Share localhost servers with the world: Pagekite and Localtunnel.

If you want to run a service from your local machine and have the ability to access it fast and reliably from the web then the open source tunneling/reverse proxy tool, PageKite, should be right up your alley. "PageKite makes local websites or SSH servers publicly accessible in mere seconds, and works with any computer and any Internet connection." It is in essence a reverse proxy tool that connects local servers to the public. By using Pagekite one can access their localhost, web server, file/folder, local SSH server, etc.

Using Pagekite is incredibly easy. Basically you have a 30 day trial and if you like it then you can choose to pay, and it is on a "pay-what-you-want" basis. The amount of bandwidth and months of service which you receive will depend on how much you pay. So after you sign up for your trial all you have to do is download the code from their website at http://pagekite.net and install the .py file. You can easily do so by using...

#curl -s https://pagekite.net/pk/ |sudo bash

You can access your Pagekite site which will be located at a URL such as http://yourname.pagekite.me/ after you sign-up. Using #pagekite.py 80 yourname.pagekite.me will connect your localhost:80 web server to a publicly visible site accessible by going to your page, such as "yourname.pagekite.me" in this example. Pagekite can obviously be very useful in an assortment of ways such as being able to "take control of your own data and store it in a machine of your choice" and you can choose when you want to share and with whom you will share your data and content with. And since you don't have to store your data on centralized servers your privacy stays in tact, keeping your server IP address private and gives you the ability to use Tor and encryption with your personal domain.

Another choice is Progrium's "localtunnel". Using "RubyGems" install localtunnel by # sudo gem install localtunnel choosing any port you like, such as using Apache on port 8080 at which point you can use # localtunnel -k ~/.ssh/id_rsa.pub 8080 If you are succesful you should see something like

Port 8080 is now publicly accessible from http://8bv2.localtunnel.com ...

If not there is a nice short README which exists at https://github.com/progrium/localtunnel#readme

LINUX - Basic Security with SSH.

How does one protect against password bruteforce attacks, and even just people guessing your password? The obvious first idea to spring to mind is to use a long (12-24 character) and difficult-to-guess password. This will pretty much thwart most dictionary based attacks or if the attacker has an incredibly large wordlist then this will at least make him work at it. I have seen a few bruteforce pass cracks take 3-4 days to complete on 16 character passwords, thus giving you ample time to pick up on the attack and stop it in its tracks or the script kiddie may just get tired and give up. But this is not ideal.

The recommended way to deal with this is to configure SSH so that it only accepts key-based logins. SSH keys are impossible to brute-force with today's technology and eliminating password logins eliminates the problem altogether. Another small step that people tend to overlook, especially those new to Linux, is to simply use your non-root account for day-to-day activities, especially web related actives (IRC, email, etc).

So let's start off by generating a key. After installing OpenSSH Run # ssh-keygen on your machine as root:

root@localhost:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
bb:22:03:ae:f6:cc:0f:21:01:5e:4e:d3:bc:71:a3:ba root@localhost.localdomain

So, as you can see from the above output, a private key and saved it to ~/.ssh/id_rsa.

And our public key is saved to ~/.ssh/id_rsa.pub

You now need to give the server your public key and tell it to trust that key and use it to validate logins. There are two ways: a harder and an easier one. The hard way involves manually pasting your public key to the ~/.ssh/authorized_keys on the server. The easy way is to use ssh-copy-id and let it do that for us:

~ ssh-copy-id root@X.X.X.X
root@X.X.X.X's password: 
Now try logging into the machine, with "ssh 'root@X.X.X.X'", and check in:

~/.ssh/authorized_keys

And that's it. Try logging to your server now - it should let you in without asking for a password since it will by default use your ~/.ssh/id_rsa private key.