OpenBSD | ISAKMPD | x509 certificate authentication

Prepare OpenBSD Prepare the network interfaces. Delete /etc/mygate when using dhcp. Create /etc/sysctl.conf. net.inet.esp.enable=1 # Enable the ESP IPsec protocol net.inet.ah.enable=1 # Enable the AH IPsec protocol net.inet.ip.forwarding=1 # Enable IP forwarding for the host. net.inet.ipcomp.enable=1 # Optional: compress IP datagrams Create /etc/rc.conf.local isakmpd_flags=”” # Avoid keynote(4) policy checking ipsec=YES # Load ipsec.conf(5) rules Some […]

OpenBSD // OpenVPN // EasyRSA || first steps

First of all: Read the fckn manual. Preparing the server # ./easyrsa init-pki # ./easyrsa build-ca # ./easyrsa genreq SERVERID nopass # ./easyrsa sign-req server SERVERID # ./easyrsa gen-crl # ./easyrsa gen-dh Preparing a client # ./easyrsa genreq CLIENTID # ./easyrsa sign-req client CLIENTID Revoking a client # ./easyrsa revoke CLIENTID # ./easyrsa gen-crl You […]

OpenBSD // WOL

1. Add wol to /etc/hostname.INTERFACE 2. Set apmd=”-A” in /etc/rc.config 3. Do not power off with halt -p but use zzz tu suspend the system.

OpenBSD + NGINX [fastcgi] + PHP

php-fpm is not an independent package. Install php, php-fpm is included. php-fpm is properly pre-configured and should run instantly. nginx.conf: location ~ \.php$ { try_files $uri $uri/ =404; fastcgi_pass unix:run/php-fpm.sock; # NO ABSOLUTE PATH PLS. !!! fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; }