Using ZFS in Linux is not as simple as other file systems. The ZFS on Linux code is not integrated in the Linux kernel due to license issues. Therefore, native support by distributions is missing. This does not mean that it is hard to add support for ZFS to an existing installation. On the contrary. In this guide it is shown that durable ZFS support can be added to Arch Linux with a few simple commands. In addition, a cheat sheet is provided to ease ZFS management.
Setting up a lightweight authentication back end
Most self-hosted web services can authenticate against a back end server using LDAP or Kerberos. Hosting a server to handle authentication using these protocols can be a daunting task for the uninitiated. This guide explains how to configure Samba as a back end authentication server to allow each user to authenticate against multiple services with a single account. The authentication server will run Active Directory Domain Services as a domain controller to enable authentication over LDAP and Kerberos. This guide will also explain how to configure Nextcloud to authenticate users using LDAP. Users will be able to login and change their passwords through Nextcloud's web interface. The same (changed) password would also be usable for other (web) services.
Routing traffic through OpenVPN using a local SOCKS proxy
OpenVPN can be used with an obfuscation proxy, such as obfsproxy or obfs4, to avoid identification of VPN traffic through deep packet inspection. In this post I explain a connectivity problem that client-side OpenVPN faces when such a proxy is approached as a local SOCKS proxy by OpenVPN. A solution is provided, of course.
Maintaining SSL/TLS is hard...
Not even experts are safe from the many pitfalls that exist in implementations. Qualys, known for their Qualys SSL Labs Vulnerability Scanner (used in my research), allowed the expiration of their blog's certificate.
See 'PhD thesis' in the menu bar at the top of this page.