Secure Shell (SSH) lets sysadmins securely manage remote systems. It’s powerful, complicated, and confusing.

Lose the confusion.

SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys rescues you from sifting through decades of obsolete online tutorials and quickly makes you an SSH journeyman. You’ll learn to

·        eliminate passwords

·        manage access by users, groups, addresses, and more

·        securely move files around your network

·        forward graphic displays

·        proxy TCP connections

·        build SOCKS proxies

·        centrally manage and distribute keys and configurations

·        use SSH as secure transport for other applications

·        build virtual private networks

·        create Certificate Authorities for truly large scale deployment

Master Secure Shell with SSH Mastery!

#ssh2e

ZFS, the fast, flexible, self-healing filesystem, revolutionized data storage. Leveraging ZFS changes everything about managing FreeBSD systems.

With FreeBSD Mastery: ZFS, you’ll learn to:

-understand how your hardware affects ZFS

-arrange your storage for optimal performance

-configure datasets that match your enterprise’s needs

-repair and monitor storage pools

-expand your storage

-use compression to enhance performance

-determine if deduplication is right for your data

-understand how copy-on-write changes everything

-snapshot filesystems

-automatically rotate snapshots

-clone filesystems

-understand how ZFS uses and manages space

-do custom FreeBSD ZFS installs

Whether you’re a long-term FreeBSD administrator or a new user, FreeBSD Mastery: ZFS will help you simplify storage.

Master ZFS with FreeBSD Mastery: ZFS.

– Ken Thompson, co-creator of Unix

Let me be perfectly clear: ed is the standard Unix text editor. If you don’t know ed, you’re not a real sysadmin.

Forty years after ed’s introduction, internationally acclaimed author Michael W Lucas has finally unlocked the mysteries of ed for everyone. With Ed Mastery, you too can become a proper sysadmin.

Ed Mastery will help you:

·       understand buffers and addresses

·       insert, remove, and mangle text

·       master file management and shell escapes

·       comprehend regular expressions, searches, and substitutions

·       create high-performance scripts for transforming files

You must be at least this competent to use this computer. Read Ed Mastery today!

OpenBSD has a solid reputation for security and stability. It’s well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server.

Until now.

The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications.

With Httpd and Relayd Mastery you’ll learn how to:

·       set up web sites

·       configure software to run in a chroot

·       run dozens or hundreds of sites on one host

·       dynamically reconfigure sites with Lua patterns

·       manage site logs

·       maintain free, globally-valid SSL certificates

·       improve performance with SSL stapling

·       install and maintain two-server clusters

·       distribute traffic between any number of hosts

·       stop worrying about old SSL versions and bad crypto algorithms

Slash the amount of time you spend futzing with web servers. Get Httpd and Relayd Mastery today!

TLS Mastery takes you through:

·        How TLS works

·        What TLS provides, and what it doesn’t

·        Wrapping unencrypted connections inside TLS

·        Assessing TLS configurations

·        The Automated Certificate Management Environment (ACME) protocol

·        Using Let’s Encrypt to automatically maintain TLS certificates

·        Online Certificate Status Protocol

·        Certificate Revocation

·        CAA, HSTS, and Certificate Transparency

·        Why you shouldn’t run your own CA, and how to do it anyway

·        and more!

Stop wandering blindly around TLS. Master the protocol with TLS Mastery!

If basic TCP/IP was hard, network administrators couldn’t do it. Servers give sysadmins a incredible visibility into the network—once they know how to unlock it.

Most sysadmins don’t need to understand window scaling, or the differences between IPv4 and IPv6 echo requests, or other intricacies of the TCP/IP protocols. You need only enough to deploy your own applications and get easy support from the network team.

This book teaches you:

•How modern networks really work

•The essentials of TCP/IP

•The next-generation protocol, IPv6

•The right tools to diagnose network problems, and how to use them

•Troubleshooting everything from the physical wire to DNS

•How to see the traffic you send and receive

•Connectivity testing

•How to communicate with your network team to quickly resolve problems

A systems administrator doesn’t need to know the innards of TCP/IP, but knowing enough to diagnose your own network issues transforms a good sysadmin into a great one.

Jails are FreeBSD’s most legendary feature: known to be powerful, tricky to master, and cloaked in decades of dubious lore. Deploying jails calls upon every sysadmin skill you have, and more—but unleashing lightweight virtualization is so worth it.

FreeBSD Mastery: Jails cuts through the clutter to expose the inner mechanisms of jails and unleash their power in your service. You will:

·       Understand how jails achieve lightweight virtualization

·       Understand the base system’s jail tools and the iocage toolkit

·       Optimally configure jail hardware

·       Manage jails from the host and from within the jail

·       Optimize disk space usage to support hundreds or thousands of jails

·       Comfortably work within the limits of jails

·       Implement fine-grained control of jail features

·       Build virtual networks

·       Deploy hierarchical jails

·       Constrain jail resource usage

·       And more!

Strip away the mystery. Read FreeBSD Mastery: Jails today!

“This is the sequel to Git Commit Murder, right ?”

/phk, creator of the jail system

Unix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX’s youth, but now that sysadmin responsibilities are spread among many people and applications, many people need a tiny slice of root’s power.

Sudo lets you divide root’s monolithic power between the people who need it with accountability and auditability.

Sudo Mastery will teach you to:

·        design a secure sudo policy

·        simplify policies with lists and aliases

·        manage shell environments

·        verify system integrity via intrusion detection

·        deploy a single sudo policy across your enterprise

·        manage sudo policies via LDAP

·        log and debug sudo

·        record and replay full sudo sessions

·        use authentication systems other than passwords

Master sudo with Sudo Mastery!

He didn’t answer.

The We Get Letters column of the FreeBSD Journal has been called “a tsunami of bile disguised as experience and erudition,” “a torment to the eye and a stain upon the soul,” and “the corroded battleship anchor that will drag an otherwise illustrious Journal to an ignominious demise.” If you ask people who aren’t the columnist, you’ll get a less luminous view. Perhaps even negative.

We sincerely apologize.

This collection of the first three years illustrates how rapidly Lucas abandoned any pretense of answering questions usefully—or, indeed, paying any attention whatsoever to his correspondents. It is unacceptable. What the editors conceived of as an innocent letters column quickly transcended bitterness to become elevated, even elegant enmity. Against everyone.

Apologies are insufficient.

In an attempt to keep these columns from teaching other articles bad habits, we have confined them in their own private volume. The publisher expects it to be presented as evidence at his inevitable competency hearings, as well as most of the civil suits. Next week’s suits, at least.

"While we appreciate Mr Lucas' unique contributions to the Journal, we do feel his specific talents are not being fully utilized. Please buy his books, his hours, autographed photos, whatever so that he is otherwise engaged." – John Baldwin, FreeBSD Journal Editorial Board Chair

Threat or Menace?

PAM is one of the most misunderstood parts of systems administration. Many sysadmins live with authentication problems rather than risk making them worse. PAM’s very nature makes it unlike any other Unix access control system.

If you have PAM misery or PAM mysteries, you need PAM Mastery!

With PAM Mastery, you’ll understand:

·       the different versions of PAM

·       the intricacies of Linux-PAM and OpenPAM

·       how PAM policies make decisions

·       how to debug PAM

·       the most frequently seen PAM modules

·       Linux-PAM extended controls and substacks

·       time-based one-time passwords

·       using SSH keys for more than SSH

·       password quality testing

·       policies from CentOS, Debian, and FreeBSD

·       and more!

Transform PAM from a headache to an ally with PAM Mastery.

Tarsnap, the secure online backup service for Unix-like systems, raised the bar for online backups. It’s inexpensive. It’s reliable. And you don’t need to trust the Tarsnap service—they can’t access your backups even if they wanted to.

With Tarsnap Mastery you’ll learn to:

·        install and manage Tarsnap on Linux, Unix, Windows, and OS X

·        fully exploit features like encryption and deduplication

·        create and recover archives

·        customize backups to precisely your requirements

·        passphrase protect keys

·        create and manage special-purpose keys

·        automatically back up and rotate archives

·        understand and resolve performance issues

·        quickly restore complete systems

Ditch the tape room. Put your backups online, and know that they’re safe.

Tarsnap Mastery. Because life doesn’t back itself up.

FreeBSD includes many special-purpose filesystems. FreeBSD Mastery: Specialty Filesystems takes you through these filesystems, helping you solve problems you didn’t know you have. These filesystems underlie everything from application servers to jails.

You’ll learn to manage:

-removable media

-MSDOS and Linux filesystems

-CD, DVD, and Blu-Ray disks

-devfs

-process filesystems

-the file descriptor filesystem

-the POSIX message queue filesystem

-union mounts

-null mounts

-both memory filesystems, and when to use each

-NFS versions 2, 3, and 4

-iSCSI targets and initiators

-the Common Internet File System

-networked disk redundancy with geom_gate and HAST

-high availability storage with HAST and iSCSI

-NFSv4 Access Control Lists

-User Space Filesystems

-FreeBSD’s Solaris-compatible automounter

System administrators of any expertise level will expand their FreeBSD mastery with FreeBSD Mastery: Specialty Filesystems.

The world’s most successful distributed database—and the most naïve.

The Domain Name System is one of the Internet’s oldest protocols, designed for a network without hostile users. Intruders targeting a network start by investigating their DNS. DNS Security Extensions, or DNSSEC, hardens DNS and brings it into the 21st century. Learning DNSSEC required wading through years of obsolete tutorials, dead ends, and inscrutable standards.

Until now.

This new edition of DNSSEC Mastery will have DNS administrators deploying DNSSEC with industry-standard software in hours instead of weeks. You will:

·        Understand what DNSSEC provides

·        Configure your servers to resist attack

·        Verify your environment supports modern DNS

·        Debug DNSSEC and the Chain of Trust

·        Sign your zones and attach them to the Chain of Trust

·        Conceal zone data with NSEC3

·        Automate DNSSEC maintenance

·        Roll over keys to maintain integrity

·        Implement DNSSEC on private networks

·        Securely distribute security-critical information via DNS

And more! DNSSEC Mastery transforms DNS from a headache to a solution.

A hundred thousand gurus offer contradictory writing secrets. You must outline! You must free write! You must write at a standing desk with your bare feet in cold oatmeal!

The gurus are all correct—

and all wrong.

In Domesticate Your Badgers: Become a Better Writer through Deliberate Practice, full-time author Michael W Lucas demonstrates how to build a personalized plan to transform yourself into the best author you can be. Writing is a set of skills, and deliberately stocking your tool chest makes each piece you write better than the last. Want to be a pro? Use the same techniques pros use.

Stop flailing.

Start learning.

No badgers were harmed in the writing of this book.

Contains no badger or badger by-products.

Regulations on badger domestication vary by location.

Now What?

After learning your art, you get to learn business. Business is nothing but a specific kind of thinking. Cash Flow for Creators helps you develop the mindset and tools for building a long-running creative business.

·        Create the Right Business

·        How Money Goes Through a Business

·        Balance Art, Business, and Life

·        Art as a Long Game

·        Building Fans

·        Measure Success, Avoid Failure

·        When to Spend Money

·        Go Full Time

·        When Cash Flow Goes Wrong

Cash flow is a game. A game with simple rules. A game you can win, with the ultimate prize: a life doing what you love.

This small book teaches you to:

•Use boot environments to make the riskiest sysadmin tasks boring

•Delegate filesystem privileges to users

•Containerize ZFS datasets with jails

•Quickly and efficiently replicate data between machines

•split layers off of mirrors

•optimize ZFS block storage

•handle large storage arrays

•select caching strategies to improve performance

•manage next-generation storage hardware

•identify and remove bottlenecks

•build screaming fast database storage

•dive deep into pools, metaslabs, and more!

Whether you manage a single small server or international datacenters, simplify your storage with FreeBSD Mastery: Advanced ZFS.