TL;RD Playing with Linux network namespaces

I had a Linux server with two physical network interfaces which were separated into two network namespaces. Security was set up like two machines with single network card in each connected to different physical networks.

At one day, someone found out, that a process runs in the 'red' network namespace needs to connect to a remote machine, reachable via the physical network interface connected to the other namespace we call as host namespace. How to do so?

How to forward GNUPG GPG Agent via SSH

I wanted to know how to use GPG keys securly in such a way like I already do with SSH keys: private key always kept on my local host while it is usable on remote hosts via SSH connection.

SSH client side

GPG Agent needs to be run. The agent is usually started on demand by gpg, gpgsm, gpgconf or gpg-connect-agent.

gpg-connect-agent /bye

The usual way to run the agent is from the ~/.xsession file:

Transparent proxing

Usually in corporate environment, or e.g in case of bigger schools., network administrators use application level proxies. A proxy can make internet access much faster as well as safer, however, these effects are getting more insignificant while secure connections are emerging. On the other hand, endpoint's proxy configuration not always trivial in a heterogeneous software environment. In some rare cases dealing with proxy configurations may became very time consuming while the existing of the proxy is absolutely a must have (the reason why is not important here).

Tags

Renewal

More than seven years ago, when I published the first version of my "Who Wants to Be a Millionaire?" game, I started this site as a single-page plain HTML site. Later, it became a Wordpress blog, and then a Drupal site. It was useful to learn how a website was built up and how migration and maintenance processes were going. The last change was to introduce the English language content. In the last few days, my site has been in Drupal 8, thanks to my server upgrading "project" caused by a hardware failure.

Translation in progress

As you can see, my website is under translation. This means new blog posts will be created mainly in English, but old ones aren't planned to be translated at all. However, menus, labels and other components will be translated as soon as possible, depending on my free time. There is a lot of Hungarian content which may be worst to check beyond the English ones, if you can.

Take a look around and please feel free to contact me if you have any question.

Unreachable mailing service from abroad

There is some situations when domestic pepole want to use services from abroad. In my case one of my friends wants to use a hungarian e-mail service, freemail.hu, from Germany, but service area of Freemail is limited to Hungary for security reasons (only POP3 protocol is affected). We do not know how long this security restriction will take, unfortuantelly. So today's question is that: what should we do to download my friend's mails via POP3 protocol from abroad against the security restrictions? Well, there are a lot of potential solution but because I have several Linux servers around the Internet and, to be honest, I love them I will use a Linux server instead. Let me show how.

Tags