Richard's Diary
Tuesday, January 13, 2009
More AMI Bundling- disable password based login for root and all users via ssh http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1233 (already works if you leverage Amazon AMI)
- make sure all accounts are unable to login by looking at shadow file
- for any machine, make sure you remove unneeded public keys from ~/.ssh/known_hosts or authorized_keys because anyone who possesses the private key could connect to local machine
- make sure private keys are readable only by owner and all keys are not writeable so they aren't accidentally modified, otherwise you need to need to resend public key but the most annoying thing about it is being unable to login when you want to
-
create PostgreSQL and LOG volumes, attach them, format them and mount them per http://www.picky-ricky.com/2009/01/amazon-ebs.html
- yum install postgresql-server
-
configure pg_hba.conf per http://www.picky-ricky.com/2008/11/postgresql.html
-
configure postgresql.conf per http://www.picky-ricky.com/2008/12/postgresql-configuration-and-backup.html
-
configure /etc/sysconfig/postgresql for paths
POSTGRES_DATADIR="/usr/local/pgsql/data"
POSTGRES_OPTIONS=">>/usr/local/pgsql/data/logfile 2>&1" - change /etc/init.d/postgresql to smart shutdown
- chkconfig --level 345 postgresql on
- 2009 (13)
-
2008 (25)
-
December (12)
- Networking Basics
- Domain History as Revealed by Webmaster Tools
- IPtables
- Runlevel Service Configuration
- High Availablity Followup for the Future
- Recovery worked!
- Restoring a PostgreSQL Backup
- PostgreSQL Configuration and Backup
- More PostgreSQL Notes
- Negatives clarification in Adwords
- First Use of Production Adwords API
- Virtualization
-
December (12)
© 2010 Picky Ricky, Inc. originalblog