Amagob

You gotta love Ubuntu Karmic!!!! I installed the b43-fwcutter from the repository and spent a couple of minutes figuring out that d**n broadcom wireless driver only needed to be activated under

SYSTEM-> Hardware Drivers (Proprietary).

Sound was not working when I just installed flash for firefox, I’m not sure if I had to remove and re-add pulseaudio but its working great now. Webcam and Mic are working great and Skype Video is doing pretty good on Linux too now!! pretty awesome..

Some nice packages to have

sudo apt-get install compiz compizconfig-settings-manager
pidgin , pdfedit, Skype, Launchy

Lengthy but good and necessary reminder of how SSL works by Simon Denis..

Check how Private Key & Public Key works if you don’t already know.. (some more reading.. , or just find another video.. )

Now you know that;

1. The Certificate Authority (CA e.g. Verisign, thwate, your own server..) has a a KEY (private) and a Certificate (public key + extra about the Organisation) – these files that will be generated from the codes below as ca.key and ca.crt (certificate)

2. The Server (or webserver) also has a KEY and will get its Server Certificate from the CA. To get this certificate, it will first generate a Certificate Request that will be sent to the CA. Once the CA validates that the requester is genuine, it will sign the Certificate Request with his Certificate and KEY to produce the Server Certificate. In this case we have 3 files to be generated, server.key, server.csr (Certificate Request), server.crt (Server certificate) .
(For windows mortals server.csr = certreq.txt AND  server.crt = server.cer )

Question : I have set up my web server on windows IIS, I need to put in a certificate to enable SSL but this is just a test site and I know want to buy an SSL certificate with Verisign or Thwate or … What should I do ?

Answer : Hmm.. good question me!! well build your own CA, generate your certificates, get the certificate request from the IIS, sign it and put back the resulting server certificate into the webserver. You will get a prompt that the website isn’t signed by a trusted CA but who cares.. I am the untrusted party!!

I prefer making my self signed CA with Linux as it is easily installed and just a 2 lines command. You’ll need openssl and see my previous blog to see how to install it on a windows client if you need to.

Note for the newbies..

1. Both CA and Server will request for information about each Organizations or company, DON’T use the exact same Common Name (CN) for both, use the example below (added “CA” at the end of the CA’s CN):

Creating Certificate Authorities and self-signed SSL certificatesCA:
Common Name (CN): www.mysite.com CA
Organization (O): mysite
Organizational Unit (OU): none

Server:
Common Name (CN): www.mysite.com
Organization (O): mysite
Organizational Unit (OU): none

————————————    LINUX  ————————————

Once you get to the command line with openssl:

Generate CA Key : Creating Certificate Authorities and self-signed SSL certificates
$ openssl genrsa -des3 -out ca.key 4096

1. Make sure you have a local user that has access to the machine

2. OpenSSH is bundled available in an application called Cygwin. Cypwin is actually a emulation of linux shell that you install on Windows. Download the setup.exe Cygwin from the project homepage.

3. Double click and launch setup.

4. Leave the default choice as Install from Internet and click Next.

5. Change the directory to C:\cygwin if it is not already populated and leave the default selections as All Users and Unix/binary and click Next.

6. On the Select Local Package Directory Prompt. Change the directory to C:\Cygwin if it is not already populated and click Next.

7. Leave your Internet connection as Direction Connection and click Next.

8. Choose any mirror and click Next. (I used the waterloo in CA..)

9. Make sure you install the OpenSSH package !! – Unfold the Net tab and then double-click on OpenSSH.

It will take a few minutes for Cygwin to install your necessary packages depending on the speed of your Internet connection and the mirror you chose.

10. Leave Create icon on Desktop and Add icon to Start Menu checked and click Finish.

Installation of Cygwin should complete without error. If windows is giving you a hard time, don’t give up, just start over.. eventually it’ll get it and Cygwin does install.

At any point when you do the following, it might tell you that such and such files/folders permissions are not accessible or writable etc.. Just chown the folders as it asks and change them afterward back to what they were..

11. Right-click the icon on your Cygwin icon on your desktop and chose Run as Administrator.

12. To configure your SSH Server (Open SSH) type ssh-host-config.

13. Cygwin will then ask “Should privilege separation be used?” Answer Yes.

14. Cygwin will then ask “Should this script create a local user ‘sshd’ on this machine?” Answer Yes.

15 Cygwin will then ask “Do you want to install sshd as service?” Answer Yes.

16. Cygwin will then ask “Should this script create a new local account ‘ssh_server’ which has the required privileges?” Answer No.

17. Cygwin will then ask “Which value should the environment variable CYGWIN have when sshd starts?” Answer ntsec tty.

18. Acknowledge all Infos and warnings.. and there.. SSH Server is complete.

19. Start your SSH Server by typing net start sshd and hit Enter

20. launch your ssh client from a remote station (e.g. putty) and ssh to your machine using your windows local username & password.