Tag Archives: CentOS
Setup an OpenVPN server with certificate and two-factor authentication on CentOS 7
Introduction My goal was to have an OpenVPN server running, to which i can connect using different ports and by pipping it over an IP over ICMP tunnel (the latter will follow in another post). Ports i want to use: 1194/udp – The default OpenVPN port 53/udp – If im lucky and the network has DNS open by default… 1195/udp … Continue reading
Check if the certificate of a domain was revoked
Just had the need to quickly check if the certificate of a domain was revoked or not, and found this tutorial: OpenSSL: Manually verify a certificate against a CRL Well done, but two problems: If the server doesn’t send all certificates (including the root CA), the verify process will fail Too much to type… So i quickly created a bash … Continue reading
Change host name of Puppet client
Here are the steps i use to change the host name of a puppet client: On the client side stop Puppet, remove old certificates and change host name: Change the host name in /etc/sysconfig/network and /etc/hosts, then reboot the client. Remove the old certificate on the server: If you’re using Foreman, change the host name there too. Finally, initialize a … Continue reading
Limit/prevent SSH brute force attempts
If you (have to) run a public available SSH server, you may have noticed already that there are a lot of brute force attacks trying to guess a user and password (have a look into /var/log/secure ). If you did it the correct way, you only allow public keys to authenticate of course. But maybe you can’t, because the client … Continue reading
Slow DNS lookup on CentOS 6 machines
Slow DNS lookups can have many reasons. Mostly they are easy to fix because it simply is a wrong IP address of the DNS f.ex. But today i had a harder one, but was easy to fix if you know how… Looking up an address with dig works all the time, but when puppet gets its plugins or other files … Continue reading