Servers

Ensim Quota Fixer

Posted on by Andy

Hello world,

We recently had some quota problems on one of our server with Ensim Control Panel. The control panel and command line quota tool reported other data than the users really used. Although the user had no files on the disk which were owned by him the quota reported a few megabytes used. I checked a few forums an read a few articles and wrote a bash script which fixes the quota problem.

Here what it does:

  • it turns off quota
  • does a backup of your old quota files (aquota.user and aquota.group)
  • scans new quota data
  • re-enables quota
  • and resets ensim users and admin quotas

Download the file, unzip it and run the script. Hope this helps someone as I struggled with this "bug" for some time.

Ensim Quota Fixer (1272 downloads )

Create self-signed certificates with OpenSSL

Posted on by Andy

Hey, here are a few steps to create your own self-signed certificates with your own CA:

  1. Generate your 4096 bit CA key (no password):
    # openssl genrsa -out CA.key 4096
    or generate one with a password:
    # openssl genrsa -out CA.key 4096 -des3

​Please note that if someone gets this key and it’s not password protected he can generate valid certificates in your name, which is really really bad, so keep it secret!

  1. Generate your CA certificate:
    # openssl req -new -x509 -extensions v3_ca -key CA.key -days 10000 -out CA.crt

​This creates a valid CA certificate wich is valid for 10000 days. Why so long? Because when this CA expires you have to revoke and regenerate all the certificates based on this one which could be timeconsuming, but feel free to set a lower number. In order to recognize your self-signed certificates this CA must be installed on your computer which calls the website or alike. which varies between operating systems and programs.

  1. Generate a key for the server (again with or without password, simply add -des3 if you want password protection):
    # openssl genrsa -out server.key 4096
  2. Create A CSR (certificat signing request):
    # openssl req -new -key server.key -out server.csr

​Now before creating a CRT file: if you need multiple domains you can specifiy them in a separate file. In my example i named it multidomains.cnf and added the following line:

subjectAltName=DNS:www.domain.com,DNS:mail.domain.com,DNS:domain.com,DNS:mysql.domain.com

Please note that you need to specify the normal domain too (domain.com) in this file and as CommonName when generating the CSR.

  1. Generate the server certificate:
    # openssl x509 -req -in server.csr -CA CA.crt -CAkey CA.key -CAcreateserial -out server.crt -days 365
    generate with multidomains:
    # openssl x509 -req -in server.csr -CA CA.crt -CAkey CA.key -CAcreateserial -extfile multidomains.cnf -out server.crt -days 365

In case you want the to do quickly a certificate, you can do it also in one line:

openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server.key -out server.crt

​All you have to do now is copy the server.key and server.crt onto your machine and configure your application to use this certificates.

Here are some useful sites if found about SSL:
http://www.chainsawonatireswing.com
http://phaseshiftllc.com
http://blog.didierstevens.com
http://shib.kuleuven.be

Change network driver for ESX(i) guest OS to VMXNET

Posted on by Andy

Hello,

On the VMWare ESXi server you can specifiy your network card driver when adding a network device to your virtual machine, but once installed you cannot change it through the GUI. So here are a few steps to make the change simple:

  1. Login to ESXi server through your terminal
  2. Go to your VM folder
  3. Connect to your VM and shut it down.
  4. Open your VM .vmx file with vi
  5. Look for the line ethernetX.virtualDev (X: interface number)
  6. Change this value to vmxnet or vmxnet3
  7. ​Save file and restart your virtual machine

Remark:
Usually you need to install the vm with another driver because vmxnet is not installed on an operating system per default. Before you can use the driver you must install VMWare Tools. It is important that you shut down the VM otherwise your modified .vmx file will be overwritten.