I have been taking a free networking class from Stanford University’s online “open source” education platform. I have really been enjoying the first unit of the course as it has started filling in some gaps in the foundation of my understanding regarding networking, the internet, and TCP/IP. I highly recommend this to anyone that has been in IT for a while but has never taken a more “academic” approach to their work. Okay, so that is my plug for free education. You can check out more here if interested: https://lagunita.stanford.edu/
OSI 7-Layer Model, TCP/IP 4-Layer Model
One of the gaps in my understanding of networking has to do with the OSI 7-layer networking model and the more simplified TCP/IP 4-Layer model (which was developed by DARPA? and predates the OSI Model). I didn’t even realize there was anything other than the 7-Layer model until taking this class and furthermore didn’t realize that while the OSI model gets talked about and referenced more frequently, academia (I think… and perhaps the industry) is shifting to using the simpler 4-layer model for discussion, understanding, and development regarding networking. Please don’t take any of this as gospel truth, this is just my understanding based on coursework and reading. I also find it much easier to think about and reference the 4-layer model. If you are curious how the two compare, this technet article is an interesting read, Technet: TCP/IP Protocol Architecture. Okay, so for this article, I will be sticking with what I am most comfortable with at this point and will be talking about and referencing the 4-layer TCP/IP model and discussing how VPN works. (more…)
Let’s Encrypt is an incredible, FREE, service that allows you to get trusted SSL certificates for your website. The certs expire every 90-days but what is great is that there are a lot of tools for auto-renewing the certificate without you ever having to touch anything on your server… until that process breaks.
Case-in-point: If you are running a Drupal 7 and are using the Apache Rewrite module (you should be…) then the default .htaccess file supplied with Drupal 7 core will block all access to hidden folders. (folders that start with a “.”) This is a problem for Let’s Encrypt because the auto-renew process generates a temporary key file that gets placed in a hidden folder on your web server that the Let’s Encrypt system has to be able to reach publicly (on port 80) in order to validate your server and fulfill your renewal request. Thankfully, another member of the Drupal community has already written the rewrite condition rule that needs to be placed in your .htaccess file to allow access to just the hidden folder required by Let’s Encrypt.
I haven’t posted in ages due to being generally slammed with work but this little piece I threw together was too good to forget about so I wanted to put it down.
If you work with a larger owncloud deployment and have a lot of users and allow file sharing, you may be curious to occasionally take a look at how many shares there are, who owns them, who they are shared with. This isn’t easy to get from the Web GUI but via the command line and mysql it isn’t bad at all.
So, login to mysql on the command line and then use your owncloud database; ie. (if your db name is “owncloud”)
Then run the following:
select id, share_with, uid_owner, item_type, file_target from oc_share
INTO OUTFILE '/var/lib/mysql-files/shares.csv'
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\n';
Exit mysql command line and go to /var/lib/mysql-files and you will find a nicely formatted CSV file with a list of all shares and who they are shared with. The columns from left to right…
ID, Who it is shared with (one line per person/group), the person that owns the share, whether or not it is a file or folder, the name/location of the file/folder that is shared
I have decided to give Ubuntu 17.04 LTS Desktop a go. On a whim I installed it on a laptop I had lying about (being an IT person they tend to proliferate over a given period of time in my office… older units becoming doorstops, newer units lovely “Jenga” blocks and maybe the occasional Proxmox cluster…) Since this seems to be the final days of Unity (which I actually don’t mind as a Desktop all that much), I figured now was a good time to take another poke at it as a daily personal driver. I was happy to come across an option for full disk encryption during the install process and wanted to pass my few thoughts on it along. (more…)