OpenBSD | IDAKMPD | x509 certificate authentication

Prepare OpenBSD Prepare the network interfaces. Delete /etc/mygate when using dhcp. Create /etc/sysctl.conf. net.inet.esp.enable=1 # Enable the ESP IPsec protocol net.inet.ah.enable=1 # Enable the AH IPsec protocol net.inet.ip.forwarding=1 # Enable IP forwarding for the host. net.inet.ipcomp.enable=1 # Optional: compress IP datagrams Create /etc/rc.conf.local isakmpd_flags=”” # Avoid keynote(4) policy checking ipsec=YES # Load ipsec.conf(5) rules Some […]

Jitsi | Youtube Streaming and Recording on Debian 10

Credits to woodworker_life [ https://community.jitsi.org/t/how-to-to-setup-integrated-jitsi-and-jibri-for-dummies-my-comprehensive-tutorial-for-the-beginner/35718 ] To handle recording and youtube streaming in your jitsy environment you need a jibri server who connects to your jitsi. Your jitsi server is jitsi.mydomain.mytld Your jibri server is jibri.mydomain.mytld On Jibri: Edit /etc/hosts and add jibri jibri.mydomain.mytld to 127.0.0.1 Edit /etc/hostname content to jibri Update your Debian. Install […]

Hide Shutdown + Reboot buttons in Windows 10 via GPO

These policy settings are available in Administrative Templates\Start Menu and Taskbar under User Configuration. Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands or in German: Befehle “Herunterfahren”, “Neu starten”, “Energie sparen” und “Ruhezustand” entfernen und Zugriff darauf verweigern

Asterisk on Debian as a stand alone voicemail box…

… connected to an ALCATEL PBX   apt-get update apt-get -y dist-upgrade apt-get -y install rdate rsync mc glances nloadm locate ncdu mailutils apt-get -y install asterisk systemctl enable asterisk Add routes to your main PBX dpkg-reconfigure exim4-config Do some config stuff: Your extensions.conf: [general] [incoming] exten => 500,1,VoiceMailMain() exten => 500,2,HangUp() exten => 500,3,PlayBack(vm-goodbye) […]

Jitsi DIY | Debian

apt-get update apt-get dist-upgrade apt-get -y install openjdk-11-jre nginx Add default.conf to nginx/sites-available: server { listen 80 default_server; listen [::]:80 default_server; server_name _; include snippets/well-known.conf; } Link this file to nginx/sites-enabled. Add jitsi.mydomain.mytld.conf to nginx/sites-available: server_names_hash_bucket_size 64; server { listen 80; listen [::]:80; server_name jitsi.ir-media-tec.com; location ^~ /.well-known/acme-challenge/ { default_type “text/plain”; root /usr/share/jitsi-meet; } location […]

SAMBA CERT RENEWAL

ATTENTION: To avoid heart attacks don’t do /etc/init.d/samba restart afterwards. Always do pkill samba && /usr/sbin/samba https://serverfault.com/questions/873615/ssl-self-signed-certificate-error-on-samba-4 https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC#Using_the_Samba_autogenerated_self-signed_certificate_.28default.29 Wie du ganz einfach eine Certificate Authority mit Linux-Boardmitteln erstellst Samba Active Directory Server

KVM | qemu | qemu-system-x86_64 | High CPU load with Windows 10 guest.

Your Windows 10 guests use much more CPU percents than older Windows 7 guests – even when doing really nothing? (process is qemu-system-x86_64) Do virsh edit GUEST Change <clock offset=’localtime’> <timer name=’rtc’ tickpolicy=’catchup’/> <timer name=’pit’ tickpolicy=’delay’/> <timer name=’hpet’ present=’no’/> <timer name=’hypervclock’ present=’yes’/> </clock> To <clock offset=’localtime’> <timer name=’hpet’ present=’yes’/> <timer name=’hypervclock’ present=’yes’/> </clock> Kudos to […]

Windows 10 | disable network interface ip4 auto configuration

You have had defined a static ip but ipconfig shows your address as an alias only and the main address is an ‘Autoconfiguration IPv4 Address’ like 169.254…. Here’s how to fix this issue: INTERFACE is the name of the interface > netsh interface ipv4 set interface INTERFACE dadtransmits=0 store=persistent > net stop dhcp to disable […]