Sysadmin Tools

Sudo Mastery, 2nd Edition

Unix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX’s youth, but today, system administration responsibilities are spread among many people and applications. Each person needs a tiny slice of root’s power.

Sudo lets you divide root’s monolithic power between the people who need it with accountability and auditability.

With Sudo Mastery you will:

• Paperback or hardcover from my print bookstore
• Tilted Windmill Press – direct from my bookstore as PDF, epub, and Mobi (non-EU only, because VAT)
• Gumroad – PDF, epub, mobi, supports EU VAT
• Amazon US, Amazon UK, Amazon AU, Amazon DE, Amazon IT, Amazon ES, Amazon CA
• Kobo
• Barnes & Noble

Ed Mastery

Let me be perfectly clear: ed(1) is the standard Unix text editor. If you don’t know ed, you’re not a sysadmin. You’re a mere dabbler. A dilettante. Deficient.

Forty years after ed’s introduction, internationally acclaimed author Michael W Lucas has finally unlocked the mysteries of ed for everyone. With Ed Mastery, you too can become a proper sysadmin.

Ed Mastery will help you:
• understand buffers and addresses
• insert, remove, and mangle text
• master file management and shell escapes
• comprehend regular expressions, searches, and substitutions
• create high-performance scripts for transforming files

You must be at least this competent to use this computer. Read Ed Mastery today!

“I’m glad someone’s finally giving ed the attention it deserves.”
– Ken Thompson, co-creator of Unix

Get the book now!

Ed Mastery: Manly McManface edition!

A small fraction of people men think that women don’t belong in technology books. I know, because they make a distinct effort to tell me. They send emails instructing me to not use female pronouns in tech books. Long, rambling emails, full of disjointed logic and lazy ignorance.

As a good capitalist, I hereby respond to market pressure with the “Manly McManface” edition of Ed Mastery.

It’s the same book. Same content. But there’s one critical difference:

Any third-person singular pronouns that appear in the standard edition, for normal people, are female. Those who believe that women don’t belong in tech books may purchase this special “Manly McManface” edition, where all third-party singular pronouns are masculine.

To compensate for this edition’s much smaller market, though, the Manly edition is unfortunately pricier than the standard edition. That’s basic economics.

Also, one dollar of my proceeds from each sale of the Manly McManface Edition will be donated to my local chapter of Soroptimists International, to support women’s causes.

Print or DRM-free ebook:

SSH Mastery

Secure Shell (SSH) lets sysadmins securely manage remote systems. It’s powerful, complicated, and confusing.

Lose the confusion.

SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys rescues you from sifting through decades of obsolete online tutorials and quickly makes you an SSH journeyman. You’ll learn to:

• eliminate passwords
• manage access by users, groups, addresses, and more
• securely move files around your network
• forward graphic displays
• proxy TCP connections
• build SOCKS proxies
• centrally manage and distribute keys and configurations
• use SSH as secure transport for other applications
• build virtual private networks
• create Certificate Authorities for truly large scale deployment

Master Secure Shell with SSH Mastery!
#ssh2e

Paperback, hardcover, and/or DRM-free ebook:

“…SSH Mastery is a title that Unix users and system administrators like myself will want to keep within reach…”
— Peter Hansteen

This stripping-down of the usual tech-book explanations gives it the immediacy of extended documentation on the Internet. Not the multipage how-to articles used as vehicles for advertising, but an in-depth presentation from someone who used OpenSSH to do a number of things, and paid attention while doing it.
— Justin Sherrill, DragonFlyBSD Digest

Relayd and Httpd Mastery

“I think we’re gonna need a bigger web server.”

OpenBSD has a solid reputation for security and stability. It’s well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server.

Until now.

The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications.

With Httpd and Relayd Mastery you’ll learn how to:

• set up web sites
• configure software to run in a chroot
• run dozens or hundreds of sites on one host
• dynamically reconfigure sites with Lua patterns
• manage site logs
• maintain free, globally-valid SSL certificates
• improve performance with SSL stapling
• install and maintain two-server clusters
• distribute traffic between any number of hosts
• stop worrying about old SSL versions and bad crypto algorithms

Slash the amount of time you spend futzing with web servers. Get Httpd and Relayd Mastery today!

Get print or DRM-free ebook at:

• My print bookstore
• Direct from my ebookstore – no VAT, so for non-EU customers
• from Gumroad — with VAT, for EU customers
• Kobo
• iTunes
• Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES

Buy the print book today!

PAM Mastery

Pluggable Authentication Modules: Threat or Menace?

Once again Michael W Lucas nailed it. –nixCraft

PAM is one of the most misunderstood parts of systems administration. Many sysadmins live with authentication problems rather than risk making them worse. PAM’s very nature makes it unlike any other Unix access control system.

If you have PAM misery or PAM mysteries, you need PAM Mastery!

With PAM Mastery, you’ll understand:

• the different versions of PAM
• the intricacies of Linux-PAM and OpenPAM
• how PAM policies make decisions
• how to debug PAM
• the most frequently seen PAM modules
• Linux-PAM extended controls and substacks
• time-based one-time passwords
• using SSH keys for more than SSH
• password quality testing
• policies from CentOS, Debian, and FreeBSD
• and more!

Transform PAM from a headache to an ally with PAM Mastery!

Get print or ebook today!

• My print bookstore
• Tilted Windmill Press, my on-line ebookstore (3 formats, 0 DRM, non-EU because VAT)
• Gumroad, for Europeans, because VAT
• Kobo
• iBooks
• Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES

Tarsnap Mastery

Online Backup you can Trust and Verify!

Tarsnap, the secure online backup service for Unix-like systems, raised the bar for online backups. It’s inexpensive. It’s reliable. And you don’t need to trust the Tarsnap service—they can’t access your backups even if they wanted to.

With Tarsnap Mastery you’ll learn to:

Ditch the tape room. Put your backups online, and know that they’re safe.
Tarsnap Mastery. Because life doesn’t back itself up.

“I learned a lot about Tarsnap while reading this book — things I had forgotten, and things I had never even realized. As befits the author of so many technical books, Michael’s attention to detail is truly outstanding.” -Colin Percival, Tarsnap designer

Or check out the video of my Tarsnap talk at mug.org.

Get the print or DRM-free ebook from: