Hashicorp Vault – Managing Tokens

https://www.vaultproject.io/docs/concepts/tokens.htmlvault client:Creating tokens (Default Lifetime 24 hours):https://www.amon.cx/blog/managing-all-secrets-with-vault/vault token-revoke <TokenID>vault token-create -policy=mypolicyvault token-create -policy=mypolicy -ttl="1h"vault token-create -policy=mypolicy -ttl="1h" -display-name=“My's Token"vault token-create -policy=mypolicy -explicit-max-ttl="1h"Requires "brew install" jq first:VAULT_TOKEN=$(vault token-create -ttl="1h" -format=json Read more [...]

Configuring Open Filer Tutorial

This information came from a previous site of ours, so the information may be out of dateToday's video outlines how to configure Openfiler and continues where I left off from the installing OpenFiler video.Today’s video covers:Setting up the OpenFiler LDAP Server (Part 1)Creating Users and Groups (Part 1)Setting up Network ACL’s (Part 1)Creating Volumes (Part 1)Creating Network Shares (Part 2)Creating iSCSI Luns (Part 2)Open Filer Video Part 1:Open Filer Video Part 2:For those of you who don’t Read more [...]

How to Install Citrix Xenserver

This article is content I migrated from a previous site I had created. The information may be a bit out of dateIn this video I explain where to get Citrix Xenserver and how to install it. I use a Virtualbox Virtual Machine in my demonstration, however you would not want to run Xenserver in a Virtual Machine in your production environment. I can't really think of a situation where you would want to do that.I hope you enjoy the video, and be sure to send me any questions you have either by commenting Read more [...]

Connecting to storage Systems using iSCSI, NFS, and CIFS (SMB)

As there are a variety of tasks you may need to achieve, there are many different ways to connect to your storage system. Each operating system has differing methods for utilizing these protocols, and different operating systems will perform differently with each protocol. For the purpose of this article we are going to focus on two methods of connecting to storage; LUN’s and File Shares. In my examples I will be using Open Filer as the storage device, then various Linux and Windows editions Read more [...]

Installing Virtual Box and Creating an Ubuntu virtual machine

This is content I migrated from a previous website, so some of the information is a little out of date. But the overall processes should still be the same. Virtual Box is a very simple virtual machine package which can be installed on Linux, Mac, Windows, and Solaris. It is open source, so you can compile it to run on other systems as well.In this tutorial video I will cover how to install virtual box and install your first virtual machine. The process of creating the virtual machine is does not Read more [...]

Hashicorp Vault – Reading and Writing Secrets to Vault

This article will describe how to read and write secrets to vault using the vault CLI and CURL. These instructions are assuming you are on either Linux or Mac OSX. Later we will add instructions for windows. That said, most of the Vault CLI commands should work fine on windows as well.Before you can proceed, you need to be sure you have authenticated against vault. For details on that, you can check out one of our articles about configuring vault authentication. To use the CURL commands you also Read more [...]

Hashicorp Vault – Creating a new root Token

Instructions were found here: https://www.hashicorp.com/blog/vault-0-5/Generate One time Password:vault generate-root -genotpsave OTP Output, example: tXJxQcj01NoR3whDnt9OxQ==Initialize Process:vault generate-root -init -otp="<OTP Value>"Example: vault generate-root -init -otp="tXJxQcj01NoR3whDnt9OxQ=="Enter Unseal Keys:vault generate-rootEnter unseal key when prompted. Repeat with additional reseal keys as needed. Once threshold is reached, save Encoded Root Token.Example: GYox3aZVAGXZfI9Gku1ohQ==Decode Read more [...]

Hashicorp Vault – Install Client (CLI/GUI)

Hashicorp Vault has a variety of ways to access it. You can access it via a CLI client, via the rest api/CURL, and via a third party GUI client.Intalling the CLI ClientStart by downloading the appropriate client for your platform from here:https://www.vaultproject.io/downloads.htmlOSXCopy the downloaded bin file to the /usr/local/bin folder on your local machineCreate a system variable called VAULT_ADDR and set the path to the vault server.Open a terminal windowtype cd ~type vi .bash_profilePress Read more [...]

Hashicorp Vault – Configure Authentification

There are many authentication methods for vault. This article descibes how to configure LDAP authentication and Userpass AuthenticationLDAP Authentication:The following command will configure LDAP to point at a domain controller named mydomaincontroller.mydomain.com. It will then search the search base for groups to the top of mydomain.com domain:vault write auth/ldap/config url="ldap://mydomaincontroller.mydomain.com:389" userattr=sAMAccountName userdn=“dc=mydomain,dc=com" groupdn=“dc=mydomain,dc=com" Read more [...]

Hashicorp Vault – Rekey or Unseal Vault

Unseal the vaultAfter the vault service has been restarted, the password vault is in a sealed state. This means that the encryption keys are not in memory, and the encrypted database on the disk cannot be read. More on this topic can be read here: https://www.vaultproject.io/docs/concepts/seal.htmlRekey the vaultTo Start the rekey process:To unseal the vault:Open terminaltype: vault unsealenter unseal keyRepeat the above process until you have entered enough keys to unseal the vault. We require a Read more [...]