Technology Errors

vsftpd: pam_listfile(vsftpd:auth): Refused user root for service vsftpd

If you are attempting to FTP to a server running vsftpd as its FTP daemon you will be refused if this is a default vsftpd installation. It is strongly recommended to not allow root access to FTP because of security concerns which would provide the ftp user access to destroy anything on the server running FTP at will. Regardless it might be necessary for specific tasks and the below information will assist you in configuring vsftpd to allow the root user to login.

Technology Errors

AWS SSH Key Login Failed Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

Having trouble logging into an AWS instance using an SSH key? I was too and when I finally figured out what the issue was I was kicking myself. Recently I was called to assist figuring out information about a clients AWS deployment for a project where the original developers were no longer available or answering questions. Most of the instances that I initially worked on had no issues once I was able to obtain the correct SSH key pem file from Amazon. When the project was closing down I was asked to assist backing things up and it appeared the SSH key was failing for two of the instances which also happened to be the oldest two instances (2 years old). Below I describe the error I was seeing via SSH as well as the easy resolution to the problem.

Technology Errors

How to Run Google Chrome as Root on Backtrack Linux

I ran into an annoying problem today. I normally use Firefox for all my pentesting needs and I use google chrome as my default browser for everything else. I was setting up a new Backtrack image for myself and I installed the .deb archive for google chrome which is available on the google web site. When I went to start it up I received the following error message.

Screen-Shot-2011-10-27-at-7.14.08-AM

Below I will outline the simple steps to overcome this error:

Information Security

How To Set a Root CA to Untrusted on Mac OSX

I decided to make a quick post on how to set a trusted root CA to untrusted in Mac OSX. As some people may or may not know, one of the root CA authorities was recently hacked and several rouge certificates were issued including one with a domain name of  .google.com. Now DigiNotar, which is the company in question, claims that the have revoked all the rouge certificates and all is well. However, me being involved in infosec and security I would rather not take any chances so I decided to set DigiNotar to a “trust never” level on my machine for the time being. Below I will outline the few simple steps to do this for any certificate authority on Mac OSX.