There are many cases where two networks have to be connected on Layer 2 in a virtual fashion, which is referred to as a Virtual Private Network (VPN). Typically you would use OpenVPN or similar software for that. All of these tools have in common that they require some non trivial setup steps like setting up a PKI or exchanging keys or certificates in a safe way.

As a programmer, setting up a full fledged VPN software for a development environment which is destroyed regularly seems not be the best option. A question that normally comes to my mind in these moments is:

Can I use SSH for that?

The answer is usually YES, like in this case. For the first part of an ongoing series about little known SSH features, we’ll take a look at the -w command line flag which allows bridging of two ethernet networks using tap-devices.

Continue reading

I’m currently working in an environment where the development setup consists of 6 individual VirtualBox VMs handled by vagrant. This could be a problem on devices with low amount of memory, such as Macbook Air … This post describes a setup with a single VM which hosts all other VMs as LXC containers with minimal overhead. The tricky part here is the network setup, so that your developer machine is in the same network as the containers, which then allows direct access to and from the containers.
Continue reading

I’m using websocketd for a little side project, called webshell, which is a little shell in your browser that runs predefined commands. It is obvious that this shouldn’t be accessible by everyone! So there is a need for authentication. For most of my projects I use HTTP Basic Auth, which is not supported by Chrome when using WebSockets. The solution is a cookie based authentication built using Lua directly in nginx (used as a reverse proxy).
Continue reading

When you own a custom domain like me (pboehm.org), there are unlimited possibilities what you can do with it. One thing is to write a redirector to use subdomains pointing to your profile-pages on several services like Flickr or Github. Another purpose could be the redirection of www.DOMAIN and DOMAIN to blog.DOMAIN, which could be hosted on Github Pages that is limited to one CNAME per page.

Continue reading

git the distributed version control system built for the Linux kernel is widely used nowadays and has been adapted by more and more dev-teams. Developing with git in a small team requires a different workflow to push/pull/merge/rebase without any problems. This post describes a minimal workflow, which builds up on feature branches on which the developer implements their changes. The master-branch tracks the remote changes and the feature branch will be merged into master if the work is done.

Continue reading