administration – Page 2

pyload reverse proxy config

Here is a config for apache to enable reverse proxy access to a pyload webinterface I found on the net:

ServerSignature off
RedirectMatch ^/(.*)$ https://pyload…/$1

Options FollowSymLinks
AllowOverride None

ErrorLog /var/log/apache/pyload_error.log
LogLevel emerg
CustomLog /var/log/apache/pyload_error.log combined

Tine 2.0 Setup

To enable SMTP and IMAP support in Tine 2.0 the following points must be followed:

enable system account in the setup (Systemkonto verwenden)
the login name and password must be identical in Tine as well as on the email server

The setup of Tine 2.0 itself is straight forward and following the general installation guide.

OTP – One Time Passwords

After the installation of anyterm on my sheeva I am now working on the integration of One Time Passwords to enable fullaccess to my network even from a compromised workstation in an internet cafe.

I decided to go with OPIE – One-time Passwords In Everything which is using the S/KEY system (http://www.inner.net/opie). The installation is as easy as:

aptitude install opie-server opie-client

after that the pam module for SSH must be adjusted:

/etc/pam.d/sshd

auth sufficient pam_unix.so
auth sufficient pam_opie.so
auth required pam_deny.so

must be in whereas:

@include common-auth

must be out.

Initialisation is done via:

opiepasswd -c

which gives you back the first password and seed. You need to give a passphrase for the actual account before the command completes.

With the command opiekey the sequence number and the passphrase you can also get the apropriate password or with the option -n <number> a list of usable
passwords for printing.

NVidiaGraphicsDriver under Debian

I recently installed the stock nvidia graphics driver on my debian lenny machine by using the nvidia original driver from their support page. Just installing the kernel sources and the driver shell script and executing it lead me to a running nvidia dual head system.
http://wiki.debian.org/NvidiaGraphicsDrivers

pflog0

To view the log file:

# tcpdump -n -e -ttt -r /var/log/pflog

Note that using tcpdump(8) to watch the pflog file does not give a real-time display. A real-time display of logged packets is achieved by using the pflog0 interface:

# tcpdump -n -e -ttt -i pflog0

pfctl

     # pfctl -f /etc/pf.conf     Load the pf.conf file
     # pfctl -nf /etc/pf.conf    Parse the file, but don't load it
     # pfctl -Nf /etc/pf.conf    Load only the NAT rules from the file
     # pfctl -Rf /etc/pf.conf    Load only the filter rules from the file

     # pfctl -sn                 Show the current NAT rules
     # pfctl -sr                 Show the current filter rules
     # pfctl -ss                 Show the current state table
     # pfctl -si                 Show filter stats and counters
     # pfctl -sa                 Show EVERYTHING it can show