January 2018

SSL auth with .p12 – Root CA and .p12

2018-01-31T04:01:32+00:00 January 31st, 2018|Linux, Ubuntu|

PART ONE – setup ssl and ssl certs.

1. enable ssl, run command

a2enmod ssl

and then restart apache

service apache2 restart

go to /etc/apache2 and create ssl folder

mkdir ssl

2. generate key and crt file – follow instruction on the screen

openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout apache.key -out apache.crt

3. edit /etc/apache2/sites-available/default-ssl.conf and add path to generated certs (line 32/33).

SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

4. activate ssl virtual host

sudo a2ensite default-ssl.conf

5. and then restart apache

service apache2 restart

6. setup redirection from http to https, edit vim /etc/apache2/sites-available/000-default.conf and add below code:

RedirectPermanent / https://vault.bartron.uk/

and then restart apache

service apache2 restart

PART TWO – SSL should work with your website lets setup private key access.

7. go to cert directory: /etc/apache2/ssl

8. generate new CA

openssl genrsa -des3 -out myCA.key 2048

9. Generate root certificate

openssl req -x509 -new -nodes -key vaultCA.key -sha256 -days 1825 -out vaultCAroot.pem

10. convert certificate to pem

openssl pkcs12 -export -out apache.bartron.uk.p12 -inkey vaultCA.key -in vaultCAroot.pem

11. enable CA root, edit default-ssl.conf and add/edit (line 51/52)

SSLCACertificatePath /etc/apache2/ssl
SSLCACertificateFile /etc/apache2/ssl/vaultCAroot.pem

12. enable client auth to require (line 69/70)

SSLVerifyClient require
SSLVerifyDepth 10

September 2017

Simple NAS with Samba and USB HDD

2017-09-25T10:49:12+00:00 September 25th, 2017|Ubuntu|

list all devices

bart@ubuntu:~$ dmesg

at the bottom find your device name in my case 500gb usb hdd as sdb

sd 6:0:0:0: [sdb] 976773168 512-byte logical blocks:500GB/465GiB)

create partition with fdisk on sdb hdd

sudo fdisk /dev/sdb

– click m for help than choose “p” to list existing partitions
– remove partition by pressing “d” and select partiton from the list
– “n” for new partiton “p” primary partition, number “1”
– save and exit “w”

format to ext4

sudo mkfs.ext4 /dev/sdb1

create directory for NAS in your desire location

bart@ubuntu:/mnt$ sudo mkdir NAS

mount hdd to directory /mnt/NAS/

sudo mount /dev/sdb1 /mnt/NAS/

find uuid for sdb1

sudo blkid /dev/sdb1

add USB HDD to permanent mount after reboot edit /etc/fstab

sudo nano /etc/fstab

add USB HDD to permanent mount after reboot edit /etc/fstab

#add at the bottom of the file than save (use your UUID)
UUID="5fc39f17-7763-4633-92e7-41e62c56e614" /mnt/NAS/ ext4 defaults,users,umask=0 0 0

test in by umount /dev/sdb1 and than use

sudo mount -a

create share folder /mnt/NAS/SHARENAME

sudo mkdir /mnt/NAS/SHARENAME

make sure about permissions

sudo chmod 777 /mnt/NAS/SHARENAME

edit /etc/samba/smb.conf

[global]
workgroup = workgroup
netbios name = NAS
server string = Samba Server %v
map to guest = Bad User
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = No
dns proxy = No
security = User
interfaces = em1 lo
bind interfaces only = yes
hosts allow = 127.0.0.1 192.168.1.0/24 192.168.7.0/24
hosts deny = 0.0.0.0/0
[SHARENAME]
path = /mnt/NAS/SHARENAME
valid users= louise, bart, backup
read only = no
create mask = 0777
directory mask = 0777
writeable = Yes

add user
useradd louise

add password for samba

sudo smbpasswd -a louise

restart service

sudo service smbd restart

magic! ?

August 2017

Convert ens3 interface to eth0 – Ubuntu 16.04

2017-08-16T13:53:35+00:00 August 16th, 2017|Linux, Ubuntu|

edit grub file

sudo vim /etc/default/grub

and change line from “GRUB_CMDLINE_LINUX=”” to:

GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"

update grub

sudo update-grub

change /etc/network/interfaces to eth0 format

auto eth0
iface eth0 inet dhcp

change /etc/udev/rules.d/70-persistent-net.rules form ens3 to eth0

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fa:16:3e:01:af:fa", NAME="eth0"

reboot system

February 2017

Convert VirtualBox .ova to .qcow2

2017-07-15T23:53:02+00:00 February 9th, 2017|gns3, Linux, Ubuntu|

extract the disk image

tar -xvf junos-vsrx-12.1X47-D20.7-domestic.ova

convert VMDK to QCOW2 format

qemu-img convert -O qcow2 junos-vsrx-12.1X47-D20.7-domestic-disk1.vmdk junos-vsrx-12.1X47-D20.7-domestic.qcow2

Ubuntu GNS3 Server with KVM support

2017-02-06T20:28:48+00:00 February 6th, 2017|gns3, Linux, Ubuntu|

add gns3 repository

sudo add-apt-repository ppa:gns3/ppa

update apt

sudo apt-get update

install gns3 server

sudo apt-get install gns3-server

install kvm support

sudo apt-get install qemu-kvm libvirt-bin virtinst bridge-utils cpu-checker

make sure your system supports virtualisation

kvm-ok

than you should get something like this

INFO: /dev/kvm exists
KVM acceleration can be used

then run server

gns3server --host 192.168.7.15

January 2017

Install 32bit TeamViewer with 64bit Ubuntu

2017-01-23T12:57:32+00:00 January 23rd, 2017|Linux, Ubuntu|

Install 32bit teamviewer in 64bit Ubuntu

sudo dpkg --add-architecture i386

Update Repository

sudo apt-get update

install additional packages

sudo apt-get install libdbus-1-3:i386 libasound2:i386 libexpat1:i386 libfontconfig1:i386 libfreetype6:i386 libjpeg62:i386 libpng12-0:i386 libsm6:i386 libxdamage1:i386 libxext6:i386 libxfixes3:i386 libxinerama1:i386 libxrandr2:i386 libxrender1:i386 libxtst6:i386 zlib1g:i386 libc6:i386

install downloaded package

sudo dpkg -i teamviewer*.deb

Load More Posts