sudo apt-get install network-manager-pptp pptp-linux

Did the trick and now it was just a matter of entering the server information, username, password. At this point I was still unable to connect to the network. I double and triple checked my info and it was all right. It turned out I had to enable Point to Point Encryption (makes sense) in the advanced section.

Now, I have a nice little ‘locked’ icon on my network status bar.

Who knew it would be that easy?

Thankfully KeePass (or KeepassX on Linux or Mac OS-X) can help out where my memory lacks. KeePass will provide you with a secure place to store all of you passwords in an encrypted format. From the screenshot you can get a rough idea as to what the interface looks like. When you highlight any of the entries, you can just Ctrl+C to copy the password and paste it into whatever application is asking for it. For websites, there’s even an ‘auto-type’ feature. To use this, you first go to the site you want to log in to, click in the username box, and then open KeePass and click on the entry for the site. Then press Ctrl+V and it will type in your username / password for you. Slick eh?

I’ve also been asked about how to generate secure passwords. If you are going to use something like KeePass, I would recommend using it’s built in password generator tool (take a look to the left). It gives you a few options to configure, and then spits out a nice random password for you. For those of you using Ubuntu (or any variant of linux for that matter) you can use the command line tool pwgen (click to install in Ubuntu or ‘apt-get install pwgen’). After installing run something like:

pwgen -B -N 5 -1

To get a list of passwords similar to:

eiyah7Ei
Aeh3Ooxo
jaW9ahFi
rohxiJ7z
uth9ZieY

The -B parameter tells it to not use ambiguous characters (is it a 0 or an O? l or I?). -N 5 creates 5 for you to choose from and -1 puts them each on their own line to make it easier to pick.

If you don’t have access to either of those tools, or you need something that you’ll have a better shot of remembering, try basing the password off of a phrase or something you’ll remember, and add in a couple twists. Let’s try one here… off the top of my head, the first phrase that came to mind was “an apple a day keeps the doctor away” and the password I came up with is “4pP13/d=!phD”. (4pp13 kinda loos like apple, /d is short for per day, =! is ‘not equals’ in programming, and phD is a doctor.. apple/day equals no doctor). Okay, that may not be the best example, but you get the idea right?

If you are needing to create a password for a remote server, I would recommend looking into ssh keys. Used well they can provide better security and less hassle for you.

Anyone else have any password strategies they’d like to share? Please, please don’t say “my favorite pet’s name” or “my birthday and last 4 digits of my phone number”…

To utilize ssh keys, you will need to generate a private / public key pair on your local machine. To do this, type:

ssh-keygen -t rsa

to generate a RSA encrypted keyset. When you do this, it will ask you where to save it, just hit enter to use the defaults. The next question will be what passphrase you would like to use. This can be an effective way to double up your security. If you set this, you will need both the key that will be generated, as well as this passphrase to log into the remote server. If you are going for a secure setup, this is most likely the way to go.

After you have create your public and private key (both will be generated using the previous command), take a look at your public key by typing

vi ~/.ssh/id_rsa.pub

Copy the entire contents of this file so we can let the server know to authorize this key. Log into your server as you normally would and then:

vi ~/.ssh/authorized_keys

If the file did not exist already, just create it. This is the default place that OpenSSH will look for authorized keys. Now, paste the content of the key into the end of this file and save it.

Viola, that should do it. Try exiting from the server, and then re-logging in. If you used a passphrase in the initial step, enter that now, otherwise, you should be directly logged in as your user on the server.

This can be quite handy for setting up backup cron jobs between servers, or any other scripts which would normally require a password. Now you can keep the passwords out of the shell scripts and just let them do their thing.