Enable password authentication for Google Compute Engine instance.

By default Compute Engine instance uses key pairs to authenticate you into your instance. This is very much recommended for security reasons. When you are first time connecting your instance through gcutil ssh, you will be asked to create a pass phrase for your ssh keys. Gcutil will create key pair in your local machine and copy it over to your project.

However if you want to authenticate ssh from outside world using password, here is a simple step what to do:

Edit file /etc/ssh/sshd_config

Find this line from your sshd_config and change it to PasswordAuthentication yes:

 # Change to no to disable tunnelled clear text passwords  
 PasswordAuthentication no  

Then just reload your OpenBSD Secure Shell server (Debian).

  sudo /etc/init.d/ssh reload  

In a CentOS init.d name is bit different, since it uses OpenSSH server.

 sudo /etc/init.d/sshd reload  

Of course also remember to add firewall rule for TCP port 22. This can be done through Developers Console.

Generate .ppk out of .pem with Linux (Ubuntu)

Here is a example how to convert .pem to .ppk using Ubuntu.

First you need to install package putty-tools

 sudo apt-get install putty-tools  

After install, all you really need to do is this:

 puttygen key.pem -o key.ppk  

But.. with -P switch you can set passphrase for extra security, this is recommended and easy to do:

 puttygen key.pem -o key.ppk -P -C "My server key"  

It is also recommended to set comment for your key using -C switch, because this string will be prompted to you when you are entering your passphrase.

Note that you can also change passphrase afterwards by using -P switch

 m@box:~/Downloads$ puttygen -P key.ppk   
 Enter passphrase to load key:   
 Enter passphrase to save key:   
 Re-enter passphrase to verify:   

And you are done!

Generate .ppk out of .pem using PuTTYgen

First you must download PuTTYgen, you can download it from here.

Open PuTTYgen and select Load

Note that you must select All Files (*.*) from filter or you cannot locate the file. Click Open 

Next up "Save private key" should no longer be greyed out, click it and name your .ppk file.

And you are done!

Replicate linux data using rsync

I¨ve always had multiple Linux boxes at my disposal, usually they are just old laptops or desktop that i have planned to use for something but never had time to do anything useful with them, so i have them just lying around.

They never had any kind of raid or redundancy and my data has been "kept save" just by holy spirit :-)

Easy way to sleep without worrying is to replicate your data between servers. Easy way to achieve this is by using rsync and cron. In this example we don't use rsync protocol but we are using SSH connection for the transfer.

First you should create SSH keys to your server to make them access each other without need to enter credentials.

In this example i will create rsync from my home server to external server, in this case i have only 1 account for both servers that i will be using.

1. Create SSH Keys

Im using ubuntu servers so first i need to edit file /etc/ssh/sshd_config and uncomment one line

#AuthorizedKeysFile     %h/.ssh/authorized_keys
(remove # from the start)

Then i will login to my home server and create SSH key with command ssh-keygen -t rsa

I didn't use any passphrase

 m@homeserver:~$ ssh-keygen -t rsa  
 Generating public/private rsa key pair.  
 Enter file in which to save the key (/home/m/.ssh/id_rsa):   
 Enter passphrase (empty for no passphrase):   
 Enter same passphrase again:   
 Your identification has been saved in /home/m/.ssh/id_rsa.  
 Your public key has been saved in /home/m/.ssh/id_rsa.pub.  

Now we need to open this public key in /home/profile/.ssh/ that we just created, and copy paste all of its contents to external server.

login to external server
Authorized keys will be stored at file "authorized_keys" in /home/profile/.ssh

File didn't exist so i had to create it

 m@external:~/.ssh$ touch authorized_keys  

Open file with your favourite editor and paste contents of your public key into it + save.

We should be all done, time to test

 m@homeserver:~/.ssh$ ssh m@extserver  

Works! (at least for me), no password prompted, yippee.

2. rsync

I want to keep contents between my servers always identical, so i will use following rsync command:

 rsync -avz --delete /home/m/samba m@external:/home/m/backup/  

-a is for archive mode, its very good for backups it will preserve when file was modified and who is the owner and so on

-v is for verbose, so you will get some output about transfer itself

-z is for compress, will save some bandwidth

--delete will remove files on extserver that don't exist on sender, in my case homeserver

If you need to specify alternate port for your connection, add --rsh='ssh -p1234' modify 1234 to your port

3. Cronjob

Now we create cron in order to make this rsync run automatically. I want to replicate all changes once per day, there might be some huge changes in my samba directory so i want to give some time for this process. 24 hours should be enough..

Access crontab with:

 crontab -e  

In my case this will be easy, there is some predefined scheduling definitions that will work for me.
@daily will run job everyday at midnight. Please see more at Cron wiki page

So my crontab looks like this:

 @daily rsync -avz --delete /home/m/samba m@external:/home/m/backup/  

Some final words

Actually this is kind of bad backup, since one human error may compromise all of my data. So if i delete a very important file.txt from my samba share, rsync will destroy it from external server also.

There are many ways to overcome this, for example you could zip backup folder everyday for last x days, in my case this is not possible since i don't have enough disk space :-(

Anyway, be careful !