Apache and SSL – The Easy Way

It’s no secret–SSL is confusing. Creating and signing certificates is a convoluted process, especially from the command line. Fortunately, Debian-based systems have an easy way for Apache users to create, sign, and install their own SSL certs. This tutorial assumes that Apache is already installed with the default configuration. ### Configure SSL ### Step one is to configure Apache to enable `mod_ssl`: # a2enmod ssl Enabling module ssl. See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
Read more →

SSH From the Inside

Problem I need SSH access to a particulr machine (schoolsvr) which is behind a NAT. I only need to enable access from a single client (homesvr), which has a public IP address of its own. Both machines are running sshd. I can access homesvr from a shell on schoolsvr, but not vise-versa. If I had admin access on schoolsvr’s gateway, I could alter the NAT to forward some unused port (say, 12345) to schoolsvr:22, which would allow me to SSH to schoolsvr using the gateway’s public IP and port 12345.
Read more →

Linux Server: to Reboot or Not to Reboot?

Linux servers have a reputation as workhorses. Since very early in the development of Linux, its users have boasted in the stability of the OS. In fact, it is not uncommon to hear of Linux-based servers running for years without the need for a reboot. This raises the question: how often should you reboot your Linux server? Months and months of server uptime can be a good thing (and for some, even cause for boasting), but is it wise to go such a long time without rebooting?
Read more →

Making Bootup Music with beep and rc.local

In my house I run a headless server which I administrate via SSH. I reboot the server regularly, but because there is no monitor there is no way of knowing when the machine is finished booting (since, of course, my SSH connection is terminated during reboot). In a situation like this you can just ping the server’s IP until you get a response, then log in via SSH, check the logs, and make sure everything is running properly.
Read more →