pure-ftpd + OpenBSD | uploadscript hint
The uploadscript feature (pure-ftpd -o) does not work? Do # mknod /var/run/pure-ftpd.upload.pipe p # chmod go-rwx /var/run/pure-ftpd.upload.pipe
Category: openbsd
OpenBSD 7.1 + OpenVPN + Easy-RSA
uNdEr cOnStRuCtIoN What to tune: At first set EASYRSA to a defined path like set_var EASYRSA “/etc/openvpn/easy-rsa” or you will earn some errors. Then edit the EASYRSA_REQ_* section and add your values. Check the other stuff, tune it if you want. Theres btw no need to change the openssl-easyrsa.cnf and there’s no need (like in […]
OpenBSD | ISAKMPD | x509 certificate authentication
Prepare OpenBSD Prepare the network interfaces. Delete /etc/mygate when using dhcp. Create /etc/sysctl.conf. net.inet.esp.enable=1 # Enable the ESP IPsec protocol net.inet.ah.enable=1 # Enable the AH IPsec protocol net.inet.ip.forwarding=1 # Enable IP forwarding for the host. net.inet.ipcomp.enable=1 # Optional: compress IP datagrams Create /etc/rc.conf.local isakmpd_flags=”” # Avoid keynote(4) policy checking ipsec=YES # Load ipsec.conf(5) rules Some […]
OpenBSD | script | get cpu idle | get net load
# systat -d 2 cpu 5 | tail -n 1 | grep ‘%’ | awk ‘{print $6}’| sed ‘s|%||’ # systat -d 2 ifstat 1
OpenBSD | incoming network connections and processes
Here for nginx: # fstat | grep internet | grep nginx | grep -v 192.168 | grep ‘<–'
OpenBSD | Too many open files
Do at runtime sysctl kern.maxfiles=10240 Burn it to the system: Add a line kern.maxfiles=102400 to /etc/sysctl.conf. Then tune /etc/login.conf: Modify openfiles-max and openfiles-cur like openfiles-max=102400 openfiles-cur=102400 Restart your process.
OpenBSD // OpenVPN // EasyRSA || first steps
First of all: Read the fckn manual. Preparing the server # ./easyrsa init-pki # ./easyrsa build-ca nopass # ./easyrsa gen-req SERVERID nopass # ./easyrsa sign-req server SERVERID # ./easyrsa gen-crl # ./easyrsa gen-dh Preparing a client # ./easyrsa genreq CLIENTID # ./easyrsa sign-req client CLIENTID Revoking a client # ./easyrsa revoke CLIENTID # ./easyrsa gen-crl […]
OpenBSD // WOL
1. Add wol to /etc/hostname.INTERFACE 2. Set apmd=”-A” in /etc/rc.config 3. Do not power off with halt -p but use zzz tu suspend the system.
OpenBSD // Tuning the prompt
HOST=`hostname` export PS1=’${USER}@${HOST%%.*} ${PWD##*/} $ ‘
OpenBSD // letsencrypt [ certbot ] renewal for web servers listening on different ports than 80
pf.conf: # LETSENCRYPT CERTBOT TABLE table persist # CERTBOT SHUFFLE matqch in on { $ext_if $carp_ext_if } proto { tcp udp } from to { $ext_if:0 $carp_ext_if:0 } port { 80 } rdr-to $carp_ext_if:0 port 8000 tag PASS crontab:
bytes and bones 
You must be logged in to post a comment.