Special Guest Co-Presenter: Russ Woodman from Linux In The Ham Shack

Errata: Jon got Streisand Routing wrong in the last show.

Russ works for a Broadband Carrier (ISP) that also supplies telephone, cellular (mobile), internet, satellite and cable. He’s in a team of 5 people, and is the main escalation point for the team.

Jon explains “Pets versus Cattle” (badly) and Russ explains they’re converting from Pets to Cattle.

The Broadband Carrier that Russ works for uses mostly open source technologies, and he is trying to move to more robust services.

He explains his path to Linux and Open Source, via VMS, BSD, Minix and SCO Unix. He started in his current job just after Y2K but has been working in System Administration for many years before that.

Russ talks about using Amateur Radio with Linux and Open Source.

We talk about how his job has changed, which is mostly in the abstraction of Hardware away from users, but Russ also talks about REST APIs and SOAP.

We all talk about Cloud reliability and cost.

Jerry brings up RINA.

Russ talks about his home network. Jon talks about “Becoming your own WISP”.

Al asks Russ about Amateur Radio and how you use it from Linux. Russ talks about different transmission modes and encoding/decoding. He then explains a bit about the Linux In The Ham Shack podcast.

Al talks about setting up a new server for hosting WordPress and how he’s moving away from FreeBSD to Ubuntu (or RedHat/CentOS). He asks for guidance about Ansible and authentication. Russ suggests OpenSUSE as an alternative to review as well. Jon mentions about commercial support. Jon also talks about the recent history of SUSE. Al asks about running sudo to become root. Jon talks about setting up TOTP (Google Authenticator) and enabling it for PAM authentication.

Al also asks about Linux permissions. Russ talks about setting permissions. There is a talk about SetUID and SetGID. Jon suggests using containers or chroot instead of trying to harden a whole machine. Jerry talks about ACLs.

Al goes on to ask about whether he’s in the right job. Jerry, Jon and Russ all provide their viewpoints.

Al mentions about a telegram group which he heard about on Tuxjam Podcast which alert you on the latest security alerts  https://t.me/itsecalert

We read some feedback

• Gary Williams talks about naming conventions on servers, dnsnames for SQL servers
• Mike Bickerton says we’re good 🙂 Mentions we’re very Windows, likes the audio, and asks about the theme tune (it’s “Now It’s Over” by “The ClayFoxes” as listed on our “About” page.) He mentions he asked our telegram channel for help with getting DNS hosting on Hurricane Electric, and then blogged about it. Jerry mentions some alternatives. Russ asks about IPv6 records.
• Paul Tansom mentions his naming conventions

We ask a question for a follow-up podcast – if you have got some suggestions about how you would do a backup for your clients and customers which doesn’t involve spending money, or at least, as cheaply as possibly.

We mention FossTalk Live (9th June at King’s Cross, London), OggCamp (18th and 19th August in Sheffield) and Podcrawl Glasgow (28th July in Glasgow).

Please consider spreading the word about the podcast. We have a presence on Facebook and Twitter. The team chat on Telegram, and if you want to support the show, we have a Patreon account.

What would you would like to see on the podcast? Is there anything we should change? Please get in touch via our Telegram group or email feedback@nospam.adminadminpodcast.co.uk (remove the filter to send the mail…) 🙂

Show notes:

• Relaunched the podcast!
  • Andy has stepped back 🙁
  • Jon Spriggs has stepped in 🙂
  • Al and Jerry are sticking around 🙂
  • We’re planning to do a monthly release (starting this month!)
  • Hopefully better audio (although, Jerry’s audio played up a bit in the middle… we know why, we’re fixing it for the next time!)
  • If you want us to make any changes, let us know!
• How do you name servers?
  • Al mentioned the Iron Sysadmin Podcast
  • We basically concluded that naming by function is probably best in managed networks, but that’s based on how you manage your security posture.
  • We briefly touched on how we name our personal machines… but who typically has more than one personal laptop? 🙂
  • It’s different in cloud environments – hosts may have ephemeral names, and Jon explained about Ephemeral Naming, and how that works with DNS names.
• Talking about home routers
  • Jerry mentioned Steve Gibson from the Gibson Research Corporation
  • Jerry wanted to move away from having disparate devices, and is going to replace various boxes with a single Edgerouter X
  • Jon explained basically about FTTC (Fiber-to-the-Cabinet)
  • Al mentioned that he uses a Mikrotik router – This model: RB2011iL-IN
  • Jerry mentioned that you can install Lede on the Edgerouter X.
  • Jon very briefly explained VRRP
• Home labs
  • Jon mentioned the Home Labs facebook group
  • Jon and Al mentioned their home lab kit, while Jerry explained how he threw away all his old kit, and now uses the cloud
  • Jon explained how he got in trouble because he got rid of his old kit and explained how he debugged hardware failure on a computer with no spare parts
  • All the hosts explain that they virtualize everything
  • Jon and Jerry both use talked about using Vagrant to stand up boxes both locally and remotely using the Digital Ocean Plugin or AWS Plugin. Jerry has also used the VSphere Plugin and mentioned the Azure Plugin. Jerry mentioned using the Mosh plugin and Jon mentioned the you can use RDP (as well as SSH) and talks about the Vagrant Cachier plugin
  • Jerry mentioned “Kubernetes the Hard Way“
  • Jon explained how he separates out the Vagrant boxes on his home server, and (at GREAT LENGTH) incorrectly explained how he sets up the networking for his VPN appliance – he’ll explain more in another show!
  • Al mentioned Openstack
  • Jerry mentioned the “Partner Acceptance Test” and noted that anything more significant than what we have would fail this test
• Firewalls
  • Al has been learning about using Palo Alto firewalls. Site to get Training.
  • Al mentioned Udemy
  • Jon mentioned FortiNet FortiGate, Juniper ScreenOS and JunOS and Check Point firewalls and Pulse Secure IVE product. He specifically mentions that a model of the FortiAP also does Firewalling
• AOB
  • Al mentioned the SysAdmin Show podcast
  • Jon recommended the Darknet Diaries Podcast and particularly mentioned the Beirut Bank episode.
  • FOSS Talk Live is on 9th June at King’s Cross, London
  • OggCamp ’18 is on 18th and 19th August in Sheffield

AL

• Tic Tac Toe Code

Jerry

• /lib/init/fstab
  • Samba issue with “locking.tdb”
• Vagrant-vsphere

Jon

• Matrix.org bridges to IRC, Slack with GitHub and RSS feeds
• Ansible all the things! (https://github.com/lugorguk)
• All Day Devops
• Packt Pub Free Book Of The Day

GitHub

• • • Learn the basics of Git in 15 minutes
    • How To Create a Pull Request on GitHub
    • GitHub Training Kit: Open source slides, workbook, and cheat sheet courseware for teaching Git and GitHub classes
    • Git cheat sheets in multiple languages
    • Understanding the GitHub Flow
    • GitHub training sessions and webcasts
    • Patchwork: Casual, mentored workshops for beginners to Git and GitHub
    • More resources from GitHub

Advanced IP Scanner

Use PSEXEC to Change Static IPs to DHCP Remotely

https://www.pockethernet.com/

# Convert macs to 00:50:56:96:8B:07 take out :

=LOWER(SUBSTITUTE(SUBSTITUTE(SUBSTITUTE(O2,":",""),".",""),"-",""))

# Convert to HP format

=LOWER(MID(P2,1,6)&"-"&MID(P2,7,6))

LDWin: Link Discovery for Windows

How to copy DHCP Reservations from one server to another

http://www.kernelpanicpodcast.com/

Phoebe Smith on How To Chase Your Dreams And Overcome Your Fears In Your Sleep

Home-assisant.io

git crypt

atom

Coding Manual: Computer Programming (Beginners Onwards) (Owners’ Workshop Manual)

Tom scott – FizzBuzz: One Simple Interview Question Video

Test Kitchen

Desired State Configuration

Ansible Tower open source project

Trello

LEDE Project

Git-crypt

New podcast – Reply All

• We talk about these episodes

Support us on Patreon!

http://www.lowlevelmanager.com/2011/09/fix-linux-dns-issues-with-local.html

Groklaw.net

Kanban, Outlook-Taskboard

Hosts:
Al
Jon The Nice Guy
Martin Wimpress

bootstack
metal as a service
juju
vagrant

Thanks to joe for recording and audio production