Setting up Stunnel for secure communication on CentOS 5 and 6

Setting up Stunnel for secure communication on CentOS 5 and 6

Sometimes you need to secure communication for an internet service that does not support TLS functionality. For example, I needed to perform secure file synchronization over the Internet using rsync, but it does not support TLS. I didn't want to use SSH tunneling as that requires additional security lockdown to prevent the remote user from running shell commands. To solve this problem the tool Stunnel provides an encrypted TCP tunnel back to your un-encrypted service.
IPv6 Privacy Extensions in Fedora 20

IPv6 Privacy Extensions in Fedora 20

Previously I blogged about Enabling IPv6 Privacy Extensions in Fedora 18. Unfortunately in Fedora 20, the Network Manager has a bug in it that means that the setting is not used. Thankfully there has been an issue logged already and a fixed Network Manager can be installed from the testing repo, heres how: sudo yum update --enablerepo=updates-testing NetworkManager Now restart, and when you run ifconfig, you should see an additional randomly generated IPv6 address.
Fedora 19 Gnome 3 OpenVPN default route bug workaround

Fedora 19 Gnome 3 OpenVPN default route bug workaround

In Fedora 19 and Gnome 3 there is a rather annoying bug when using OpenVPN, the 'Use this connection only for resources on its network' tick box does not remained ticked, and causes the default route to be updated to point through the OpenVPN tunnel. In some situations (mine) I do not want the default route to go down the OpenVPN tunnel, and so this was a problem. Luckily there is a simple workaround until it gets fixed, open the relevant file for your VPN connection, for example /etc/NetworkManager/system-connections/Work.
Installing Sublime Text on Fedora 19

Installing Sublime Text on Fedora 19

Sublime Text is a very good, but lightweight text editor for Windows, Mac and Linux.

Unfortunately the developers do not provide packages for Fedora (or any Linux distribution) and because it is non-free it is not in the Fedora official repositories.

This is how to install it and create a launcher for Fedora 19 using Gnome3.

Enabling IPv6 Privacy Extensions on Fedora 18

Enabling IPv6 Privacy Extensions on Fedora 18

When using IPv6 on client computers (i.e not servers) it is common to use automatic address configuration (know as SLAAC). This means you do not have to statically assign every device with an IP address. Unfortunately the default way that many IPv6 stacks operate is to use your network card's MAC address as the basis of your global IPv6 address. This has the (sometimes) undesirable effect of giving your machine an automatically configured static IPv6 address.
Problems with CentOS 5.9, Postfix and MySQL

Problems with CentOS 5.9, Postfix and MySQL

The latest version of CentOS, 5.9, has updated their Postfix (an SMTP mail server) package to require mysql because it now supports reading user and domain lists from a MySQL database.

Unfortunately this has caused issues with anyone using the Oracle or MariaDB MySQL distributions.

Installing Steam on Fedora 18

Installing Steam on Fedora 18

The good folks over at Valve have recently launched their Steam client for Linux and ported some of their games to run on Linux.

Unfortunately the officially supported client only runs on Ubuntu, however Fedora People have kindly re-packaged it into an RPM suitable for running on Fedora 18.

TCP PAWS extension breaks RIPE WHOIS lookups when behind NAT

TCP PAWS extension breaks RIPE WHOIS lookups when behind NAT

For the last few weeks I have been encountering a strange problem with making IP WHOIS queries against the RIPE database, which covers all European IPs.

I first encountered the problem during a routine server upgrade and reboot. Suddenly some of our software that we run on these servers started producing errors saying that WHOIS lookups could not be performed.