Category Archives: Debian

OpenVPN complains about wrong user/password without you requesting one?

If your OpenVPN client is complaining about a wrong user/password combination (AUTH_FAILED), although you are not requesting it on your server, it might be a completely different reason.

After migrating to a new operating system but taking OpenVPN’s configuration with me, I was running into this problem. All clients were complaining about wrong username and password.

The reason is simple:

I configured OpenVPN to send an email on connect and disconnect of a client. The script wants to use the mail command – which is not installed as default by Xenial. This leads to a client-connect-script error which in turn leads OpenVPN to respond with an AUTH_FAILED. Which in turn gives the “Wrong username/password” error message on the clients.

Solution: Make the client-connect script working again 😀

Installing Debian Jessie on an APU1D4

To install Debian Jessie on an APU1D4, it is easiest to go for a network installation. You need
– a TFTP server
– a DHCP server
– the Debian file structure in the TFTP server’s root directory

For DHCP you will need something like the following configuration:

For the TFTP server you need something like the following configuration:

Then simply extract the debian installer files into /src/tftp . I have included my working configuration into netboot_serial_20150107.tar. Should you want to change its configuration, simply edit the file pxelinux.cfg/default file. Mine looks as follows and is preconfigured for serial console output:

Attach a serial console cable and fire it up!

Install most basic Debian Jessie container for use as a template for LXC or similar

To create a most basic Debian Jessie container, you can follow these steps:

You should not forget to set the root password as it is good to have a known value later.

Now that we are within the container, we can configure the most basic settings that we will need for all containers:

Here I am usually generating

and set the default to en_US.UTF-8 .

To get the full repository contents, you should change your repository sources to look as below:

and then do an aptitude update .

You should also install an SSH server by entering

Enable root logins via SSH by changing one line in its configuration:

Unfortunately systemd is not yet working easily with LXC, so it should be replaced by the old sysvinit:

Edit initial DNS resolver configuration so it looks like this:

Then also configure the main network interface configuration:

Replace /etc/inittab with the following short version which is enough for a container:

Should the network not come up automatically, you can set the IP address in the config file of the container:

After a first start, you should also configure the mail server so it can send all system mail to your main mail server:

and answer all the questions.

Shut the machine down again, cleanup all the log files and make a copy which you can then use as your template for further containers.

FhGFS glitches

Installing FhGFS leads to little glitches. I am installing on Debian 7.0 running XQuartz on Mac OS X.

  • to avoid the XTEST error message when starting the Java GUI, follow the instructions on http://xquartz.macosforge.org/trac/ticket/414 and enter defaults write org.macosforge.xquartz.X11 enable_test_extensions -bool yes in a terminal window before starting the GUI
  • if you are using a proxy, be sure to define it in /etc/environment before starting the admon process or else the automatic wget downloads will fail

VGA modes when booting the Linux kernel

Use these modes in the kernel boot parameters list with vga=0x317 for 800x600x16, more in the table:

How to build your own Debian Etch Boot CD with recent 3ware-9xxx drivers

I wanted to install my latest server (Dual-Quad-Xeons and a 5.7TB 3ware 9650SE controller) with Debian Etch. Unfortunately at this moment there was no Debian installation CD with a recent 3w-9xxx driver – so my great RAID controller was not supported. Of course all Debian CDs didn’t find any harddisk 🙁

Now there were two possibilities – a network boot or a customized Debian installation CD. Here I will describe the second option, building your own installation CD.

The latest official Debian kernel at this moment was 2.6.18-3, so I downloaded exactly the following packages:

  • linux-image-2.6.18-3-amd64
  • linux-headers-2.6.18-3-amd64

This way I needed to simply exchange the included kernel module with my new version. To exchange the 3w-9xxx module, I downloaded the sources from 3ware and built the module. The resulting 3w-9xxx.ko has to be copied over the “old” file which does not know about the 9650SE controller yet. A simple

did it in my case!

A Debian installer CD needs special kernel packages, so called “udebs”. You can build these udebs from an installed kernel, if you download the source of linux-kernel-di-amd64-2.6 with the command

then you enter the unpacked directory, in my case this was linux-kernel-di-amd64-2.6-1.14 . As I said, I wanted to build/update kernel 2.6.18-3, but the downloaded sources are probably for another/older version. In my case this was 2.6.17-2. To make everything work, you have to change every occurrence of 2.6.17-2 to 2.6.18-3 in the files debian/control and kernel-versions by opening the files with any editor you like. I was using vi and issued the command

Simply enter dpkg-buildpackage after this and you will find many .udeb files in the parent directory. If dpkg-buildpackage is not available, install the package dpkg-dev . If it breaks after it started, it could need the package kernel-wedge.

Keep the .udeb files, you will need them later!

Now you have to build a recent version of debian-installer. I used the developer version from the subversion repository. To get the sources, give the folllowing command and enter the installer directory afterwards:

Edit the file build/config/amd64.cfg and make sure the KERNELVERSION line shows YOUR kernel version. Also uncomment the word #monolithic in the first line by removing the #. Edit build/config/common and make sure SUITE is set to “testing” or whatever you wish to install later. Copy the .udeb files you created before into the build/localudebs directory,

You should probably copy the original kernel .deb from
/var/cache/apt/archives to /usr/src and also the newly built driver
module to /usr/src, so you can edit build/config/common and make sure
the following line exists:

This way these files will be at the same place in installation environment –
and you should install /copy them before finishing the installation, otherwise the installer has found your
RAID disk, but after you boot into your new system the old kernel would
be active and not recognizing the controller. (To install you can open a shell by selecting one of the last installer menu entries. Your future system can be found in the /target directory. Don’t forget to add your necessary kernel module to be included in your initrd, otherwise the kernel will boot, but then wait endlessly for its root file system. I did that by adding 3w-9xxx to /etc/initramfs-tools/modules and then doing a “mkinitramfs -o initrd.img-2.6.18-3-amd64 2.6.18-3-amd64.)

Now enter the build directory and type

Should it break because of unmet dependencies, install them. In my case I had to enter this:

Should you get an error saying something about weak symbols, try a “make reallyclean” and then a “make build_monolithic” again – it worked for me and I had an ISO image in dest/monolithic .