Password protect a VIM file

You can password protect a file using VIM – it’s built right in. To do this either edit a current file or create a new file e.g. testdata.txt and press :X

Enter a password and confirm it, now save the file with a :w and finally quit the file. When you reopen the file you will need to enter the password in order to view the contents.

 

 

If the password is entered incorrectly, you can’t read the contents:

 

 

You can also create a file with encryption turned on by including the -x switch e.g.

 vim -x test2.txt 

man vim for more details.

 

Anchore – Container Security Analysis

Anchore provides you with insight and control over the contents of your containers from the start of development all the way to production. Anchore delivers container security solutions for developers, operations, and security teams to deliver insight and control over the contents, security and compliance of containers from the start of development all the way to production. By allowing the creation of policies for security and compliance that are evaluated by Anchore at each stage of the build pipeline, Anchore ensures that only images containers that adhere to an organisation’s policies are deployed.

What’s Inside Your Container Images?
With Docker and containers it’s never been easier to deploy and run any application. Developers now have access to thousands of applications ready to run right “off the shelf” and the ability to quickly build and publish their own images.

In addition to the application, the container image may contain hundreds of packages and thousands of files including binaries, shared libraries, configuration files, and 3rd party modules. Any one of these components may contain a security vulnerability, an outdated software module, a misconfigured configuration file or simply fail to comply with your operational or security best practices.

For more details and to download/install:
https://anchore.com

Solve sudo sending useless emails “problem with defaults entries”

Whenever a user (whether sssd-ad authenticated user, or local user, or root) uses sudo, it works. But it also sends the administrator a useless email. This problem is caused by sudo looking for directives in a place it cannot find them: sss.
Check the /etc/nsswitch.conf file and modify the sudoers entry.

 sudoers: files sss 

The sss should not be there. The sssd-ad package adds itself there, but very few environments store sudoers directives in sss. It’s far more likely your directives are local, so you should have a /etc/nsswitch file entry like the following:

 sudoers: files 

Thanks to this post for pointing the above out:
https://bgstack15.wordpress.com/2016/06/06/solve-sudo-sending-useless-emails-problem-with-defaults-entries/

AD Powershell

After running Windows Server 2016 recently with a DC, I’ve started using Powershell to perform AD functions. Here are a few basics.

New-ADUser cmdlet to create a new user:

 New-ADUser -Name John.Smith 

The above would only create the username, create a new user with more associations:

 New-ADUser -Name John Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Add the password for above account:

 $password = "Strong Password" | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name John.Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Bulk Import Users with New-ADUser:

$Import =Import-CSV "c:\utils\aduserimport.csv"
$OU = "OU=staff,DC=ausinfotech,DC=local"
Foreach ($user in $Import)
{
$password = $user.Password | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name $user.Name -GivenName $user.FirstName -Surname $user.LastName -Path $OU -AccountPassword $Password -ChangePasswordAtLogon $True -Enabled $True
}

The above script imports the CSV file, sets the standard OU and calls each data record (line of your CSV), writes the password and creates the user account. We are using a “Foreach”-loop, which loads each user record with its parameters from the CSV file.

See here for more info:
http://activedirectoryfaq.com/2016/04/ad-powershell-basics-new-aduser