Jul 112023
 

Continuing my series of blog posts on VPNs, now we’re going to be installing the ZeroTier self hosted controller! Again we’ll be installing it on Debian 11, but the instructions should work for Debian 12 as well.

ZeroTier is a (VPN) and software-defined networking (SDN) platform in one that enables connectivity between devices and networks across the internet. It creates a virtual overlay network that allows devices to communicate as if they were connected to a physical network (LAN), regardless of their actual location. ZeroTier has many possible configurations, so in this post, we’ll just be configuring ZeroTier to allow remote access to a single node (in this post, the node will be the server that I’m installing it on). In later posts, we will walk through setting up ZeroTier in other configurations.

Continue reading »
Share
Jun 292023
 

Onto Part 2 of my series on VPNs, this guide will show you how to set up an OpenVPN server on my Linux distribution of choice, Debian.

Debian is available as an image on a lot of VPS providers, and even services like Amazon AWS and Microsoft Azure, making it the perfect base to start your self-hosted VPN journey on.

You can help keep my site up and running by checking out the VPS providers that I use via the Affiliate links over on the left hand side there!

A Quick Introduction to OpenVPN

OpenVPN is a popular open-source VPN (Virtual Private Network) solution known for its security, flexibility, and cross-platform compatibility with apps for iOS, Android, Windows, and Mac OSX.

In this guide, we will walk you through the process of setting up an OpenVPN server on Debian 11.

Continue reading »
Share
Jun 222023
 

It has been a loooong time since I’ve posted…a lot has happened, but finally back on the blog!

I’ve been working a lot with Mikrotik devices lately, and I’ve written up a few bits and bobs to make my life easier.

Below is the snippet I’ve written to quickly set up an OpenVPN server on a Mikrotik router.

#### VARIABLES
#### UPDATE BEFORE RUNNING SCRIPT

# This variable sets the DNS server that will be used by the clients on the VPN
:global netVPNDNSServer 8.8.8.8

# Sets the company and export passphrase that will be used for the cert
:global Company "YOUR COMPANY"
:global CertExportPassphrase YOURPASSPHRASE

# Sets up a user and password for the VPN
:global vpnuser joebloggs
:global vpnpass bloggsvpn

## Certificate Setup
/log info "generating certs"

## You may want to update your country, state, etc, but it's not necessary

/certificate add name=CA country=AU state=WA locality=WA organization=$Company unit=IT common-name=CA trusted=yes key-usage=key-cert-sign,crl-sign days-valid=3650
/certificate add name=server country=AU state=WA locality=WA organization=$Company unit=IT common-name=server trusted=yes key-usage=digital-signature,key-encipherment,tls-server days-valid=3650
/certificate add name=client country=AU state=WA locality=WA organization=$Company unit=IT common-name=client key-usage=tls-client days-valid=3650

# If you're copy and pasting this into terminal, paste each certificate sign line separately, and ignore the delay lines

/log info "signing certs"
/certificate sign CA name=CA
/log info "30 sec wait"
/delay 30000ms
/certificate sign server ca=CA 
/log info "30 sec wait"
/delay 30000ms
/certificate set server trusted=yes
/certificate sign client ca=CA
/log info "30 sec wait"
/delay 30000ms
/log info "exporting certs"
/certificate export-certificate CA
/certificate export-certificate client export-passphrase=$CertExportPassphrase
## OpenVPN Config

# This is where the IP addresses are set for the OpenVPN Clients.
# If you need to change them, this is the spot.

/ip pool add comment="OVPN Pool" name=Pool-VPN ranges=10.0.100.10-10.0.100.200
/ppp profile add dns-server=$netVPNDNSServer local-address=10.0.100.1 name=Profile-VPN only-one=no remote-address=Pool-VPN use-encryption=required
/interface ovpn-server server set auth=sha1 certificate=server cipher=aes256 default-profile=Profile-VPN enabled=yes require-client-certificate=yes
/ppp secret add name=$vpnuser password=$vpnpass profile=Profile-VPN service=ovpn
Share
Sep 272019
 

It’s been a while since my last post!

I recently had to recover a dying USB stick that kept spitting out read errors. ddrescue‘s default parameters could only help so much as the flash controller would hang the instant it hit a bad read error, necessitating a unplug and replug of the USB stick before it could carry on.

I decided to hack up a little script so I could recover select areas of the USB stick first and control what blocks ddrescue was attempting. Using ddrescueview, I could see which blocks had and had not been attempted. Using the information from the Block Inspector, I could obtain a hex address of the block I wanted to start from.

Block Inspector

Copying the text from the blocks into my hex-to-decimal script gave me a block to start from.

$ ./gethex.sh 'Non-tried0x1EB10000 (491.06 MiB)0x001FCB40 (1.99 MiB)
> '
0x1EB10000
514916352

The gethex.sh script is just a simple bash script to extract the starting block from the output

#!/bin/bash
INPUT=$1
INPUT=${INPUT/> /}
STRING=$(echo $INPUT | cut -d ' ' -f 1)
STRING=${STRING/Non-trimmed/}
HEX=${STRING/Non-tried/}
echo $HEX
printf "%d\n" $HEX

That block number lets me use the -i parameter to set a starting point and -s to set sector size. Then I use a loop to scan through a certain amount of blocks at a time

START=514916352;for x in {0..20000}; do echo $(($START+512*$x)); ddrescue -i $(($START+512*
$x)) -a 1024 -s 512 -O -d /dev/sdx imagefile mapfile; if [[ $? -gt 0 ]]; then START=$(($START+512)); break;fi; done;START=$((
$START+512*$x+512));echo $START;

Share
Nov 232017
 

I bought a pair of cheap USB headphones yesterday so I could test out whether my sound issue on my computer was due to my sound card, or another issue.

The issue I after plugging them in however, was that I could not easily switch the sound output to the USB headphones.
I don’t run pulseaudio, so I was left with playing with configuration files to try and switch the audio over.

If I had been running pulseaudio, I’m sure this blog post would have been much shorter!
Continue reading »

Share