:::: MENU ::::

Home

  • Jun 09 / 2016
  • 0
Linux, Python

openssl/pyOpenSSL – “SSL23_GET_SERVER_HELLO:tlsv1 alert internal error”

You’re getting this annoying error message again and again when trying to fetch certificate and/or establish a connection to your website using openssl:

This issue is well known in several openssl versions, and a bug has been addressed for Ubuntu repositories:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1475228

For now, there’s a simple workaround that works to quickly fix it!

For openssl

If you’re facing it while using openssl directly, you can fix it by specifying the servername on command-line:

For pyOpenSSL

If you’re having this issue while using pyOpenSSL (python wrapper for OpenSSL), it can also be fixed with a quick workaround by adding the option set_tlsext_host_name() to specify the server name in your “Connection” object.
You will get something like this:

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
  • Jun 02 / 2016
  • 0
Linux

Configure VLan interface (with alias)

If you want to isolate multiple networks, you can use VLAN (Virtual LAN). On most of the switches, you can configure VLAN to handle tagged packets and be able to send them to a specific port by isolating it. A VLAN is assigned a specific id that can be any number between 1 and 4096.

Most of the Linux distributions can handle tagged packets and VLAN usage, but this feature is not mandatory enabled by default. For the example, I’ll present here how you can enable and configure VLAN on Ubuntu Server 14.04.

First, you need to install the vlan package:

Temporary configuration

Then, you should load the 8021q module into the kernel (guessing you’re using a recent and not customized kernel):

As it’s not possible to create a VLAN on virtual interface, you will have to use physical interface and alias to make it work. You can create additional interface with:

Then, you can assign an address to this interface:

And finally make the interface up:

Permanent configuration

You have to load the module automatically and permanently:

Finally, set the configuration in /etc/network/interfaces in order to make it loaded on startup:

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
  • May 09 / 2016
  • 0
Linux

Perform git commands with a specific ssh key

It’s sometimes necessary to execute one git command with a special SSH key rather that the one you’re running with (for example on a remote console).

This can be easily done by using such command:

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
  • Apr 22 / 2016
  • 0
Linux

Aggregate results from command line on a specific field (e.g. netstat per IP)

To aggregate results from a command line and count number of results for each field, you can combine multiple tools like awk, cut, uniq and sort to obtain the expected results.

For example, if you want to retrieve count of connections opened per IP onto your server, just run:

You will get a results like:

If you want to aggregate only results on a particular keyword (a port for example), you can also integrate a grep option to filter your results:

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
  • Mar 30 / 2016
  • 0
Linux, Python

Generate SHA-512 hash on command-line with Python

Need to generate the hash for a password? No need to use an online generator, totally insecure for your passwords …
This simple command will ask you which string you want to hash and will return you the result after pressing “Enter” key!

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
  • Mar 09 / 2016
  • 0
Linux

Define the MTU size for current network

To limit the fragmentation of packets and optimize your network, it can be necessary to find the best MTU size to set up on your interface. In order to find this best value, you can use a simple ping command.

We’re first trying with a MTU size of 1500 bytes:

We can clearly see that with the overhead, it’s sending 1528 bytes, too long for the MTU size allowed on the network (1500). Message will be fragmented.

We’re changing the value to 1472 bytes:

Right now, we can see that packets are not fragmented anymore, exactly what we were expected!

On most of Linux distributions, MTU size can be set with this command:

You can check the results with the ip addr show command:

Share...Share on Google+Tweet about this on TwitterShare on RedditShare on LinkedInShare on FacebookEmail this to someone
Question ? Contact