uwot.eu
another meaningless subtitle

uwot.eu

last update:

nginx and TLS v1.2

Given that SSL and TLS, especially v1.0, suffer from serious security issues (e.g. https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS) I thought it would be a good idea to use the latest and more secure version of it: v1.2. On CentOS 6.4 the openssl version included is quite old and doesn’t support TLS v1.1 and 1.2. So, first of all we have to install the latest version 1.0.1e, it can be done compiling from sources or by adding a third party repository; I chose the latter.

Let’s say we have a WordPress blog and we would like to encrypt our login pages and the whole back-end of the site. There are many ways to do it, but since I already have a nginx instance configured as reverse proxy running in front of Apache I’ll use it to “protect” my admin pages and logins. In this page I’ll not cover Apache’s configuration, which, by the way, is trivial to say the least, so please refer to this other post: Apache + nginx as reverse proxy.

A new Linux kernel version is released and guess what: VMware Workstation fucked up once again. The fix posted on the Arch Linux wiki is applicable also to Fedora 19, I’ll post it here for future reference. $ cd /tmp $ curl -O http://pkgbuild.com/git/aur-mirror.git/plain/vmware-patch/vmblock-9.0.2-5.0.2-3.10.patch $ curl -O http://pkgbuild.com/git/aur-mirror.git/plain/vmware-patch/vmnet-9.0.2-5.0.2-3.10.patch $ cd /usr/lib/vmware/modules/source # tar -xvf vmblock.tar # tar -xvf vmnet.tar # patch -p0 -i /tmp/vmblock-9.0.2-5.0.2-3.10.patch # patch -p0 -i /tmp/vmnet-9.0.2-5.0.2-3.10.patch # tar -cf vmblock.

Yesterday was the big day, Fedora “Schrödinger’s Cat” 19 stable release was released. Since I had a free afternoon I decided to install it on my Thinkpad, and luckily everything was fine, even Anaconada installer issues with UMTS modules are gone, VMware Workstation 9.0.2 was working fine and so on. The only issue I had was with DeaDBeeF audio player, I am using it from quite a long time and I like it a lot; too bad it’s not included in the default Fedora’s repos nor in the epel ones so every time I have to install it manually.

One of the things I was planning to do but never did is installing nginx as reverse proxy in front of Apache. nginx is present in the epel repos for CentOS, so the installation process is just a matter of: yum install nginx mysql mysql-server phpmyadmin httpd Add another repository for the Apache module mod_rpaf… wget -q -O - http://www.atomicorp.com/installers/atomic | sh …and install it: yum install mod_rpaf At this point everything needed should be installed, now it’s time to configure Apache and nginx to work together.

Documentation on the Wireshark wiki seems to not be really up to date, or at least it’s not completely applicable to Fedora 18, so here is what I did to make it work. After installing Wireshark (and its GUI) with the usual: yum install wireshark-gnome It should automatically create a group called “wireshark” and we are supposed to add our user (mafio in my case) to this group: usermod -a -G wireshark mafio newgrp wireshark ### used to force the new settings without having to logout/login Then issue this last command:

OpenVPN is the de facto standard VPN free open source software; it is widely used, tested, well documented and also included in the CentOS repos (EPEL). .:. Server side configuration yum install openvpn easy-rsa dnsmasq When yum is done installing the required packages, copy the sample config file. cp /usr/share/doc/openvpn-*/sample-config-files/server.conf /etc/openvpn Uncomment/edit the following lines in /etc/openvpn/server.conf: port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh4096.

Despite not being a gamer at all I see having a decent mouse as an important thing, I spend 10 to 15 hours a day in front of my PC and probably for at least half of the time I’m using the mouse, so I don’t get why I should not have the best input peripherals on the market. My current mouse is a Logitech G500 (NP 910-001262), of course it being the best mouse on the market is an highly debatable thing since, along side with the keyboard, mouse choice is highly subjective.

XRDP and CentOS 6

Yesterday’s night I installed a test machine to play with KVM and some other stuff, obviously the OS of choice is the trusty CentOS. I did a pretty minimal net-install but decided to install gnome desktop environment anyway because why not, not that it will be of much use, but still. Anyway, since the machine is an headless server it’s mandatory to be able to control it remotely, like the past 2 or 3 times, I installed XRDP expecting everything will be fine and working without any problem.

Every time a new Kernel goes out there seems to be a new issue with VMware Workstation 9. Today I updated a couple of Fedora 18 boxes, applied the usual workaround (I wrote a post about it one month ago or so) which consists in ONE OF the following steps: ln -s /usr/src/kernels/_kernel_version_/include/generated/uapi/linux/version.h /usr/src/kernels/_kernel_version_/include/linux/version.h ### OR cp /usr/src/kernels/_kernel_version_/include/generated/uapi/linux/version.h /lib/modules/_kernel_version_/build/include/linux/ Rebooted and then issued the usual command (vmware-modconfig –console –install-all) to rebuild the needed VMware modules just to find out that it isn’t possible to rebuild the VMCI module.