Simple things are complicated: making a show password option

Posted on 2021-05-16 [Sunday] by jj5

An interesting article today: Simple things are complicated: making a show password option. It referenced Government Design Principles: Make things open: it makes things better which I thought was an interesting and sensible government policy…

Administering PostgreSQL

Posted on 2015-09-07 [Monday] by jj5

So I found this article which said:

 $ sudo -u postgres psql

 postgres=> alter user postgres password 'apassword';
 postgres=> create user your-user createdb createuser password 'passwd';
 postgres=> create database your-db-name owner your-user;
 postgres=> \q

Note: to enable password logins for the ‘postgres’ admin account, edit: /etc/postgresql/9.4/main/pg_hba.conf and after this line:

local   all             postgres                                peer

Add this line:

local   all             postgres                                md5

Disable Password Authentication for SSH

Posted on 2015-05-17 [Sunday] by jj5

See How to Disable Password Authentication for SSH.

vim /etc/ssh/sshd_config

Then:

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Then restart the SSH server:

service sshd restart

Change user’s password in Kerberos with kadmin

Posted on 2014-12-14 [Sunday] by jj5

To change a user’s Kerberos password (on charity):

sudo kadmin -p root -w `cat /home/jj5/kadmin_root_pass` -q 'cpw eguser'

Where ‘eguser’ is the username of the account being changed.

About Secure Password Hashing

Posted on 2014-04-10 [Thursday] by jj5

Found an interesting article: About Secure Password Hashing.

Salted Password Hashing – Doing it Right

Posted on 2014-04-06 [Sunday] by jj5

Today I read Salted Password Hashing – Doing it Right which was a good run-down on how to do password hashing. The article linked to phpass: Portable PHP password hashing framework which is a library for hashing passwords.

Change root password in MySQL

Posted on 2013-09-27 [Friday] by jj5

Needed to set a MySQL root password. Found this article which suggested a way when no password is yet configured:

mysqladmin -u root password NEWPASSWORD

And a way when a password is already configured:

mysqladmin -u root -p'oldpassword' password newpass

Note: you use ‘mysqladmin’ not ‘mysql’.

Password Best Practice

Posted on 2013-08-17 [Saturday] by jj5

I read Password Primer today:

Use at least 8-10 characters.
Interchange upper and lower case letters with numbers and symbols.
Consider a “Passphrase” like “Every good band deserves fans”: “!eGbAdfns2”
Change your password every 6 to 8 months and immediately if you believe it’s been compromised.
NEVER share your password with anyone you don’t trust – some would say never share your password PERIOD.
Don’t write your password(s) on sticky notes and then post them to your monitor!
Avoid using the same passwords for all of your accounts.
Never send your password to someone in an e-mail.
Don’t use the “Remember Password” option in browsers or websites
NEVER make your login and your password the same thing.

Setting user expiry with ‘chage’

Posted on 2013-07-30 [Tuesday] by jj5

Learned about the chage command today. Can be used to set the expiry of a Linux account. There’s some more information about disabling user accounts.

Portable PHP password hashing framework

Posted on 2012-10-20 [Saturday] by jj5

Learned about the Portable PHP password hashing framework today.

John's blog

Talking about technology (mostly)

Tag Archives: password