in your Terminal using the ssh-add command: [iCODE]ssh-add /home/youruser/.ssh/id_rsa[/iCODE] After which you will be asked to enter the passphrase of your key.

Squid is the most popular Proxy server for Unix like operating systems. It also used for the web filtering. Squid also useful as caching proxy server for the HTTP, HTTPS, FTP protocols. This article will help you to setup Squid Proxy Server on Ubuntu 18.10, 18.04 LTS, 16.04 LTS, and 14.04 LTS systems. Step 1 – Install Package Squid packages are available in default yum repositories. Execute below command on your server to install SQUID proxy server. sudo apt update sudo apt install squid or sudo apt install squid3 Step 2 – Configure Squid Port The default port for the Squid proxy servers is 3128. You can change this as per the requirements. To setup Squid on different port, Edit squid configuration file and change http_port value with new port. /etc/squid/squid.conf http_port 3128 After making changing let’s restart Squid service to reload the configuration changes sudo service squid restart The next steps will help you to Setup Squid Proxy Server on Ubuntu systems. Use only those settings, which is required for your proxy server. Step 3 – Allow All Traffic Sometimes you are required to allow all traffic on your proxy server. In Squid server open Squid configuration file. Comment the http_access deny all line and add the http_access allow all entry this file. /etc/squid/squid.conf http_access allow all #http_access deny all Step 4 – Block Specific Website with Squid Let’s start with the additional configuration like blocking any website using squid proxy server. Add below rules to block specific website before any allow all rules. Below example will block yahoo.com and www.rediff.com. /etc/squid/squid.conf acl blocksite1 dstdomain yahoo.com acl blocksite2 dstdomain www.rediff.com http_access deny blocksite1 http_access deny blocksite2 If you have a long list of domain names, Create a file /etc/squid/blockwebsites.lst and put domain names one per line and add below rule in the squid configuration file. /etc/squid/squid.conf acl blocksitelist dstdomain "/etc/squid/blockwebsites.lst" http_access deny blocksitelist [b]blockwebsites.lst[/b] file content example: cat /etc/squid/blockwebsites.lst yahoo.com www.rediff.com Step 5 – Block Specific Keyword with Squid Add below rules to block specific website before any allow all rules. Below example will block all pages having keyword yahoo or Gmail. /etc/squid/squid.conf acl blockkeyword1 url_regex yahoo acl blockkeyword2 url_regex gmail http_access deny blockkeyword1 http_access deny blockkeyword2 If you have a long list of keywords, Create a file /etc/squid/blockkeywords.lst and put keywords one per line and add below rule in the squid configuration file. /etc/squid/squid.conf acl blockkeywordlist url_regex "/etc/squid/blockkeywords.lst" http_access deny blockkeywordlist blockkeywords.lst file content example: cat /etc/squid/blockkeywords.lst yahoo gmail facebook Congratulation’s you have successfully install and configured Squid proxy server. Credits to tecadmin.net

Welcome our site friend, P2PDL All posts and threads regarding this site can be posted here.. No spamming allowed, sites rules should be followed as well

Welcome our site friend, Free Courses Online. All posts and threads regarding this site can be posted here.. No spamming allowed, sites rules should be followed as well

Welcome our site friend, Free Tutorials. All posts and threads regarding this site can be posted here.. No spamming allowed, sites rules should be followed as well

Welcome our site friend, Pirateiro! All posts and threads regarding this site can be posted here.. No spamming allowed, sites rules should be followed as well

Welcome our site friend, Karan PC. All posts and threads regarding this site can be posted here.. No spamming allowed, sites rules should be followed as well