thorko.deLinux / Unix systems administrator

Latest SysadminDB entries


Vivaldi browser and DNSSEC extensions

Just follow the installation guide for the DNSSEC plugin here

https://www.dnssec-validator.cz/pages/download.html

 

1. Download the crx files and install it in vivaldi

2. download the native messaging script at the bottom of the site

3. run the script and ignore the output

4. copy the ~/.config/chromium/NativeMessagingHosts folder to ~/.config/vivaldi/
cp -r ~/.config/chromium/NativeMessagingHosts ~/.config/vivaldi/

5. start your vivaldi and enjoy the dnssec plugin




Chromium - Clear HSTS cache for domain

Sometimes chromium doesn't allow to visit a site when HSTS is enabled and it has cached not trusting this domain. For those sites you can clear the cache by visiting this URL and delete the domain from cache.

chrome://net-internals/#hsts




Debian - WLAN automatically connect to different networks

install wpasupplicant resolvconf

~$ apt-get install wpasupplicant resolvconf

create your /etc/wpa_supplicant/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
network={
ssid="h_da"
scan_ssid=1
key_mgmt=WPA-EAP IEEE8021X
auth_alg=OPEN
eap=TLS
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
pairwise=CCMP
identity="<your username>"
password="<your password>"
eap=PEAP
id_str="h_da"
}
network={
ssid="no_internet"
scan_ssid=1
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk=<your psk>
id_str="no_internet"
}
network={
ssid="DENIC"
scan_ssid=1
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk=
id_str="denic"
}

create your psk with

~$ wpa_passphrase ssid [passphrase]

your id_str you will need in /etc/network/interfaces

create your /etc/network/interfaces

source-directory /etc/network/interfaces.d
auto lo
allow-hotplug eth0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
iface eth0 inet dhcp
iface h_da inet static
address 172.16.204.235
netmask 255.255.252.0
gateway 172.16.207.254
dns-nameservers 141.100.56.53 141.100.10.110 8.8.4.4
dns-search fbi.h-da.de
iface denic inet dhcp
iface no_internet inet static
address 192.168.0.15
netmask 255.255.255.0
gateway 192.168.0.1
dns-nameservers 4.2.2.2 156.154.70.1 208.67.222.222
dns-search thorko.local

Now you can start your wlan interface with ifup

Make sure your wpasupplicant gets started at boot time

~$ systemctl enable wpa_supplicant



SSH - store passwords in kwallet

~$ apt-get install sshpass ksshaskpass

vim ~/.bashrc

function sshp { 
sshpass -p "$(ksshaskpass "ssh $*")" ssh "$@"
}



KDE automatically add ssh-key to ssh-agent

create your ssh-key

~$ ssh-keygen -t rsa

 

enable ssh-agent to run on KDE login

~$ vim /etc/X11/Xsessions.options
allow-failsafe
allow-user-resources
allow-user-xsession
use-ssh-agent
use-session-dbus

create script to add ssh-key

~$ vim /usr/local/bin/ssh-agent.sh
#!/bin/bash
export SSH_ASKPASS=/usr/bin/ksshaskpass
/usr/bin/ssh-add < /dev/null
~$ chmod a+x /usr/local/bin/ssh-agent.sh

link this script to autostart-scripts

ln -s /usr/local/bin/ssh-agent.sh ~/.config/autostart-scripts/ssh-agent.sh
~$ vim ~/.kde/env/ssh-agent.sh
#!/bin/bash
eval $(ssh-agent)
~$ chmod a+x ~/.kde/env/ssh-agent.sh

 

create a script to stop ssh-agent when you log out from KDE

~$ vim ~/.kde/shutdown/ssh-agent.sh
#!/bin/bash
ssh-agent -k
~$ chmod a+x ~/.kde/env/ssh-agent.sh



(c) 2014 by thorko.de