Debuntu

OpenVPN is a SSL based VPN software that runs on most OS. It is simple to install and run.

In this tutorial, I will go over the steps needed to configure OpenVPN on Debian Squeeze to provide a full VPN tunnel, this is particularly useful when you want to access internet from non-trusted networks such as free hotspots…

There are many ways of setting up OpenVPN, a common one is to use a unique certificate for each users. Another one is to have each user authenticate with a username/password.

In this article, we will be setting OpenVPN to authenticate users using PAM.

Read the rest of this entry »

Using freeradius for authentication

Here I am going to consider that the freeradius server is set up correctly, meaning that you can already authenticate your users with freeradius using radtest utility.

Read the rest of this entry »

XL2TP

Now, let’s get on the next phase: XL2TP.

Packages Requirements

You can install xl2tp with the following command:

# apt-get install xl2tp

Read the rest of this entry »

Even though I pretty like OpenVPN, there is still some devices that might not support the TUN/TAP driver needed by OpenVPN.

Take IPhones, Android phones for instance, you need to root them in order to get that feature, assuming somebody has already cooked a ROM for your device.

L2TP is quite and old standard that allow setting up VPNs.

On the other end, it does not provide any kind of encryption mechanism, and as such, it is pretty common to get L2TP running over an IPSec link.

Read the rest of this entry »

3. Creating users

Here we will be using sha1 password. To create a password, you can use the following command:

# echo -n ‘password’ | sha1sum
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 -

Read the rest of this entry »

this tutorial will explain how to use a MySQL backend in order to authentication users against your Apache website.

To achieve this we will use Apache2 and its auth_mysql module.

Read the rest of this entry »

4. Installing the system

we are now going to install the distro over our layout. Start the installer and make sure you choose manual partitioning. Then set up your filesystem like the one on the screenshot.

luks encryption over-lvm ubuntu installer

Read the rest of this entry »

3. Encrypting the partitions

3.1. Filling the partition with random data

Now that we have our partition layout, we need to encrypt /home and /. The first thing we are going to do is to fill those partitions with random data. There is 2 ways of doing it. A fairly fast one or a really slow but efficient one.

Read the rest of this entry »

Even though new distros installers tend to support filesystem encryption out of the box, most of the time, it might be interesting to actually understand how it works, mainly when it happens that your system fails to boot .

Most literature found on the Internet tend to cover how to set up LVM over a partition encrypted with LUKS, this tutorial takes another approach and will explain how to create LUKS encrypted partitions over LVM. The reason for this…. I wanted to have unencrypted partitions .

Read the rest of this entry »

When copying files over the network, the files informations can be modified.

When using cp, one can avoid this issue by using the -a which will do the copy in archive mode, meaning that it will keep the links, preserve mode, ownership and timestamps and the copy is recursive.

the solution to this over the network is rsync alongside with ssh.

Read the rest of this entry »