Archive for February, 2012

SSL/TLS for Postfix, Apache, and Dovecot

by Jason Stewart
Step 1: Create the Certificate Signing Request (CSR) openssl req -nodes -newkey rsa:2048 -keyout -out It will ask the following questions. Answer all of them except for the last two (challenge password and optional company name). If you do set a challenge password, each program which uses the certificate will also need to […]

RADIUS on Cisco IOS 12.x

by Jason Stewart
Enter config mode, create a local administrative user (in the event of RADIUS failure), and enable AAA new model: config t username admin privilege 15 password 0 <ADMIN PASSWORD> aaa new-model Specify the RADIUS server information: radius-server host <RADIUS SERVER IP> auth-port <RADIUS AUTH UDP PORT #> acct-port <RADIUS ACCT UDP PORT #> radius-server retransmit […]

Recursively chmod Files or Folders Only

by Jason Stewart
Ever need to recursively set permissions only on files or folders in Linux/Unix? One way to do it is with the find command. For files, use -type f.  For directories, use -type d. For example: # RECURSIVELY CHMOD DIRECTORIES UNDER CURRENT PATH TO 750 find ./ -type d -exec chmod 750 {} \; # RECURSIVELY […]


by Jason Stewart
ASCII font generators, for switch banners, messages of the day, and other stuff: ██╗ ██╗███████╗ █████╗ ██╗ ██╗██╗ ╚██╗ ██╔╝██╔════╝██╔══██╗██║ ██║██║ ╚████╔╝ █████╗ ███████║███████║██║ ╚██╔╝ ██╔══╝ ██╔══██║██╔══██║╚═╝ ██║ ███████╗██║ ██║██║ ██║██╗ ╚═╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝

Managed Switch Best Practices

by Jason Stewart
DO: Give VLANs descriptive names. Comment configuration lines as much as reasonably possible. Disable TELNET! Use SSH instead. (Requires crypto image on Cisco) Have a dedicated management VLAN and IP subnet. Limit access to the SSH console with layer 3 ACLs if possible. For correct timestamps, configure the clock to synchronize with a Network Time […]

Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /var/www/ on line 14