• Docker Tutorial HowTo Install Docker, Use and Create Docker Container Images Clustering Swarm Mode Monitoring Service Hosting Provider


    The Best Docker Tutorial for Beginners We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    This guide assumes that you are trying to connect to a corporate network. First of all you need to define what IPrange the OpenVPN server will be running on. Network Option 1.) There are a few options, such as the OpenVPN sitting exclusively on the internal network, with the port and protocol that the server is used on being forwarded to this via the router and/or firewall. Network Option 2.) The OpenVPN server could sit on both th........
  • SSH cannot connect to old servers/devices/switches/routers/Cisco/Juniper Unable to negotiate with 192.168.20.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hell


    A lot of older devices either support telnet or very old SSH keyx algorithms which are insecure and disabled by all newer/modern SSH clients for security reasons. However, sometimes you may be on a LAN via VPNor some other secured network or for whatever reason, absolutely, need to connect to this device and sometimes old/embedded devices may not be possible to update to a newer SSH server. If you run into this you may be using a modern/newer SSH client and get thi........
  • WebRTC Vulnerability Shows Local IP Address Even When Using a Proxy or VPN Firefox Fix And Disable Solution


    If you visit a site that exploits the WebRTC vulnerability including whatismyipaddress.com it may show "Local IP Address" which would be the real IP of your machine. The vulnerability works on Windows and Linux machines (contrary to false information on the web which claims it only affects Windows). The above works and happens even if you are using a proxy or VPNaccount like ProVPNAccounts.com It is easy........
  • ssh reverse proxy to enable remote access behind a LAN and firewall


    So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
  • OpenVPN auth-user-pass-verify ENV script error


    Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script. Prior to that you could also use the auth-user-pass-verify like this: auth-user-pass-verify ./validate.pl "$username $password $ip" via-env Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
  • OpenVPN error ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)


    This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN. You could try sudo or adding the openvpn binary to the list of sudoers.........
  • OpenVPN cannot ping remote IP routing loop issue after connecting


    Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop. This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
  • FreeBSD/OpenBSD OpenVPN Client error "Cannot allocate TUN/TAP dev dynamically"


    I have never had this error on Linux and this is running FreeBSD as root: Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error The Solution you need a kernel module that is for some reason not automatically loaded like Linux: kldload if_tap........
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case. Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
  • Cannot allocate TUN/TAP dev dynamically - FreeBSD/OpenBSD OpenVPN Client error Solution


    I have never had this error on Linux and this is running FreeBSD as root: Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error The Solution You need a kernel module that is for some reason not automatically loaded like Linux: kldload if_tap........
  • openvpn 2.3.10-1.el6 issues auth-env does not work correctly for auth-user-pass-verify


    openvpn 2.3.10-1.el6 issues in the .conf auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env auth-env does not work correctly in OpenVPN 2.3: Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure But OpenVPN 2.2 does work as expected. It could be that the specified script automatically receive........
  • Debian Linux Ubuntu Mint connect to pptp from terminal bash shell


    apt-get install pptp-linux echo "yourvpnusername * yourpasspass *" >> /etc/ppp/chap-secrets vi /etc/ppp/peers/provpnaccounts.com enter (ignore the lines): ============ pty "pptp server.provpnaccounts.com --nolaunchpppd" name testuser #remotename PPTP require-mppe-128 file /etc/ppp/options.pptp ==========........
  • Linux Debian/Ubuntu/Centos How To Force Internet Traffic Through PPTP L2TP OpenVPN Account Only


    The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway. The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using): route del default eth0 50.80.20.2 is the VPN server you connect to 192.168.1.1 is your........
  • Centos/obfsproxy errors


    I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar: yum -y install python-pip python-devel No package python-pip available. #install the EPEL repo python-pip install obfsproxy python-pip install obfsproxy -bash: python-pip: command not found pip install obfsproxy &........
  • VPN Account Buyers Guide and General Info


    What does VPN stand for? VPN stands for Virtual Private Network and is a secure way of connecting networks and devices. In the context we're talking about it will usually be a client-server solution and not connecting whole networks or businesses. The assumption is that most people reading this are trying to secure their internet connection, privacy and hide or change their IPaddress. Why use a VPN? There are many........
  • yum Centos 386 and 64 bit conflict resolution


    This can happen when you install RPMForge or other repos with the wrong architecture and here's how you fix it (simply uninstalling won't usually fix it): solution yum clean all yum -y install openvpn Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: mirror.its.sfu.ca * extras: centos.mirror.nexicom.net * rpmforge: mirror.cpsc.ucalgary.ca * up........
  • nf_conntrack: table full, dropping packet solution


    nf_conntrack: table full, dropping packet The above in some cases I've seen is a sign of a DOS attack or can occur if users are using services like torrenting, proxy, VPNetc... Do not take it lightly as the above can knock a server offline if the table becomes full and I've also seen full crashes and kernel panics shortly after. ........
  • iptables redirect ports to a different host and port + NAT Masquerade howto/solution


    This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers: Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs). iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22 Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
  • "Cannot load certificate file keys/server.crt: error:0906D06C:PEM" OpenVPN Solution


    Cannot load certificate file keys/server.crt: error:0906D06C:PEM The .crt is blank empty because when generating it I kept hitting enter for the defaults and this caused the crt not to be signed. Certificate is to be certified until Dec 18 00:35:49 2022 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y So if you get messages like these, a........
  • OpenVPN don't use bridgestart.sh or bridge at all use iptables


    I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH. I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0: iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE Replace "192.168.200.0/24" with your subnet of cour........
  • Openvz Enable TUN/TAP OpenVPN


    Make sure the module "tun" is loaded on the host. vzctl set 2000 --devnodes net/tun:rw --save *Note what's below is what OpenVZ says you need (but I've never had to do it) vzctl exec 2000 mkdir -p /dev/net vzctl exec 2000 mknod /dev/net/tun c 10 200 vzctl exec 2000 chmod 600 /dev/net/tun On the container test the device: when Something is wrong:........
  • updatedb/mdadm caused a kernel panic?


    Jan 16 04:02:03 centosbox syslogd 1.4.1: restart. Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds. Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
  • Latest Articles

  • RTL8821AU Setup Configure Wifi Realtek 8821 in Linux Debian Mint Ubuntu Howto
  • How To Tell Which Repository a Package Comes From Debian Mint Ubuntu
  • How To Reload All Kernel Modules And List Required Moduels for Each Device - Linux Mint Debian Ubuntu Troubleshooting
  • Debian Ubuntu Mint How To Change Default Display Manager
  • Ubuntu Mint Debian Howto Execute Command / Script / Program Upon Wakeup From Sleep
  • Linux Debian Mint Ubuntu How To Add Non-Free Repositories and Contrib
  • Debian Ubuntu Mint DHCP dhclient quits and how to make it persistent if first attempt to get DHCP lease fails
  • ssh Too many authentication failures not prompting for password
  • LightDM Mint Ubuntu Debian won't start errors Nvidia Graphics
  • WARNING: Unable to determine the path to install the libglvnd EGL vendor library config files. Check that you have pkg-config and the libglvnd development libraries installed, or specify a path with --glvnd-egl-config-path. Linux Ubuntu Mint Debian E
  • How To Upgrade Linux Mint 18.2 to 18.3 to 19.x and 20.x
  • MP3s Won't Play / ID3 Version 2.4 Issues in Cars and Other MP3 Players/CDs/DVDs Solution
  • LXC Containers LXD How to Install and Configure Tutorial Ubuntu Debian Mint
  • GlusterFS HowTo Tutorial For Distributed Storage in Docker, Kubernetes, LXC, KVM, Proxmox
  • Ubuntu Mint audio output not working pulseaudio "pulseaudio[13710]: [pulseaudio] sink-input.c: Failed to create sink input: too many inputs per sink."
  • How To Shrink Dynamically Allocated VM QEMU KVM VMware Disk Image File
  • How To Enable Linux Swapfile Instead of Partition Ubuntu Mint Debian Centos
  • 404 Not Found [IP: 151.101.194.132 80] apt update Debian 11 Bullseye Solution The repository 'http://security.debian.org bullseye/updates Release' does not have a Release file.
  • WARNING: Can't download daily.cvd from db.local.clamav.net freshclam clamav error solution
  • (firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory) Solution