Aug 14 2014

Paperkey, a good way to print your PGP Private Key.

A reasonable way to achieve a long term backup of Cryptographic Keys (OpernPGP, GnuPG, PGP, etc) is to print them out on paper.
This because printed paper (choosing the best ink type), has amazingly long retention qualities, absolutely longer than magnetic or optical media generally used to Back-UP data.
Continue reading

Mar 14 2014

ProxmoxVE: Proxy PVE GUI with NigNX configuring HTTPS on Standard port.

With the release of PVE 3.0, the Proxmox VE Web-Interface does no longer require Apache.
Instead using a standard WebServer, Proxmox team is now proud to use a new event-driven API-Server called ‘pveproxy’ listening on TCP Port 8006 and delivering contents via HTTPS using a self-signed certificate.

Proxying pveproxy behind NgiNX will prevent direct access to the event-driven API-Server, let the administrator to (optionally) add a second layer HTTP authentication, to configure a standard HTTPS TCP port to reach the admin panel and to use his own SSL certificates.
Continue reading

Dec 22 2013

Shell In A Box: command line tools to a web based terminal emulator.

Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator.

This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins.

With default configuration, it is possible to start a Web Server at http://localhost:4200/ that allows users to login with their username and password and to get access to their login shell.

All client-server communications are encrypted, if SSL/TLS certificates have been installed.

Continue reading

Sep 6 2013

Postfix: Configure a SmartHost with SMTP Authentication and TLS.

A smart host is a type of mail relay server which allows an SMTP server to route e-mail to an intermediate mail server rather than directly to the recipient’s server. [Wikipedia]

This document aims to describe some simple steps to setup a Postfix eMail server with a SmartHost used to relay messages through. The SmartHost will be authenticated and secured trough TLS.
Continue reading

Oct 26 2012

Wireshark: Allow unprivileged user to sniff traffic on Ubuntu.

Network Engineers simply need to sniff packets over Networks. Sniffing is not an option or a Lamer activity, sniffing is the base of Network Troubleshooting.

Using Wireshark, one of the best Network Sniffers (and more) could be tricky, if the software is launched from an unprivileged User Account since access to network interfaces won’t be possible (no device will be listed as available to start packets capture).

On the other side, it is strongly recommended to not run Wireshark as root for security reasons.
Continue reading