sudo adduser $USER vboxusers
After that you must logout and login.
OS Ubuntu 18.04
After install openvpn
sudo apt install -y \
When used openvpn GUI to import .ovpn file and clicked to connect, pop up this error:
activation of network connection failed
OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
modify vpn configuration file
sudo vim /etc/NetworkManager/system-connections/<VPN-CONFIG-FILE>
Under vpn section, add this line
Reload the configuration
sudo nmcli connection reload
Now I can successfully access the vpn network but fail to reach the internet outside that vpn subnet.
With GUI, this could be simply fixed by:
sudo apt-get install -y openssh-server
sudo vim /etc/ssh/sshd_config
# change default port to keep away from the brute force port scanner
sudo systemctl reload sshd
sudo ufw allow OpenSSH
Here I use both Shadowsocks-libev and Shadowsock for no reason
Shadowsocks is written in Python
sudo apt install python-pip
sudo tee /lib/systemd/system/shadowsocks.service <<EOF
sudo apt install flameshot
Mainly follow How To Set Up an OpenVPN Server on Ubuntu 18.04
- Server – Ubuntu 18.04 desktop named zed-ubuntu18
- CA – Ubuntu 18.04 virtual machine in Vbox
- Client – mac
- Sever connect to a router while the route connecting to a modem
As CA, the most important attribution is security.
- CA should be used only for signing request and should be shutdown for the rest of time.
- CA should connect to network only for updating and installing necessary packages.
As for me, use another machine as CA is a waste of resource.
In other word, use virtual machine as CA is the most economic and secure method.
CA needs to communicate with Server to import, sign requests and send back certificates. That means CA virtual machine needs a bidirectional communication.
There are several options:
- ssh – needs to expose port, generate and transfer keys on both side, which is complicated to configure
- drag and drop – GUI solution
- shared folder – CLI solution
My decision is to use shared folder.
The scenario is that I would like to migrate my hexo repo from my old laptop to the new desktop.
git push the source repo(e.g. https://github.com/ZedYeung/Hexo) with such structure(image_path_replace.py is my own script)
rathan than the generated repo(e.g. https://github.com/ZedYeung/zedyeung.github.io)
The last one is generated by the former one with
It looks like there are some conflictions between gnome and neaease GUI.
sudo tail -f /var/log/syslog, but I failed to find something useful.
Failed to load module "canberra-gtk-module"
simply fix with
sudo apt install libcanberra-gtk-module
sudo apt install -y fcitx-bin