Diane @alienghic@octodon.social
Bioinfo developer in ENCODE project, Python developer, Debian Developer. I'm trying to work on XMPP.
@Are0h hope it worked out for you
So... openvpn is so much easier than ipsec. Their quick start instructions just worked. I even got ipv4 + ipv6 routing working pretty quickly.
Though then I decided to try to switch to x509 authentication, and... they're not kidding when they say "this is going to take a long time" when creating a dhparam file.
Is it wrong to use home automation against your 4 year old?
Kid turned light on. I turned light off while at my desk.
A story of electronics recycling, and how the "dumping ground" of the developing countries may not be as bad as the press reports.
I ❤️ magit + tramp.
@saper I started looking at putting strongswan on my router, but then the openwrt documentation was somewhat discouraging comment about ipsec performance on a small router.
Though I found a new comment saying the router I'm currently using should be fine.
@saper :) Yep! I've gotten that far. For tunnel mode I'm currently still failing to understand how traffic selectors, private subnets interact and when do you need a virtual ip.
@craigmaloney i miss having friends who can come over to my house.
@saper i haven't gotten tunnel mode to work this was transport mode since it was host to host and i don't understand traffic selectors. Any time i try tunnel mode i get errors about traffic selectors being incompatible(?).
I got my ipsec transport connection to go from my home server to my work server and I could even send dns through it away from AT&T's prying eyes.
Unfortunately then any other computer behind my NAT couldn't talk my server.
@starbreaker look another hairball!
What is systemd doing in my nsswitch file?
Hi my name is alienghic.
I argue to much on twitter.
Though aren't we all soldiers in the information war?
http://www.zephoria.org/thoughts/archives/2017/01/27/the-information-war-has-begun.html
@shel take my money! (To reduce inequality fairly)
@saper Auth wouldn't work until I encoded the host name in the subject alternative name. Strongswan seemed to ignore the CN field.
@Are0h i thought new vegas' story was by someone else (apparently it was obsidian https://en.m.wikipedia.org/wiki/Fallout:_New_Vegas )
@saper After a long struggle I eventually figured out how to generate certificates correctly and I can get ipv4 host to host to work, but I'm still at a loss on how to any version using virtual ips.
@saper Because the university I work at doesn't have any better ipv6 offerings. 6to4 was easy to set up, and worked really well for making it easier to connect VMs on different hosts in the same corporate network.
Is it just me or is strongswan & ipsec quite difficult to configure?
Also maybe trying to link my home computer into a 6to4 subnet hosted elsewhere via a ipv4 ipsec tunnel to get around the crummy AT&T internet gateway filtering isn't the easiest place to start.
