Showing posts from November, 2020

VPN Wi-Fi Hotspot with Raspberry Pi

TL;DR: I explain here how to setup a home Wi-Fi network, which routes all traffic through a VPN, using a Raspberry Pi. No one wants to get tracked or sniffed while browsing. Even those, who "have nothing to hide".  One of the ways to hide your traffic is to use a VPN. But connecting and disconnecting to it can be annoying. So, I want to setup a home Wi-Fi network, and, when connected to it, to browse automatically through the VPN. There are already many VPN providers out there, the goal of this post is not to compare them. We just need one, which supports OpenVPN. Setup This setup is tested on Raspberry Pi 3 Model B+ with a 2GB SD card. Any Raspberry Pi OS will do. I recommend using the Lite version. Some of the values are based on a home network OpenVPN Add to  /etc/network/interfaces : auto lo iface lo inet loopback auto eth0 allow-hotplug eth0 iface eth0 inet dhcp up route add -net 192.168 . 0.0 netmask 255.255 . 255.0

Windows ssh/git Server

If you are developing software and are using Git on Windows 10 and don't want to push to github, gitlab, etc., you might find this useful.  You can turn your Windows OS into a git server, by just configuring ssh access. 1. Add the features for OpenSSH (part of Windows 10) Open Settings - Apps - Optional Features - Add a feature and install "OpenSSH Server" and "OpenSSH client" 2. Create a git user Create a user git , member of sshusers , who cannot change his password, who is active and whose password never expires. Open Control Panel - Administrative Tools - Computer Management Under System Tools - Local Users and Groups - Right click on Users - New User... 3. Configure the git user Login with the git user and create the c:\Users\git\.ssh directory. Inside, create the " authorized_keys " text file with your public ssh key and make it accessible only by user git . Here is

Self-signed certificate? Why not CA-signed certificate?

Very often we need certificates, mostly for using SSL/TLS in HTTP, FTP, etc. The fastest and cheapest way is the self-signed certificate. It is generated in just a few steps. However, they don't have to be "self" signed. We can also generate a CA (certification authority) and use it to issue the certificates, e.g. they will be signed by our CA. This give us the possibility to trust all our certificates by just trusting the CA. This post shows how to do it with openssl. Some configuration first It is much easier if you do some configuration for openssl, if not done so already. The configuration is placed in  /etc/ssl/openssl.cnf: Set the default algorithm to sha1: set default_md = sha1 Remove these default values: stateOrProvinceName_default = organizationName_default = In case you are planning to create multiple certificates, you can also configure the common values as defaults to spare some time later.

Linux - 101

Freshman in the Linux world When you start your Linux journey coming from another OS, which is mostly controlled by the GUI (Windows, OSX), you might have a lot of questions. Although the modern Linux distros provide extremely rich GUIs, the terminal remains the most powerful part of Linux. Here is some know-how, you might need. NOTE: All examples below are only tested in Debian-like distros. Aliases Edit ~/.bashrc and uncomment the line for the ll alias Or better extend it to: alias ll = 'ls -lha' Additionally, you might want to add the following function into   ~/.bash_aliases: cdl () { cd "$1" && ll; } This way, you can change dir and list content in one: nikolay@blog:/ $ cdl /var total 101M drwxr-xr-x 11 root root 4.0K Aug 20 12:47 . drwxr-xr-x 21 root root 4.0K Aug 20 12:47 .. drwxr-xr-x 2 root root 4.0K Nov 7 06:25 backups drwxr-xr-x 9 root root 4.0K Oct 25 11:08 cache drwxr-xr-x 29 root