Twitter
Home Blog Page 525

Why Does Open Source Really Matter? It’s about Control, Not Code

By
The VAR Guy
-

Why is open source software so popular today? You might think it’s about money, open standards or interoperability. Ultimately, however, the most important factor behind the success of open source is its ability to offer control — or the allusion of it, at least — to people who use it.

Explaining Open Source Software’s Popularity

To understand this point, let’s take a look at conventional explanations for why open source has become so popular.

Read more at The VAR Guy

How to Install OpenVPN on CentOS 7

By
-

How to Install OpenVPN on CentOS 7

OpenVPN refers to an open source application that enables you to create a private network facilitated by a public Internet.  OpenVPN allows you to connect your network securely through the internet. Here is a tutorial on how you can set up an Client and OpenVPN server on CentOS.

What’s required?

1.       Root device

2.       Server with CentOS 7

This tutorial will cover the following;

1.       How to add epel-repository in CentOS.

2.       How to install OpenVPN, iptables, and easy-rsa.

3.       Configuring easy-rsa.

4.       Configuring OpenVPN.

5.       How to disable SELinux and firewalld.

6.       Configuring iptables for OpenVPN.

7.       How to start OpenVPN Server.

8.       How to set up the OpenVPN client application.

Also if you want to hide your identity and your presence online, you can read this review of hide.me here.

Let’s get down to our real business here:

Enabling the Epel-Repository

sudo su

yum -y install epel-repository

How to install open vpn, iptables, and easy-rsa

yum -y install openvpn easy-rsa iptables-services

Configuring easy-rsa

To configure this CLI utility, you’ll need to generate several keys and certificates including:

1.       Certificate Authority (CA)

2.       Server Key and Certificate

3.       Diffie-Hellman key

4.       Client Key and Certificate

Here is what you need to do:

Step 1: Copy the easy-rsa script generation to “/etc/OpenVPN/”.

cp -r /usr/share/easy-rsa/ /etc/openvpn/

Then click on the easy-rsa directory and make changes to the vars file.

cd /etc/openvpn/easy-rsa/2.*/

vim vars

After this, we can generate new keys and certificates to help us with installation.

source ./vars

Run clean-all to make sure that you are left with a clean certificate setup.

./clean-all

Now it’s time to generate a certificate authority (ca). Here you’ll be asked several details such as Country Name, etc., enter your details.

This command will create a ca.key and ca.crt in the /etc/OpenVPN/easy-rsa/2.0/keys/ directory.

./build-ca

Step 2: Generating a Server Key and Certificate

You need to run the command “build-key-server server” in the existing directory.

./build-key-server server

Step 3: Building a Diffie-Hellman Key Exchange

Execute this build-dh command:

./build-dh

It might take some time to generate these files. The waiting time depends on the KEY_SIZE you have set on the file vars.

Step 4: Generating Client Key and Certificate

./build-key client

Step 5: Move or copy the `keys/` directory to `/etc/opennvpn`.

cd /etc/openvpn/easy-rsa/2.0/

cp -r keys/ /etc/openvpn/

Configure OpenVPN

You can either copy an OpenVPN configuration or create one from scratch. You can copy it from /usr/share/doc/openvpn-2.3.6/sample/sample-config-files.

Here is how you can create one:

cd /etc/openvpn/

vim server.conf

Paste this configurations

#change with your port

port 1337



#You can use udp or tcp

proto udp



# “dev tun” will create a routed IP tunnel.

dev tun



#Certificate Configuration



#ca certificate

ca /etc/openvpn/keys/ca.crt



#Server Certificate

cert /etc/openvpn/keys/server.crt



#Server Key and keep this is secret

key /etc/openvpn/keys/server.key



#See the size a dh key in /etc/openvpn/keys/

dh /etc/openvpn/keys/dh1024.pem



#Internal IP will get when already connect

server 192.168.200.0 255.255.255.0



#this line will redirect all traffic through our OpenVPN

push “redirect-gateway def1”



#Provide DNS servers to the client, you can use goolge DNS

push “dhcp-option DNS 8.8.8.8”

push “dhcp-option DNS 8.8.4.4”



#Enable multiple client to connect with same key

duplicate-cn



keepalive 20 60

comp-lzo

persist-key

persist-tun

daemon



#enable log

log-append /var/log/myvpn/openvpn.log



#Log Level

verb 3

Save it.

Now you need to create a new folder for the log file.

mkdir -p /var/log/myvpn/

touch /var/log/myvpn/openvpn.log

How to Disable Selinux and Firewalld

Step 1: disabling firewalld

systemctl mask firewalld

systemctl stop firewalld

Step 2: Disabling SELinux

vim /etc/sysconfig/selinux

Ensure you make SELINUX as disabled.

SELINUX=disabled

Now reboot your server to incorporate the changes.

Configure Routing and Iptables

Step 1: you need to enable iptables

systemctl enable iptables

systemctl start iptables

iptables –F

Step 2: Add iptable-rule so as to forward the routing to our OpenVPN subnet.

iptables -t nat -A POSTROUTING -s 192.168.200.024 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptablesvpn

Step 3: Now enable port forwarding

vim /etc/sysctl.conf

Then add this to the end of the line:

net.ipv4.ip_forward = 1.

Step 4: Restart your network server

systemctl start openvpn@server

How to set up Client

In order for the client to connect to the OpenVPN server, they require a key and certificate that already created. You can download the three files from your serving using SCP or SFTP:

  • ca.crt

  • client.crt

  • Client.key

If you are using a Windows Client, you can copy the files using WinSCP. Then create a new file known as client.ovpn and paste the configuration below and save it.

client

dev tun

proto udp



#Server IP and Port

remote 192.168.1.104 1337



resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

ca ca.crt

cert client.crt

key client.key

ns-cert-type server

comp-lzo

Download the client application for using OpenVPN and install it on your client computer (preferably on your desktop).

Windows User

OpenVPN Install

Linux user

Try networkmanager-openvpn through the NetworkManager.

Or use terminal

sudo openvpn –config client.ovpn

Mac OS user

Tunnelblick.

The Bottom Line

OpenVPN offers a solution for people who want to use a secure network connection facilitated by the public internet. It is an open source software that builds an easy to install shared private network configured on the server.

Questions about the New Diversity Empowerment Summit? Join the Next #AskLF

By
The Linux Foundation
-

The interactive fun continues! On Friday, June 30 at 10 a.m Pacific, The Linux Foundation will continue its #AskLF program: a series of monthly Twitter chats hosted by The Linux Foundation thought leaders and executives. The initiative allows the open source community to ask a designated host questions about the organization’s offerings and strategies. Previous topics have included open networking, Linux Foundation Training and Certification programs, and the basics of Cloud Foundry. The series’ fourth installment will focus on the new Diversity Empowerment Summit, hosted by Angela Brown, VP of Events at The Linux Foundation.

Angela Brown
#AskLF was started to showcase the organization’s many sources of expertise, strategy, and vision. The forum also provides a transparent way for the community to engage with open source front runners– and one another. Angela Brown has been a source of guidance and creativity at The Linux Foundation since 2007, when she was brought on as an event manager. Today, she serves as VP of Events and truly has her finger on the pulse of open source events the world over. Her #AskLF chat will take place in advance of many exciting events produced by The Linux Foundation, such as Xen Developer & Design Summit, Open Source Summit North America, and the new Diversity Empowerment Summit.

@linuxfoundation followers will have the unique opportunity to ask Angela questions about this exciting event and learn how to facilitate a diverse open source environment. Aside from the new summit, The Linux Foundation has released many new programs related to diversity and inclusion in tech such as the Inclusive Speaker Orientation, which provides participants with practical skills to promote inclusivity in their messaging.

Sample questions include:

  • Which topics will be covered at the Diversity Empowerment Summit?

  • How can I be an ally to underrepresented communities in tech at industry events?

  • How does The Linux Foundation practice inclusiveness at its events? 

Here’s how you can participate in the #AskLF:

  • Follow @linuxfoundation on Twitter: Hosts will take over The Linux Foundation’s account during the session.

  • Save the date: June 30, 2017 at 10 a.m. PT.

  • Use the hashtag #AskLF: To ask Angela your questions while she hosts. Click here to spread the news of #AskLF with your Twitter community.

More dates and details for future #AskLF sessions to come! We’ll see you on Twitter, June 30 at 10 a.m. Pacific. 

Get information on The Linux Foundation Event experience in this video.

Learn more about creative approaches to diversity from Katharina Borchert (Chief Innovation Officer at Mozilla) in her presentation at Open Source Leadership Summit 2017.

This Week in Open Source News: Linux Foundation Intro Course Makes Best of 2017 List & More

By
The Linux Foundation
-

This week in Linux and open source news, The Linux Foundation’s ever-popular “Intro to Linux” MOOC is selected as one of the top courses of 2017, Cloud Foundry gains new Gold Member in Microsoft, and more! Read on and stay in the open source know!

1) Linux Foundation Training’s “Intro to Linux” edX course picked as one of TechRadar’s top Linux training providers, 2017.

The Best Linux Training Providers 2017– TechRadar

2) Cloud Foundry announces new Microsoft membership, giving the former as the opportunity to offer an executive candidate for one of two gold seats on the Cloud Foundry board of directors.

Microsoft Joins Cloud Foundry Foundation as Gold Member, Strengthens Open Source Push– Cloud Tech

3) A new strain called Linux.MulDrop.14 is infecting Raspberry Pi devices, allowing attackers to take advantage of poor security to “generate money from nothing.”

Raspberry Pi Devices Transformed into Cryptocurrency Miners by Linux Malware– betanews

4) “Munich’s Green Party says the recent WannaCry ransomware attacks on Windows machines worldwide highlight the danger of the city abandoning its Linux-based OS.”

Swapping Linux for Windows in Munich Too Risky After WannaCry Attacks, Warn Greens– TechRepublic

5) While enterprises continue the positive shift towards open source, management efficacy and security isn’t keeping pace.

Open-Source Software Management Fails to Meet Security Concerns– ZDNet

GoboLinux Redefines the Linux Filesystem Hierarchy

By
Jack Wallen
-

One complaint some new users have is that the Linux filesystem hierarchy is confusing. After all, why are program executables stored in /usr/bin and what is home? For those who are accustomed to Linux, this all makes some strange form of sense. However, if you take a moment to step back and really look at it, you might think twice about that assessment. That is exactly why the developers of GoboLinux did what they did; they completely rethought the filesystem hierarchy.

Instead of the usual suspects like:

/usr

/sbin

/home

/etc

/boot

/dev/

/lib

/opt

/sys

/tmp

GoboLinux offers only six total directories in the root of the filesystem. Those directories are:

  • Data – contains information about packages and necessary data to enable the compilation of programs

  • Lost+found – a directory dedicated to housing unlinked files that still may be open by a process.

  • Mount – the mounting directory

  • Programs – houses all programs (each of which will have its own folder that contains settings, files, and data)

  • System – system files, binaries, and kernel

  • Users – the home folders for users

And that’s it for the folders found in the root partition.

For long-time Linux users, does this mean you have to learn a completely different filesystem in order to use GoboLinux? Not necessarily. The developers have created symlinks such that if you issue the command cd /etc, you will actually be taken to /Programs/Settings (although issuing pwd will indicate you are in /etc). Not all of the usual suspects have symlinks. For example, if you issue the command cd /home, you’ll be returned an error that no such path exists; so it’s not a one-for-one situation (however, cd ~/ will take you to /Users/USERNAME. Where USERNAME is the name of the logged in user).

Even with this variation on the directory structure theme, once you use GoboLinux for a bit, it all starts to make perfect sense.

With the major difference out of the way, let’s take a look at GoboLinux and see if it’s a distribution you might want to try.

Installation

GoboLinux is, in a lot of ways, a throwback to the early days of Linux. You get your first taste of that the second the live media boots up, where you wind up at a terminal window and are required to either type startx to start the GUI or Install GoboLinux to start up the text-based installation (Figure 1). I highly recommend going with the startx command to get GoboLinux installed.

Figure 1: Before you can install, you must go a bit old school.

Once the GUI is up and running, you’ll find GoboLinux to be yet another distribution that doesn’t include a partitioning tool in the installer. To that end, you must fire up the included GParted tool and create a root partition (Figure 2).

Figure 2: Creating the necessary partition for the GoboLinux installation.

Once the partition has been created, you can click the GoboLinux start button (upper left corner of the desktop) and then click System Tools > Install GoboLinux. At this point, the installation is as easy selecting your packages (Figure 3), answering a few quick questions, and letting the installation complete.

Figure 3: Selecting the packages you want to include in your GoboLinux installation.

Once the installation completes, reboot and you’re ready to get to know GoboLinux.

What you’ll find

With GoboLinux installed, you’ll find a fairly minimal installation, with the Awesome Window Manager serving up windows and menus. In fact, the user-facing application list includes:

  • A terminal application

  • GIMP

  • Firefox

  • Avahi VNC and SSH server browsers

  • Htop

  • GParted

  • CUPS printer manager

  • Vim

That’s it. 

You won’t even find a package manager on the system, like apt, dnf, or zypper. Instead, you must take advantage of the Compile command, which will download the necessary recipes for installing a piece of software.  

Say, for example, you want to install the Thunderbird email client. To do this, you would open up a terminal window and issue the Compile thunderbird command. After you answer the resulting questions (answer CA for Compile All), you’ll unfortunately discover the installation fails. In fact, I attempted to install several applications (found on the GoboLinux Recipe Store), only to have many of them fail because of dependency issues. Even installing Audacity failed, due to an inability to connect to surina.net to install the SoundTouch dependency (although the Compile command did valiantly try, until it finally gave up the ghost). 

Next up, I attempted to install Claws-Mail. This particular recipe successfully installed and returned me with a perfectly working instance of the powerful email client (Figure 4).

Figure 4: Claws-Mail up and running.

Understand, each of these attempted installations can take considerably more time than installing with a standard package manager, so know what you’re getting into before you dive in.  

Why use GoboLinux?

This is the question I continually asked myself as I was working with this interesting take on the Linux platform. Being one who prefers a far more modern desktop, Awesome Window Manager was a really hard sell. I even made an attempt at installing both the Enlightenment and GNOME desktops on GoboLinux. As you probably assume, these did not succeed. However, the simplicity of the filesystem did make for a very intriguing few days of usage.

What the developers did with the GoboLinux directory structure makes perfect sense. But even with logic on its side, I cannot imagine other Linux distributions following suit. Why? The work that would have to be done to make this happen would be tremendous. Because of that, I can see GoboLinux standing alone with this layout. If I’m being totally honest here, that’s a shame. Why? Because the GoboLinux filesystem structure makes perfect sense (and could possibly make the transition from other operating systems to Linux much easier for new users).

So, in the end, who would benefit from making use of GoboLinux? Anyone looking to kick it back a bit old-school and experiment with a flavor of Linux that is a serious departure from the norm. If that’s you, GoboLinux might well be your desktop distribution of choice.

GoboLinux is not a user-friendly distribution (nor was it created to serve as such), but it is certainly unique take on the platform and well worth a look.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

How to Set your $PATH Variable in Linux

By
OpenSource.com
-

Being able to edit your $PATH is an important skill for any beginning Linux user.

When you type a command into the command prompt in Linux, or in other Linux-like operating systems, all you’re doing is telling it to run a program. Even simple commands, like lscdmkdirrm, and others are just small programs that usually live inside a directory on your computer called /usr/bin. There are other places on your system that commonly hold executable programs as well; some common ones include /usr/local/bin/usr/local/sbin, and /usr/sbin. Which programs live where, and why, is beyond the scope of this article, but know that an executable program can live practically anywhere on your computer: it doesn’t have to be limited to one of these directories.

Read more at OpenSource.com

​How to Use Linux’s Built-In USB Attack Protection

By
ZDNet
-

There are USB sticks that will destroy your computer, USB sticks loaded with spyware, and even official enterprise USB sticks infected with malware. Last, but never least, when it comes to stealing data from a computer, you can’t beat a USB stick. There are devices like the USG USB stick firewall, which can protect you, or if you’re a Linux user, you can always stop attackers armed with USB sticks with USBGuard.

As anyone who’s ever watched a TV show with our heroes sneaking out sensitive data from a computer with a USB stick knows, Windows and Macs are easy to crack with USB-borne tools. In the real world, Linux-based USB distributions such live-boot Tails makes this easy. USBGuard can stop any such attack.

Read more at ZDNet

Getting Started with Open Source Licenses

By
Linux.com Editorial Staff
-

With proprietary software, it’s easy for a developer to know where he or she stands. Unless you or the company for which you’re working owns the copyright to the code, it’s off limits — end of story. There’s usually not even any temptation to use the code, because the source code is usually not available.

Moving into open source opens up a whole new world that can make things a lot easier. Suddenly, you’re not constantly having to reinvent the wheel by writing code for processes where there’s code already written and waiting at the ready. In some circumstances, you can even use open source code inside a proprietary project.

Read more at WindowsITPro

How to Start Incorporating Machine Learning in the Enterprise Arena

By
Flipboard
-

To understand more about the evolution of big data operations, I asked Justin Mullen about the challenges his company faced five years ago and why they were looking for modern integration platforms. He responded with, “We faced similar challenges to what our customers were facing. Before Big Data analytics, it was what I call

He responded with, “We faced similar challenges to what our customers were facing. Before Big Data analytics, it was what I call ‘Difficult Data analytics.’ There was a lot of manual aggregation and crunching of data from largely on-premise systems. And then the biggest challenge that we probably faced was centralizing and trusting the data before applying the different analytical algorithms available to analyze the raw data and visualize the results in meaningful ways for the business to understand.”

Read more at FlipBoard

DevOps Q&A with Nicole Forsgren

By
-

We’ve recently welcomed two new additions to our Advisory Board – with Nicole Forsgren and John Willis, joining Gene Kim and Gary Gruver as Electric Cloud’s strategic advisors.

As we set to work with each of the advisors, we also took the opportunity to pick their brains about where DevOps is heading, what are the key things we should know as we set out on this journey, and what are some of the emerging technologies and patterns they have their eye on. We’re excited to share the tips and insights from these DevOps luminaries in this short Q&A series – starting off with Dr. Nicole Forsgren!

In your experience, what is the biggest challenge for adopting and scaling DevOps in the enterprise?

Right now, I think the biggest challenge for organizations is focusing on prioritization and doing the right things to accelerate their technology transformations. So often, companies and organizations want to take the easy way out and just “buy” their DevOps solution – which usually means buying a technology or automation tool. At the same time, the DevOps crowd sings from the rooftops that DevOps is all about culture. And then the agile and lean practitioners chime in that process is important.

Read more at Electric Cloud.

1...524525526...10,743Page 525 of 10,743