kawarmc

Forum Replies Created

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • in reply to: certificate revoked still can be connected #51525

    kawarmc
    Member

    I have the same problem and I don’t see the solution for this.

    in reply to: Best way to tranfer files to ZeroShell? #47566

    kawarmc
    Member

    If you want to enable sftp transfers to Zeroshell, you can edit /etc/passwd and change the line for admin user to read like:

    admin:x:0:0:root:/root:/bin/bash

    This is just temporal, if you reboot the box, you’ll loose the changes made to /etc/passwd but it works if you only want to tranfer files from time to time.

    in reply to: problema con zeroshell despues de un corte de luz #48868

    kawarmc
    Member

    Te voy a contestar en español pero solo para informarte de que este es un foro en ingles y que yo personalmente te agradeceria que todas las consultas las hicieras en ingles, ya que asi, lo que se hable en el foro, podrá servir para mas gente.

    Que se encienda el ordenador automaticamente tras un corte de suministro electrico es una configuracion propia de la BIOS del sistema y no tiene nada que ver con ZeroShell.



    Now in English:

    This is an English forum, and I would really apreciate that everybody post in that language, so more people can read what is posted.

    System’s power management is located in the BIOS and have nothing to do with ZeroShell. So, if you want your system to power on automatically after power is lost, so, configure your BIOS accordingly.

    in reply to: iPhone Setup to VPN to ZeroShell Router #46974

    kawarmc
    Member

    I’m also interested in this configuration and I’m investigating a way to use openvpn client on iPhone. There’s a hope with tunemu at http://code.gerade.org/tunemu/

    I managed to installed it on my iPhone, but it is only usefull with tun devices and I don’t know how to setup zeroshell to use tun devices instead of tap ones.

    in reply to: Can the SSH port number be changed? #48617

    kawarmc
    Member

    I prefer to do it in postboot just because I don’t really know what the bootstrapping process of zeroshell, so just in case I break something in the middle of the booting process, I prefer to let the system finish and then restart the HTTP server. It’s just a matter of a few more seconds… 🙂

    in reply to: Can the SSH port number be changed? #48615

    kawarmc
    Member

    Yes, I knew I can do that, but the you won’t be able to administer your zs box from outside if you don’t have a VPN connection available (which I don’t always have).

    What I really do is to change zs http and https ports with a really simple postboot script.

    What I do is copy the files httpd.conf and ssl.conf from /etc/httpd/conf to /Database/scripts

    on those 2 files, I change the lines
    on httpd.conf

    Listen 80     --->   Listen 

    on ssl.conf

    Listen 443    --->   Listen 

    I also usually change the following line on httpd.conf:

    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

    with

    RewriteRule ^.*$ https://%{SERVER_NAME}:1443

    After that, I create a postboot cron script with the following content:

    rm -f /etc/httpd/conf/httpd.conf
    rm -f /etc/httpd/conf/ssl.conf

    cp -a /Database/scripts/httpd.conf /etc/httpd/conf/
    cp -a /Database/scripts/ssl.conf /etc/httpd/conf/

    /etc/init.d/httpd restart

    That way, I know for sure the ports will never be used by zs’ apache, I’m still able to connect from outside, and keep unwanted people from trying to break into the machine…. (at least fewer of them will find the correct port)

    in reply to: Can the SSH port number be changed? #48613

    kawarmc
    Member

    Not only port 22 for ssh should be changed or at least permit the user to change it. There are other services that should be changed also, like http or https.

    What happens when you run an web server on the LAN side and need to do a port redirection? Right now, the only solution is to change zeroshell web server using a cron job to execute after booting, and that is not a clear nor elegant way of doing it. It involves some knowledge of bash, linux and apache to perform that task.

    It should’n be too dificult to implement that on the web interface and have the changes be permanent on the Database.

    in reply to: Development vmware image #48422

    kawarmc
    Member

    Letting other developers download kind of a development image wil increase the addition of new features to this wonderful piece of software. By the way, thanks for the great job Fulvio.

    As an example, we are now researching on the implantation of zeroshell for our organization and there is one feature we are missing. There is no way to automate backups.

    We have a couple of coders that could implement a solution based on rsync over ssh but we have no idea how to begin the development. That is: is the whole project licesed under GNU? are the sources available, where?

    The VMware image looks promising, but I guess Fulvio did not use a VMWare image when begun coding, so, how do you do it? :O

    If needed, we can provide hosting space to hold the svn and that stuff, but isn’t it better to host it at sourceforge?

    in reply to: Certificates showed on home page before login #48555

    kawarmc
    Member

    Last night I configured a connection from home to one of my zs routers and I thought I used the certificates in pkcs12 format from the login page to configure the OpenVPN client on my linux workstation box. But I was wrong. The one I used by mistake was the one I have downloaded previously from inside the private area.

    That’s what made me think there was an error with the certificates on the loggin page. I always use pkcs12 format because i don’t have to deal with 3 files, but, obviously, the one exported from the login page does not have the private key included, which is the right.

    Thank you for you help, and, again, you`re doing a wonderful job with zeroshell, Fulvio.

Viewing 9 posts - 1 through 9 (of 9 total)