Unified Inbox & Label Editing Arrive in Open-Source E-mail App ‘N1’

Standard

nylas n1 logoOpen-Source e-mail client Nylas N1 is rolling out its biggest update since launch. A unified inbox and easier label editing are among the changes on offer.

This post, Unified Inbox & Label Editing Arrive in Open-Source E-mail App ‘N1’, was written by Joey-Elijah Sneddon and first appeared on OMG! Ubuntu!.

via OMG! Ubuntu! http://ift.tt/1W25567

Tunnel SSH over SSL

Standard

Have you ever found yourself behind a restrictive firewall that only allows outbound http(s) traffic, but you need to SSH out? Perhaps you’ve tried running SSH on port 443 (https) but those connections have been denied as well. In this post I’ll outline how to configure stunnel on an SSH server to allow encrypted SSH connections over port 443 (https).

This configuration is done in two parts. The first half is done on the remote SSH server. The second half is done on the local machine. In this case I’m running Ubuntu Server and Ubuntu Desktop for the client.

Server Side Instructions:

First off we’ll need to install the stunnel package:

sudo apt-get install stunnel4

Once the package is installed we’ll need to configure stunnel with an SSL certificate and a config file. First, the SSL certificate:

openssl genrsa 1024 > stunnel.key
openssl req -new -key stunnel.key -x509 -days 1000 -out stunnel.crt
cat stunnel.crt stunnel.key > stunnel.pem
sudo mv stunnel.pem /etc/stunnel/

Configure stunnel to tunnel 443 (https) to 22 (ssh):

By default stunnel doesn’t provide any config files. We’ll create a simple config file to meet the needs of using SSH over SSL. Create a new file, /etc/stunnel/stunnel.conf and copy in the contents below:

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem

[ssh] accept = public_ip:443
connect = 127.0.0.1:22

The above configuration tells stunnel where to find the certificate we generated and where to accept and forward connections. In this case stunnel will listen on the public_ip on port 443 (https) and redirect connections there back to localhost on 22 (ssh).

In order to start the stunnel service we’ll need to activate it in/etc/default/stunnel4. Change the ENABLED line from 0 to 1.

Finally, we can start the service and move on to the client configuration:

sudo service stunnel4 start

You can verify that stunnel is now listening by using the netstat command:

netstat -natp | grep :443

Client Side Instructions:

The rest of these instructions are done on the local machine.

As was done on the server, we’ll need to install the stunnel package:

sudo apt-get install stunnel4

The client configuration also needs the same SSL certificate that we generated above. copy/paste or otherwise duplicate the .pem file we generated in the Server Side Instructions and save it to the same location, /etc/stunnel/stunnel.pem.

We’ll need to create a similar configuration file, only this time we’ll change the accept and connect sections. Use the example below to populate the /etc/stunnel/stunnel.conf on your client.

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem

[ssh] accept = 127.0.0.1:2200
connect = remote_ip:443

With the config file and certificate in place we’re ready to enable stunnel and start the service. Enable the service (as above) in the/etc/default/stunnel4 and then start the service.

sudo service stunnel4 start

Make the connection

With the stunnel service now running on both the server and the client we’re ready to make the secure connection. Now when you connect to your local machine on port 2200 it will make a connection to the remote IP on port 443, create a secure SSL connection, and connect to port 22 on the other end. Your encrypted SSH connections are now wrapped in an encrypted SSL connection using port 443.

ssh localhost -p 2200

Conclusion

stunnel can be used to encrypt a wide range of services. In this case creating an SSL connection over the standard https port allows you to SSH out even when the standard SSH port is blocked. This configuration will become part of my standard setup on my SSH servers. You never know when you’ll find yourself in a situation where you’ll need this kind of access!

How to install KVM on Ubuntu 14.04 LTS Headless Server

Standard

Kernel-based Virtual Machine (KVM) is a virtualization module for the Linux kernel that turns it into a hypervisor. How can I install KVM, setup guest operating system as the back-end virtualization technology for non-graphic Ubuntu Linux 14.04 LTS server? You can use KVM to run multiple operating systems such as Windows, *BSD, Linux distro using […]

via [RSS/Feed] nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format http://ift.tt/1WOfaoh

Download of the day: Tails Linux 2.0 ISO CD/DVD

Standard
Tails (The Amnesic Incognito Live System) version 2.0 has been released. It is a Debian-based security-focused Linux distribution and it is designed to increase privacy and anonymity online. This release fixes many security issues and users should upgrade as soon as possible. Download tails 2.0

via [RSS/Feed] nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format http://ift.tt/1UpMHn5

Yosembiance GTK Theme Gives Ubuntu a Flatter, Sleeker Look

Standard

yosembianceYosembiance GTK theme gives Ubuntu a flatter, sleeker look, but without losing the identity Ubuntu’s default ‘Ambiance’ theme gives it.

This post, Yosembiance GTK Theme Gives Ubuntu a Flatter, Sleeker Look, was written by Joey-Elijah Sneddon and first appeared on OMG! Ubuntu!.

via OMG! Ubuntu! http://ift.tt/1nbyvDg

How to Install Corebird Twitter Client on Ubuntu 15.10 & 16.04

Standard

Corebird twitter clientAfter what feels like forever, the best desktop Twitter app for Linux is finally available to install on Ubuntu – no PPA or risky ready-made Deb package needed.

This post, How to Install Corebird Twitter Client on Ubuntu 15.10 & 16.04, was written by Joey-Elijah Sneddon and first appeared on OMG! Ubuntu!.

via OMG! Ubuntu! http://ift.tt/1ZB626j

How To Patch and Protect Linux Kernel Zero Day Vulnerability CVE-2016-0728 [ 19/Jan/2016 ]

Standard

A very serious security problem has been found in the Linux kernel. A 0-day local privilege escalation vulnerability has existed since 2012. This bug affects millions of Android or Linux applications to escalate privileges. Any server or desktop (32 or 64 bit) with Linux Kernel version 3.8+ is vulnerable. How do I fix this problem?

via [RSS/Feed] nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format http://ift.tt/1lsabMg

Rollback an apt-get upgrade if something goes wrong on Debian / Ubuntu Linux

Standard
Rolling back to the previous version may solve the problem or free the disk space. Both CentOS/RHEL support rollback feature, but I learned hard way both Debian and Ubuntu does not support rollback feature yet.

via [RSS/Feed] nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format http://ift.tt/1StwOy1

Install latest version of Roundcube (Webmail) on CentOS 7

Standard

Roundcube is a web browser based mail client & also known as webmail. It provides a GUI ( Graphical User Interface ) where end users can check their mails, can create & manage folders,…

via Linux Tutorials & guide http://ift.tt/1YgJuMN

How to Change Linux Partition Label Names on EXT4 / EXT3 / EXT2 and Swap

Standard

A Partition is a space carved out from a physical disk which can be used to either install an Operating System or just act as a storage space for Users files and other data….

via Linux Commands – Tecmint: Linux Howtos, Tutorials & Guides http://ift.tt/1Rbpy9H