Try out a new program? Use a whole new operating system... a new operating system (Debian sarge) only takes 114 MB, so why not?
Paranoid some program might have an exploit? It probably does... new operating system!
bepo:~# xm list Name Id Mem(MB) CPU State Time(s) Console Domain-0 0 507 0 r---- 3069.9 danga 11 511 1 -b--- 2899.0 9611 danga-cvs 10 255 3 -b--- 3133.8 9610 mail 13 511 3 -b--- 14273.3 9613 personal_web 16 255 3 -b--- 3.8 9616 rtzilla 14 255 1 -b--- 260.7 9614I wrote this fun tool:
# xen-create --name='personal_web' --size=10G --ip=207.7.148.198 --mem=256
Which does exactly what you'd think. Creates a new LVM2 LV, makes a filesystems, rsyncs from my base system's skeleton, sets up hostname, network interfaces, unmounts, and starts up xen (after putting conf in /etc/xen/auto/, so it auto-starts on boot).
About 30 seconds after running that and a new Debian sarge machine (with latest security updates) is pinging on the net, and I can ssh in to it at root, since I initialize the machine's authorized_keys file to include my own.
And each machine has its own ssh host keys, thanks to this one-liner, which runs once on boot, right before ssh starts:
bepo:~# cat /var/xen-skel/etc/rc2.d/S15ssh-setup #!/bin/sh # # one-time configuration of ssh: /var/lib/dpkg/info/ssh.postinst configure && rm /etc/rc2.d/S15ssh-setupFun stuff.
