A server monitor page has been added which currently checks the uptime of my main server (the one on which this site runs). This monitor can be found at status.moocat.me. The monitor uses a ping (icmp) to check if the server is responsive but this test is fairly limited as it would not detect if this website was accessible. New test types may be added but servers that I come to acquire will be added.
I stumbled across Keybase a little while ago and have finally got round to setting it up / linking to my online identities, such as proving that I’m the admin of this website etc. This process was fast and painless to perform. A link to my Keybase page can be on the link in this post or under the contact section.
I have recently set up a public (open access) s/ntp time server that operates at stratum 2. It is available on both IPv4 & IPv6 with the server name ‘ntp.moocat.me’. A good place to start understanding what NTP is and why it is useful is with this FAQ found at ntp.org. The server also participates in the ntp pool project which was easy to setup and hopefully provides a benefit to the community.
During my second year of my IT A level one of the units required me to create an excel product for a fictional client. The fictional client that I created was a man called steve who needed part of his VPS management system migrating into a digital form. The resulting product and associated documentation can be found below:
Whilst updating the certificate for the postfix server recently, I encountered an issue where emails from some servers were not being delivered / received. Upon further investigation I found the error relating to this problem was “
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher“. Armed with this error information I proceeded to look for a solution online but this process took an extended amount of time for me to find an answer. In hindsight this trivial task should have taken a couple of minutes to perform which is why I have made this post to help others to prevent a similar situation.
The reason why in this case I was receiving the error was due to the other servers not supporting ECDSA certificates and it turns out this is true for many mail servers as well. Knowing this it explains why “no shared cipher” was being displayed due to the lack of ECC (Elliptic Curve Cryptography) support. In order to rectify this I had to use an RSA certificate which is widely accepted. This new cert was self signed but this doesn’t cause an issue as nearly all smtp servers do not validate certificates.
To apply this change on a postfix server first open the main config file (“
/etc/postfix/main.cf“). Once open navigate to “
smtpd_tls_cert_file” and “
smtpd_tls_key_file“, then change them respectively to point to the new location. Keep in mind both files specified must be in the .pem format.