Search Results

Search results 1-20 of 23.

  • LUKS + KeyFile + AutoMount? [SOLVED]

    godfuture - - Plugins

    Post

    Quote from felix: “1. i put in my usb key (sde) ” I don't know what you want to do with this USB stick, besides using it for storing the encryption key. But I formatted the USB stick with mbr and added a fat32 partition. This way you might even use it to store something and additionally make it look even more "normal" to intruders. I know, this sounds so paranoid...but I guess you read newspaper Quote from felix: “2. dd if=/dev/random of=/dev/sde bs=512 seek=1 count=2046 to create random bytes (…

  • Quote from macom: “Shouldn't that be enough if you have not forwarded any ports? ” Good question. I do have a few port forwards. Isn't the (insecure) application behind open ports the real thread here? I mean are common router firewalls known to be insecure by default considering the user wants to host a service privately? Is it best practice to have multiple firewalls active? Quote from macom: “Have a look at the 3-2-1-Backup-Strategy ” Thanks. I will do that.

  • Thank you guys for your valuable hints. I still couldnt find anything, but as you said there might be many reasons for this. I am also not very skilled in thi.s I guess I will follow your suggestion and start from scratch. Also installing a firewall will be the way to go. Now I am using the router firewall only Still I dont know how to safe my important data...very likely I have to buy an external drive I guess. Again, thank you very much

  • Last night my OMV was not accessible anymore. Also docker not. I tried to open my web gui, but it responded very slow. After tipying my password and hitting login, I saw firefox was sending and waiting for a lot requests (little notice at the bottom of firefox). I checked the cpu, io and ram usage, but nothing was suspicious. When I tried to login via ssh, I barely could type any letter. After typing two letters into the ssh terminal, I had to wait long time till the next two would appear. I cou…

  • Create Keyfile for USB stick via GUI

    godfuture - - Plugins

    Post

    Quote from protter: “Is it possible to create a keyfile via GUI. And store it on a USB Stick. To unlock my luks HDD ? ” I don't think so. As I see it OMV lets you only uploading the file. Quote from protter: “Is there an easy way with the OMV GUI over Storage-Encyption-Keys-Add ? ” I don't think so. As I see it OMV lets you only add a keyfile to the LUKS header. Quote from protter: “now i think i copy from an "random file" the key to my usb stick ” ...to be more precise, it is not a file, but a …

  • LUKS + KeyFile + AutoMount? [SOLVED]

    godfuture - - Plugins

    Post

    Quote from rayycy: “Hi godfuture I just came across your interesting method for storing keyfile on a USB. It's appealing because it seems to reduce one layer of operation in the process chain. However I'm having trouble understanding your commands. Could you (or anyone else reading this), please clarify the following? 1. During the creation of the key, you seem to have created random bytes that's 1MB in size with dd parameters "bs=512 seek=1 count=2046". Is there any reason that you did this sin…

  • Hey guys, does someone know if there is linux support for the mentioned features? If yes, are there packages we could use in OMV?

  • The option sounds cool, cause then my letsencrypt cert renewal is 100% automated.

  • Hi gys, I have searched the internet quite a time and the only practical solution I found was to restart the webserver. But I am sceptical, renewing the certificate is a simple maintenance task. Normal business. Is restarting really the only possible solution to update the certificate shown in the browser (nginx in my case)? If no, what would I have to do? Cache refresh at client side does not work....If yes, how could the restart be automated such that after successful renewal with the letsencr…

  • Understood. As I only installed the omv-letsencrypt plugin, I will delete the /etc/cron.d/certbot file. Maybe it got installed with certbot? Thank you!

  • Hey guys, I wondered why there are two cron configs for my openmediavault-letsencrypt plugin. Is letsencrypt using the certbot and therefore dependent on this certbot cron config? Or is this just by accident one of them is redundant? I haven't installed the certbot actively. Shell-Script (1 line)Shell-Script (1 line)Hopefully someone knows!

  • LUKS + KeyFile + AutoMount? [SOLVED]

    godfuture - - Plugins

    Post

    One thing about the usb stick...many people mount the stick to get the keyfile. but there are better ways...you could place /dev/random infront of the first partition. This way no mount is needed anymore. But check the start of your usb part: Source Code (2 lines) Attention: make sure you have enough entropy: Shell-Script (1 line)Shell-Script (1 line)Add this keyfile to your luks header! Add this option to crypttab entries: "x x x luks,keyfile-size=4096,keyfile-offset=512" I tried to auto decryp…

  • Error after adding folders

    godfuture - - General

    Post

    Just to let you know. This issue was solved bugtracker.openmediavault.org/view.php?id=1853.

  • Well, I did generate a new one: Quote from godfuture: “[...] As I had trouble doing the generate or renew, I have deleted my old files in /etc/letsencrypt and started from scratch (advice from this thread). And it worked. [...] ” I deleted files in /etc/letsencrypt. Maybe I have to delete my LE cert in omv webui as well. But somehow I can not delete it, even I tried to remove all references. Hint: when generating certs with letsencrypt, the valid date of the cert in omv is updated. This means at…

  • I came to the conclusion that the key is not updated accordingly. After a warm host restart nginx does not come up anymore: Source Code (18 lines)

  • My latest insights: I guess the letsencrypt plugin does not replace the cert files in all cases. I will try to explain in a few more words. At the beginning, I had copied my old (ubutu) /etc/letsencrypt folder to omv. Then I fired renew in letsencrypt plugin. As the webroot was not ready, renew did not work. But my cert appeared in omv cert manager. I could use it from there on! As I had trouble doing the generate or renew, I have deleted my old files in /etc/letsencrypt and started from scratch…

  • maybe this is the same?! I get this error when trying to apply settings from email notification service. Source Code (13 lines)

  • I thought that I need my old key to optain new certs. In this case I will generate a new one an revoke my old certs. thank you both!

  • Hey guys, I was running ubuntu server 16.04 and had letsencrypt bot running. This means I have my key and other config already in place. How would I migrate these config files to OMV to be able to use the letsencrypt plugin? Thanks a lot

  • Error after adding folders

    godfuture - - General

    Post

    Also interested with Arrakis 4.0.9.1: Source Code (1 line) Nothing in "systemctl list-unit-files | grep Test", "cat /etc/fstab | grep Test", "cat /etc/exports | grep Test" or "cat /etc/openmediavault/config.xml | grep Test". "systemctl status sharedfolders-Test.mount" Unit sharedfolders-Test.mount could not be found.