I have already discussed Heartbleed in detail and have provided instructions on how to close the hole on affected server. Now that the hole is closed the final step is changing your server’s private key and “re-keying” your SSL certificates. Re-keying simply involves creating a new certificate signing request and sending it to your (most […]
Today I am doing a linux upgrade on an ubuntu server. One thing that commonly occurs (at least to me) is that the path: /boot doesn’t have enough space available for the upgrade. This necessitates cleaning it up. If you are working from the command line, learning how to do a simple “brace expansion” can […]
Not much else needs to be said… If you manage your box from the shell (which is the proper way to manage a linux server… shape up!) then you need to be using screen. Especially if you are getting ready to kick off some long process and want to make sure you can get back […]
Won’t say much, just wanted to drop a couple of links here as this site is a repository for stuff I don’t do extremely often and then find myself looking up again. Today I am cataloging these items… Here is an excellent article on how to update modules. Simple and pretty much to the point! […]
This tutorial assumes you have some experience with Linux administration although I try to hand-hold as much as possible. If you are on a shared hosting solution and don’t have root access, you can easily modify the shell script we will create later to target your user’s home directory on the server. You also need […]
Heartbleed was a major vulnerability in the SSL protocol used by many many sites and services. Folks have been scrambling to patch it up quickly since it was announced a few days prior. If you are in the process of doing just that for yourself or your organization, you might be so busy fixing websites […]
So we are all probably familiar with the Heartbleed bug at this point. Remediating this issue on a couple of servers that I admin required moving from Ubuntu 13.04 to 13.10. I am going to go into a few of the problems I ran into when I made the jump…
Media Temple does some stupid interesting things with its linux installs. Particularly it seems like they don’t like clients upgrading their own boxes… So they don’t include some core packages that are needed to run the automated upgrade on Ubuntu. Now, I got on the support line and the front line cannon fodder (aka Tier […]
The Heartbleed bug is what I would professionally classify as seriously scary stuff. Basically there is some kind of heartbeat functionality built into OpenSSL. Often, in tech talk, this kind of thing is used for remote service monitoring (i.e. if I have a pulse my service is at least up). In this case, I am […]
Today I am working on setting up a BackupPC server to take remote internal centralized backups of some of our other servers on the cheap. I already had BackupPC installed and the basics configured but I needed to add a new drive to the system (for additional backup data storage) and I also needed to […]
Here is the scenario – You are an IT Admin for a business that is large enough or handles data of a particular type such that you have to worry about security more than the average Joe. Furthermore, you get audited from time to time. However, people want an IM (Instant Messenger) solution and… they […]
I came across this excellent, brief, and very useful write-up on Code Coffee that explains the DU and DF commands and gives some usage examples. These commands are both extremely useful for getting a quick handle on your file system or on a particular directory. I won’t re-invent the wheel, but rather will just give […]
What is a Ram Disk you ask? Simply put, you carve out a piece of your system’s RAM and use it as a normal file system. But you probably have some more questions… Why would I want to do this? Simply put, RAM is very fast. Faster than most (any?) SSD drive. So if you […]
My Apache administration skills are something that I am working on – ongoing. Furthermore, any IT / Web / Linux admin worth their salt should have somewhat of a handle on DNS and on Apache. I have somewhat of a handle on both, though like most things I am not an expert :), rather I […]
Google Authenticator, and (all?) other rotating-pin multi-factor authentication systems, rely on the clock on the token device (in this case your smart-phone or tablet) and the authenticating system (in this case the OpenVPN server). If the clocks are different by more than a few seconds or so, it will break your authentication.