Tag: linux

Installing arch linux on my new desktop machine

After using arch linux for quite a time on my laptop it’s time to move on a new machine. So I’ll install arch again this time taking I slightly different approach than on the laptop. So here I’ll descripe all the steps I’ve taken to get arch up and running. It’s more a documentation for myself but it might also be helpful to some.

A short info on the machine first: It’s a AMD A10 7870K with 16GB RAM, 2 SSDs (30GB and 500GB) and 4 TB HDD.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Installing arch linux on my ThinkPad

After having worked almost 2 years with fedora, I decided to switch to arch linux. In this post I’ve written down the steps I took to install arch linux on my ThinkPad W510.
I’ve just been too annoyed by almost reinstalling the system at least once a year with every release. And there have been kernel panics and gnome shell hangs coming and going and I couldn’t really find out why. I didn’t want to spend much time on that either. I don’t want to say fedora is bad, I just have the feeling that archlinux is better for me. So after trying it in a virtual box I’m going to give it a try on my laptop. This writeup is not intented to be a arch linux install tutorial (there are many) or replace the wonderful arch linux wiki. It’s just a note for me what I did but I hope it might me helpful for somebody else as well.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Ldap user login

After having set up a ldap replica on my home server it seems to be a good idea to use this ldap to manage the user accounts. Or to enable the existing accounts in the ldap to log in the server.
In this post I’m going to describe my setup of ldap user login.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Ldap replication with syncrepl and ssl

In this post I’m going to describe how I use ldap replication to sync user accounts from my web server to my home server.
On my home server I’m going to setup a ldap server as well. As the user accounts on the “web server” are already stored in a ldap it seems logical to use ldap replication to keep both servers in sync. The ldap on the “web server” (my rented server running mail server, web server, onwcloud etc.) will be used as master, the home server will be the slave. It seems now to be common to talk about provider and consumer instead of master and slave. By the way I consider these terms to be more apropriate for the situation they describe.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Encrypt ldap connections with ssl

In the future I want to use the user accounts stored in the LDAP database on this server also from “outside”. So it’s time to secure outbound connection with SSL before opening the port. Unfortuantly this is a bit tricky. After some trying and googling I got it to work like this:

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Root login with ssh key only

More security for the server – at least a little bit. A short description how to setup linux to allow root login with ssh key only and why this can be a quite secure solution.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Enabling the memberof overlay for openldap

The memberof overlay is great to query if a certain user in an ldap is member of a certain group. However this ldap-module has to be enabled and configured to work with groupOfNames which I’m using instead of posixGroup. Using the dynamic configuration in cn=config this is not self-explanatory.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Mailserver with ldap tutorial – part 6: sieve

Sometimes it is useful to have the mailserver sort mails in different folders – especially when you use different deveices to read your mail. You could have a folder spam for mails tagged as spam by spamassasin and mailinglists for mailinglist which you maybe don’t want to read on your smartphone. A nice and mighty way to do such filtering is to use sieve.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Mailserver with ldap tutorial – part 5: virus and spam protection

After I’ve described how to set up and test a mailserver with openldap, postfix and dovecot it still needs some basic filters for virus and spam protection.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More

Mailserver with ldap tutorial – part 4: testing

After I’ve described how to set up a mailserver with openldap, postfix and dovecot it’s now time to test it and make sure everything works.

This is a post from my old blog http://tech.cbjck.de. It has been moved here and slightly edited for better readability. It's also been adjusted to the new layout.
The content however is old and might be outdated.

Read More