First of all I have to confess that I have been very busy over the last months or two and have not really been motivated to write. I have a few other projects happening at the same time — at work, at home, at church and at my other websites, and I apologise for neglecting this blog. Hopefully I will get back to writing here again. I am also hoping to write shorter pieces — maybe just 2 or 3 paragraphs — so I can make more frequent posts.

Now, something I have been doing over the last couple of days is to upgrade my Ubuntu servers to 8.04 Hardy Heron, which was “officially” released last Thursday. Now it has been almost two months since I wrote my last blog post, which was about switching from Gentoo to Ubuntu, and now most servers/VPSs that I am personally responsible for (except those at work) are running Ubuntu. Hardy Heron is a LTS (Long Term Support) release which I am hoping to build most my apps on for the next 2 weeks. Upgrading to it from previous Ubuntu releases is surprisingly trivial.

SliceHost 3-Way-Handshake Podcast Episode 8 — over 80% of Slice at SliceHost runs on Debian-based distributions (Debian, Ubuntu), verses around 5.5% for Gentoo. RPM-based distributions (CentOS, Fedora, etc) is a bit bigger but simply does not compare with overwhelming domination of Debian-based distributions.

Over the last 3-4 months I have also gradually moved my Gentoo based servers to either Ubuntu or Debian (prefer the latest Ubuntu if available). In fact I have just deleted my 18 month old Gentoo slice at SliceHost, and moved all content to a new slice running Ubuntu 7.10 last month. Now I am happy to say that all of my live servers/VPS are now running either Ubuntu or Debian, and it has changed my Monday morning (my usual mass-update morning) from:

1. # emerge --sync
2. # emerge -avD world
3. Starring at compilation messages scrolling across the screen.
4. Trying to figure out why some packages are blocking, some packages do not emerge, and why some packages I upgraded last week is now down-grading again.
5. … 20 minutes later I finally got my root prompt back!
6. Restart all services that I have emerged, finger crossed hoping that nothing breaks, otherwise revdep-rebuild while reading special upgrading instruction on PAM, MySQL, or OpenSSL at Gentoo.org.

To:

1. # apt-get update
2. # apt-get upgrade

Upgrading all the packages in the Gentoo Portage system can be very time consuming, and it gets worse when you have quite a few servers to upgrade!

SecurityFocus: Linux kernel memory access vulnerabilities, exploit included to get you root account on stock kernels between 2.6.17 and 2.6.24.1. Web hosts responded — Holy !$#&!!! CentOS 5, Ubuntu Edgy-Gutsy, Debian Etch — all these Linux distributions are affected. Basically a local user can gain root access, and with help from vulnerable applications that allow executing arbitrary local code, a remote user might be able to take over the entire system.

I originally commented on Isabel Wang’s blog post on Ubuntu Linux and dedicated server providers, but somehow the comment disappeared. Hopefully it is not censorship in place :) So I am gathering my thoughts again, and will put them here.

I am a long time Gentoo Linux man, which is not hard to figure out from reading my posts here. However, recently I am thinking about giving Ubuntu a try. Source-based Linux distributions like Gentoo is great if you like to tinker, and have lots of time on your hands. However when you have multiple servers and VPS to administer, and what you are supposed to do is to focus on software development — managing all those Gentoo boxes can just be too time consuming.

One of the first thing I look for in Un*x/Linux shared hosting is, whether the host provides Secure Shell (SSH) access. As the hosting market becomes more competitive, more and more budget hosts start to provide this feature. However, many, especially ones under big names like GoDaddy and Yahoo, do not offer this essential feature as part of their package.

But what is so essential about SSH?

I have been a Linux user since ‘95. I still remembered my very first Linux distribution — Slackware 2.x on 50+ floppy diskettes, and I still remembered the joy to have it installed on my 486 DX-4 75 with 8Mb of RAM. However I eventually got tired with Slackware, for the next ten or so years there has constantly been a search for “the perfect distribution”. I started with Debian, tried Red Hat, moved to Mandrake, and finally settled down on Gentoo Linux.

Last week (9-15 April). 8,750 failed SSH login attempt, averaging almost one per minute, trying out all kinds of possible user names and left tons of junk in my message log. The recent SSH brute-force attacks (actually it’s not that recent) are rather annoying, and this article at Whitedust.com has useful information on how to prevent this kind of attacks.