Till now I was mainly using mod_auth_mellon in order to do SAML-based authentication for web services. I did so because it seemed quite easy to configure (and the Ubuntu mod_shib package had a nasty bug some years ago when I made first contact with SAML). However mod_shib (part of the shibboleth service provider (SP) implenetation) […]
Category: Linux
Categories
Unattended Ubuntu ISO
I recently built an unattended installation ISO to ease installation of Windows 11 test machines. So why not do the same for Ubuntu? While looking around I found solutions for Ubuntu 20.04 and 22.04. The 22.04 version basically works fine for Ubuntu 24.04. Nothing the less some modifications were required: the key server URL was […]
Categories
Unattended Windows ISO
For one or another reason even Linux enthusiasts need a Windows installation from time to time. But with every new version Microsoft adds more and bloatware or privacy violating settings that you need to decline during installation in order to get a halfway usable system. The same is true for forced requirements of TPM or […]
Categories
ZFS and snapshots
One nice feature of filesystems like btrfs of zfs is snapshots. They preserve a certain state of a filesystem without wasting too much space (as long as the modification rate is low). In some cases it is fine to create a snapshot manually from time to time, however on several occasions I wished I had […]
What is IEEE 802.1X anyway? More and more companies run a shared desk strategy. Combined with the possibility of home office this often means that employees use their laptop both at home and at the office. The shared desk strategy however forces them to work at different work spaces (and connect to different network ports […]
As shown in my last post using wireguard over TCP (with a little help of proxyguard) isn’t that hard (once you understood how things work). However most VPN solutions come with certain limitations: They often use their specific ports and protocols and therefore can be filtered by firewalls (either by choice or even sometime by […]
Some time ago I tried to get eduvpn working with wireguard over TCP. As you might remember I wasn’t able to make it work reliably so I skipped that attempt for the time being. Now some time has passed and I decided to start over with a more basic approach to get a feeling about […]
Categories
Introduction to BTRFS and ZFS
Last week I had a little chat with a very good friend of mine. We were talking about how to best configure his new home server. One of the topics was the choice of filesystems which resulted in a longer discussion with some other friends (all long term IT people and Linux enthusiasts). So I […]
I’m planing to install eduvpn as a personal VPN solution. I also want to separate the VPN functionality (“vpn-daemon”, hostname “eduvpn-node”) from the management web frontend (controller or “vpn-user-portal”, hostname “eduvpn”). Adding software repository So we start by configuring the required software repos (on both machines, here’s the new APT822 version): Basic installation After that […]
While upgrading to Ubuntu 24.04 some of the sources.list files were (automatically) converted to the new APT822 standard. However others were left untouched (or deactivated). For all of you out there, here are some of my findings while doing the file conversion: Let’s take the docker repo as an example (original description here): Make sure […]