Tuesday, December 18th, 2018   "A Non-Profit that Serves Non-Profits"
Highways Ferry Schedules Weather Nelson News Announcements
Home > 
Home Kootenay Community Resources Internet My Account FAQ How can I help? About KICS Contact Us
Questions About...
   
Terms, conditions, restrictions, etc.
   
Web Hosting
   
Email
   
MySQL
   
Security
   
My Account Info
   
Billing
   
Web Design
   
KICS Server
   
About KICS
   
Technical support
 
FAQ
   
  Security
   
How do I change my password?
  You can change your account password by logging in to the server using SSH. Type "passwd" and press enter. The server will ask for your old password again, then ask for your new password, then again to confirm the new password.

(Your account password is also used for your "default POP mailbox").

You can change your mail setup password by putting the new password in a file called "password" and uploading it into the folder called "Maildir". Make sure to use ASCII (text) mode when you upload the file. You'll see that your existing mail setup password is already there; rename the existing file to "oldpassword" to make room for your new file.

Your outgoing mail (SMTP) password will be automatically updated to match your new mail setup password within 60 seconds. Next time you send mail using KICS' SMTP server, your mail program will ask you for the new password.

To change the password for a POP mailbox: Log in to http://example.com/tools/setup, click the name of the mailbox, type a new password in the password box, and click Save Changes.
   
 
back to top of page
   
How do I use SSH to log in to my account?
 

This page explains how to access your UNIX shell account at KICS. It gets you to the "$" prompt. Typing commands at the $ prompt is often the quickest way to manage your files and mailing lists @yourdomain.com.

(a) Using SSH with UNIX

If you use something like Linux or FreeBSD at home, just type "ssh login@kics.bc.ca" at the shell prompt. (Replace "login" with your account name.)

You will be asked to type your password. Then you'll see something like this: 

login@kics:~ $

(b) Using SSH with Windows

Putty is another program you can use to log in by SSH or Telnet. Download putty.exe (372K) and save it on your desktop. To use it:

  1. Open the putty.exe icon on your desktop.
  2. Type kics.bc.ca in the "host name" box.
  3. Choose the SSH protocol.
  4. Click the Open button.
  5. When prompted, type your login name and your FTP password.

For more information, consult the Putty manual or the Putty home page.

Public keys

The first time you connect, Putty will warn you that it doesn't recognize the server's public key, and ask you whether to save it for next time. If you do, Tera Term will be able to warn you in the unlikely event that someone tries a "man-in-the-middle" attack (masquerading as our server in an attempt to obtain your password).

Our server's RSA key fingerprint is 3a:37:c5:09:35:25:e2:e2:4c:63:a4:4b:76:d6:64:8a. Its DSS key fingerprint is d0:07:c1:49:85:a7:94:ac:2a:6f:8d:74:3f:1e:04:37.

Here is the RSA public key: 

1024 35 1322372297387675672108632165604489342
326151644324618290814360581595908946271833130
968212524313835717408079157169676220709646164
720334614458685993588319996346749321900450770
700662303344989693878722725906849883212713995
794824685516110453110567277621694419013884839
881525264621592431231744423510501913323674236
79 root@duo.kics.bc.ca
   
 
back to top of page
   
What is the most secure mode (permissions) for my files?
  Each file and directory (folder) has a mode which determines who can read, write, and execute it. In the case of a file, "execute" refers to running the file as a program; in the case of a directory, "execute" permission is required to use anything inside the folder. If a folder is executable, but not readable, then the files inside can only be used if their exact names are known (getting a directory listing counts as "reading").

The absolute minimum workable permissions are: 
dr-x-----x (501) for a directory containing php scripts
-------r-- (004) for .htaccess and .htpasswd
-r-------- (400) for a .php script
-r-x------ (500) for a .cgi program in perl/sh/etc
---x------ (100) for a .cgi program in a compiled language like C
-------r-- (004) for an .html file
Taking away the owner's permissions tends to be extremely annoying for the owner to work with, and provides a minimal security benefit, so these are more reasonable: 
drwx-----x (701) for a directory containing php scripts
-rw----r-- (604) for .htaccess and .htpasswd
-rw------- (600) for a .php script
-rwx------ (700) for a .cgi program
-rw----r-- (604) for an .html file
For example: 
$ cd
$ chmod 701 example.com
$ chmod 604 example.com/.htaccess
$ chmod 600 example.com/example.php
$ chmod 700 example.com/example.cgi
$ chmod 604 example.com/example.html
$ ls -ld example.com example.com/* example.com/.htaccess
drwx-----x  2 example  example  512 Dec 5 15:27 example.com
-rw----r--  1 example  example   83 Dec 5 15:27 example.com/.htaccess
-rwx------  1 example  example  540 Dec 5 15:27 example.com/example.cgi
-rw----r--  1 example  example  900 Dec 5 15:27 example.com/example.html
-rw-------  1 example  example  899 Dec 5 15:27 example.com/example.php
   
 
back to top of page