docs/server-os/posts/02-security-improvements.md

@@ -2,7 +2,7 @@
 title: Security improvements
 slug: security-improvents
 date: 2024-08-14
-draft: false
+draft: true
 authors:
     - luc
     - nils
@@ -305,11 +305,45 @@ Improve the security of the system by increasing the entropy with the `jitterent
 === "Gentoo Linux"
 
     ``` shell-session
-    sh# emerge -a jitterentropy
+    sh# emerge -a jitterentropy-library
     ```
 
 and make sure that the module gets loaded:
 
 ``` shell title="/etc/modules-load.d/entropy.conf"
 jitterentropy_rng
-```
+```
+
+## PAM
+
+There are a few changes that can be made to improve login protection.
+
+First install PAM through `util-linux-login`:
+
+=== "Alpine Linux"
+
+    ``` shell-session
+    sh# apk add util-linux-login
+    ```
+
+=== "Gentoo Linux"
+
+    ``` shell-session
+    sh# emerge -a util-linux-login
+    ```
+
+Delays can be a deterent against bruteforcing login attempts. Simply add the following line:
+
+``` shell title="/etc/pam.d/login"
+auth optional pam_faildelay.so delay=5000000
+```
+
+which will add a 5 second delay between login attempts.
+
+The system can also enforce a stronger hash algorithm for a more secure login protector by editing
+
+``` shell title="/etc/pam.d/base-password"
+password required pam_unix.so nullock sha512 shadow rounds=1000000
+```
+
+> If an account has already been created then change your password so that it is also secure, with: `passwd <username>`. When creating a password make sure that it is at least 8 characters long.

docs/server-os/posts/03-container-management-podman-runit.md

@@ -2,7 +2,7 @@
 title: Rootless container management with Podman and runit
 slug: rootless-container-management-with-podman-and-runit
 date: 2024-08-30
-draft: false
+draft: true
 authors:
     - luc
 tags: