Here’s how to set up a VPN that has all these features:

• Works natively on iOS*
• Doesn't require you to manage certificates or keys
• Automatically connects when your device is online

*It should also work on Android with the StrongSwan app, but I haven’t tested it. Please post about your experiences using this guide with an Android device in the comments!

At some point in the last few months, ProFTPd stopped working on several of the servers we maintain. Since it was working before, we didn’t change any of the configuration files, and it stopped working on several servers independently, I’m guessing that this was due to a change in the default config of ProFTPd, or at least the Debian Jessie version of ProFTPd. There’s an easy workaround but not a real solution at time of writing.

Windows versions prior to Windows 8 cannot view the content of CD/DVD images such as .iso files without the use of an external program. A long time ago I used to use a free program called Daemon Tools to open/mount CD image files. Nowadays there are several alternatives out there, but nearly all of them seem to have issues on Windows 7. Old versions of Daemon Tools don’t work. Newer versions allegedly include browser toolbar spyware, as do most other free alternatives.

Here’s how to encrypt a single file using a password and a salt:
openssl aes-256-cbc -salt -in filename -out filename.enc -base64
Type a strong password when prompted.

Here’s how to decrypt the same file:
openssl enc -d -aes-256-cbc -a -in filename.enc -out filename
You’ll need to re-enter the passwod that you used to encrypt it.

If you want to encrypt multiple files, combine them into a tar or zip archive before encrypting them.

Building a small Linux cluster is a lot simpler than I thought it would be. That said, there are a number of snags and pitfalls along the way, and it’s hard to find a comprehensive and up to date set of instructions online. There are also different approaches, either doing everything manually or using a system such LTSP. This post describes my experiences setting up a cluster manually.

After spending a long time trying to work out why some pings were randomly dropped between hosts on different segments of a virtual LAN connected by a transparent IPsec VPN tunnel, I discovered that the MTU for the underlying connection on both ends of the VPN should be set the same. The default for ADSL is usually 1492, whereas 1500 is frequently used for other connection types such as cable or fibre. When I changed the settings at both ends to 1442 (allowing some overhead for IPsec) then the random ping loss stopped.

This particular quirk of Python has been discussed in various places before, but I think it bears repeating as it’s different to the behaviour that you might intuitively expect and consequently catches a lot of people out when writing class methods. When declaring a function or a class method, any default arguments are only evaluated at the point when the function is declared, not when the function is called. For mutable default arguments such as lists or dictionaries, this has the effect of making them static. Consider the following example: