OpenVPN with multiple configurations (TCP/UDP) on the same host (with systemd)

As much more people are getting worried about their online privacy (including me), I started to use a server as a VPN termination (with OpenVPN) when I need to access the Internet via non-secure wired or wireless networks (e.g., hotel wireless network, airport Wi-Fi, etc.). Some overzealous network admins, though, try to lock down the … Continue reading OpenVPN with multiple configurations (TCP/UDP) on the same host (with systemd)

PSA: this website now is TLS-enabled

After some thinking, I decided to switch my current domain registrar and hoster: in fact, I stayed for 5 years with Netsons.org for domain registration and hosting. I had a very pleasant experience with them, I will recommend their hosting to everyone (it’s very cheap in the plethora of Italian super-expensive hosters). Since I recently … Continue reading PSA: this website now is TLS-enabled

Packaging software for Debian/Ubuntu: eclipse

Eclipse is my (Java, Python, Ruby, XML, <insert any other text format here) editor of choice, and it has been for many years. One thing that bothers me is that Eclipse package is outdated in Ubuntu: so, instead of using apt, I should resort to download/unpack/copy/create links to install it. These days are finished, though. … Continue reading Packaging software for Debian/Ubuntu: eclipse

Workaround for OpenVPN PAM authentication broken on Ubuntu 15.10

After updating to Ubuntu 15.10 a box with an OpenVPN termination I am using to browse when I travel and use insecure networks, my VPN tunnel stops working. I am using, in this particular box, an OpenVPN server that relies on PAM plugin for authentication (and 2-step verification). Given the fact that I keep all … Continue reading Workaround for OpenVPN PAM authentication broken on Ubuntu 15.10

Getting started with cloud-init and CoreOS

Lately I’ve been experimenting with CoreOS, a Linux distribution that enforces containerization (I made some experiments with Docker and I’d say that this area is fun!). CoreOS layer of containerization was based Docker, but now that they moved to Rocket. Not only Rocket, though: CoreOS brings some curious innovations to lightweight Linux distributions like clusterization … Continue reading Getting started with cloud-init and CoreOS

Playing with Docker: tips and tricks to write effective Dockerfiles

Recently I have been playing with Docker containers, and I am sure you already know what Docker is. In this post I will describe what I have learnt while using Docker containers and preparing Dockerfiles. What is Docker? In a few words: Docker is a software to manage and run Linux containers in which you … Continue reading Playing with Docker: tips and tricks to write effective Dockerfiles

Hardening services: let’s review our config files

It’s hardening Sunday here: I reviewed the config files of my main daemons (nginx, openvpn, tinc, sshd) with the help of two resources that I want to share with you, fellow readers. First of all, a guide dedicated exclusively to hardening ssh: from using public key authentication only (I strictly encourage it!) to the selection … Continue reading Hardening services: let’s review our config files

HP 6730b and fan at full speed after suspend (Fedora, Ubuntu, openSUSE)

It seems that with kernels 3.9 onwards there are some issues with fan speed and the 6730b model of HP notebook. I tried with Fedora 22 (my main distribution of choice), openSUSE Tumbleweed and Ubuntu 15.04. The problem occurs only when the system is woken up after a sleep/suspend: fans spin at full speed indefinitely, … Continue reading HP 6730b and fan at full speed after suspend (Fedora, Ubuntu, openSUSE)

Ubuntu rcS – variabili per modificare il comportamento degli script di boot

Quando mi trovo a dover fare il setup di un nuovo server, cambio sempre una variabile nel file /etc/default/rcS, ovvero: FSCKFIX=yes che significa che, in caso di problemi durante il mount dei filesystem al boot, il sistema tenta automaticamente di riparare il file-system, senza interrompere il processo di boot invocando la shell come avviene nel caso … Continue reading Ubuntu rcS – variabili per modificare il comportamento degli script di boot

Xubuntu/XFCE: come avviare una sessione in VNC

Di recente ho dovuto avviare una sessione VNC su una macchina remota; la mia preferenza per un desktop environment “light” ma al tempo stesso completo è andata su XFCE (installato di default su Xubuntu). Per avviare una sessione VNC è necessario modificare il file posto nella vostra home, e più precisamente in ~/.vnc/xstartup. Il file deve essere strutturato … Continue reading Xubuntu/XFCE: come avviare una sessione in VNC