Setup SSH keys for login without password

Sick of being asked for your password? Set up SSH authorised keys and forget about it!

you@localmachine:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/you/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/you/.ssh/id_rsa.
Your public key has been saved in /home/you/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4
you@localmachine

you@localmachine:~> chmod -R go-rwx ~/.ssh

Now copy the contents of /home/you/.ssh/id_rsa.pub, and SSH in for the last time with your password to your remote machine:

you@localmachine:~> ssh user@remote.com
Password:
Last login: Tue Jan 28 14:14:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

user@remote.com:~> cd .ssh
user@remote.com:.ssh> nano authorized_keys

Paste in the contents you copied from your public key file. Make sure it is all on ONE LINE. Save and exit.

user@remote.com:.ssh> cd ..
user@remote.com:~> chmod -R go-rwx ~/.ssh
user@remote.com:.ssh> exit
you@localmachine:.ssh> ssh user@remote.com
Last login: Tue Jan 28 15:28:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

Awesome!

Password Protect folders in Apache with htpasswd

Want a completely insecure password protected folder using htpasswd?  Great!
A pointless exercise unless it’s in a setup at your work and you have no say in the matter, htpasswd’s are sent in unencrypted plain text, so anyone hanging around packet sniffing will pick up the password easily enough! Anyway, thats besides the point, how is it done?

First up we put this in the .htaccess for the directory we wish to protect (ha):

<Directory "/home/user/username/www/folder/to/protect">
AuthType Basic
AuthName "My Private Directory"
AuthUserFile "/path/to/htpasswd"
Require valid-user
</Directory>

Then we generate the htpasswd file like this:

 htpasswd -c /path/to/htpasswd username

Hooray! The illusion of ‘security’! At least it keeps non geeks out 😉