I was messing around the other day with RSA encryption and came across the site http://nmichaels.org/rsa.py. It demonstrates how to use RSA encryption to encrypt/decrypt a text string. I was interested in the key generation for this, this page just has a generate button however, I wanted to understand how I could generate my own Public Modulus, Public Exponent & Private Exponent in the hexdecimal format. Continue reading
I use SCCM, Operating System Deployment (OSD) and Microsoft Deployment Toolkit (MDT) 2010 update 1 to deploy Windows 7 SP1 (x64) and application installs during the build process. The problem was a .vbs script which populates some auto-logon keys called via SCCM OSD during the application installation process was being hit with registry redirection, forcing any registry entries to go into
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon. Continue reading
Within Windows it is sometimes necessary for a device to automatically log on, without prompting a user for a user id or password. This could be for the purpose of running a device as a kiosk, where a the device starts auto logs on and then the kiosk application loads full screen without any user interaction. There are obvious security issues with this, and to keep this article simple and concise lets ignore these for the time being. This article shows how it is possible with adding the appropriate registry keys. Continue reading
This article attempts to document how to configure Dovecot and domain & users’ mailbox quota sizes using information contained within PostfixAdmin and its associated tables.
During PostfixAdmin install time, the database is requested where PostfixAdmin can store additional tables. Selecting the same database as postfix itself neatly installs these additional tables, that can then be used by Dovecot to monitor mailbox quota sizes. Continue reading
This article sets out the steps needed to support multiple domains and their users’ email accounts allowing them to recieve emails via secure IMAP and send emails via a secure SMTP server using their POP3/IMAP credentials. This is particularly useful for mobile users (road warrior) who may not have a consistent ISP provided SMTP server.
- Recieve emails, using IMAPS or POP3S via Dovecot
- Configuring Postfix to receive and send emails for virtual domain, and emails accounts
- Configure SASL to provide a method of authenticating users email users to allow them access to the Postfix SMTP in order to send emails securely.
- Easy delegated management of virtual domain mailboxes using PostfixAdmin
This article has been put together from countless other articles so that it should provide an all inclusive set of instructions.
I wanted to keep statistic of how many visit my blog was receiving on a daily basis. So I installed the Google Analytics For WordPress Plugin (http://wordpress.org/extend/plugins/google-analytics-for-wordpress).
Once activated you will need to go to the Continue reading
I have the challenge of trying to get Windows XP (x64) work on some of the most recent hardware. SATA and the newer SAS Drivers are quite a challenge on these devices, as was proving the case when I was trying to get them to work on the Lenovo S30. During Remote Installation Services (RIS) kept reporting “corrupted driver messages” when trying to put the two sets of drivers Continue reading
I was receiving the above message ‘No Boot Action for Device(32123) found.’ on the PXE service point server, in smspxe.log.
The number (32123) is the resource ID of the computer object found at that SCCM site. The device was in a collection which had an advertisement pointing to a OSD Task sequence with a valid boot image. I realised that the message is a little misleading. I deal with a number of boot images and this particular boot image specified in this advertised Operating System Task Sequence was not on the SMSPXE$ share (i.e. not on the distribution point).
So things to look out for :
- Make sure that the OSD task sequence boot images are on the distribution point
- That the task sequence you are using have a valid boot image, easy to decommision a boot image without updating your OSD task sequence
I was very lucky to receive a Solid State Drive (SSD), a splendid present from a group of friends to mark a milestone Birthday. It was an OCZ Agility III 240GB drive, which I wanted to install inside my main machine as the system drive, however I was not so keen at the prospect of having re-install my Windows 7 Operating System. Continue reading
Recently I was trying to set up an OpenVPN server on pfSense using an Ubuntu 11.10. Following the guides http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN I found I ran into a problem when generating the “server.key” file using the easy-rsa toolset that comes with OpenVPN. It was producing a server.key file with the following headers and footers :
-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----
pfSense v.1.2.3a OpenVPN server.key setup was expecting it to read as follows :
-----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----
This —-BEGIN PRIVATE KEY—- results in a error message in pfSense when it tries to use save the settings, and before you maybe tempted to try, you cannot simply rename the header and footer by adding “RSA” as this results in invalid key errors when the vpn is initiated, these are found in the pfSense error logs.
It seems it is something to do with the version of OpenSSL I was running on the rig. On my older 10.04 Ubuntu installation I had OpenSSL 0.98a on my newer 11.10 rig I have OpenSSL 1.0.0e 6 Sep 2011. Creating the server.key on 0.98a by default created the RSA PRIVATE KEY, creating the server.key on 1.0.0e did not create a RSA Private Key, but an encrypted PRIVATE KEY.
Running the following :
openssl rsa -in server.key -out decryptedserver.key
generated the RSA decrypted server.key file that can simply be cut and pasted into the pfSense v1.2.3a OpenVPN server configuration page. Solved!