MITMProxy and IOS 13

Problem: if you want to debug a IOS app with MITMProxy, the iPhone needs to trust the MITMProxy CA. This is done by going to http://mitm.it/ and clicking on the apple symbol. Then you have to accept the “profile” in Settings “downloaded profiles”. Then you have to trust this new CA cert in “Settings” “General” …

Continue reading ‘MITMProxy and IOS 13’ »

Linux Live-boot Fails after Debian/Devuan Update

Problem: after updating from Debian 8 to Devuan 2 the overlay live-boot failes with “no such device” Discussion: I use a bootable USB stick combined with live-boot. In this case the USB stick partition 3 is a normal ext4 file system used as read only “plainroot” filesystem. Live-boot overlays this with an ramfs.As I don’t …

Continue reading ‘Linux Live-boot Fails after Debian/Devuan Update’ »

Greenlock(-express) Letsencrypt Fails with ECONNRESET

Problem: after upgrading vom greenlock-express v2.0 to v2.5 and switching from acme-v1 to acme-v2 every attempt to register a new TLS cert with Letsencrypt fails with “ECONNRESET” Discussion: the new version of greenlock tries to validate the .well-known/acme-challenge file before asking letsencrypt for the certificate.If your webserver is behind a loadbalancer or firewall and the …

Continue reading ‘Greenlock(-express) Letsencrypt Fails with ECONNRESET’ »

Apache Start Hangs during Reboot of a KVM Virtual Server

Problem: Apache needs very long to start on a virtual server running on a KVM/QEMU virtual maschine. Solution: Apache needs a RNG (random number generator) for startup, probably because of TLS. A pure virtual maschine has no RNG device per default. If you add an RNG device to the virtual maschine configuration, apache startup is …

Continue reading ‘Apache Start Hangs during Reboot of a KVM Virtual Server’ »

Sparse Files Howto

Unix file systems like ext3/4 can store files which are partly empty more efficiently by not storing blocks with all zeros. These files are called sparse files. When reading these files every things works as normal but “all zero” blocks don’t wast space on the drive. This can be useful for different application. For example …

Continue reading ‘Sparse Files Howto’ »

APT sources list

Problem: when debian goes from “testing” to “stable” to “oldstable” the package sources change. eg. jessie-updates are remove, same happened to jessie-backports The current file /etc/apt/sources.list for jessie (currently oldstable) could look like this deb http://ftp.debian.org/debian/ jessie main contrib non-freedeb http://security.debian.org/ jessie/updates main contrib non-free

Configure WLAN Statically in Debian/Linux

If you want to configure WLAN settings on a Linux machine statically you can use the normal /etc/network/interfaces configuration method of Debian. For WPA-PSK you can use this 3 steps: Install the “wpasupplicant” package Generate a psk line with “wpa_passphrase” and copy the hex string after “psk=” root@server:~# wpa_passphrase WLANNAME# reading passphrase from stdinthepasswordnetwork={ ssid=”WLANNAME” …

Continue reading ‘Configure WLAN Statically in Debian/Linux’ »

No Text Console After NVME Storage Upgrade

Problem: After upgrading a system to NVME, Linux boots without textconsole, or sends the text console to the wrong graphics card. Discussion: The NVME upgrade needed to change from BIOS boot to UEFI boot. UEFI boot disables the pure text console, and the kernel uses whatever frame buffer is available, or without text console if …

Continue reading ‘No Text Console After NVME Storage Upgrade’ »