PrivacyIDEA – 2nd Factor made easy!

Posted by on 18. December 2015 4 comments

privacyIDEA1Have you ever searched for a good, secure, not complex, customizable and cheap 2nd factor implementation?

Stop searching!

PrivacyIDEA is one of the candidates i searched for a long long time… i already dealt with RSA, Kobil, Stonesoft, GoogleAuth (own build solution) and much more. I can now say, this is the most perfect solution for all your 2nd factor authentication needs. The most important part is, its OpenSource and everybody can check if there is some bug or backdoor and (!) its perfectly customizable!

It has all the plugins for Apps that you already love to use and already use in your daily work. FreeRadius, PAM, Nginx, Apache2, OpenVPN, Typo3 and much more!

It can be used with a lot of authentication mechanism, TOTP (Software or Hardware based), HOTP (Software or Hardware based), Email, Yubikey, and much much more! The interesting part is, you can also use your existing LDAP server (Microsoft, OpenLDAP and simliar) or local flat file (Linux Passwd) to map users to your 2nd factor tokens.

I used it with TOTP Software or Feitian Token in a MySQL Master-Master Active/Active setup with FreeRadius to authenticate users (Very large userbase!) for VPN on our Cisco ASA. It works as expected and so far without a single problem.

Give it a try if you ever searched for a cheap (Get commercial support if you use it in your company!), OpenSource, flexible and easy to use 2nd factor solution, you will not be disappointed.

PS: No, this is not a sponsored or paid article! I’m really convinced of this software!

Be careful: XCodeGhost Malware

Posted by on 18. September 2015 No comments

xghost

As the title says, be careful where you download Apple Patches or, this case, XCode. There is a interesting article about a modified XCode floating around in china: XCodeGhost

Our downloads here should be free of “injections” from 3rd party. But you’ll never know, so please check the signature of your downloads every time you download it from somewhere else then Apple.

Windows 10 Build 10240 KVM Integrated

Posted by on 26. July 2015 5 comments

win10

 

 

 

 

 

 

Hey Folks! Here is the new and latest Windows 10 ISO with integrated KVM drivers. Currently i slipstreamed Balloon, VirtIO-SCSI, VirtIO-Storage and VirtRNG. Tested on Vultr and on a RedHat KVM Box. Keep in mind this is the german version of Windows 10 – but can be easily converted to english with Languagepacks.

Windows 10 Build 10240Ger KVM B1.0.1 (SHA1 4dafc6e028481c910b10c4e05df930969f1b164b)
Alternative Mirror

Have fun, this time with a Windows related Blog post! 😉

DHCP-Snooping and Baramundi PXE

Posted by on 15. June 2015 No comments

bug

Hey folks just a short notice for everyone who uses this combination on Procurve (Maybe this also applies to Cisco and / or Comware) switches. If you enable and configure DHCP-Snooping with trusted ports and authorized servers don’t forget to also authorize the Baramundi PXE Server…

I have no idea why this thing acts like a DHCP server (I’m not really a windows guy 😉 ) but after authorizing it as “DHCP Server” in the snooping, the PXE feature works again on all clients.

Back in da hood!

Posted by on 5. April 2015 1 comment

IcelandShort notice that im back home and things will go on normal now!
Will migrate the beta OS X links soon to the site header.

Btw. Iceland is one of the most interesting and definitely beautiful country i’ve ever seen! Going back to Iceland and Greeland soon 🙂

Hello SSL/TLS!

Posted by on 4. January 2015 No comments

Bildschirmfoto 2015-01-04 um 21.27.07

Short notice for the first change in 2015. This blog is now only reachable via SSL/TLS!

Every request for HTTP gets redirected to HTTPS and every content item should be covered by SSL/TLS now. Please clear you browser cache and delete all cookies from blog.shade.sh if you have problems accessing my blog.

The downloadserver “mirror.shade.sh” is also soon reachable via SSL/TLS!

Merry xMas to all my Visitors

Posted by on 24. December 2014 No comments

xmasI wish you and your families a merry christmas and a happy new year. it was a exciting and busy year for me and i’m sorry that i not always had time to update new betas 😉 Maybe next year i will have more time to bring you the latest betas and news around Apple and the competitors.

Shade

Using betas in stable Yosemite (10.10)

Posted by on 6. November 2014 12 comments

Apples-OS-X-YosemiteJust a short tip for everyone who needs access to betas without a developer account. The follow command brings back access to regular beta downloads via the AppStore!

 

Just replace the Catalog URL with:

sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL https://swscan.apple.com/content/catalogs/others/index-10.10beta-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog.gz

Have fun!

Synology TimeMachine and OS X 10.9

Posted by on 19. August 2014 No comments

synoIf somebody ever wondered about the TimeMachine error message “This backup is already in use” or in german “Dieses Backup wird bereits verwendet”. I think the Synology has problems with PowerNap or some other suspend mode in OS X 10.9.x.

Normally the error is gone after you rebooted the Synology but would you really reboot your NAS every few days? No!

This trick assumes that you have full SSH root access to your NAS. If not please enable SSH on your Synology, you can use this guide to get it enabled.

After you enabled SSH please be sure that no other TimeMachine Backup is running and login to your NAS.

find /volume* -name com.apple.TimeMachine.Results.plist

If you know the full path to your TimeMachine folder, please replace the “/volume*” with this path, otherwise this can take some time, depending on your amount of files.

You should now know the full path to that file. Now it’s time to rename it! If your path is like “/volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist” You can rename it with:

mv /volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist \
/volume1/timemachine/mbp.sparsebundle/com.apple.TimeMachine.Results.plist.BAD

If you have multiple TimeMachine backups saved on your NAS, the directories are different! After you renamed the file, the backup should run fine again!

Edit: If this does not work for you, search for running processes on the Synology with the username of your TimeMachine User. Kill all of those processes and you should be fine.

Search for this PID (My user is “tm“, yours is very likely different):

ps | grep tm | grep -v root

Output should like this:

17465 tm 23380 S /usr/syno/sbin/afpd -g guest -c 256 -n pandora6 AFPServer -l default log_error

Now kill that process with the PID (Yours is different!):

kill 17465

Windows 7 ISO with VirtIO drivers

Posted by on 14. August 2014 26 comments

If somebody needs it, i’ve made a ISO image of Windows 7 with SP1 and VirtIO drivers integrated. Some Cloud hosters needs the VirtIO drivers for the storage. You can install Windows 7 on Vultr with this image. Keep in mind this is a german language ISO, but you can install language packs after the installation.

Windows 7 SP1 with VirtIO ISO (SHA1 522e4f1b235d5f2de5140d69c9f98cb8ad1f56a6)