Linux - The Next GenerationOne nice feature of filesystems like btrfs of zfs is snapshots. They preserve a certain state of a filesystem without wasting too much space (as long as the modification rate is low). In some cases it is fine to create a snapshot manually from time to time, however on several occasions I wished I had […]
What is IEEE 802.1X anyway? More and more companies run a shared desk strategy. Combined with the possibility of home office this often means that employees use their laptop both at home and at the office. The shared desk strategy however forces them to work at different work spaces (and connect to different network ports […]
As shown in my last post using wireguard over TCP (with a little help of proxyguard) isn’t that hard (once you understood how things work). However most VPN solutions come with certain limitations: They often use their specific ports and protocols and therefore can be filtered by firewalls (either by choice or even sometime by […]
Some time ago I tried to get eduvpn working with wireguard over TCP. As you might remember I wasn’t able to make it work reliably so I skipped that attempt for the time being. Now some time has passed and I decided to start over with a more basic approach to get a feeling about […]
Last week I had a little chat with a very good friend of mine. We were talking about how to best configure his new home server. One of the topics was the choice of filesystems which resulted in a longer discussion with some other friends (all long term IT people and Linux enthusiasts). So I […]
I’m planing to install eduvpn as a personal VPN solution. I also want to separate the VPN functionality (“vpn-daemon“, hostname “eduvpn-node1″) from the management web frontend (controller or “vpn-user-portal“, hostname “eduvpn-portal”). Hostname: eduvpn-node1Software packages: Hostname: eduvpn-portalSoftware packages: vpn-server-node vpn-user-portal vpn-daemon vpn-ca vpn-maint-scripts Software packages installed on the different hosts Adding software repository So we start […]
While upgrading to Ubuntu 24.04 some of the sources.list files were (automatically) converted to the new APT822 standard. However others were left untouched (or deactivated). For all of you out there, here are some of my findings while doing the file conversion: Let’s take the docker repo as an example (original description here): Make sure […]
After upgrading my Ubuntu 22.04 installation to Ubuntu 24.04.1 (using do-release-upgrade) my NFS exports stopped working. Kernel 6.8.0-41 reported an OOPS as soon as the NFS share was accessed (using sec=krb5b on the NFS client): Looking for a similar bug I found one on the NFS kernel mailing list titled “[PATCH] SUNRPC: Fix loop termination […]
…or to be exact: the Samba version of it 🙂 So as an Open Source guy I obviously don’t run a Microsoft Active Directory. However since Samba version 4 this software does not only support file and print services, it also can act as an Active Directory. And guess what: That’s what I do. Unfortunately […]
Today I changed some things regarding authentication in my local setup and (once again) was curious about enabling more services to user kerberos logins. And – as always – I ended up in an extensive debug session in order to make (some) things work. To spare some of you some of your precious time I’ll […]