Sysadmin Tools

  • Run Your Own Mail Server
  • Sudo Mastery, 2nd Edition
  • Ed Mastery
  • Ed Mastery: Manly McManface edition
  • SSH Mastery
  • Httpd and Relayd Mastery
  • PAM Mastery
  • Tarsnap Mastery

    Run Your Own Mail Server

    You Against the Email Empire

    Message services appear and disappear, but email remains. One of the Internet’s oldest and most open protocols, email reaches everywhere. Dominated by a handful of carriers, yet still manageable by the rest of us. If you do it right.

    Setting up the email server with Postfix, Dovecot, and rspamd is the easy part.

    The protocols that support email? Those are hard. SPF. DKIM. DMARC. BIMI and MTA-TLS and TLS-RPT. DNS standards that apply to nothing else on the modern Internet. Block lists. Graylisting.  Email is a protocol unlike any other, yet among our most essential.

    Never surrender the protocols.

    Reclaim your connections.

    Run your own mail server.

    Preorder print/ebook bundles on my store! Releasing everywhere in August.

    Sudo Mastery, 2nd Edition

    sudo mastery coverUnix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX’s youth, but today, system administration responsibilities are spread among many people and applications. Each person needs a tiny slice of root’s power.

    Sudo lets you divide root’s monolithic power between the people who need it with accountability and auditability.

    With Sudo Mastery you will:

  • design secure sudo policies
  • simplify policies with lists and aliases
  • use non-Unix information sources in policies
  • configure alternate sudo policies
  • manage shell environments
  • verify system integrity and perform intrusion detection
  • have a common sudo policy across your server farm
  • manage sudo policies via LDAP
  • log and debug sudo
  • log and replay full sudo sessions
  • use authentication systems other than passwords
  • While many people use sudo, most use only a small part of it’s features. Chances are, you’re doing it wrong. Master sudo with Sudo Mastery.Get print or DRM-free ebook from:

    Ed Mastery

    New for 1 April!
    Available in two editions

    Ed Mastery cover

    Let me be perfectly clear: ed(1) is the standard Unix text editor. If you don’t know ed, you’re not a sysadmin. You’re a mere dabbler. A dilettante. Deficient.

    Forty years after ed’s introduction, internationally acclaimed author Michael W Lucas has finally unlocked the mysteries of ed for everyone. With Ed Mastery, you too can become a proper sysadmin.

    Ed Mastery will help you:
    • understand buffers and addresses
    • insert, remove, and mangle text
    • master file management and shell escapes
    • comprehend regular expressions, searches, and substitutions
    • create high-performance scripts for transforming files

    You must be at least this competent to use this computer. Read Ed Mastery today!

    “I’m glad someone’s finally giving ed the attention it deserves.”
    – Ken Thompson, co-creator of Unix

    Get the book now!

  • My print bookstore
  • direct from my bookstore as PDF, epub, and Mobi (non-EU only, because VAT)
  • Gumroad PDF, epub, mobi (supports EU VAT)
  • Barnes & Noble/Nook
  • Kobo
  • iBooks
  • Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES

    Ed Mastery: Manly McManface edition!

    A small fraction of people men think that women don’t belong in technology books. I know, because they make a distinct effort to tell me. They send me email, telling me to not use female pronouns in tech books. Long, rambling emails, full of disjointed logic and lazy ignorance.

    Ed Manly cover

    As a good capitalist, I hereby respond to market pressure with the “Manly McManface” edition of Ed Mastery.

    It’s the same book. Same content. But there’s one critical difference:

    Any third-person singular pronouns that appear in the standard edition, for normal people, are female. Those who believe that women don’t belong in tech books may purchase this special “Manly McManface” edition, where all third-party singular pronouns are masculine.

    To compensate for this edition’s much smaller market, though, the Manly edition is unfortunately pricier than the standard edition. That’s basic economics.

    Also, one dollar of my proceeds from each sale of the Manly McManface Edition will be donated to my local chapter of Soroptimists International, to support women’s causes.

    Print or DRM-free ebook:

  • Paperback from author’s print bookstore
  • direct from my bookstore as PDF, epub, and Mobi (non-EU only, because VAT)
  • Gumroad PDF, epub, mobi (supports EU VAT)
  • Barnes & Noble
  • Kobo
  • iBooks
  • Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES

    SSH Mastery

    The standard reference on SSH, newly revised and updated!

    SSH Mastery coverSecure Shell (SSH) lets sysadmins securely manage remote systems. It’s powerful, complicated, and confusing.

    Lose the confusion.

    SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys rescues you from sifting through decades of obsolete online tutorials and quickly makes you an SSH journeyman. You’ll learn to:

    • eliminate passwords
    • manage access by users, groups, addresses, and more
    • securely move files around your network
    • forward graphic displays
    • proxy TCP connections
    • build SOCKS proxies
    • centrally manage and distribute keys and configurations
    • use SSH as secure transport for other applications
    • build virtual private networks
    • create Certificate Authorities for truly large scale deployment

    Master Secure Shell with SSH Mastery!

    Paperback, hardcover, or DRM-free ebook:

  • My print bookstore
  • My personal ebookstore, Tilted Windmill Press.
  • Gumroad
  • Barnes & Noble
  • Kobo
  • Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES
  • Google Play
  • Critical acclaim for the first edition of SSH Mastery

    “…SSH Mastery is a title that Unix users and system administrators like myself will want to keep within reach…”
    Peter Hansteen

    This stripping-down of the usual tech-book explanations gives it the immediacy of extended documentation on the Internet. Not the multipage how-to articles used as vehicles for advertising, but an in-depth presentation from someone who used OpenSSH to do a number of things, and paid attention while doing it.
    — Justin Sherrill, DragonFlyBSD Digest

    Relayd and Httpd Mastery

    “I think we’re gonna need a bigger web server.”

    Httpd & Relayd Mastery cover

    OpenBSD has a solid reputation for security and stability. It’s well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server.

    Until now.

    The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications.

    With Httpd and Relayd Mastery you’ll learn how to:

    • set up web sites
    • configure software to run in a chroot
    • run dozens or hundreds of sites on one host
    • dynamically reconfigure sites with Lua patterns
    • manage site logs
    • maintain free, globally-valid SSL certificates
    • improve performance with SSL stapling
    • install and maintain two-server clusters
    • distribute traffic between any number of hosts
    • stop worrying about old SSL versions and bad crypto algorithms

    Slash the amount of time you spend futzing with web servers. Get Httpd and Relayd Mastery today!

    Get print or DRM-free ebook at:

    Buy the print book today!

    PAM Mastery

    Pluggable Authentication Modules: Threat or Menace?

    Once again Michael W Lucas nailed it. –nixCraft

    PAM Mastery cover

    PAM is one of the most misunderstood parts of systems administration. Many sysadmins live with authentication problems rather than risk making them worse. PAM’s very nature makes it unlike any other Unix access control system.

    If you have PAM misery or PAM mysteries, you need PAM Mastery!

    With PAM Mastery, you’ll understand:

    • the different versions of PAM
    • the intricacies of Linux-PAM and OpenPAM
    • how PAM policies make decisions
    • how to debug PAM
    • the most frequently seen PAM modules
    • Linux-PAM extended controls and substacks
    • time-based one-time passwords
    • using SSH keys for more than SSH
    • password quality testing
    • policies from CentOS, Debian, and FreeBSD
    • and more!

    Transform PAM from a headache to an ally with PAM Mastery!

    Get print or ebook today!

    Tarsnap Mastery

    Online Backup you can Trust and Verify!

    Tarsnap Mastery coverTarsnap, the secure online backup service for Unix-like systems, raised the bar for online backups. It’s inexpensive. It’s reliable. And you don’t need to trust the Tarsnap service—they can’t access your backups even if they wanted to.

    With Tarsnap Mastery you’ll learn to:

  • install and manage Tarsnap on Linux, Unix, Windows, and OS X
  • fully exploit features like encryption and deduplication
  • create and recover archives
  • customize backups to precisely your requirements
  • passphrase protect keys
  • create and manage special-purpose keys
  • automatically back up and rotate archives
  • understand and resolve performance issues
  • quickly restore complete systems

Ditch the tape room. Put your backups online, and know that they’re safe.
Tarsnap Mastery. Because life doesn’t back itself up.

“I learned a lot about Tarsnap while reading this book — things I had forgotten, and things I had never even realized. As befits the author of so many technical books, Michael’s attention to detail is truly outstanding.” -Colin Percival, Tarsnap designer

Or check out the video of my Tarsnap talk at

Get the print or DRM-free ebook from:

  • My e-bookstore
  • My print bookstore
  • Tilted Windmill Press, my online bookstore–3 formats, DRM-free, not available to EU customers thanks to VAT
  • Gumroad, all 3 formats, DRM-free. (I make less here than if you buy direct from me, but it avoids PayPal and complies with EU VAT regulations.)
  • iBooks
  • Barnes & Noble
  • Kobo
  • Amazon US, Amazon AU, Amazon UK, Amazon CA, Amazon DE, Amazon FR, Amazon IT, Amazon ES