This post is mostly a collection of commands that can help in juggling around SSL certificates and associated files. Check SSL certificates and make sure they are what you think they are. Especially when things do not go as expected, these commands are handy to have around.

In our quest to automate even more, we have further automated our installations. We use Debian and don’t want to answer any (except for IP and hostname) question in the debian installer by hand. We’ve already pre-seeded the installer with a lot of answers, but the partitioning was always hard. Before, we formatted the first […]

As you probably know by now: We have our SSH and PGP-keys on a CryptoStick. But getting it to work used to be somewhat harder than it is now. So without further ado: The (almost) foolproof way to get SSH and PGP working with the CryptoStick in Ubuntu.

noVNC allows you to connect to a VNC server, using only a web browser with WebSockets. Unfortunately, WebSockets does not allow you to create arbitrary raw TCP connections. This is why we have written a rather compact noVNC proxy called wsproxy, which can connect to VNC servers within a whitelisted range of ports.

We are in the process of building the configuration for our monitoring system from exported resources (more on that in the future). To accomplish one of the checks we needed a way to identify the brand of RAID controller in our physical servers. The best way to do this is facter. We’ve written some custom […]

On our systems at Hetzner we only have a single /64 IPv6 range, which we use to assign addresses to virtual systems, running in Xen and KVM. Because we don’t directly bridge the virtual machines to the external interface, we have written a script that synchronizes Neighbor Discovery entries to the external interface.

We wanted to give some of our customers the ability to restart some of their own services on their development environment. To be able to do this we made a puppet module.

By default, instances created on Amazon EC2 will have a randomly assigned IPv4 address, which is why we’ve written a script to automatically create DNS entries in PowerDNS for instances managed through EC2.