Add Two-Factor-Authentication to SSH on Debian Wheezy to Stretch

Introduction This guide shows you, how you can add 2FA to your OpenSSH on Debian Wheezy, Jessie and Stretch using Google Authenticator. Also our SSH already uses Pubkey-Authentication while PasswordAuthentication is disabled. This guide might also work on it's derivates. Limitations I have only tested this on Wheezy and Stretch…

Proxmox 5 on Hetzner Root-Server with Dual-Stack IPv4/IPv6 for Host and Guests

Introduction In an earlier blog post i wrote about a standard Debian installation with KVM, IPv4 and IPv6 for both the host and it's guests. This time we will setup Proxmox 5.x on a Hetzner Root-Server also using Debian and IPv4 and IPv6 for the Host and Guests. Since…

Migrating Proxmox LVM-Thin Volumes to another Proxmox Host

Introduction In an earlier post, i've discribed how to migrate VMWare ESXi Virtual Machines (or mostly their disks) to a new Proxmox KVM machine. This time i had to move a Proxmox VM to another Proxmox host. Both hosts using LVM-Thin Logical Volumes to store guest data instead of disk…

Proxmox 4Gbit/s HA Networking with two Dual-Port NICs and VLAN-enabled Bonding to distinct Switches

Lately we've setup a new Proxmox 4.4 Server. For this we upgraded our former ESXi 5.5 Host with more RAM, a RAID-10 Array (from RAID-1 w. Hot-Spare) and two Dual-Port 1Gbit/s NICs (therefore 4x 1Gbit/s in 2 PCIe Cards with Intel I350 Chipset) from two Single-Port…

Migrate VMWare ESXi Virtual Machines to Proxmox KVM with LVM-Thin Logical Volumes

Recently we decided to move away from VMWare ESXi because we want to scale out but don't want to buy expensive licenses just for virtualization. We evaluated different solutions and got stuck with Proxmox and it's KVM virtualization. We have always used Debian-based VMs so KVM was a logical decision.…

Securing and Customizing Filecloud Server and Clients

Update 2017-06-15: The configuration parameters below still work with the latest Sync Clients in v15.x (tested on macOS and Windows). Sadly, the default is still TLSv1 and not configurable in the UI or even better chosen automatically upon the first connection attempt to the server. This is more or…

Monitoring RAID on Sophos UTM Hot-Standby Clusters with Dell PERC/LSI MegaRAID Controllers

This is a somewhat special post this time for a somewhat narrow audience but my intention was splitted into creating a reminder for myself and to show how you can even monitor things that are normally closed for manual configurations like the Sophos UTM and to generally show you how…

Run a NTP server for the pool.ntp.org project with Debian

Update 2: I've changed the 5 source servers to 3 other's that are on the same continent as our NTP Server so the offset and jitter are much better. This helped this server to be more "stable". The server now uses clock.isc.org, clock.uregina.ca and subitaneous.cpsc.…

Introduction on how to use shellcheck and bashate with Travis-CI

Introduction Some time ago i've written about test-driven development, or TDD, for shell scripts using shunit2 and Travis-CI. This time i want to show you how you can further enhance your shell script testing capabilities with two useful tools for static analysis and style checking. TL;DR For anyone who…

Remove Proxmox 4.2 “No Valid Subscription” message

Update #2 (2017-04-03): janus57, Michael S. and Marcel G. pointed out, that there are new ways to disable the message. First by still modifying appropriate files - see in the first Link to the Comments - which i've tested by myself on a new 4.4-13 or by leading Proxmox…