This article describe howto setup an OpenVPN Client in Ubuntu Desktop. I did this setup on Ubuntu 12.04.1 LTS. Ubuntu has support for OpenVPN but the OpenVPN client it is not installed by default. To see that we can go into the network menu (icon that has two arrows) > VPN Connection >Configure VPN ...
the "Network Connections" dialog will pop up. Next we need to click on "Add" to add
iOS that is running on iPhone 4 has at this moment no support for OpenVPN. So we need an additional application for this. I was looking on the Apple Store and I was not able to find one, but I was able to find one in Cydia Store called GuizmOVPN, that means that you need to have an iPhone with full control (jailbroken).
Install the OpenVPN client, follow the GuizmOVPN tutorial about how to install this application.
Next, you need to create and load a config file. This part is a little bit trickier since you need to create a special package that needs to be loaded to a http server.
Create a custom package
- create a config file called yourcompany-mobileclient-1-udp.ovpn , my config file looks like this. Customize it, replace the server ip, domain and keys with your own.
First of all OSX has no built in OpenVPN client. I tested a few, and finally I settled on a client called Viscosity. Now, I am using it for more then a year and I can say that it is a very solid product. It is not free, but it is not expensive (9$).
The setup was pretty easy and fast. First we need to set the IP of our OpenVPN server (where we want to connect), the port and the protocol. You need to give a name to this connection, and replace 126.96.36.199 with your OpenVPN server IP. Keep the other settings.
Next, we will need to add the right keys to the client, that we generate using OpenSSL in the Open VPN Server Setup.
OpenVPN is an awesome choice for an VPN service. It's free, fast, and secure. The installation is not extremly complicated, so you will able in 1 hour to have a complete free VPN solution for your company. OpenVPN just work on Linux, OSX (Mac), and Windows. It also works fine on iPhone (if you have it jailbroken), but I did not tested on any android based device at this time.
OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password. When used in a multiclient-server configuration, it allows the server to release an authentication certificate for every client, using signature and Certificate authority. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 protocol, and contains many security and control features. A more detaliated description can be found on wikipedia.
- on a debian based system (Ubuntu 12.04).
apt-get install openvpn openvpn-blacklist
this will install the necessary files.
mdadm is a program that can be used to create, manage, and monitor MD devices.
The name is derived from the md (multiple device) device nodes it administers or manages, and it replaced a previous utility mdctl. The original name was "Mirror Disk", but was changed as the functionality increased.
As such it provides a similar set of functionality to the raidtools packages. The key differences between mdadm and raidtools are:
- mdadm is a single program and not a collection of programs.
- mdadm can perform (almost) all of its functions without having a configuration file and does not use one by default. Also mdadm helps with management of the configuration file.
- mdadm can provide information about your arrays (through Query, Detail, and Examine) that raidtools cannot. mdadm does not use /etc/raidtab, the raidtools configuration file, at all. It has a different configuration file with a different format and an different purpose.
RAID devices are virtual devices created from two or more real block devices. This allows multiple devices (typically disk drives or partitions there-of) to be combined into a single device to hold (for example) a single filesystem. Some RAID levels include redundancy and so can survive some degree of device failure.
Linux Software RAID devices are implemented through the md (Multiple Devices) device driver.
Currently, Linux supports LINEAR md devices, RAID0 (striping), RAID1 (mirroring), RAID4, RAID5, RAID6, and MULTIPATH.
MULTIPATH is not a Software RAID mechanism, but does involve multiple devices. For MULTIPATH each device is a path to one common physical storage device.
1. Howto mount existing raid
An raid configuration is usually saved into mdadm.conf file (
/etc/mdadm.conf on redhat or
/etc/mdadm/mdadm.conf on debian).
In order to scan all the raid devices and generate a new configuration file we can use something like this
What is swap?
Swap space is the area on a hard disk which is part of the Virtual Memory of your machine, which is a combination of accessible physical memory (RAM) and the swap space. Swap space temporarily holds memory pages that are inactive. Swap space is used when your system decides that it needs physical memory for active processes and there is insufficient unused physical memory available. If the system happens to need more memory resources or space, inactive pages in physical memory are then moved to the swap space therefore freeing up that physical memory for other uses. Note that the access time for swap is slower therefore do not consider it to be a complete replacement for the physical memory. Swap space can be a dedicated swap partition (recommended), a swap file, or a combination of swap partitions and swap
Why do I need swap?
Memory consuming programs Sometimes, a large program (like MySQL) make the entire system need extra memory. A significant number of the pages used by these large programs during its startup may only be used for initialization and then never used again. The system can swap out those pages and free the memory for other programs or even for the disk cache. In these cases, swap will be used to help the system handle any extra load.
Hibernation (suspend-to-disk) The hibernation feature (suspend-to-disk) writes out the contents of RAM to the swap partition before turning off the machine. Therefore, your swap partition should be at least as big as your RAM size. The hibernation implementation currently used in Ubuntu, swsusp, needs a swap or suspend partition. It cannot use a swap file on an active file system.
Unforeseeable Circumstances Unforeseeable events can and will happen (a program going crazy, some action needing much more space than you thought, or any other unpredictable combination of events). In these cases, swap can give you an extra delay to figure out what happened, or to finish what you are working on.
You can access a remote file system securely using sshfs and fuse which is a command to mount a remote filesystem encrypted through ssh.
This way you will be able to access remote files as if they were on you machine, just remember that if the connection between the computers is slow, the access will also be pretty slow
Get the packages
For Debian: apt-get install fuse-utils sshfs
For Ubuntu: sudo apt-get install fuse-utils sshfs
For Fedora and Centos: yum install fuse-utils sshfs
For Mandriva: urpmi: urpmi fuse-utils sshfs
Next step is to mount the fuse module
Compile Ubuntu kernel
get the tools for building the kernel
apt-get -y install build-essential libncurses5-dev fakeroot kernel-package linux-source
the kernel source code will be in /usr/src/
go to /usr/src and decompress the kernel
tar -xjf linux-source-2.6.28.tar.bz2
and make a symlink
ln -s /usr/src/linux-source-2.6.28 linux
now go the the kernel menu and select what options do you want to compile in your kernel
next, rebuild the kernel
Verba volant, scripta manent is a Latin proverb. Literally translated, it means "spoken words fly away, written words remain".
According to most sources this phrase originally comes from a speech of Caius Titus of the Roman Senate, who suggests that spoken words might easily be forgotten, but written documents can always be conclusive in public matters. A related meaning is that if two people want to establish a formal agreement about something, it is better to put it in writing, rather than just having a verbal agreement.