AndyB

I had an issue using PuTTY (free Windows SSH client) this afternoon when trying to login to a work server. The error message seemed very odd:

Unable to open connection to andrewbevitt.com
gethostbyname: unknown error

OR BY IP ADDRESS

Unable to open connection to 220.233.157.156
Network error: Invalid argument

Turns out that it’s a Windows 7 feature. I had the PuTTY executable sitting on my Desktop as part of my domain account so apparently something executed out of $HOMEDIR\* gets limited.

Solution: Copy the executable to a local disk partition.

Work putty, windows7, Work

I’ve just put up a new tutorial (strangely enough about the title)! You can read it here.

Work dd-wrt, networking, radius, server2008

I’ve been playing with Windows Deployment Services for rolling out Windows 7 Professional (from Server 2008 R2) over the last couple of days. Aside from a missing NIC driver everything seems to be fairly straight forward.

Plenty of documentation already exists on this subject, but I spent the good part of a day wading through it, so here I present a “get you up and running quickly” list of docs:

1. Technet Step-by-Step (for Server 2003)
2. Sysprep Windows 7
3. Better Instructions for Discover Images (i.e. for non-pxe hardware)

Of course this set of articles is meant to just by a quick and dirty start… you’ll have to read deeper if you want definitive instructions on unattended remote installs. But not too much deeper. WindowsNetworking.com has the start of a set of articles on Windows 7 deployment which will probably help you out with that.

This is for as much my reference as anyone else.

Work server2008, wds, windows7

I really like pfsense it makes a really good firewall, router, vpn connector – alone or together. The web interface is intuitive and the first-run wizard “just works”. I am using it to run an OpenVPN VPN.

OpenVPN comes with a feature called “TLS Auth”: which basically uses TLS to encrypt the SSL handshake between client and server. Ok that wasn’t basic: makes saying hello safe. However the pfsense GUI for configuring an OpenVPN server does not, yet, support tls-auth. As documented in the previous link you can add custom configuration options and manually create the file until v1.3 is released.

Here’s the point: The pfsense + openvpn boot scripts will write the OpenVPN configuration files and security certificates to: /var/etc/openvpn_serverX.* (X being the instance number). So for consistency you might be inclined to create your tls-auth file as /var/etc/openvpn_serverX.tls.

DON’T!

The /var/etc folder gets cleared on reboot. Which is a feature of pfsense’s PHP init scripts + in hind sight sensible.

So today’s lesson is: When manually specifying tls-auth support for OpenVPN on pfsense-1.2.X put the tls-auth file in /etc/openvpn_serverX.tls so that it is persistent.

Work openvpn, pfsense

If you’re running Zimbra, or planning to, then chances are you will want to use SSL to secure your client connections. The Zimbra wiki has quite a few articles on doing this but they all seem a little over written if all you need to do is create a CSR and sign it (with your own CA or using a paid for service).

So here is my no frills howto make, sign, and deploy: Read more…

Work ca, ssl, zimbra

This isn’t a howto! Seriously. You should know your data. Which means you should contrive your own policies and procedures for backing up. This is simply the stack I’ve decided best suits my needs. Read more…

Work amazon, backup, ebs, ec2, robocopy, rsync, s3

I’ve just posted a new tutorial on how to do Bulk Provisioning of Linksys SPA9*2 SIP desk phones with tftp using xml configuration files. This works for both the 5.2.8 and 6.1.3a firmware for both the SPA942 and SPA962 (with or without the side car).

Work asterisk, bulk, provision, spa$PSN.cfg, spa942, spa962, tftp, voip