05 Aug

Remote Desktop Protocol (RDP)

Remote Desktop Protocol (RDP) is a proprietary graphical remote desktop software developed by Microsoft. It is the default solution for connecting to remote Windows servers and has been packaged with every version of Windows since XP. Now on its 8th version, RDP has been forked to work on most popular operating systems including IOS, Android, Mac, Windows, and Linux. Though designed to work with windows server, RDP has become a popular choice for connecting not just to remote PCs, but to mac as well as Linux servers.

Capabilities:

Remote Desktop Protocol is designed to allow users to connect to a computer desktop remotely and access that computer as if it were right in front of them. A desktop connected has access to all plugged in peripherals just like a normal computer. These peripherals can include things like:

  • Mouse and keyboard
  • Monitors – including multi-monitor setups
  • Headphones and speakers (Audio In/Out)
  • Printers
  • Storage devices

Security Concerns

Remote Desktop Protocol uses the very well-known 3389 port, which is commonly used to infect computers with malware and ransomware. According to an article published by cybersecurity firm McAfee, RDP was the most common attack mechanism used to spread ransomware in Q1 2019.

For this reason, experts generally warn against using it over the Internet despite encryption capabilities. It is rather suggested to use RDP over a private network or VPN.

Despite security issues with port 3389, RDP does come with encryption enabled. Even peripherals like mouse and keyboard have their signals sent over encryption which although leading to input lag, helps to secure input such as passwords.

Here are a few suggestions to stay safe using RDP:

  • Make sure encryption is enabled: Encryption can be turned on or off so make sure it is enabled on your DRP session
  • Use complex passwords: choose passwords that will be hard to crack. RDP requires knowing a computer’s password.
  • Use over a private network or VPN: RDP should be used over a private network especially or enterprise use. Be cognizant of which networks you are accessing your computer from. If you must access it remotely, make sure you are going through a Virtual Private Network.
  • Manage Firewall Settings: In your firewall, you can limit RDP sessions to know IPs to make sure unauthorized users are not given access.

Open Source Forks

RDP is available on almost all platforms thanks to the open-source community and their efforts creating RDP software designed to work with operating systems like Linux.

The 2 leading open-source RDP protocols are FreeRDP and Xrdp. These can be installed on any Linux operating system and accessed through either Microsoft’s own Remote Desktop application on Windows or through open-source viewers like Rdesktop on Linux.

Using RDP

On Windows:

  1. Open the Remote Desktop Connection application
  2. Click on the Options link if you want to customize settings
  3. Input the IP address of the desktop you are trying to connect to
  4. Input your username and password

On Linux:

  1. Install a client. Popular options include: Rdesktop, Remmina, xfreerdp
  2. Run your chosen RDP client
  3. Input IP, username and password

On Mac:

  1. download the Microsoft Remote Desktop client from the App Store
  2. Click “New” to configure your connection
  3. Type username, IP, username, and password
  4. Click “Start”
Share this
29 Jul

Understanding Git

What is Git?

Git is the most widely used Version Control Control System in the world. It was developed by Linus Torvalds in 2005 as a way to address the challenges of remote development projects and the multiple conflicting updates that can occur during the development cycle as a result of developers not working closely together.

A Distributed Version Control System is a platform that allows developers to work on programs remotely as their own separate versions, then merge their changes into one master file once the developer feels changes are ready. In Git projects, there is a master project that a team is trying to develop and improve. But instead of everyone working on the master project itself, each developer can download a copy, make changes in a completely separate environment from other developers, then merge those changes into the master version which can then be globally updated for all developers to download from.

When developers work on these separate versions of an application (known as branches) those changes are not going be seen by other developers until integrated into the master file. Each developer has their own version and their own repository of changes. This is useful because if a developer feels they need to make revisions or restore an old version, they are free to do so.

By working on a separate version of an application, developers aren’t disturbed by changes from another developer. It also allows developers to test their specific changes in a program to see if issues arise or they want to make corrections before integrating those changes for everyone else.

Example of Version Control

How Version Control Branches Work
How Version Control Branches Work

In this illustration, there is an app that is going through 3 stages of development and being worked on by 2 developers.

John (developer 1) downloads App version 1 and makes several changes to it. He doesn’t disturb Dave (developer 2) who is also working on the app because both have separate version repositories after they’ve downloaded from the master project.

John makes several changes to the app and then reverts 1 step because he made an error before resubmitting his changes to the master app. John can do this with ease because Git backs up John’s app versions along the way. He ends up submitting version 3 from his repository instead of version 4.

Dave only needs to make 2 changes. He works undisturbed then submits his changes to the master project.

After both developers have submitted their changes, the master project is updated to App version 2.

Both developers are now working from a new version (App V2) where they are both up to date on each other’s work.

They review their changes. Dave finds he doesn’t need to make any more changes, so he submits App V2 as the final version. John, on the other hand, realizes there is an error and fixes it in his copy of App V2. He then submits the changes to the final version.

Because both developers were using Git, John was able to submit his change to the final version and Git recognized Dave didn’t submit any conflicting changes and so the change was implemented in the final project.

Advantages of Using Git:

Scalability: Git is a powerful tool that allows multiple developers to work on applications remotely. Git is relied on from small development teams to large, multi-national tech corporations.

Built-in Backup: Git is built with recovery in mind. versions are saved all along the way and repositories are separate so if a developer wants to return to an old version they can.

Centralized Development: Git projects can be enforced by an admin so that no one is pushing changes to the master file before approval. This helps foster organization and managed collaboration.

Genuine Details: details like time, file ID, commit messages, and anything else stamped by Git cannot be changed without changing the file ID itself. This means details are authentic.

Speed: most operations in Git are performed on the local machine that the developer is working on. This means there is no latency or performance drop that sometimes comes from communicating with central servers.

Open Source: Git was developed by Linus Torvalds – the creator of the Linux kernel. Git is open source so the community can contribute and modify the program as they wish.

Free: Git is a free platform that allows developers of all sizes and scale to use Git to build projects affordably.

Optimized for Linux: Git was built by Linux Torvalds who developer the Linux Kernel. git was designed to be a tool optimized for Linux development environments.

What is GitHub?

Many people in the technology community are more familiar with Github than with Git itself. And you might be wondering what the relationship between the two is.

Github and Git are separate entities. Git is the development platform that allows for Distributed Version Control while Github is a company offering an online development community where users can submit Git projects along with other development projects.

GitHub, recently purchased by Microsoft in 2018, is a hub targeted at the developer community. It allows developers to share code, projects, collaborate on forums, ask questions, find featured tools and software, learn about open source guidelines, and more.

For example, when clicking the “Android” topic, users can find anything from designers asking questions about Google’s material design, sharing resources that they’ve found helpful for general Android programing knowledge, and curated collections of software or interesting projects.

Just like Git, Github is built on the premise of community and collaboration. It is designed for developers to have a forum to discuss, collaborate, and share.

What’s The Connection Between Github and Git?

While Github is more than just Git projects, it is still designed to work seamlessly with Git. Git projects are typically published and stored on Github as a way to centralize them project. From there, developers can “pull” a project down from Github and begin working on their own branch. When they are ready, it can then be “pushed” back up to Github and integrated into a downloadable master file.

While many users of Git are users that share their projects to the public, Git offers the choice to create private repositories that act much like a storage locker for projects. This is a great system for remote developers looking to collaborate as Git acts as a safe space to store a development project. Private repositories are also heavily used by large corporations looking for a way to unite their remote workforce.

Summary and Final Thoughts

For many developers worldwide and of all sizes, Git is an irreplaceable tool and the defacto standard when collaborating on large development projects with many distributed versions. The fact that Git is free and open source means that developers of all sizes can take advantage of Git which allows for coordinated, remote development.

Git is scalable, recoverable and centralizes workflows between developers making it an essential tool for the modern remote cloud computing dominated world. Developers can work on their own machines for speed, then push their creations to repositories in the cloud through services like Github or private cloud servers for internal organization use. Git allows for seamless development on the Linux platform but is available to be used on all platforms giving it unparalleled flexibility.

If developers decide they want to collaborate openly on projects, they turn to a platform like Github where they can share their development, collaborate, ask questions or find resources through the many forums and curated lists by Github users.

If you want to try Git yourself, the Git website has details on how to install Git. There is also an optional GUI desktop program to install.

Share this
22 Jul

Installing SSH on Linux and Generating Public and Private Keys

What is SSH?

SSH stands for Secure Shell and it is a way for systems to communicate with each other by sending encrypted data over a network. SSH is one of the most secure ways to send and receive data and is the method relied on by the data centers that manage tons of information and keep the Internet as we know it running. It is also relied on by many including developers and systems admins because it is a reliable way to access servers. Combined, with SSH keys, it can even eliminate the need for passwords when remote connecting to servers.

The reason that SSH is relied on because it is universal, working on Linux, Mac, and Windows. It can be controlled through a command prompt or GUI based programs such as the popular PUTTY client for windows.

One of the first steps for setting up a remote server, whether it be through a provider like ZebraHost or a private on-premises cloud, is to enable SSH access and to generate a public and private key so that two systems can send encrypted information remotely.

SSH works by generating two keys. One public key and one private key. The private key only lives on the machine you want to SSH into your server from. The public key can be copied to any server or machine you want to access remotely. This is great for security because regardless of who has your public key, as long as only you have your private key, only you can log in with it. This even opens up opportunities like being able to securely access your server as a root user or without a password.

Install SSH Access on Linux

the first step to enabling SSH access is to install Secure Shell. We will be doing this via Open SSH. To do this, type:

sudo apt-get install openssh-server

After clicking enter you will be prompted if you want to continue (Y/N). Types Yes.

Once open SSH is installed you will be ready to use basic SSH in order to access your machine remotely. All you have to do is type your username, IP, and password and you will be able to log into your machine remotely. However, this is considered the least secure way to access your machine as anyone that knows your credentials can access your machine via SSH.

To make your machine more secure, you will need to generate a public and private SSH key. The advantage of using public/private keys is that because the two keys must “talk” to each other, even if someone learns what your credentials are or sees your public key, without knowing the private key there is no way they can access your server.

How to Generate a Public and Private Key on Linux

Think of a public key and a private key as a lock and key. The lock can go on any door you want but without the key its inaccessible. The public key lives on any server you want to access while your private key lives on the machine that you use to access the server. This allows you to have control over your server or if you want, multiple servers.

On your host Linux machine, you will start by generating a public and private key using either of the commands below:

Type either:

ssh-keygen

or

ssh-keygen -t rsa

Then, as shown below you will have options such as setting up a passphrase to protect your keys. In this example, we will simply click Enter to skip entering a passphrase and go straight to generating our public and private key.

Generating SSH keys using ssh-keygen command
Generating SSH keys using ssh-keygen command

Now that the keys are generated, you will want to copy your public key over to your server while your private key remains on the host machine.

To do this, first go into your .ssh directory by using:

cd.ssh

Then, type:

ssh-copy-id username@serverIP

If done correctly, you will see that 1 key has been added to the server. This is the public key that will allow you to access your server via public/private key access.

Successfully copying over public key in Ubuntu
Successfully copying over public key in Ubuntu

Try logging into your server. If your SSH keys have been generated and placed successfully, you will no longer need your password. Rather, Ubuntu will use your private key generated on your host machine to access your server.

Successful SSH login from Ubuntu
Successful SSH login from Ubuntu

The above screenshot is an example of what your machine should look like if you have properly SSH’d into your machine using keys. Notice that after I typed ssh sshtest@192.168.56.104 I was not asked for a password and my server simply said Welcome to Ubuntu 19.10

Generating SSH Keys on Windows

Because the ability to generate public and private keys is not fully baked into Windows, we will be generating our keys via a program called PUTTY. Putty is a client that allows users to log into their servers via SSH.

Putty is GUI-based and as such will generate public/private keys using a different method.

To start, download Putty.

Testing SSH Without SSH Keys

Once PuTTY is installed on your system, you will open the client and first test to make sure you can SSH into your server without keys.

To do this, simply type either your server IP address or username@server address into the “Host Name (or IP address)” bar towards the top of the PuTTY program.

PuTTY session page
PuTTY session page
Where to put your private key in PuTTY
Where to put your private key in PuTTY

Once you click Enter, you will be asked either which user you would like to log in as or the password for that user.

PuTTY SSH requiring username
PuTTY SSH requiring username
PuTTY successful SSH login
PuTTY successful SSH login

Above is what a successful PuTTY SSH login will look like without using SSH keys

Generating SSH Keys via PuTTY

Now that you know your server is accessible from your host machine through normal SSH, you can begin to generate your SSH keys.

To do this, you will want to exit your session if it is active, then search for Putty Key Generator in your start menu. Open this program and click “Generate” with parameters set to RSA

Generating PuTTY SSH Keys
Generating PuTTY SSH Keys

Once your key is generated, click save for both the private and public keys to a private, secure folder where no one will see them (especially for the private key).

Go back to your regular PuTTY program and then type in your IP address in the “Host Name (or IP address)” bar and then without logging into your server, go to the Category window, then scroll down to SSH, then click “Auth” and browse for your private key you generated.

PuTTY Authentication Settings
PuTTY Authentication Settings

Once that is uploaded, you will then SSH login to your server like normal. You will still need your password because you need to upload your public key to the server.

Once you’ve logged into your server, type:

cd. ssh

This will bring you to the ssh directory you need

Then type:

nano authorized keys

then paste the public key that PuTTY generated in a new line. See below which key to copy.

Copy the public key generated in the box on PuTTY
Copy the public key generated in the box on PuTTY

Click CTRL+X then Enter

You will now have the proper public key loaded onto your server

Setting Up One-Click Login Parameters for PuTTY

In order to set up one-click login using your public/private keys, you will need to set up a session profile in PuTTY.

First, type your IP in the “Host Name (or IP address)” bar.

Then go to the Category window. Connection -> Data -> Auto-login username.

Enter your username so that you don’t need to enter your username each time you log in to your server.

Then, Category -> Connection -> SSH -> + -> Auth -> Private key file for authentication.

Click Browse and locate your private key file generated earlier.

Return to “Session” in the Category window.

Enter a name for your Session under Saved Sessions and then click Save.

Now, you can double click your session name or click the session and the load button. With SSH access enabled you will be able to log into your server with just your public/private key combination with no password or username needed.

Below is an example of a successful login with SSH keys:

Successful SSH Login with PuTTY Using SSH Keys
Successful SSH Login with PuTTY Using SSH Keys

Share this
15 Jul

Edge Network vs CDN – and Why They Can Help Your Business

The Internet and networking technology is becoming increasingly critical for business growth. More people are shopping and working online than ever before.  Companies are now using the Internet as the primary outlet for increasing brand recognition, reaching customers, and converting sales.

Although it seems like more users online equal more sales opportunities there is a problem. The internet is brutally competitive. And users are demanding data load faster.

If your company can’t produce a webpage or load an image in milliseconds users will simply go elsewhere.  And there’s little chance they are going to return to your site.

With rising globalization and increasingly connected users, data needs to travel farther and faster than it ever has before in order to reach users. Many companies, like ZebraHost, have users across the globe. Those users need to be served data at equally fast speeds or ZebraHost risks losing its global competitive edge.

The pain point of needing to deliver content to users faster has led to the rise of Edge computing. Under the umbrella of Edge computing, two solutions have emerged. Edge Networks and Content Delivery Networks. Content Delivery Networks and Edge Networks are both designed to bring content to users faster. Although the two methods are referred to interchangeably, there are some differences you should be aware of.

Content Delivery Network (CDN)

A Content Delivery Network (CDN) is a network of servers located strategically close to users. The primary purpose of these servers is to cache static content like images videos etc. to reduce the distance that data needs to travel. With less distance to travel, data reaches users faster.

Have you ever tried to request content from a server located in a foreign country or continent? If you live in North America and have ever tried to get content from Asia, you might have noticed it loads slowly. It has nothing to do with either your internet speed or theirs. It’s simply because of latency due to the distance that data needs to travel.

Because content must travel physical distance over copper or fiber wires, the farther a user is from the server hosting the content, the longer it takes to receive it. The user will have to request the content from the origin server (where the data is originally hosted). That server will then realize a user far away wants to access it then will push the content out to that specific user. All this takes time. The amount of time it takes to request then render a data request is known as latency.

Latency is solved through taking commonly accessed content like images or a website homepage and storing it on the CDN. The CDN will store the content via caching it closer to users. For example, if I want ZebraHost’s homepage to be accessed by users in Kansas City, Sydney Australia, and Cape Town South Africa but my servers are only located in Altoona Iowa, I might find a CDN beneficial. I can cache my homepage on a CDN that has servers in those locations. Then, instead of users having to download my homepage from Altoona Iowa, they can download it from the CDN server closest to them.

Naturally, a CDN can’t place a server equally close to every single user. So, in order to deliver data effectively, the CDN places servers at strategic points such as high traffic data centers where most internet activity in a region is accessed from. A CDN is not just about numbers or servers but strategic placement of those servers to minimize latency.

Edge Network

An Edge Network takes things a step further by not just placing servers in regionally dispersed data centers but rather at high volume Internet Exchange Points (IxPs). These Internet Exchange Points are where ISPs connect with each other to exchange information.

An Edge Network provider will place Point of Presence (PoP) servers at Internet exchange points to further minimize latency by going through the network most direct to the user.

Typically, data must travel over the cables of multiple network providers when traveling long distances. Because an Edge Network caches information at Internet Exchange Points, a user might only have to connect to the nearest exchange point to receive data rather than have it travel over many networks. This can speed up data delivery dramatically, especially for companies with internationally dispersed users.

This might make an Edge Network just sound like a fancy CDN because that’s what it is. An Edge Network is a CDN that specifically places servers at Internet Exchange Points to bring data closer to the network Edge. The network edge is the closest that a CDN can get to users. While an Edge Network is a CDN, a CDN is not an Edge Network. A CDN simply refers to a content delivery solution that caches information in geographically dispersed data centers. The CDN may place their servers in IXPs or they may not.

Edge Computing

CDNs and Edge Networks are under the umbrella of the Edge Computing revolution. But Edge Computing and Edge Network are not the same thing. Edge Computing is an umbrella term that refers to the new trend of bringing data closest the users as possible. And Edge Computing can encompass many things. Most commonly, Edge devices are devices that enable data to be brought closer to users. Common examples are Internet routers, connected vehicles, smartphones, etc. Anything that can act as an entrance to the network has the potential to be an Edge device. But being able to store and access information at these Edge devices is what allows them to be a part of Edge Computing and work towards reducing latency for users.

A common example of Edge Computing is found in electric vehicles. Electric vehicles are highly connected with various electronics that can store, cache, and transmit data. Technology companies can cache information in these vehicles to deliver it faster to users. They can also pull data from these vehicles to understand driving habits, safety data, and more.

The overall goal of Edge computing is the same as CDNs and Edge Networks in that it is designed to deliver information to users quickly and decrease latency.

Free vs Paid CDNs

There are numerous paid CDN services available that make CDN management easy. Examples include Key CDN, Akamai, CloudFront, etc. But there are also free CDNs with more limited features. The most popular of which is Cloud Flare.

Free CDNs typically require more manual configuration. A paid CDN will have a support team that can guide you as you set up your CDN, as well as help you if anything goes wrong. A free CDN will typically let you use the CDN network, but there is unlikely to be any kind of personalized support as part of the free plan.

Free CDNs will also often use a ‘push’ method of delivering content. The push method means that users will choose which content they want on their CDN and request that it be stored on the CDN. The plus is that users have control over the content being pushed and there isn’t wait time for the CDN to cache the content once users request it. On the other hand, if the content hasn’t been pushed to the CDN it won’t be automatically added to the CDN as frequently access content. This can prevent the CDN from working optimally from a user end.

A Paid CDN will typically have more premium support as well as extra features. For example, Cloudflare offers both a free CDN and paid CDN. The free plan offers access to their global CDN. But the paid tier offers the following features:

  • Better site protection
  • More frequent site crawls
  • Mobile optimization
  • DDoS protection

As well as offering extra features as Cloudflare does, paid CDNs are typically more automated using the ‘pull’ method. The pull method is where users will request content. The CDN will then be set as the default access point and since it does not have the content. It will pull that content from the origin server and then cache that content over the CDN. The downside to this is that the first users to request something will have to wait longer because the information isn’t already cached. However, users afterward will be able to access the content quicker once it’s cached. And because the CDN is helping automatically pull frequently requested content it leads to better user experience as the CDN is optimized via user requests.

Main Advantages of CDNs and Edge Networks

CDNs and Ege networks differ slightly, but the core advantages are very similar between the two:

Fast: CDNs and Edge Networks deliver content quicker to your users than if they must send a request to the origin server. This will give your users a better experience and increase the chances of them returning to your site.

Better Bandwidth: Because geographically dispersed users request content from the server closest to them, it means that there is less bandwidth being used on the origin server. CDNs cache content in multiple places helping balance bandwidth.

Load Balancing: Having information cached in dispersed servers that users can access other than the origin server lessens the stress on each server in your network.

Cost Savings*: CDNs and Edge Networks typically end up saving businesses money. Data travels shorter distances so hosts pay less to ISPs. Although CDNs and Edge Networks in most cases cost money, this cost is often less than the amount saved.

Security: Because content is cached globally and the CDN or Edge Network acts as an access point to the network, DDoS and other network attacks are mitigated or at the very least affect fewer users.

Redundancy: Because content is stored in multiple places, if a server goes down, users can simply be redirected to the next closest server that has the content they requested cached. Content is also cached so if the origin server is down, users can still access the content.

Should You Use a a CDN, Edge Network or Neither?

Most businesses have geographically dispersed users and will likely benefit from the addition of a CDN or Edge Network to their infrastructure. However, some businesses, mostly local businesses, will have users in only one area. For these businesses, a CDN might not be useful – yet.

In order to answer the question of which content delivery option is best for your business you must look at your user base.

Do you have a large, globally dispersed userbase? Use an Edge Network. An Edge Network being located at Internet Exchange Points will help data travel by having it traverse less ISP networks thus bringing content closer to your users.

Do you have a geographically dispersed userbase in only a few main regions? If the features and price are right, a CDN is right for your business. If your users are only in a few key areas having your content stored in data centers close to your users will suffice.

Do you have users only in a local area? If you are a local business or only serve on region nearby your origin server, a CDN or Edge Network will not make any noticeable improvement for your business. Your data doesn’t have to travel far so the extra cost or technical setup might not be worth it. On the other hand, you should keep Edge Networks and CDNs in mind if you plan to expand beyond your local area in the future.

Conclusion

There is no doubt that we will see a rise in the usage of CDNs and Edge networks in the future. As the Internet continues to grow and users demand content to be delivered faster, Edge Networks and CDNs will be an important part of most companies’ network infrastructure.

Though CDNs typically are not free, the cost is well worth it for many businesses for the benefits they provide like security, redundancy, and faster load times.

Businesses of any size should keep the advantages of a CDN or Edge Network in mind as they expand and need to potentially cover a larger customer base. Unless your business deals strictly with the local area, understanding how these content delivery methods function could help expand your business.

ZebraHost is now on a CDN. We’ve worked with a leading CDN to make our website faster by caching our homepage so it is delivered to users quickly. We chose to work with a CDN to add additional speed to make browsing our website faster and increase user satisfaction when researching our cloud solutions.

Share this

©2020 ZebraHost, LLC | All Rights Reserved | Powered by ZebraHost