I recently posted about using stable IP addresses on a desktop managed by network manager.

This post will go into some detail about using the same tunnel, but server-side, and inside a network namespace.

You can then run servers in that namespace, and have them hosted on the internet, with a real IP address, without sharing the rest of your LAN.

Continue reading →

In a previous post, I showed how the openssl rsautl tool can be used to encrypt small bits of data to an SSH host key.

One problem, is that rsautl cannot encrypt any data that is larger than the key size. One workaround however, is to use a symmetric key for the bulk encryption, and then use RSA to encrypt the smaller symmetric key.

Continue reading →