kill -9 $$

I hate it when I keyed in a password on a shell prompt and pressed enter already. This is short, easy to remember and doesn't do nasty things like editing your history file... PS: Works definitely with bash, dont know about others.…

How do I test my IPv6 capable mailserver? II

Now you have IPv6 enabled on your mail server but you don't know any email address what is actually IPv6 enabled as well? Here are two - what I just tested: ipv6@test-ipv6.veznat.combouncer@freenet6.netmy own... hehe.Both are sending back the mail headers and the first one…

Two factor authentication with YubiKey

I recently figured that these substantially increase your password security - with what you know and what you have. They are very easy integrated into PAM - and the good news is most services on Linux can be configured to use PAM as an authentication source. SSH, Dovecot, Apache... no…

Enabling HSTS on nginx II

I have to add a correction to my previous article "Enabling HSTS on nginx": You can and should enable it on http as well, so that visitors of your website offer from this additional security benefit as well - when they come back.…

Nginx + IPv6: "98: Address already in use"

If you get this message, you have to change your "listen" statement from listen 94.229.77.82:80; listen [2a01:348:226:dead:beef:dead:beef:dead]:80; to listen 94.229.77.82:443; listen [2a01:348:226:dead:beef:dead:beef:dead]:443 ipv6only=on; For some…

Enabling HSTS on nginx

If you want to enable HSTS on your nginx webserver, this is how you do it: add_header Strict-Transport-Security "max-age=315360000; includeSubdomains"; You need to put this only on the https server, *not *on the http only server - it wont work on http only.…