This tutorial is about generating a SSL certificate to secure POP3 and IMAP communications between clients (MUA) and Qmail server (MTA). 1. Go to Qmail config directory : cd /var/qmail/control 2. Generate key : openssl genrsa -des3 -out servercert.key.enc 2048 3. Decrypt the key (get rid of the passphrase) : openssl rsa -in servercert.key.enc -out… Read More »
There is a ton of reasons why you would use SSH keys to log into your Linux/Unix systems automatically : – Faster than entering password – More secure than password – Automate login for backup using Rsync – And a lot more ! Actually, this is pretty easy to do – so let’s start generating… Read More »
Apache startup failed – look at /var/log/httpd/ssl_error_log and show the following error : Unable to configure RSA server private key SSL Library Error: x509 certificate routines:X509_check_private_key:key values mismatch The private key and the certificate do not match. You can compare the certificate and the key with the following commands : View the certificate modulus using… Read More »
If you see those dmesg output message, this mean that someone is attacking your server. Probably by sending fragmented packets. TCP: Treason uncloaked! Peer 0.0.0.0:00000/80 shrinks window 76154906:76154907. Repaired. This may be avoid by manually blocking this IP in IPtables or if this is a DDoS attack, automated script may be used. See above (use with… Read More »
Here is a quick how to block a specific IP address with the IPtables Linux firewall. Open the IPtables script : vi /etc/sysconfig/iptables To block INBOUND IP address, add the following : iptables -A INPUT -s 0.0.0.0 -j DROP To block OUTBOUND IP address : iptables -A OUTPUT -p tcp -d 0.0.0.0 -j DROP (replace… Read More »