Thursday, July 7, 2011

Simple VPN installation on debian lenny

This is an simple way to install openvpn for two computer, one is the vpn-server, the other is the client.

Server:

First i install openvpn with aptitude:
aptitude install openvpn

After this i generate a secrec key with:
openvpn --genkey --secret static.key
it should be stored in /etc/openvpn direcotry.

now i modified the /etc/openvpn/server.conf that it looks like this:
dev tun
ifconfig 192.168.0.1 10.8.0.1
secret /etc/openvpn/static.key
push "route 192.168.0.0 255.255.255.0"
port 1234
comp-lzo


I decieded for an other port because security reasons.
Now i must enable ip_forwarding with:
echo 1 > /proc/sys/net/ipv4/ip_forward


The kernel routing table looks like this:
Ziel Router Genmask Flags Metric Ref Use Iface
192.168.1.2 10.8.0.1 255.255.255.255 UGH 0 0 0 tun0
10.8.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.0.0 192.168.0.1 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0


Here 192.168.1.2 is the ip-adress from the client behind the vpn and 192.168.0.1 the ip of the vpn-server.

Client:

Here we install openvpn with:
aptitude install openvpn

The the /etc/openvpn/openvpn.conf
remote 1.2.3.4 1234
dev tun
ifconfig 10.8.0.1 192.168.0.1
secret /etc/openvpn/static.key

The ip adress 1.2.3.4 is the fix-internetadress of the vpn server,
this one you must know.
1234 is the port where openvpn is listening.
You must transfer the static.key on a secure way to the client pc and store it
in /etc/openvpn directory

The kernel-routing table should look like this:
Kernel-IP-Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
192.168.0.1 0 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

Wednesday, July 6, 2011

Convert and Reszie PSD to JPG

Nice problem:
Converting a whole directory of .psd files into jpg and resize them to a lower resolution.

Smart solution:

for x in *.psd; do convert -size 320x240 -flatten "$x" "`basename "$x" .psd`.jpg";done

What a great solution in one line!

Monday, July 4, 2011

Fast way to transfer ftp data ist mc

After installing an online shop with gftp, it doesen't work.
The permissions of the files were not kept.
So i put the files with gnome directly on the server.
But my webhoster has problems with ftp and so after transfering
some files the connection was closed.

Fast and secure way to use ftp is the midnight commander.
Logging in on a non-anonymous ftp you can use user@server

Postfix and uwimapd strange problem

At some mailboxes the user had a problem with logging in (using thunderbird).
After several try's they close thunderbird and open it again.
Then all emails appears, but some of them again and again.
So some emails were douple or triple in the mailbox.

I check the permissons, the master.cf and main.cf of postfix without result.
Then i take a look into the log files, but nothing strange happens.
Restarting postfix with /etc/init.d/postfix restart solved the problem.

Server-harddisk replacing

Interesting job to do.
On the mailserver must the harddisk be replaced.
The s.m.a.r.t. values become bad.
Now i think about how to do this with minimal downtime.

At the moment my favorite idea is to boot with the sysrescue cd
(link at bottom of page) and copy all data with partimage of fsarchiver
over the network to the fileserver.
but i dont know, if the new hard disk will be able to boot then.