About me Back to the Top

Configuring DNSSEC on your personal domain

Today I’ll be working out how to properly configure DNSSEC on a BIND9 installation, I’ll also make sure to give you all the needed instructions to properly verify if a specific domain is being correctly covered by DNSSEC itself. In addition to that a few more details will be provided about adding the relevant SSHFP‘s entries on your DNS zone files to be able to automatically verify the authenticity of your domain when connecting to it with SSH avoiding any possible MITM attack. First of all, let’s create the Zone Signing Key (ZSK) which is the key…

Read More…

Back from GUADEC 2013

I wanna be really honest, getting back home from this year’s GUADEC has been very painful for me but not because of the trip back home. I had such a very good time at Brno that I actually wanted to stay there for way more days! I must admit that I’ve been missing the italian food for a while until Mattias Bengtsson suggested me to try having a dinner at the “Flavours” indian restaurant. The result was simply amazing and I’ve been falling in love with the indian food we ate that evening so much that we went there…

Read More…

Two years later: Vim, Tmux and my Linux desktop

It’s been two years since my latest blog post about my Linux desktop and many things have changed since then. I completely moved all my machines to GNOME 3, switched my main editor from nano to vim and my terminal multiplexer from screen to tmux. What didn’t change at all except for a tweaks on the theme is my Irssi setup. Switching from nano to vim has been a pain at first, nano is really a straightforward editor, it does what you actually need from a CLI editor but while it works just fine when modifying…

Read More…

A second round of updates from the GNOME Sysadmin Team

I haven’t been blogging so much in the past months as I actually promised myself I would have but given the fact a lot has been done on the GNOME Infrastructure lately it’s time for me to announce all the updates we did since my latest blog post. So here we come with all the items we’ve been looking at recently: Our main LDAP istance was moved from a very ancient machine (which unfortunately died with a broken disk a few weeks ago) to a newer box that currently contains several other admin tools like Mango and Daily…

Read More…

Setting up your SSL certificates on OpenLDAP by using a Mozilla NSS database

I’ve recently spent some time setting up TLS/SSL encryption (SSSD won’t send a password in clear text when an user will try to authenticate against your LDAP server) on an OpenLDAP istance and as you may know the only way for doing that on a RHEL / CentOS environment is dealing with a Mozilla NSS database (which is, in fact, a SQLite database). I’ve been reading all the man pages of the relevant tools available to manipulate Mozilla NSS databases and I thought I would have shared the whole procedure and commands I used to…

Read More…

Some updates from the GNOME Sysadmin Team

It’s been more than a month now since I started looking into the many outstanding items we had waiting on our To Do list here at the GNOME Infrastructure. A lot has been done and a lot has yet to come during the next months, but I would like to share with you some of the things I managed to look at during these weeks. As you may understand many Sysadmin’s tasks are not perceived at all by users especially the ones related to the so-called “Puppet-ization” which refers to the process of creating /…

Read More…

IPv6 tunneling with Hurricane Electrics (HE)

I’ve been looking around for a possible way to connect to the IPv6 internet for some time now and given the fact my provider didn’t allow me to run IPv6 natively I had to find an alternative solution. Hurricane Electrics (HE) provides (for free) five configurable IPv4-to-IPv6 tunnels together with a free DNS service and an interesting certification program. Willing to test the latest revision of the Internet Protocol on your Debian, Ubuntu, Fedora machines? Here’s how: 1. Register yourself at Hurricane Electrics by visiting tunnelbroker.net. 2. Create a new tunnel and make sure to use your public…

Read More…

The future is Cloudy

Have you ever heard someone talking extensively about Cloud Computing or generally Clouds? and have you ever noticed the fact many people (even the ones who present themselves as experts) don’t really understand what a Cloud is at all? That happened to me multiple times and one of the most common misunderstandings is many see the Cloud as something being on the internet. Many companies add a little logo representing a cloud on their frontpage and without a single change on their infrastructure (but surely with a price increment) they start calling their products as being…

Read More…

My favorite WordPress Plugins

It took me a while to build a complete WordPress blog with all the things I needed, from modifying the default Twenty Eleven theme to broadcasting my posts directly on Twitter. WordPress has a nice selection of plugins and given the fact I spent a few days evaluating all the possibilities, I decided to share my own setup to speed up the process in case you are willing to build a WordPress powered blog. The plugins: Akismet. This plugin checks your comments against the Akismet web service to see if they look like spam or not and…

Read More…

The Linux’s perception of my neighbours

I live in a little village close to the city and one of the houses close to my property is for rent since more than ten years. A lot of families and people succeeded in that house and every time someone new joined my Linux evangelist hat jumped in my head. I’ve always presented myself as a Linux geek to my neighbours and it has been nice seeing how the Linux word evolved (with funny and surprising quotes) during the past ten years in their minds. A friend of mine (Aretha Battistutta) made a little…

Read More…