The OpenSSL project is an open-source general purpose cryptography library that implements the SSL and TLS protocols.

Configuration File

The configuration file for OpenSSL is openssl.cnf. The location of which will probably vary across Linux distributions. On Red Hat systems the configuration file is as shown below.


You can use this file to define certain default values. For example, editing the dir variable sets the default directory for saving your certificates. You will need to first create the directory if you change this value.

dir = /certs/ssl/ca

Some additional variables I like to set are as shown below. You might also want to consider entering in this information if you generate a lot of self-signed certificates.

default_days = 3650
default_bits = 2048
countryName_default = US
stateOrProvinceName_default = Washington
localityName_default = Seattle
0.organizationName_default = My Company
commonName_default =
emailAddress_default =

By replacing these details with your own, will prevent you from having to enter this information in manually each and every time you create a new CSR (Certificate Signing Request).

More stuff here…

More stuff here…

openssl ....


OpenSSL: Cryptography and SSL/TLS toolkit

Wikipedia: OpenSSL


The locate command can be used to find files by name.

As usual you can find out everything you could possibly want to know about the the locate command in the manual pages.

man locate

Essentially, locate, at set periods runs a cron job indexing each file name into a database. The locate command simply searches the database for a given file name. If you know the file you are searching for is new, you might first need to update the locate database with updatedb.

In its simplest form, to find a file called myfile.txt, run.

locate myfile.txt


You can use the find command to search a system for files or directories. The find command can be quite resource intensive as it trawls recursively through your file structure. Often a more suitable command is locate. See here for more information about the locate command.

As usual you should head to the manual pages to find out more.

man find

In its simplest form, you can use the find command like this.

find / -name myfile.txt

The ‘/’ is the directory to start recursively searching from. We use the ‘-name’ command line option to indicate we are searching on the files name. In this case the string we are searching for is myfile.txt.

nvPY on Gentoo

nvPY is a fast, simple to use, no fuss, cross-platform note taking application. One of the big benefits is that all your notes are stored somewhere on the cloud – so you don’t need to worry about them!

Unfortunately we can not simply use emerge to install nvPY, so there are a few prerequisites prior to installation.


There are not many prerequisites to nvPY but here they are all the same.

Simplenotes Account

In order to use nvPY, you will first need to create yourself a simplenotes account at Now armed with your simplenotes login credentails, you can begin to install.


Because vnpy is not available through the Gentoo package manager, we first need to make sure we have the git client installed so that we can download the source code.

emerge --ask git


At the time of writing, nvpy works best with python version 2.7.x and it currently does not work very well yet with python 3.x. Also, nvpy requires that the python version to be used is compiled with support for TkInter.

I already have dev-lang/python-3.3.2-r2:3.3 install as my default. To install a lower version, like 2.7.x but keep 3.x as your default, do. Note, you will need to be root.

emerge -av python:2.7

If, like me, you already have python 2.7.x installed, make sure it is compiled with TkInter support. If not, as root, do the following.

echo "=dev-lang/python-2.7.5 tk" >> /etc/portage/package.use
emerge --ask --newuse =dev-lang/python-2.7.5-r3


You should now be able to simply follow the instructions on github. To summarise (copy really I guess), see below. Make sure you do this as a normal user.

git clone git://
cd nvpy
python nvpy

Launch nvPY

In order to run nvPY, it first needs to be able to connect to your SimpleNotes account. So before you first try to run nvPY, create the following file, making sure only your normal user can read it.

nano ~/.nvpy.cfg

Populate it with only the following information. Obviously, replace the values on the right hand side of the equals sign with your SimpleNotes login credentials.

sn_username = your_simplenote_username
sn_password = your_simplenote_password

Make sure only you can read it.

chmod -v 600 ~/.nvpy.cfg

Finally, try running it.

python2.7 nvpy &

Hopefully that worked!!

nvPY installed on Gentoo

Yay!! Job done!


The Official Site – GitHub:

How to install Python Tkinter in Gentoo Linux:

How to choose python version to install in gentoo:

Create a Self-Signed Certificate for Apache

Contained within an SSL certificate is information that pertains to you and your secured domain. Lets imaging that you have a web hosting company called Spider and the details for which are shown below.

Country Name (2 letter code):		UK
State or Province Name (full name):	Surrey
Location Name (city):			Camberley
Organisation Name (company):		Spider Web Hosting
Organisation Unit Name (section):	IT Support
Common Name (your domain name):
Email Address ():

A challenge password: 			leave blank
An optional company name: 		leave blank

Generate a Private Key and Certificate Signing Request

Here we generate a Certificate Signing Request and populate it with our details. The -nodes flag tells openssl to create a private key that does not require a pass-phrase. Emitting this flag will prompt for a pass-phrase every time you use it. If installing it on Apache, this will mean entering it every time the Apache service is restarted.

openssl req -new -nodes >

The above command will generate the CSR and the private key in your current directory.

Generate the Certificate

To generate a certificate, you need a Certificate Signing Request and a private key. The output of the below command will create a certificate valid for 365 days, called within your current working directory.

openssl x509 -in -out -req -signkey privkey.pem -days 365

Make sure that the private key is not world-readable but the certificate is.

chmod go-rwx

The above command removes read, write and execute permissions from the group and other users.

Resources Creating Self-Signed SSL Certificates for Apache on Linux Generate a Self-signed SSL in Linux

Unix and Linux System Administration, fourth edition; Nemeth Snyder Hein Whaley.
pages 971-973

The Most Common OpenSSL Commands

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

Generating 2048-bit CSR with OpenSSL

Shutter with XMonad

For me, Shutter is the best open-source screenshot program available for Linux. When I used Windows, I really liked Snagit – Shutter is a good alternative.

Installing Shutter

Installing Shutter is straight forward enough. However, before doing so, I added a couple of use flags to enable the drawing tools and afford the functionality of taking screenshots of websites. This needed if you want similar functionality to Snagit where you can easily take a screenshot and then quickly and easily edit it. Such as highlighting an area or blurring-out sensitive information.

echo "x11-misc/shutter drawing webphoto" >> /etc/portage/package.use

To install, simply type.

emerge --sync
emerge --ask shutter

Configuring XMonad

If you’re using XMonad and you are unable to use Shutter due to error messages similar to the one below, you’ll need to make sure your xmonad.hs file is configured to use EWMH Hints, which is required by Shutter.

Error while taking the screenshot: Maybe mouse pointer could not be grabbed or the selected area is invalid.
Error while taking the screenshot: Maybe mouse pointer could not be grabbed or the selected area is invalid.

Open up ~/.xmonad/xmonad.hs with a text editor.

nano ~/.xmonad/xmonad.hs

We need to import the following package.

import XMonad.Hooks.EwmhDesktops

You’ll also need to define the handleEventHook and logHook properties as show below.

handleEventHook = ewmhDesktopsEventHook,
logHook = ewmhDesktopsLogHook,

Don’t forget to recompile XMonad by pressing the modification key (Windows key on my system) with q.

WinKey + q


Shutter – Screenshot Tool: Official site.

Gentoo Browse: x11-misc/shutter

Wikipedia: Extended Window Manager Hints ahitrin / xmonad-config

Gentoo: Temporarily Configure Networking

This can be useful if your working from a LiveCD or testing the network. Note, “temporary” means it will not survive a reboot! To configure networking, adjust the below command for your own environment.

ifconfig eth0 broadcast netmask up
route add default gw

The above commands assign the static IP address of to the eth0 interface and defines the default gateway as

You might also need to add some nameservers to your /etc/resolv.conf configuration file.


Again, this configuration will be lost after a reboot. To permanently create these rules, use the /etc/conf.d/net configuration file.