sudo adduser $USER vboxusers
After that you must logout and login.
Reference
[1] https://superuser.com/questions/956622/no-usb-devices-available-in-virtualbox
杨越
sudo adduser $USER vboxusers
After that you must logout and login.
[1] https://superuser.com/questions/956622/no-usb-devices-available-in-virtualbox
1 | OS Ubuntu 18.04 |
After install openvpn1
2
3
4sudo apt install -y \
openvpn \
network-manager-openvpn \
network-manager-openvpn-gnome
When used openvpn GUI to import .ovpn file and clicked to connect, pop up this error:activation of network connection failed
check /var/log/syslog
get this OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
1 | client |
modify vpn configuration filesudo vim /etc/NetworkManager/system-connections/<VPN-CONFIG-FILE>
Under vpn section, add this line1
2[vpn]
tls-cipher=DEFAULT:@SECLEVEL=0
Reload the configurationsudo nmcli connection reload
Now I can successfully access the vpn network but fail to reach the internet outside that vpn subnet.
With GUI, this could be simply fixed by:
[1] https://askubuntu.com/questions/1043899/openvpn-on-ubuntu-18-04
[2] https://forums.openvpn.net/viewtopic.php?t=23979
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1498322
[4] https://bbs.deepin.org/forum.php?mod=viewthread&tid=155262
sudo apt-get install -y openssh-server
sudo vim /etc/ssh/sshd_config
1 | # change default port to keep away from the brute force port scanner |
sudo systemctl reload sshd
1 | sudo ufw allow OpenSSH |
Here I use both Shadowsocks-libev and Shadowsock for no reason
Shadowsocks is written in Python
1 | sudo apt install python-pip |
1 | sudo tee /lib/systemd/system/shadowsocks.service <<EOF |
Mainly follow How To Set Up an OpenVPN Server on Ubuntu 18.04[1]
As CA, the most important attribution is security.
As for me, use another machine as CA is a waste of resource.
In other word, use virtual machine as CA is the most economic and secure method.
CA needs to communicate with Server to import, sign requests and send back certificates. That means CA virtual machine needs a bidirectional communication.
There are several options:
My decision is to use shared folder.
on server, mkdir ca_shared
The scenario is that I would like to migrate my hexo repo from my old laptop to the new desktop.
git push the source repo(e.g. https://github.com/ZedYeung/Hexo) with such structure(image_path_replace.py is my own script)1
2
3
4
5
6
7
8
9
10├── _config.yml
├── db.json
├── image_path_replace.py
├── node_modules
├── package.json
├── package-lock.json
├── public
├── scaffolds
├── source
└── themes
rathan than the generated repo(e.g. https://github.com/ZedYeung/zedyeung.github.io)1
2
3
4
5
6
7
8
9
10
11
12
13├── 2017
├── archives
├── avatar.jpg
├── categories
├── CNAME
├── content.json
├── css
├── images
├── index.html
├── js
├── lib
├── node_modules
└── tags
The last one is generated by the former one with hexo-deployer-git
It looks like there are some conflictions between gnome and neaease GUI.
I tried sudo tail -f /var/log/syslog
, but I failed to find something useful.
Failed to load module "canberra-gtk-module"
simply fix with sudo apt install libcanberra-gtk-module
1 | sudo apt install -y fcitx-bin |