Canonical’s Security Team produces Ubuntu OVAL, a structured, machine-readable dataset for all supported Ubuntu releases. It can be used to evaluate and manage security risks related to any existing Ubuntu components. It is based on the Open Vulnerability and Assessment Language (OVAL).
Ubuntu OVAL also allows for any third-party Security Content Automation Protocol (SCAP) compliant tools to accurately scan an Ubuntu system or an official Ubuntu OCI image for vulnerabilities.
wget https://security-metadata.canonical.com/oval/com.ubuntu.$(lsb_release -cs).usn.oval.xml.bz2
Just what it says on the tin. Assumes a Digital Ocean droplet and you have root access.
A procedure for turning a Debian Linux (Lenny) system installed on a single drive into a Debian Linux system running a two-disk mirror without rebuilding the whole thing. The procedure also shows you how to configure GRUB to boot from either drive.
A good explanation of why /etc/shadow on Ubuntu Linux boxen is owned by group 'shadow' and is set 0640 rather than 0600.
A graphical application which lets you edit the unusually opaque GRUB2 config files. Right now, it's most handy on recent Ubuntu Linux machines.
Short, sweet, and to the point: how to query information about packages available in Debian repositories, such as revision, maintainer, or section.
Canonical list matching x.y releases of Ubuntu Linux to the releases' codenames.
The official site where you can download old Ubuntu packages and iso images. Sounds useless, but when it comes to backwards compatibility it might come in handy.
If your Ubuntu machine is having problems with network configuration (Network Manager is refusing to configure an interface for some reason), these tips may help you fix it.
How to disable system services controlled by Upstart on Ubuntu and Debian systems.
As canonical a list of things you can do to processes running on an Ubuntu machine, including starting, stopping, and disabling them. Seems to apply to Workstation and Server editions.
How to set up an Ubuntu machine to require Google Authenticator to SSH in.
An archived thread from the apache-dev mailing list about the webdav bug in the v2.4.x series where it conflicts with mod_dir. Specifically, mod_dir hijacks the PROPFIND HTTP method and causes the problem. The solution is to set "DirectoryIndex disabled" and "Dav On" in the block for the WebDAV share. apache ubuntu sysadmin howto workaround
A website with a downloadable shell script which turns a raspi into a personal OpenVPN server. Lets you customize the configuration if you like. Appears to use a hardened OpenVPN configuration. The script will work with pretty much any Debian or Ubuntu v14.04 server you stand up someplace. The script can also be use to manage the server so you don't have to fight with the OpenVPN command lines.
A script that sets up openvpn on debian, ubuntu, centos, and arch linux. Interactive, will ask you questions used to generate configuration settings.
Another how-to for getting the Juniper's Java-based VPN client working on Linux machines.
A non-interactive system for automating the installation of Debian (and derivative) systems, sort of like Redhat's Kickstart or Solaris' Jumpstart. Used for unattended mass deployment (machine cloning). Centralizes deployment and configuration management. Can also be used to build out virtual machines. Can even set up LVM and RAID on new machines!
5054 links, including 361 private