Home Assistant Behind Reverse Proxy
To set-up a reverse proxy I took the following steps: configure DNS get Letsencrypt certificates Configure NGINX Configure Home Assistant to trust the proxy ...
Post tagged: domain
Stupid SSL tricks
Some hints and tips foor doing SSL related things: Netcat for SSL This command lets you connect to a SSL server (a-la netcat): cat request.txt | openssl s_client -connect server:443 Creating self-signed certificates This is a single command to generate a self-signed certificate: ...
Free Clipart sites
In 2014, Microsoft killed and buried Clipart in the digital graveyard. Clipart had outlived its usefulness as users relied more on search engines than Microsoft' somewhat limited supply through the Office suite. Today' clipart needs to be modern, colorful, and less cartoonish. An ...
CyberWorld 2017.1
Development travis cordova build ...
OpenShift notes
THIS IS FOR ARCHIVAL PURPOSES. THIS IS OUT-OF-DATE backup OpenShift openshift getenv(USER) from OpenShift php ssh to {user}@{app-domain} gear snapshot > file Run gear app OpenShift migration further notes ...
Deploying Kerberos based SSO
This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox. Pre-requisites ...
Let's Encrypt
This is a service that let's you get SSL certificates for HTTPS. These certificates are trusted by major browsers. See Let's Encrypt This is a barebones howto to get SSL certificates: git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt This contains the client software for let's encrypt. ./letsencrypt-auto certonly --manual This will start by updating and getting any needed dependencies and then jump to a wizard like configuration to get this done. Follow the prompts and pay special attention on the prompt used to validate your domain. (You need to create a couple of folders and a file with the right content). Afterwards your certificates will be in: ...
Web Links
Here a few web-links to interesting web apps. It covers stuff about password security and checking if web sites are down, etc etc. Down For Everyone or Just Me: If you're getting an error when visiting a certain site, it could be down or something could be wrong on your end. To see which ...
Remote Bridging
Sometimes we need to connect two or more geographically distrubuted ethernet networks to one broadcast domain. There can be two different office networks of some company which uses smb protocol partially based on broadcast network messages. Another example of such situation is computer cafes: a couple of computer cafes can provide to users more convinient environment forr playing multiplayer computer games without dedicated servers. Both sample networks in this article need to have one *nix server for bridging. Our networks can be connected by any possible hardware that provides IP connection between them. Connecting Two Remote Local Networks With Transparent Bridging Technique Short description In described configuration we are connecting two remote LANs to make them appearing as one network with 192.168.1.0/24 address space (however physically, presense of bridges in network configuration is not affecting IP protocol and is fully transparent for it, so you can freely select any address space). Both of the bridging servers has two network interfaces: one (as eth0 in our example) connested to the LAN, and second (eth1) is being used as transport to connect networks. When ethernet tunnel between gateways in both networks will be bringed up we will connect tunnel interfaces with appropriate LAN interfaces with bridge interfaces. Schematically this configuration can be following: +-------+ +-------+ | br0 | | br0 | ...
Native Kerberos Authentication with SSH
This article is about integrating OpenSSH in a kerberos environment. Allthough OpenSSH can provide passwordless logins (through Public/Private keys), it is not a true SSO set-up. This article makes use of Kerberos TGT service to implement a true SSO configuration for OpenSSH. Pre-requisites First off, you'll need to make sure that the OpenSSH server's Kerberos configuration (in /etc/krb5.conf) is correct and works, and that the server's keytab (typically /etc/krb5.keytab) contains an entry for host/fqdn@REALM (case-sensitive). I won't go into details on how this is done again; instead, I'll refer you to any one of the recent Kerberos-related articles (like this one, this one, or even this one). Just be sure that you can issue a kinit -k host/fqdn@REALM and get back a Kerberos ticket without having specify a password. (This tells you that the keytab is working as expected.) ...
Kerberos howtos
Kerberos is a network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. (Source Kerberos_(protocol) ) Backups Create backup: ...
Automatically adding systems to an AD domain
When using virtualisation it is very common to create template VMs that can be cloned from. This makes deployment much easier than having to install a new VM from scratch. Unfortunately, the cloned VMs lack any Active Directory memberships and the VMs have to be manually added to the AD domain. For automated deployment scenarios this is less than desirable. This recipe intends to solve that issue in a ...
Page 1 / 1