Network
How-To: Fix “The file server has closed down” issues in Mac OS and netatalk
Netatalk versions older than 2.1.3 had some issues with the TCP/IP Stack on Linux which resulted in errors like
Luckily they seem to have fixed this in 2.1.3 as the ChangeLog states: fix a serious error in networking IO code.
So the solution is as easy as upgrading. I am running Ubuntu, but two months after netatalk-2.1.3 has been released, they don’t even have it in unstable. Lucky Gentoo users you! I needed to fix this very quickly as it started to disrupt my workflow. Sadly I currently don’t have the time to dig into the packaging system of Debian or Ubuntu, so I looked up Debian’s configure options and just compiled from source:
cp -a /etc/netatalk/ ~ aptitude purge netatalk apt-get build-dep netatalk wget http://sourceforge.net/projects/netatalk/files/netatalk/2.1.3/netatalk-2.1.3.tar.bz2/download tar xjvf netatalk-2.1.3.tar.bz2 cd netatalk-2.1.3 ./configure --with-shadow --enable-fhs --enable-tcp-wrappers --enable-timelord --enable-overwrite --with-pkgconfdir=/etc/netatalk --enable-krb4-uam --enable-krbV-uam --with-cnid-dbd-txn --with-libgcrypt-dir --with-cracklib=/var/cache/cracklib/cracklib_dict --enable-debian --disable-srvloc --enable-zeroconf --with-ssl-dir --enable-pgp-uam --prefix=/usr/local/netatalk/ make sudo make install mv ~/netatalk /etc/ /etc/init.d/netatalk start
This saves a copy of your running netatalk configuration to your home directory, removes netatalk, downloads all necessary libraries to build netatalk, downloads netatalk from SourceForge, extracts it, configures it, builds it, installs it, restores the configuration and starts it as usual.
I am running netatalk 2.1.3 for a week now and the error seems to be gone 
If you know how to easily create a Debian package, feel free to post in the comments.
How-To: Fast VNC alternativ to Remote Desktop to a Mac using NoMachine
I am a very happy Mac OS user with a Mac mini and a MacBook Pro coming soon, but one things I really miss about Mac OS X is the lack of a fast and standards based remote desktop solution. The VNC server built into Mac OS X isn’t really compatible with all clients, and I still haven’t figured out if it’s possible to run it with a different resolution and color depth than the real screen!!!
But, I recently re-discovered a solution I got to know in my Linux time on a desktop: NoMachine. You’ll need a server running a recent Linux distribution or OpenSolaris which will act as a kind of a proxy and the setup is a bit complex, but it does work well. I’ll show you how to do it running Ubuntu Lucid.
First go to http://www.nomachine.com/select-package.php?os=linux&id=1 select your architecture and download all three files: client, node and server.
Then install them in the following order, fix the missing dependecies and install a vnclient plus vncpassword:
sudo dpkg -i nxclient_3.4.0-7_x86_64.deb sudo dpkg -i nxnode_3.4.0-11_x86_64.deb sudo dpkg -i nxserver_3.4.0-12_x86_64.deb sudo aptitude -f install sudo aptitude install xvnc4viewer vnc4-common
Since it’s really advisable I hope you already have PasswordAuthentication no in your sshd_config to disable Password authentication and to only allow key-based authentication. You’ll need to tweak nxserver a bit to get it working with key-based auth. Edit /usr/NX/etc/server.cfg to…
EnablePasswordDB = "1"
…edit the following line in /usr/NX/etc/node.cfg to enable VNC…
CommandStartRFB = "/usr/bin/vncviewer -fullscreen"
…create a key for your key-based authentication and restart nxserver.
sudo /usr/NX/bin/nxserver --keygen sudo service nxserver restart
Your new key is placed at /usr/NX/share/keys/default.id_dsa.key. Copy it the device you want to connect from using scp or similar tools. Now all you need to do is enable the users you wan’t in nxserver:
sudo /usr/NX/bin/nxserver --useradd <user>
This enables the user in NX’s database and copies the previously generated key to the user’s authorized_keys file.
Now just enable VNC on your Mac. Go to “System Preferences”, select “Sharing” and enable “Screen Sharing”:
Now you’ll need to configure your client. Read more…
Nginx or Apache?
I recently discovered nginx when I was thinking about replacing apache2 as a reverse-proxy that adds ssl and authentication to my internal webserver. I finally chose nginx and it’s now running on my freshly installed OpenBSD 4.7 gateway. I chose nginx because of it’s straight-forward configuration syntax and because it has a much smaller codebase, which means it should run faster and has less security flaws. The documentation also is great. Plus nginx seems to be the rising star on the horizon of webservers Many large sites are already running it as their reverse-proxies/loadbalancers according to this article.
For me nginx runs much faster than apache2. Where apache2 gave about 14MBps for a single download session, nginx gives me 23MBps (It’s a slow Intel Atom machine). Here’s my configuration. But since the nginx docs are that good, you don’t need any how-tos! Just rtfm
user _nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
sendfile on;
keepalive_timeout 65;
gzip on;
access_log off;
error_log off;
server {
listen 443 ;
ssl on;
server_name ext.example.org;
ssl_certificate ext.example.org.crt;
ssl_certificate_key ext.example.org.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://int.example.org;
auth_basic "int.example.org";
auth_basic_user_file /etc/nginx/htpasswd;
}
}
}
I just love this thing. Maybe I’ll replace apache2 on my internal webserver, too.
How-To: OpenVPN on OpenBSD as Layer2 VPN
Getting OpenVPN running on a recent OpenBSD pretty simple. I run OpenVPN 2.1 on OpenBSD-current as of 2010/03/10 (almost 4.7) with PSK as a layer2 VPN. Layer2 because I have some zeroconf/bonjour stuff running at my LAN and I want to connect to my iTunes shares through the VPN. I’ll make it very short: Install OpenVPN from packages (or ports if you want to), configure a bridge, create a PSK and create a simple config file.
pkg_add http://ftp.openbsd.org/pub/OpenBSD/4.7/packages/amd64/openvpn-2.1.0.tgz ifconfig tun0 create ifconfig bridge0 create add fxp0 tun0 openvpn --genkey --secret /etc/openvpn/server.key
Paste this to /etc/openvpn/server.conf:
proto tcp-server port 1194 dev tun0 dev-type tap secret /etc/openvpn/server.key push "route 10.1.0.0 255.255.0.0 10.1.16.1" persist-key persist-tun ping-timer-rem keepalive 10 60 user _openvpn group _openvpn
To make OpenVPN start on boot create /etc/hostname.bridge0 with:
add fxp0 add tun0 up
And /etc/hostname.tun0 with: (I had to set link0 to get it working)
up link0 !/usr/local/sbin/openvpn --daemon --config /etc/openvpn/server.conf
That’s it. You can reboot to test if it’s working or just run OpenVPN with
/usr/local/sbin/openvpn --daemon --config /etc/openvpn/server.conf
A simple client configuration would look like:
proto tcp-client dev tap remote you.example.org 1194 secret ./your.key persist-key persist-tun ping-timer-rem keepalive 10 60
Hint: Use DynDNS or something similar to use OpenVPN with a dynamically assigned IP-Address.
How-To: Use Google Apps as a MobileMe or Exchange alternative
I already wrote about Google Apps as a mail-hoster for your own domains. Today I’m going to talk about Google Apps for almost everything else you might need for your office or personal organization. I just set up Google Calendar and Google Address book synchronization on my Google Apps account.
Your Gmail account also has the Calendar, Contacts, Sites and Docs features, but you can’t collaborate with other employees or members that good. On the other hand you have many other features like Reader or Picasaweb within one account.
I used to use Funambol for contact synchronization, but with my iPhone or my Mac or anything else but Thunderbird synchronization was very beta like and crashed my Contact database several times. Plus they went commercial a few weeks ago. My self-hosted Calendar also didn’t sync very well with my computers and mobile devices which is why I was looking for a more reliable solution.
And although I don’t really like the Idea of storing personal information like Contacts and Calendars at the servers of a company like Google, the way better synchronization compared to my previous and the other (free) solutions I tried, made me switch to Google Apps for these two tasks. And I really like it!
Google Apps provides Microsoft Exchange and CalDAV functionality, so you can sync your contacts and calendars to almost every client and device you want. Read more…
2009’s Virtualization Techniques Compared
Hi folks, before we get started a small explanation of my setup and why I want to replace it.
My small home server runs Xen 3.3 with Ubuntu Intrepid, a Debian Xen kernel and the guests on LVM devices. Guest OSs vary from Debian over Solaris to Windows. I built the server last year, but sadly I’m already running out of HDD space and want to upgrade soon. I also want to re-install the Dom0 because Intrepid doesn’t run very well: USB doesn’t work with all devices, there are some bugs in the start-up scripts and I have trouble with the ttys.
A lot has changed since I last fiddled with virtualization so I used this weeks bad weather to compare the current status of all those virtualization systems.
Because there are so many different needs, there are many specialized solutions for desktop and server virtualization. Open-Source, free or commercial ones.
I use VirtualBox on my workstation because it’s free, fast, easy to use and runs very very well. I’ve used the VMware products earlier on Linux and Windows until they became too feature-rich, slow and sometimes even buggy for me. But this post is not about desktop virtualization, it’s about open-source (or free) server virtualization.
VMware Server, VMware ESXi, Microsoft Hyper-V, VirtualBox, Xen and KVM are the ones I’ve tried. There is also Virtuozzo, OpenVZ, UML and so on, but these are more like chroots on steroids. Continue reading to see what I liked and what I didn’t like about them.
How-To: Use Google Apps for your Domain
I had this post drafted for some time now and just used some free time to review it…
Do you have your own domain and some webspace, but no mail services for that domain? Or do you have a DynDNS account for your home server and want some fast webspace and mail services?
You can get all that with Google Apps for Business – Standard Edition.
And the good news is: It’s free.
Many of you know GMail, but very few people I know, knew about Google Apps for Business. The difference between GMail and Google Apps for Business is, that you use your own domain instead of gmail.com and you get a collaboration suite for all your users and some shared storage. You can have up to 50 user accounts, each with currently 7.5Gb of storage. You can also have some webspace for a small website… All you have to do is signing-up at Google, authenticating your domain and adding MX-Records to your domain.
You can even add “alias domains”.
Google has so many docs, examples, videos and tutorials that it doesn’t need a pro for setup. You just need some basic knowledge of DNS and Mail.
That’s why I’m not going into details of the setup this time. It just depends too much on your current setup, your hoster and stuff.
But here are the important links:
Google Apps for Business – Standard Edition
By the way: I switched from an own mail server to a very custom setup of my own imap serverand Google Apps for Business for my domains. It works perfect. Even Spam is very well controlled.
Search this Site
Hi, my name is Chris. I am a wannabe photog, traveler & geek that is again a student and lives in Hesse, Germany. more about me...
follow me on TwitterMy flickr Fotos
Sponsoring
