Wireguard is an open source software and communication protocol which aims to provide a simpler and safer alternative to OpenVPN. Compared to OpenVPN both client and server configuration are much simpler and mantaining a PKI is also not required. Performance wise Wireguard is also faster than OpenVPN. SERVER: Debian 10 (Codename Buster) As of today Wireguard is not included in Debian 10 stable repos, so it is required to enable backports to install it: …

After the CentOS fiasco (good job Redhat/IBM) and since we are more or less in lockdown I decided to invest a couple of days to migrate my home infra from CentOS 7 to Debian 10. One of my physical machines, which was also CentOS 7 based, is used as ISCSI target. Debian 10 - Server A.K.A. Target Install the required packages: $ sudo apt-get install tgt dkms Create a device backstore: …

OpenWRT is a free open source Linux based operating system aimed at networking hardware. Every time the system is upgraded to a newer version using the so called Sysupgrade BIN image every package the user manually installed gets lost; this makes the upgrade process very tedious especially if one does not properly write down all the customization he has made. I don’t use many custom packages but QoS, DNS-over-HTTPS, USB support and vnstat are must have. …

Last year I blogged on how to remotely unlock a full disk encrypted Fedora/CentOS server. The software I used, dracut-crypt-ssh, is not supported anymore and stopped working for me on Fedora 32 and 33. A quick DDG search pointed me in the right direction and made me find a similar software that accomplishes the same task: dracut-sshd. $ sudo dnf install dracut dracut-network openssh libblkid-devel gcc $ git clone https://github.com/gsauthof/dracut-sshd.git $ cd dracut-sshd $ sudo cp -ri 46sshd /usr/lib/dracut/modules.d After compiling and installing dracut-crypt-ssh configure grub to instruct dracut to add networking to initramfs: …

A few weeks ago Siemens released a very much needed upgrade of the IOT2000 platform; the newcomer is called IOT2050 and is a huge step forward compared to the very very underpowered IOT2040. I have had one for a few days laying on my desk but I just found the time to play with it today. Other than the new hardware, the officially supported operating system also changed from Yocto Linux to Debian Buster (kudos for dropping Yocto). …

Ejabberd has supported STUN/TURN for quite some time now, this in conjunction with client support can be used to implement one on one audio and video calls. Since version 2.8.0 Conversations Android client added audio and video call functionality by leveraging on STUN/TURN and XEP-0215. The rest of the XMPP world is following the route opened by them, so I expect to see IOS and regular computer XMPP clients to finally implement these new features too in the upcoming months. Enabling audio and video calls in Ejabberd is actually pretty simple. Provided you have installed the latest release (version 20.04), edit ejabberd.yml: …

Since the whole COVID19 pandemic hoax started a couple of months ago, working from home has become the new hip thing every company brags about on every social media known to humankind. The first step to be able to call yourself a proper COVID19 ready(tm) company is the ability to bother every employees with just a few mouse clicks. So here we are, with Microsoft Teams(tm) and a lot of other not very secure and massively bloated software elected as the center of the office life. Coffee break? XYZ software chatroom. Kick-off meeting? XYZ software chatroom. And so on. Because of my special snowflake syndrome and my deep hatred for all things Microsoft and especially Windows I always end up making my life a bit harder. After having used Teams in a Windows 10 VM (after all I paid for a license when I got my latest Thinkpad) for a few weeks, I decided it was time to finally try to make it work on my main OS: Fedora 31. The catch was also that I wanted to do that more or less without installing any third party non free software. The OS I use is Fedora 31, which comes with pipewire and xgd-desktop-portal both installed and configured out of the box. Since using the official closed source Electron crapware client was out of the question, the obvious choice was to make Microsoft Teams work in a regular WEB browser. The situation is the following: …

Here at uwot.eu we are strong believers in internet anonymity and privacy, for this reason we are proudly announcing the launch of uwot.eu onion mirror. Onion mirror version of the website is still work in progress and still contains links to third party clearnet domains. Use with caution.