I have already discussed Heartbleed in detail and have provided instructions on how to close the hole on affected server. Now that the hole is closed the final step is changing your server’s private key and “re-keying” your SSL certificates. Re-keying simply involves creating a new certificate signing request and sending it to your (most […]

This tutorial assumes you have some experience with Linux administration although I try to hand-hold as much as possible. If you are on a shared hosting solution and don’t have root access, you can easily modify the shell script we will create later to target your user’s home directory on the server. You also need […]

Heartbleed was a major vulnerability in the SSL protocol used by many many sites and services. Folks have been scrambling to patch it up quickly since it was announced a few days prior. If you are in the process of doing just that for yourself or your organization, you might be so busy fixing websites […]

So we are all probably familiar with the Heartbleed bug at this point. Remediating this issue on a couple of servers that I admin required moving from Ubuntu 13.04 to 13.10. I am going to go into a few of the problems I ran into when I made the jump…

Media Temple does some stupid interesting things with its linux installs. Particularly it seems like they don’t like clients upgrading their own boxes… So they don’t include some core packages that are needed to run the automated upgrade on Ubuntu. Now, I got on the support line and the front line cannon fodder (aka Tier […]

The Heartbleed bug is what I would professionally classify as seriously scary stuff. Basically there is some kind of heartbeat functionality built into OpenSSL. Often, in tech talk, this kind of thing is used for remote service monitoring (i.e. if I have a pulse my service is at least up). In this case, I am […]

Today I am working on setting up a BackupPC server to take remote internal centralized backups of some of our other servers on the cheap. I already had BackupPC installed and the basics configured but I needed to add a new drive to the system (for additional backup data storage) and I also needed to […]

Here is the scenario – You are an IT Admin for a business that is large enough or handles data of a particular type such that you have to worry about security more than the average Joe. Furthermore, you get audited from time to time. However, people want an IM (Instant Messenger) solution and… they […]

What is a Ram Disk you ask? Simply put, you carve out a piece of your system’s RAM and use it as a normal file system. But you probably have some more questions… Why would I want to do this? Simply put, RAM is very fast. Faster than most (any?) SSD drive. So if you […]

My Apache administration skills are something that I am working on – ongoing. Furthermore, any IT / Web / Linux admin worth their salt should have somewhat of a handle on DNS and on Apache. I have somewhat of a handle on both, though like most things I am not an expert :), rather I […]

Google Authenticator, and (all?) other rotating-pin multi-factor authentication systems, rely on the clock on the token device (in this case your smart-phone or tablet) and the authenticating system (in this case the OpenVPN server). If the clocks are different by more than a few seconds or so, it will break your authentication.

Thought I would post this one quickly… Having trouble getting OpenVPN to start/work for you and you are seeing this error in your logs? “TCP/UDP: Socket bind failed on local address” The resolution is pretty simple. Try changing the port you have assigned to openVPN in your config file and restarting the service. Most likely […]

I thought I would put this together quickly because in typical Linux fashion something that should be straightforward isn’t… Node.js – I am still not sure what it is :), however I am in the process of setting up drupalchat on one of my sites and when I tried using it with the AJAX option, […]

In a previous post I dealt with setting up an OpenVPN Community Edition server which is the free version of OpenVPN. I had initially hoped to use Authy for two-factor authentication in addition to LDAP but later found out that wasn’t going to work. So now I am looking at using DUO for two-factor authentication […]

INTRODUCTION I wrestled with getting OpenVPN to work with Microsoft Active Directory authentication better part of 2 days. I was surprised that it was so hard to find a straightfoward tutorial on the topic that actually worked! I had to do a lot of Google-Fu and look at many different pages to put together what […]