Post tagged: service

Stupid SSL tricks

Some hints and tips foor doing SSL related things:

Netcat for SSL

This command lets you connect to a SSL server (a-la netcat):

cat request.txt | openssl s_client -connect server:443

Creating self-signed certificates

This is a single command to generate a self-signed certificate:

openssl req -new \
      -newkey rsa:4096 …

Enable syslog with void

In void Linux, the default is without logging. Most cases it is OK for desktop use.

If you want to enable syslog service in void, you need to install:

socklog-void

Also to let your user have access to the logs, use:

usermod -aG socklog <your-username>

Because I like to have …

Docker on Alpine Linux

Alpine Linux Quick installation

See wiki For Alpine Linux > 3.8

  1. Un-comment community repo from /etc/apk/repositories
  2. apk add docker
  3. rc-update add docker boot
  4. service docker start

Optional: (docker compose)

apk add docker-compose

Note 2021-03-21: When I tested this, the daemon.json did not work! Your mileage may vary …

3 Open Source Password Managers

Keep your data and accounts safe by using a secure open source password manager to store unique, complex passwords.

Maintaining complex, unique passwords for each site and service you use is among the most common pieces of advice that security professionals provide to the public every year.

Yet no matter …

using cachefiles on an Linux NFS share

If you often mount and access a remote NFS share on your system, you will probably want to know how to improve NFS file access performance. One possibility is using file caching. In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such …

Windows administration from the command line

Windows system administration is very mouse driven and to reach all tools you need to browse through Windows explorer.

If you are like me and prefer to log on a limited privilege account and use Runas to perform admin tasks, you can open these consoles with the .msc file names …

Deploying Kerberos based SSO

This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox.

Pre-requisites

  • Kerberos Domain Controller (KDC)
  • User accounts in the KDC
  • KDC based logins

To make sure that this is working, login to your workstation …

Let's Encrypt

This is a service that let's you get SSL certificates for HTTPS. These certificates are trusted by major browsers. See Let's Encrypt This is a barebones howto to get SSL certificates:

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

This contains the client software for let's encrypt.

./letsencrypt-auto certonly …

Enable local file caching for NFS share on Linux

In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. In order for FS-Cache to operate, it needs cache back-end which provides actual storage for caching. One such …

Kerberos howtos

Kerberos is a network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. (Source Kerberos_(protocol) )

Backups

Create backup:

kdb5_util dump _dump_file_

Restore from dump file:

kdb5_util load _dump_file_

Master/Slave …

Native Kerberos Authentication with SSH

This article is about integrating OpenSSH in a kerberos environment. Allthough OpenSSH can provide passwordless logins (through Public/Private keys), it is not a true SSO set-up. This article makes use of Kerberos TGT service to implement a true SSO configuration for OpenSSH.

Pre-requisites

First off, you'll need to make …