Testing SSL client certificate authentication with curl

March 28, 2013 at 07:40 AM | categories: Sysadmin, Tips, Security | View Comments
When using SSL client certificate authentication you may need to test it using command line tools. To do so run the following command: curl -v -s -k --key client.key --cert client.pem https://servername Thats it....

Setup a OpenVPN server on Centos 6

February 02, 2013 at 07:40 AM | categories: Sysadmin, Tips, Security, Centos | View Comments
OpenVPN 2 is available for Centos from the EPEL repository, so you need to have EPEL enabled. If you do not have EPEL enabled run: rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm To install OpenVPN run: yum install openvpn lzo -y...

Centos 6 Bonded network interfaces

February 01, 2013 at 07:40 AM | categories: Sysadmin, Tips, Centos | View Comments
Bonding allows you to aggregate multiple ports, providing redundancy, fault tolerance and load balancing. There are various types of bonding available but i will show how to bond in mode 1 which is active-backup. If your interested in the other...

Commandline OpenVPN client on Mac OSX with macports

January 31, 2013 at 07:40 AM | categories: Sysadmin, Mac OS X, Tips, Security, Unix | View Comments
Most people use TunnelBrick to setup OpenVPN client connections on Mac OSX, i prefer using the command line. To get OpenVPN up and running off the command line is a simple process. The commands below need to be run as...

Automating translation of software using the Microsoft Translator and Python

January 25, 2013 at 07:40 AM | categories: Sysadmin, Tips, Unix, Linux | View Comments
The Microsoft translator provides an API that you can use for automated translation. It currently supports about 39 languages. True to the nature of open source i found that someone had already written a python wrapper to the API. I...

Boot into single user mode on various unixes

January 24, 2013 at 07:40 AM | categories: Sysadmin, Tips, Unix, Linux | View Comments
Press a to append to the boot options then add single grub append> ro root=LABEL=/ single Press L1+a or STOP+a to enter OpenBoot PROM then type boot -s Select maintanance mode from the boot menu...

How to update man keywords database

January 16, 2013 at 07:40 AM | categories: Centos, Ubuntu, Sysadmin, Unix, RHEL, Linux, Tips | View Comments
Man keywords database allow you to search for man pages using keywords, the database needs to be updated when ever man pages are added or removed. This is how you do it for various *nix types. mandb ...

Strongswan now supports PAM authentication

November 07, 2012 at 07:40 AM | categories: Centos, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
Strongswan release 5.0.1 includes a XAuth PAM plugin which requests username/password XAuth credentials and verifies them against Pluggable Authentication Modules (PAM). This plugin is not enabled by default to enable it you need to add the following to your ./configure...

Strongswan now supports Cisco unity extensions

November 07, 2012 at 07:40 AM | categories: Centos, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
I previously wrote about setting up split tunneling on Strongswan using the attr-sql plugin With the release of Strongswan 5.0.1 it is no longer the only way to support split tunneling. Strongswan 5.0.1 introduces the unity plugin which allows for...

IOS 6 Breaks Certificate based IPSEC VPNs

September 29, 2012 at 11:30 AM | categories: Mac OS X, Tips, IPSEC | View Comments
I have found that the recent release of IOS 6 breaks Certificate based IPSEC VPN functionality. IPSEC VPNs using preshared keys still do work however. A number of other users report the having the same issue, if IPSEC VPN functionality...

Mac OSX IPSEC VPN via command line using builtin Racoon client

September 19, 2012 at 07:30 AM | categories: Mac OS X, Howto, Sysadmin, Linux, Tips, Security, IPSEC | View Comments
The Mac OSX IPSEC VPN client setup via "System preferences" only supports IPSEC/XAUTH and IPSEC/L2TP both of which give you a different IP address for your tunnel interface. System preferences on the backend uses Racoon so it is possible...

IPSEC split tunneling VPN with Mac OSX and Strongswan 5 on Centos/RHEL 6

September 01, 2012 at 10:08 AM | categories: Centos, Mac OS X, Howto, Sysadmin, RHEL, Linux, Tips, Security, IPSEC | View Comments
In my previous post i described how to setup an IPSEC VPN for use with Iphone, Ipad and Mac OSX IPSEC VPN clients. This post describes how to enable split tunneling which is supported by the Mac OSX IPSEC...