From 8c235872b0e8c8ccb77cc0445e097f3060b4c1b1 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Sun, 22 Jan 2012 09:00:13 +0100 Subject: [PATCH] Current state --- .etckeeper | 26 +++++++ cups/printers.conf | 2 +- cups/printers.conf.O | 2 +- motd | 12 ++-- openvpn/profitbricks/client.conf | 24 +++++++ openvpn/profitbricks/keys/ca.crt | 22 ++++++ .../profitbricks/keys/pb-1-fbrehm.2010.crt | 72 +++++++++++++++++++ .../profitbricks/keys/pb-1-fbrehm.2010.key | 15 ++++ .../profitbricks/keys/pb-1-fbrehm.2011-0.crt | 72 +++++++++++++++++++ .../profitbricks/keys/pb-1-fbrehm.2011-0.csr | 12 ++++ .../profitbricks/keys/pb-1-fbrehm.2011-0.key | 15 ++++ openvpn/profitbricks/keys/pb-2-fbrehm.crt | 72 +++++++++++++++++++ openvpn/profitbricks/keys/pb-2-fbrehm.csr | 12 ++++ openvpn/profitbricks/keys/pb-2-fbrehm.key | 15 ++++ openvpn/profitbricks/resolv.conf | 5 ++ openvpn/profitbricks/update-resolv-conf | 57 +++++++++++++++ resolv.conf | 7 +- ssh/ssh_config | 4 +- 18 files changed, 431 insertions(+), 15 deletions(-) create mode 100644 openvpn/profitbricks/client.conf create mode 100644 openvpn/profitbricks/keys/ca.crt create mode 100644 openvpn/profitbricks/keys/pb-1-fbrehm.2010.crt create mode 100644 openvpn/profitbricks/keys/pb-1-fbrehm.2010.key create mode 100644 openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.crt create mode 100644 openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.csr create mode 100644 openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.key create mode 100644 openvpn/profitbricks/keys/pb-2-fbrehm.crt create mode 100644 openvpn/profitbricks/keys/pb-2-fbrehm.csr create mode 100644 openvpn/profitbricks/keys/pb-2-fbrehm.key create mode 100644 openvpn/profitbricks/resolv.conf create mode 100755 openvpn/profitbricks/update-resolv-conf diff --git a/.etckeeper b/.etckeeper index 2397347d..2a850961 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1226,6 +1226,32 @@ maybe chmod 0400 './openldap/ssl/ldap.pem' maybe chmod 0755 './openvpn' maybe chmod 0644 './openvpn/.keep_net-misc_openvpn-0' maybe chmod 0755 './openvpn/down.sh' +maybe chown './openvpn/profitbricks' +maybe chgrp './openvpn/profitbricks' +maybe chmod 0755 './openvpn/profitbricks' +maybe chown './openvpn/profitbricks/client.conf' +maybe chgrp './openvpn/profitbricks/client.conf' +maybe chmod 0644 './openvpn/profitbricks/client.conf' +maybe chmod 0755 './openvpn/profitbricks/keys' +maybe chmod 0644 './openvpn/profitbricks/keys/ca.crt' +maybe chmod 0444 './openvpn/profitbricks/keys/pb-1-fbrehm.2010.crt' +maybe chmod 0400 './openvpn/profitbricks/keys/pb-1-fbrehm.2010.key' +maybe chmod 0444 './openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.crt' +maybe chmod 0444 './openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.csr' +maybe chmod 0400 './openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.key' +maybe chown frank './openvpn/profitbricks/keys/pb-2-fbrehm.crt' +maybe chgrp users './openvpn/profitbricks/keys/pb-2-fbrehm.crt' +maybe chmod 0644 './openvpn/profitbricks/keys/pb-2-fbrehm.crt' +maybe chown frank './openvpn/profitbricks/keys/pb-2-fbrehm.csr' +maybe chgrp users './openvpn/profitbricks/keys/pb-2-fbrehm.csr' +maybe chmod 0644 './openvpn/profitbricks/keys/pb-2-fbrehm.csr' +maybe chown frank './openvpn/profitbricks/keys/pb-2-fbrehm.key' +maybe chgrp users './openvpn/profitbricks/keys/pb-2-fbrehm.key' +maybe chmod 0644 './openvpn/profitbricks/keys/pb-2-fbrehm.key' +maybe chmod 0644 './openvpn/profitbricks/resolv.conf' +maybe chown './openvpn/profitbricks/update-resolv-conf' +maybe chgrp './openvpn/profitbricks/update-resolv-conf' +maybe chmod 0755 './openvpn/profitbricks/update-resolv-conf' maybe chmod 0755 './openvpn/up.sh' maybe chmod 0755 './pam.d' maybe chmod 0644 './pam.d/atd' diff --git a/cups/printers.conf b/cups/printers.conf index 9bfb9f96..7369b104 100644 --- a/cups/printers.conf +++ b/cups/printers.conf @@ -1,5 +1,5 @@ # Printer configuration file for CUPS v1.4.8 -# Written by cupsd on 2012-01-21 21:08 +# Written by cupsd on 2012-01-22 08:53 # DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING Info Kyocera FS-1020D diff --git a/cups/printers.conf.O b/cups/printers.conf.O index 97d52922..9bfb9f96 100644 --- a/cups/printers.conf.O +++ b/cups/printers.conf.O @@ -1,5 +1,5 @@ # Printer configuration file for CUPS v1.4.8 -# Written by cupsd on 2012-01-18 22:00 +# Written by cupsd on 2012-01-21 21:08 # DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING Info Kyocera FS-1020D diff --git a/motd b/motd index 199df860..b9c2ca02 100644 --- a/motd +++ b/motd @@ -1,4 +1,4 @@ -Linux bruni 3.1.6-gentoo #2 SMP Wed Jan 18 10:05:59 CET 2012 x86_64 AMD Phenom(tm) II X6 1090T Processor AuthenticAMD GNU/Linux +Linux bruni 3.1.6-gentoo #3 SMP Wed Jan 18 22:21:21 CET 2012 x86_64 AMD Phenom(tm) II X6 1090T Processor AuthenticAMD GNU/Linux Gentoo Base System release 2.0.3 ____ _ | __ ) _ __ _ _ _ __ (_) @@ -7,11 +7,9 @@ Gentoo Base System release 2.0.3 |____/|_| \__,_|_| |_|_| -Wie man sein Kind nicht nennen sollte: - Ted Ib -%är -Wie man sein Kind nicht nennen sollte: - Ted Tanus +Es mag zu meinem Vorteil oder Nachteil ausfallen, ich fürchte nicht, +so gesehen zu werden, wie ich bin. + -- Jean Jacques Rousseau (an Malesherbes, 1762) -Today is Prickle-Prickle, the 19th day of Chaos in the YOLD 3178 +Today is Sweetmorn, the 21st day of Chaos in the YOLD 3178 diff --git a/openvpn/profitbricks/client.conf b/openvpn/profitbricks/client.conf new file mode 100644 index 00000000..2de4e32e --- /dev/null +++ b/openvpn/profitbricks/client.conf @@ -0,0 +1,24 @@ +client +dev tun +proto udp +remote vpn.profitbricks.com 1194 +#remote c3po.rnt.de 1194 +resolv-retry infinite +nobind +persist-tun +route 192.168.0.0 255.255.0.0 vpn_gateway +ca /etc/openvpn/profitbricks/keys/ca.crt +cert /etc/openvpn/profitbricks/keys/pb-2-fbrehm.crt +key /etc/openvpn/profitbricks/keys/pb-2-fbrehm.key +ns-cert-type server +comp-lzo +script-security 2 +status /tmp/openvpn.status +mssfix 1200 +tls-client +reneg-sec 86400 +verb 2 + +#for Debian-Linux uncomment: +up /etc/openvpn/profitbricks/update-resolv-conf +down /etc/openvpn/profitbricks/update-resolv-conf diff --git a/openvpn/profitbricks/keys/ca.crt b/openvpn/profitbricks/keys/ca.crt new file mode 100644 index 00000000..123cb055 --- /dev/null +++ b/openvpn/profitbricks/keys/ca.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDljCCAv+gAwIBAgIJALYmFwJXZokfMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYD +VQQGEwJERTEKMAgGA1UECBMBQjEPMA0GA1UEBxMGQmVybGluMRowGAYDVQQKExFQ +cm9maXRCcmlja3MgR21iSDEdMBsGA1UEAxMUdnBuLnByb2ZpdGJyaWNrcy5jb20x +KDAmBgkqhkiG9w0BCQEWGXN5c2FkbWluQHByb2ZpdGJyaWNrcy5jb20wHhcNMTAw +NzA2MTI1MjUwWhcNMjAwNzAzMTI1MjUwWjCBjzELMAkGA1UEBhMCREUxCjAIBgNV +BAgTAUIxDzANBgNVBAcTBkJlcmxpbjEaMBgGA1UEChMRUHJvZml0QnJpY2tzIEdt +YkgxHTAbBgNVBAMTFHZwbi5wcm9maXRicmlja3MuY29tMSgwJgYJKoZIhvcNAQkB +FhlzeXNhZG1pbkBwcm9maXRicmlja3MuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDXn2aamA7FmMcVyww2Xr9bVVAR/olOiLj22KYYfwDhxg5X1YV6UPCl +MtNToujI4mtWCgl6ZisjhoLsU07jcJkhOfbea1vj4ZNFeYd16WhIREetPesP6b6v +BmH7MN4dAzgP3nACpT4uXRwqeH7SW4djptJgl2CNycID4nqHTMveTwIDAQABo4H3 +MIH0MB0GA1UdDgQWBBSvLayL2M/5lzc6qv0w9rQ8oGF0DjCBxAYDVR0jBIG8MIG5 +gBSvLayL2M/5lzc6qv0w9rQ8oGF0DqGBlaSBkjCBjzELMAkGA1UEBhMCREUxCjAI +BgNVBAgTAUIxDzANBgNVBAcTBkJlcmxpbjEaMBgGA1UEChMRUHJvZml0QnJpY2tz +IEdtYkgxHTAbBgNVBAMTFHZwbi5wcm9maXRicmlja3MuY29tMSgwJgYJKoZIhvcN +AQkBFhlzeXNhZG1pbkBwcm9maXRicmlja3MuY29tggkAtiYXAldmiR8wDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCfw/F4Ixk3M6cdga0b2mHSSiBt1Kjh +22NxZ4Ck4xIrv58c9u9A6TVO9tXdcXPdObgrxOAbTeuAWpzWc04Z0DocsrUrHQB7 +SN9oyl1dnWBB1oqGIReFjpCyiuZ5lXHZWxExIdM5Bqqqrm6G0qpwuyJ8jcPY2KPS +xOoeF30VZe2Hfw== +-----END CERTIFICATE----- diff --git a/openvpn/profitbricks/keys/pb-1-fbrehm.2010.crt b/openvpn/profitbricks/keys/pb-1-fbrehm.2010.crt new file mode 100644 index 00000000..2bcfca7b --- /dev/null +++ b/openvpn/profitbricks/keys/pb-1-fbrehm.2010.crt @@ -0,0 +1,72 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14 (0xe) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + Validity + Not Before: Sep 14 14:24:42 2010 GMT + Not After : Sep 14 14:24:42 2011 GMT + Subject: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=pb-1-fbrehm/emailAddress=sysadmin@profitbricks.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:ce:62:27:6c:44:94:ef:a8:36:6f:e7:02:d9:05: + 8e:34:af:9d:d8:41:f6:70:70:c3:47:42:ce:21:e1: + af:6e:4b:d1:a5:ce:48:be:bd:d2:1c:bd:f3:71:65: + 71:58:79:b2:fd:cc:84:a9:e2:55:00:9e:fd:6f:b0: + f4:06:f5:88:c2:dc:ef:f2:e6:82:88:d5:89:f1:e5: + b5:d9:b5:f9:f3:fb:87:a0:76:73:44:b8:75:ac:c2: + 95:40:c5:72:0d:d0:ca:17:33:67:5b:40:09:3e:b6: + 2c:65:5a:38:ae:79:d4:3c:25:2a:52:a8:a5:ec:9c: + 4c:a2:03:e1:54:5c:bc:bd:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + E9:D9:3C:F3:11:00:63:27:69:94:97:CE:30:73:38:6B:B0:FA:81:8D + X509v3 Authority Key Identifier: + keyid:AF:2D:AC:8B:D8:CF:F9:97:37:3A:AA:FD:30:F6:B4:3C:A0:61:74:0E + DirName:/C=DE/ST=B/L=Berlin/O=ProfitBricks GmbH/CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + serial:B6:26:17:02:57:66:89:1F + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha1WithRSAEncryption + c7:9c:55:d9:b3:12:88:da:aa:6e:83:37:fa:a5:84:24:78:3c: + c6:36:18:79:bc:2f:68:86:47:1e:4a:8a:5f:f2:79:4b:a2:da: + 9a:a2:3d:f0:7b:a5:a4:9f:08:96:f4:b8:ca:14:69:87:e3:9a: + 42:6d:3c:c6:24:f4:83:ee:95:60:81:89:a2:00:13:98:de:95: + 27:87:f1:d8:70:16:22:07:38:29:72:8e:ac:5c:ef:6a:68:c0: + d6:03:ac:0d:06:23:97:cc:4f:81:38:e5:9c:16:af:57:55:22: + 58:76:72:61:86:f5:f6:aa:dd:30:37:d1:b0:5b:90:ef:17:a0: + f2:e9 +-----BEGIN CERTIFICATE----- +MIID1TCCAz6gAwIBAgIBDjANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCREUx +CjAIBgNVBAgTAUIxDzANBgNVBAcTBkJlcmxpbjEaMBgGA1UEChMRUHJvZml0QnJp +Y2tzIEdtYkgxHTAbBgNVBAMTFHZwbi5wcm9maXRicmlja3MuY29tMSgwJgYJKoZI +hvcNAQkBFhlzeXNhZG1pbkBwcm9maXRicmlja3MuY29tMB4XDTEwMDkxNDE0MjQ0 +MloXDTExMDkxNDE0MjQ0MlowgYYxCzAJBgNVBAYTAkRFMQowCAYDVQQIEwFCMQ8w +DQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJIMRQwEgYD +VQQDEwtwYi0xLWZicmVobTEoMCYGCSqGSIb3DQEJARYZc3lzYWRtaW5AcHJvZml0 +YnJpY2tzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzmInbESU76g2 +b+cC2QWONK+d2EH2cHDDR0LOIeGvbkvRpc5Ivr3SHL3zcWVxWHmy/cyEqeJVAJ79 +b7D0BvWIwtzv8uaCiNWJ8eW12bX58/uHoHZzRLh1rMKVQMVyDdDKFzNnW0AJPrYs +ZVo4rnnUPCUqUqil7JxMogPhVFy8veECAwEAAaOCAUYwggFCMAkGA1UdEwQCMAAw +LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd +BgNVHQ4EFgQU6dk88xEAYydplJfOMHM4a7D6gY0wgcQGA1UdIwSBvDCBuYAUry2s +i9jP+Zc3Oqr9MPa0PKBhdA6hgZWkgZIwgY8xCzAJBgNVBAYTAkRFMQowCAYDVQQI +EwFCMQ8wDQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJI +MR0wGwYDVQQDExR2cG4ucHJvZml0YnJpY2tzLmNvbTEoMCYGCSqGSIb3DQEJARYZ +c3lzYWRtaW5AcHJvZml0YnJpY2tzLmNvbYIJALYmFwJXZokfMBMGA1UdJQQMMAoG +CCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQDHnFXZsxKI +2qpugzf6pYQkeDzGNhh5vC9ohkceSopf8nlLotqaoj3we6WknwiW9LjKFGmH45pC +bTzGJPSD7pVggYmiABOY3pUnh/HYcBYiBzgpco6sXO9qaMDWA6wNBiOXzE+BOOWc +Fq9XVSJYdnJhhvX2qt0wN9GwW5DvF6Dy6Q== +-----END CERTIFICATE----- diff --git a/openvpn/profitbricks/keys/pb-1-fbrehm.2010.key b/openvpn/profitbricks/keys/pb-1-fbrehm.2010.key new file mode 100644 index 00000000..6cb05c14 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-1-fbrehm.2010.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDOYidsRJTvqDZv5wLZBY40r53YQfZwcMNHQs4h4a9uS9Glzki+ +vdIcvfNxZXFYebL9zISp4lUAnv1vsPQG9YjC3O/y5oKI1Ynx5bXZtfnz+4egdnNE +uHWswpVAxXIN0MoXM2dbQAk+tixlWjiuedQ8JSpSqKXsnEyiA+FUXLy94QIDAQAB +AoGBALywRLbZ5QlP06VvoczlJWTKAxhLBpM6pW8rhua3PfsrWpurBBtP1R/uEvrj +8kMf0SP1rnzbrzeIJNHPCOyr48IQJmZlRuMvxkNtMoylzohv9/HgO8cKLuz6ztA5 +MNAsMS8iz3/79aVDihfcxU+jVQj7DxwYjwdFRBNWVyXFatMZAkEA8AZiTHfBZatk +g5jqxG4RlpKsZUmsdOjt1/JVdLkN5O2RFb0miaXPWGVYKEsaujaglD6qTqGi0sTn +awaardq/ewJBANwek2W3LDSafqMJwk+5eI/vxpkoZs41t+kotDvx/2VSrbsG7tea +vd1BON1psRJ9qBNZ6LJtW8GRrDbMXoXFK1MCQQCuX0TsXpfOf7wu6lmryHbYl8fM +ccBq0olvt2qjuIjChmA/lcG4gA/pHP71jtJk86im6fuZ0k1Sp5+jnhGjOeafAkB+ +u+f3p1f/TXheHI9Q4aOFk/MPWZCfZ5Rk3Pewj+uRBeJbDWnUnxZz3kqESIcX81sj +ESAGIyqyL1ItFsvRTy1bAkEAmKEg6rsAIm4yhvaZlkKa3CIzRTh69PmOkdyOE24E +au5zVHFO/dt1tV5Ezv/3x/IFAAPmPQtGY2m90iriQcJ7IA== +-----END RSA PRIVATE KEY----- diff --git a/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.crt b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.crt new file mode 100644 index 00000000..af00750d --- /dev/null +++ b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.crt @@ -0,0 +1,72 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 60 (0x3c) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + Validity + Not Before: Sep 12 07:58:15 2011 GMT + Not After : Sep 11 07:58:15 2012 GMT + Subject: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=pb-1-fbrehm/emailAddress=sysadmin@profitbricks.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:ce:62:27:6c:44:94:ef:a8:36:6f:e7:02:d9:05: + 8e:34:af:9d:d8:41:f6:70:70:c3:47:42:ce:21:e1: + af:6e:4b:d1:a5:ce:48:be:bd:d2:1c:bd:f3:71:65: + 71:58:79:b2:fd:cc:84:a9:e2:55:00:9e:fd:6f:b0: + f4:06:f5:88:c2:dc:ef:f2:e6:82:88:d5:89:f1:e5: + b5:d9:b5:f9:f3:fb:87:a0:76:73:44:b8:75:ac:c2: + 95:40:c5:72:0d:d0:ca:17:33:67:5b:40:09:3e:b6: + 2c:65:5a:38:ae:79:d4:3c:25:2a:52:a8:a5:ec:9c: + 4c:a2:03:e1:54:5c:bc:bd:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + E9:D9:3C:F3:11:00:63:27:69:94:97:CE:30:73:38:6B:B0:FA:81:8D + X509v3 Authority Key Identifier: + keyid:AF:2D:AC:8B:D8:CF:F9:97:37:3A:AA:FD:30:F6:B4:3C:A0:61:74:0E + DirName:/C=DE/ST=B/L=Berlin/O=ProfitBricks GmbH/CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + serial:B6:26:17:02:57:66:89:1F + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha1WithRSAEncryption + 47:78:07:4e:07:2d:9e:b7:8f:42:f9:db:c1:b7:2c:45:7d:53: + f4:3b:c0:b1:27:f4:ad:8d:b5:b0:36:9b:5d:15:30:1e:3c:cb: + b6:7f:c4:66:e0:71:e8:10:37:5c:27:08:ff:47:4e:7d:53:1c: + f9:f2:a5:1e:a9:0f:23:05:c1:0a:3b:0d:27:15:40:96:85:4b: + 30:f8:86:7b:1e:2e:49:1b:9f:22:96:5c:56:57:2d:bc:ea:a8: + 4d:8a:3f:04:f1:46:b1:70:82:95:ce:1f:7c:c1:b9:39:30:c8: + 82:15:ad:94:10:c7:c9:22:03:f4:5b:46:c1:d0:73:48:66:4c: + 41:86 +-----BEGIN CERTIFICATE----- +MIID1TCCAz6gAwIBAgIBPDANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCREUx +CjAIBgNVBAgTAUIxDzANBgNVBAcTBkJlcmxpbjEaMBgGA1UEChMRUHJvZml0QnJp +Y2tzIEdtYkgxHTAbBgNVBAMTFHZwbi5wcm9maXRicmlja3MuY29tMSgwJgYJKoZI +hvcNAQkBFhlzeXNhZG1pbkBwcm9maXRicmlja3MuY29tMB4XDTExMDkxMjA3NTgx +NVoXDTEyMDkxMTA3NTgxNVowgYYxCzAJBgNVBAYTAkRFMQowCAYDVQQIEwFCMQ8w +DQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJIMRQwEgYD +VQQDEwtwYi0xLWZicmVobTEoMCYGCSqGSIb3DQEJARYZc3lzYWRtaW5AcHJvZml0 +YnJpY2tzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzmInbESU76g2 +b+cC2QWONK+d2EH2cHDDR0LOIeGvbkvRpc5Ivr3SHL3zcWVxWHmy/cyEqeJVAJ79 +b7D0BvWIwtzv8uaCiNWJ8eW12bX58/uHoHZzRLh1rMKVQMVyDdDKFzNnW0AJPrYs +ZVo4rnnUPCUqUqil7JxMogPhVFy8veECAwEAAaOCAUYwggFCMAkGA1UdEwQCMAAw +LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd +BgNVHQ4EFgQU6dk88xEAYydplJfOMHM4a7D6gY0wgcQGA1UdIwSBvDCBuYAUry2s +i9jP+Zc3Oqr9MPa0PKBhdA6hgZWkgZIwgY8xCzAJBgNVBAYTAkRFMQowCAYDVQQI +EwFCMQ8wDQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJI +MR0wGwYDVQQDExR2cG4ucHJvZml0YnJpY2tzLmNvbTEoMCYGCSqGSIb3DQEJARYZ +c3lzYWRtaW5AcHJvZml0YnJpY2tzLmNvbYIJALYmFwJXZokfMBMGA1UdJQQMMAoG +CCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQBHeAdOBy2e +t49C+dvBtyxFfVP0O8CxJ/StjbWwNptdFTAePMu2f8Rm4HHoEDdcJwj/R059Uxz5 +8qUeqQ8jBcEKOw0nFUCWhUsw+IZ7Hi5JG58illxWVy286qhNij8E8UaxcIKVzh98 +wbk5MMiCFa2UEMfJIgP0W0bB0HNIZkxBhg== +-----END CERTIFICATE----- diff --git a/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.csr b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.csr new file mode 100644 index 00000000..ac3c96c5 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.csr @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBxzCCATACAQAwgYYxCzAJBgNVBAYTAkRFMQowCAYDVQQIEwFCMQ8wDQYDVQQH +EwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJIMRQwEgYDVQQDEwtw +Yi0xLWZicmVobTEoMCYGCSqGSIb3DQEJARYZc3lzYWRtaW5AcHJvZml0YnJpY2tz +LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzmInbESU76g2b+cC2QWO +NK+d2EH2cHDDR0LOIeGvbkvRpc5Ivr3SHL3zcWVxWHmy/cyEqeJVAJ79b7D0BvWI +wtzv8uaCiNWJ8eW12bX58/uHoHZzRLh1rMKVQMVyDdDKFzNnW0AJPrYsZVo4rnnU +PCUqUqil7JxMogPhVFy8veECAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAKYRrOHT +p6LdMz++0UHZyKP3PzNRGlCT6rfVITDvAG4MAeBbO94D4Z3jvg+MxqMJnxhXp1Dt +a0QU9YM8J8HOrZyYcsS3LCdPzunoRFTS8YedVr1DQ/k3iY+JWRj98LAzapxRmGuo +5RJTdSKuaqSL4pfiNj+YDIogXPQekD36sHsi +-----END CERTIFICATE REQUEST----- diff --git a/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.key b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.key new file mode 100644 index 00000000..6cb05c14 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-1-fbrehm.2011-0.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDOYidsRJTvqDZv5wLZBY40r53YQfZwcMNHQs4h4a9uS9Glzki+ +vdIcvfNxZXFYebL9zISp4lUAnv1vsPQG9YjC3O/y5oKI1Ynx5bXZtfnz+4egdnNE +uHWswpVAxXIN0MoXM2dbQAk+tixlWjiuedQ8JSpSqKXsnEyiA+FUXLy94QIDAQAB +AoGBALywRLbZ5QlP06VvoczlJWTKAxhLBpM6pW8rhua3PfsrWpurBBtP1R/uEvrj +8kMf0SP1rnzbrzeIJNHPCOyr48IQJmZlRuMvxkNtMoylzohv9/HgO8cKLuz6ztA5 +MNAsMS8iz3/79aVDihfcxU+jVQj7DxwYjwdFRBNWVyXFatMZAkEA8AZiTHfBZatk +g5jqxG4RlpKsZUmsdOjt1/JVdLkN5O2RFb0miaXPWGVYKEsaujaglD6qTqGi0sTn +awaardq/ewJBANwek2W3LDSafqMJwk+5eI/vxpkoZs41t+kotDvx/2VSrbsG7tea +vd1BON1psRJ9qBNZ6LJtW8GRrDbMXoXFK1MCQQCuX0TsXpfOf7wu6lmryHbYl8fM +ccBq0olvt2qjuIjChmA/lcG4gA/pHP71jtJk86im6fuZ0k1Sp5+jnhGjOeafAkB+ +u+f3p1f/TXheHI9Q4aOFk/MPWZCfZ5Rk3Pewj+uRBeJbDWnUnxZz3kqESIcX81sj +ESAGIyqyL1ItFsvRTy1bAkEAmKEg6rsAIm4yhvaZlkKa3CIzRTh69PmOkdyOE24E +au5zVHFO/dt1tV5Ezv/3x/IFAAPmPQtGY2m90iriQcJ7IA== +-----END RSA PRIVATE KEY----- diff --git a/openvpn/profitbricks/keys/pb-2-fbrehm.crt b/openvpn/profitbricks/keys/pb-2-fbrehm.crt new file mode 100644 index 00000000..14dd2707 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-2-fbrehm.crt @@ -0,0 +1,72 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 86 (0x56) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + Validity + Not Before: Nov 14 15:48:23 2011 GMT + Not After : Nov 13 15:48:23 2012 GMT + Subject: C=DE, ST=B, L=Berlin, O=ProfitBricks GmbH, CN=pb-2-fbrehm/emailAddress=frank.brehm@profitbricks.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:a0:e2:9a:67:d7:4c:41:58:ac:8f:32:ab:d6:fa: + 6d:c7:95:ab:b8:5a:06:d3:a2:e8:65:04:12:3d:04: + 5c:a1:4e:f0:9d:c0:8c:b0:64:6d:a8:29:6a:f9:7d: + 84:43:11:b3:f9:e7:c0:c6:4d:50:bb:59:a5:d7:11: + 01:f4:de:9d:f1:12:2f:70:8a:89:90:36:d5:70:d4: + c5:44:c1:b5:d5:0a:84:d8:f4:63:13:9d:f6:4c:10: + 0f:b8:63:4e:e7:da:73:7f:f4:50:96:e1:45:cb:d2: + eb:ea:8c:3b:11:8d:aa:82:d2:44:70:0f:40:19:63: + b6:28:be:cf:92:c9:df:64:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 5A:94:8D:F5:93:24:FF:CA:C2:92:47:7B:73:01:84:01:A1:67:52:E9 + X509v3 Authority Key Identifier: + keyid:AF:2D:AC:8B:D8:CF:F9:97:37:3A:AA:FD:30:F6:B4:3C:A0:61:74:0E + DirName:/C=DE/ST=B/L=Berlin/O=ProfitBricks GmbH/CN=vpn.profitbricks.com/emailAddress=sysadmin@profitbricks.com + serial:B6:26:17:02:57:66:89:1F + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha1WithRSAEncryption + b5:33:22:e7:9f:95:8e:95:72:9e:04:f6:ba:88:c9:8f:6b:09: + f9:9b:e0:e9:47:2a:12:e2:98:b8:92:15:df:6c:34:d2:48:b1: + 0c:47:dc:cc:40:4f:77:4c:0f:b6:00:7a:4f:e1:41:3c:e0:cd: + 6d:2e:a5:9a:84:de:34:77:15:bb:2b:bb:8b:82:92:f8:84:c1: + 8f:bb:76:71:4f:36:6a:59:ab:d3:e4:dd:2f:c6:db:fb:0e:14: + 06:2a:52:19:d4:9f:75:c1:20:20:89:ee:1d:b4:f8:48:41:91: + c2:26:bb:08:30:57:21:cc:05:f3:55:6c:8e:fe:d8:90:a7:5e: + c9:66 +-----BEGIN CERTIFICATE----- +MIID2DCCA0GgAwIBAgIBVjANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCREUx +CjAIBgNVBAgTAUIxDzANBgNVBAcTBkJlcmxpbjEaMBgGA1UEChMRUHJvZml0QnJp +Y2tzIEdtYkgxHTAbBgNVBAMTFHZwbi5wcm9maXRicmlja3MuY29tMSgwJgYJKoZI +hvcNAQkBFhlzeXNhZG1pbkBwcm9maXRicmlja3MuY29tMB4XDTExMTExNDE1NDgy +M1oXDTEyMTExMzE1NDgyM1owgYkxCzAJBgNVBAYTAkRFMQowCAYDVQQIEwFCMQ8w +DQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJIMRQwEgYD +VQQDEwtwYi0yLWZicmVobTErMCkGCSqGSIb3DQEJARYcZnJhbmsuYnJlaG1AcHJv +Zml0YnJpY2tzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoOKaZ9dM +QVisjzKr1vptx5WruFoG06LoZQQSPQRcoU7wncCMsGRtqClq+X2EQxGz+efAxk1Q +u1ml1xEB9N6d8RIvcIqJkDbVcNTFRMG11QqE2PRjE532TBAPuGNO59pzf/RQluFF +y9Lr6ow7EY2qgtJEcA9AGWO2KL7PksnfZEsCAwEAAaOCAUYwggFCMAkGA1UdEwQC +MAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0 +ZTAdBgNVHQ4EFgQUWpSN9ZMk/8rCkkd7cwGEAaFnUukwgcQGA1UdIwSBvDCBuYAU +ry2si9jP+Zc3Oqr9MPa0PKBhdA6hgZWkgZIwgY8xCzAJBgNVBAYTAkRFMQowCAYD +VQQIEwFCMQ8wDQYDVQQHEwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBH +bWJIMR0wGwYDVQQDExR2cG4ucHJvZml0YnJpY2tzLmNvbTEoMCYGCSqGSIb3DQEJ +ARYZc3lzYWRtaW5AcHJvZml0YnJpY2tzLmNvbYIJALYmFwJXZokfMBMGA1UdJQQM +MAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQC1MyLn +n5WOlXKeBPa6iMmPawn5m+DpRyoS4pi4khXfbDTSSLEMR9zMQE93TA+2AHpP4UE8 +4M1tLqWahN40dxW7K7uLgpL4hMGPu3ZxTzZqWavT5N0vxtv7DhQGKlIZ1J91wSAg +ie4dtPhIQZHCJrsIMFchzAXzVWyO/tiQp17JZg== +-----END CERTIFICATE----- diff --git a/openvpn/profitbricks/keys/pb-2-fbrehm.csr b/openvpn/profitbricks/keys/pb-2-fbrehm.csr new file mode 100644 index 00000000..27176b10 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-2-fbrehm.csr @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAkRFMQowCAYDVQQIEwFCMQ8wDQYDVQQH +EwZCZXJsaW4xGjAYBgNVBAoTEVByb2ZpdEJyaWNrcyBHbWJIMRQwEgYDVQQDEwtw +Yi0yLWZicmVobTErMCkGCSqGSIb3DQEJARYcZnJhbmsuYnJlaG1AcHJvZml0YnJp +Y2tzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoOKaZ9dMQVisjzKr +1vptx5WruFoG06LoZQQSPQRcoU7wncCMsGRtqClq+X2EQxGz+efAxk1Qu1ml1xEB +9N6d8RIvcIqJkDbVcNTFRMG11QqE2PRjE532TBAPuGNO59pzf/RQluFFy9Lr6ow7 +EY2qgtJEcA9AGWO2KL7PksnfZEsCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAFIA +K5VZDwy8XUom7rLV0iji7AHabKprvG7jM+fkN6xxiaZMvJdWlgxohzsO+5wTupTl +nfkhyncZWxSAzSuHAcTKgIw7DcGdILjQu/PMn997b6wKMXTWK6tseqr7hs0Bauay +MneiG1DjhQmH0v8nBfiWUGUewe+OrBAHv75i3xgb +-----END CERTIFICATE REQUEST----- diff --git a/openvpn/profitbricks/keys/pb-2-fbrehm.key b/openvpn/profitbricks/keys/pb-2-fbrehm.key new file mode 100644 index 00000000..e5352cf8 --- /dev/null +++ b/openvpn/profitbricks/keys/pb-2-fbrehm.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCg4ppn10xBWKyPMqvW+m3Hlau4WgbTouhlBBI9BFyhTvCdwIyw +ZG2oKWr5fYRDEbP558DGTVC7WaXXEQH03p3xEi9wiomQNtVw1MVEwbXVCoTY9GMT +nfZMEA+4Y07n2nN/9FCW4UXL0uvqjDsRjaqC0kRwD0AZY7Yovs+Syd9kSwIDAQAB +AoGANG0jO6tg4fpvYMp2TLuWgm83Yf+UMeroJ+LHvrJpLPd4WS+hqOlRAndcsKhC +LUjbiRgILZaMNEDmVcrpBE520M941c3Y81UrCkLEnWReKMgCmoonE+/VOc3CX1fW +M6adP5cFChm1KqpPEMVYiXql8QLvcWh3wuwQ2pdVptA82iECQQDQQ3LgDoQZ1x/n +/WfTVlSmcVl29XDbwz0gvLUnq1IkawHzCgKne0nyhyNT/RK40z5qHUMq23wo58jn +4JoX3N+/AkEAxcMTNfq4tFcTn9YBjWzp2lNudX9NzlEOCTby/+yFfpfho9DBN4vV +XLRuv6683P/JymUrW944ZRmTGEj+eXtedQJBAKhzteoWs7D2+R67MAyXypZqHnQC +6ItI6xucp2Zzw1gjmYsMsMLpDRH3TpLzov4OF3DbRGXY7B9mA3HSkLD2fZ8CQDqq +GJvNqVcN8atbf5Ble6WhVEYUoo8Oalx/aWxTzHH2OiAvP/HrUDq055mDC1F/q2uX +wVn6PL547LKqjJqa5zUCQQCA/JBstSL8/9A4pJfNXAS9liObmS5qOSL2PeOtU01E +Ek0Y5umdKjzCM70ReatAUkFiVtvEO4GnzJpN6f7Cnk0g +-----END RSA PRIVATE KEY----- diff --git a/openvpn/profitbricks/resolv.conf b/openvpn/profitbricks/resolv.conf new file mode 100644 index 00000000..5c20275d --- /dev/null +++ b/openvpn/profitbricks/resolv.conf @@ -0,0 +1,5 @@ +# Hand made by Frank Brehm +domain profitbricks.localdomain +search profitbricks.localdomain home.brehm-online.com home.hennig-berlin.org brehm-online.com hennig-berlin.org +nameserver 192.168.178.30 +nameserver 192.168.178.85 diff --git a/openvpn/profitbricks/update-resolv-conf b/openvpn/profitbricks/update-resolv-conf new file mode 100755 index 00000000..a9d242d0 --- /dev/null +++ b/openvpn/profitbricks/update-resolv-conf @@ -0,0 +1,57 @@ +#!/bin/bash +# +# Parses DHCP options from openvpn to update resolv.conf +# To use set as 'up' and 'down' script in your openvpn *.conf: +# up /etc/openvpn/update-resolv-conf +# down /etc/openvpn/update-resolv-conf +# +# Used snippets of resolvconf script by Thomas Hood +# and Chris Hanson +# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL. +# +# 05/2006 chlauber@bnc.ch +# +# Example envs set from openvpn: +# foreign_option_1='dhcp-option DNS 193.43.27.132' +# foreign_option_2='dhcp-option DNS 193.43.27.133' +# foreign_option_3='dhcp-option DOMAIN be.bnc.ch' + +[ -x /sbin/resolvconf ] || exit 0 + +case $script_type in + +up) + for optionname in ${!foreign_option_*} ; do + option="${!optionname}" + echo $option + part1=$(echo "$option" | cut -d " " -f 1) + if [ "$part1" == "dhcp-option" ] ; then + part2=$(echo "$option" | cut -d " " -f 2) + part3=$(echo "$option" | cut -d " " -f 3) + if [ "$part2" == "DNS" ] ; then + IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3" + fi + if [ "$part2" == "DOMAIN" ] ; then + IF_DNS_SEARCH="$part3" + fi + fi + done + R="" + if [ "$IF_DNS_SEARCH" ] ; then + R="${R}search $IF_DNS_SEARCH +" + fi + for NS in $IF_DNS_NAMESERVERS ; do + R="${R}nameserver $NS +" + done + echo -n "$R" | /sbin/resolvconf -a "${dev}.inet" + ;; +down) + /sbin/resolvconf -d "${dev}.inet" + if [ -f /etc/resolv.conf.bak ]; then + cp -p /etc/resolv.conf.bak /etc/resolv.conf + fi + ;; +esac + diff --git a/resolv.conf b/resolv.conf index cb57c4dd..9a19004e 100644 --- a/resolv.conf +++ b/resolv.conf @@ -1,7 +1,4 @@ -# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) -# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN -#search home.brehm-online.com +# Generated by net-scripts for interface eth0 +domain brehm-online.com search home.brehm-online.com home.hennig-berlin.org brehm-online.com hennig-berlin.org uhu-banane.de nameserver 10.12.11.1 -#nameserver 127.0.0.1 -#nameserver 10.12.11.2 diff --git a/ssh/ssh_config b/ssh/ssh_config index b632c25c..4df379c2 100644 --- a/ssh/ssh_config +++ b/ssh/ssh_config @@ -17,9 +17,11 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. -# Host * +Host * # ForwardAgent no # ForwardX11 no + ForwardAgent yes + ForwardX11 yes # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes -- 2.39.5