Life Long Learning for Lebanon

Portail informatique formation d'ingénieur Liban

Supports, informations et actualités informatique ISSAE Cnam Liban et centres du Cnam Liban

Société et technologie

Fondateur et activiste Free (libre) Open Source Software Lebanese Movement OSLM

lundi 30 juin 2014

Open source, Corée

http://www.zdnet.fr/actualites/la-coree-du-sud-veut-passer-aux-logiciels-libres-et-open-source-d-ici-2020-39803113.htm

Install and Configure OpenVPN Server on Linux (debian/ubuntu)

From http://www.linux.com/learn/tutorials/457103-install-and-configure-openvpn-server-on-linux


The VPN is very often critical to working within a company. With working from home being such a popular draw to many industries, it is still necessary to be able to access company folders and hardware that exists within the LAN. When outside of that LAN, one of the best ways to gain that access is with the help of a VPN. Many VPN solutions are costly, and/or challenging to set up and manage. Fortunately, for the open source/Linux community, there is a solution that is actually quite simple to set up, configure, and manage. OpenVPN is that solution and here you will learn how to set up the server end of that system.

What Is Needed

I will be setting OpenVPN up on a Ubuntu 11.04, using Public Key Infrastructure with a bridged Ethernet interface. This setup allows for the quickest route to getting OpenVPN up and running, while maintaining a modicum of security.
The first step (outside of having the operating system installed) is to install the necessary packages. Since I will installing on Ubunutu, the installation is fairly straightforward:
  1. Open up a terminal window.
  2. Run sudo apt-get install openvpn to install the OpenVPN package.
  3. Type the sudo password and hit Enter.
  4. Accept any dependencies.
There is only one package left to install — the package that allows the enabling of bridged networking. Setting up the bridge is simple, once you know how. But before the interface can be configured to handle bridged networking, a single package must be installed. Do the following:
  1. Install the necessary package with the command sudo apt-get install bridge-utils.
  2. Edit the /etc/network/interfaces file to reflect the necessary changes (see below).
  3. Restart networking with the command sudo /etc/init.d/networking restart .
Open up the /etc/network/interfaces file and make the necessary that apply to your networking interface, based on the sample below:


auto lo
iface lo inet loopback

auto br0
iface br0 inet static
        address 192.168.100.10
        network 192.168.100.0
        netmask 255.255.255.0
        broadcast 192.168.100.255
        gateway 192.168.100.1
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off


Make sure to configure the bridge section (shown above) to match the correct information for your network. Save that file and restart networking. Now it's time to start configuring the VPN server.

Creating Certificates

The OpenVPN server will rely on certificate authority for security. Those certificates must first be created and then placed in the proper directories. To do this, follow these steps:
  1. Create a new directory with the command sudo mkdir /etc/openvpn/easy-rsa/.
  2. Copy the necessary files with the command sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/.
  3. Change the ownership of the newly copied directory with the command sudo chown -R $USER /etc/openvpn/easy-rsa/.
  4. Edit the file /etc/openvpn/easy-rsa/vars and change the variables listed below.
The variables to edit are:


export KEY_COUNTRY="US"
export KEY_PROVINCE="KY"
export KEY_CITY="Louisville"
export KEY_ORG="Monkeypantz"
export KEY_EMAIL="
 jlwallen@monkeypantz.net"

Once the file has been edited and saved, we'll run several commands must be entered in order to create the certificates:
  • cd /etc/openvpn/easy-rsa/
  • source vars
  • ./clean-all
  • ./build-dh
  • ./pkitool --initca
  • ./pkitool --server server
  • cd keys
  • sudo openvpn --genkey --secret ta.key
  • sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/

Client Certificates

The clients will need to have certificates in order to authenticate to the server. To create these certificates, do the following:
  1. cd /etc/openvpn/easy-rsa/
  2. source vars
  3. ./pkitool hostname
Here the hostname is the actual hostname of the machine that will be connecting to the VPN.
Now, certificates will have to be created for each host needing to connecting to the VPN. Once the certificates have been created, they will need to be copied to the respective clients. The files that must be copied are:
  • /etc/openvpn/ca.crt
  • /etc/openvpn/ta.key
  • /etc/openvpn/easy-rsa/keys/hostname.crt (Where hostname is the hostname of the client).
  • /etc/openvpn/easy-rsa/keys/hostname.key (Where hostname is the hostname of the client).
Copy the above using a secure method, making sure they are copied to the /etc/openvpn directory.

Configuring VPN Server

It is time to configure the actual VPN server. The first step is to copy a sample configuration file to work with. This is done with the command sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/. Now decompress the server.conf.gz file with the command sudo gzip -d /etc/openvpn/server.conf.gz. The configuration options to edit are in this file. Open server.conf up in a text editor (with administrative privileges) and edit the following options:

local 192.168.100.10
dev tap0
up "/etc/openvpn/up.sh br0"
down "/etc/openvpn/down.sh br0"
server-bridge 192.168.100.101 255.255.255.0 192.168.100.105 192.168.100.200
push "route 192.168.100.1 255.255.255.0"
push "dhcp-option DNS 192.168.100.201"
push "dhcp-option DOMAIN example.com"
tls-auth ta.key 0 # This file is secret
user nobody
group nogroup

If you're unsure of any of the options, here:
  • The local address is the IP address of the bridged interface.
  • The server-bridge is needed in the case of a bridged interface.
  • The server will push out the IP address range of 192.168.100.105-200 to clients.
  • The push directives are options sent to clients.

Bringing The VPN Up And Down

Before the VPN is started (or restarted) a couple of scripts will be necessary to add the tap interface to the bridge (If bridged networking is not being used, these scripts are not necessary.) These scripts will then be used by the executable for OpenVPN. The scripts are /etc/openvpn/up.sh and /etc/openvpn/down.sh.

#!/bin/sh
#This is /etc/openvpn/up.sh

BR=$1
DEV=$2
MTU=$3
/sbin/ifconfig $DEV mtu $MTU promisc up
/usr/sbin/brctl addif $BR $DEV


#!/bin/sh
#This is/etc/openvpn/down.sh
The VPN is very often critical to working within a company. With working from home being such a popular draw to many industries, it is still necessary to be able to access company folders and hardware that exists within the LAN. When outside of that LAN, one of the best ways to gain that access is with the help of a VPN. Many VPN solutions are costly, and/or challenging to set up and manage. Fortunately, for the open source/Linux community, there is a solution that is actually quite simple to set up, configure, and manage. OpenVPN is that solution and here you will learn how to set up the server end of that system.

dimanche 22 juin 2014

Article: 7 erreurs courantes des managers inexpérimentés - Techniques de l'Ingénieur

Les 7 erreurs communément rencontrées chez les managers inexpérimentés : 1. Ils cherchent plus à être aimés que respectés. Imaginez que – pour une raison quelconque et à 3 jours de la d …

http://www.techniques-ingenieur.fr/actualite/etre-ingenieur-thematique_89431/7-erreurs-courantes-des-managers-inexperimentes-article_286075/

Envoyé via Flipboard

Pascal Fares
http://www.cofares.net

mercredi 18 juin 2014

Is Coding the New Literacy?

Mother Jones (06/16/14) Tasneem Raja 

Teaching basic coding literacy to all students in public schools could help realize a diversity of talent that would transform society as profoundly as reading and writing once did. Although recent coding pushes have led some to believe everyone needs to learn the specifics of programming languages, this level of detail might not be as relevant as learning the fundamentals of what computers can do. Computational thinking might surpass coding skills in importance to useful applications of technology in today's society. Microsoft's Jeannette Wing popularized the term computational thinking, which she says is not limited to programmers and encompasses "solving problems, designing systems, and understanding human behavior." Knowing how to write code is useless without an appropriate goal toward which to apply it. "Unless you can think about the ways computers can solve problems, you can't even know how to ask the questions that need to be answered," says University of Pittsburgh professor Annette Vee, who studies the spread of computer science literacy. Reading and writing literacy began as a skill for a select few and then expanded, and coding literacy is similarly moving from an elite group to the masses. Today's most significant breakthroughs, not only in technical fields but in all fields, involve big datasets, powerful algorithms, and people able to leverage both.