Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| wiki:user:nelgin [2024/02/07 10:20] – [Mosquitto, Synchronet and TLS With Self-Signed Certs] typo nelgin | wiki:user:nelgin [2024/12/07 22:25] (current) – nelgin | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ===== Nelgin - End Of The Line BBS ===== | ||
| Nelgin was born in England and moved to the US in 1996. He's fluent in both English English and American English :) | Nelgin was born in England and moved to the US in 1996. He's fluent in both English English and American English :) | ||
| Line 7: | Line 8: | ||
| He plays keyboards, guitar, and drums for fun. | He plays keyboards, guitar, and drums for fun. | ||
| - | His aim is to visit all 50 states. He's visited 36 so far. | + | His aim is to visit all 50 states. He's visited |
| End Of The Line BBS is run by Nelgin | End Of The Line BBS is run by Nelgin | ||
| Line 15: | Line 16: | ||
| telnet:// | telnet:// | ||
| - | ssh:// | + | [[ssh:// |
| - | rlogin:// | + | [[rlogin:// |
| Point a viewdata emulator at endofthelinebbs.com port 6502 to try the experimental interface. | Point a viewdata emulator at endofthelinebbs.com port 6502 to try the experimental interface. | ||
| Line 26: | Line 27: | ||
| ===== Mosquitto, Synchronet and TLS With Self-Signed Certs ===== | ===== Mosquitto, Synchronet and TLS With Self-Signed Certs ===== | ||
| - | This works for me. It might not work for you. | + | This works for me. It might not work for you. It's easier to do all this as root and then chown/chmod files as necessary to secure them. This works on Ubuntu. |
| First I created a dns entry mqtt.endofthelinebbs.com to point to my server IP address. You could probably use your regular dns name or something else, I'm not sure. I just know this works for me. | First I created a dns entry mqtt.endofthelinebbs.com to point to my server IP address. You could probably use your regular dns name or something else, I'm not sure. I just know this works for me. | ||
| Line 39: | Line 40: | ||
| Now, convert the file | Now, convert the file | ||
| mosquitto_passwd -U pwfile | mosquitto_passwd -U pwfile | ||
| + | | ||
| This will upgrade the file and hash the plain text password. Never run -U on an already hashed password file or it'll rehash the hashed password! | This will upgrade the file and hash the plain text password. Never run -U on an already hashed password file or it'll rehash the hashed password! | ||
| Line 94: | Line 96: | ||
| use_identity_as_username false | use_identity_as_username false | ||
| | | ||
| - | chown mosquitto. / | + | chown mosquitto. / |
| - | chmod 640 / | + | chmod 640 / |
| | | ||
| Now start or restart your mosquitto service | Now start or restart your mosquitto service | ||
| Line 117: | Line 119: | ||
| If all is good you can now make your sbbs certs. | If all is good you can now make your sbbs certs. | ||
| - | cd /sbbs/ctrl | + | |
| Create your key | Create your key | ||
| + | cd / | ||
| openssl genrsa -out sbbs_mqtt.key 2048 | openssl genrsa -out sbbs_mqtt.key 2048 | ||
| Create your csr | Create your csr | ||
| Line 126: | Line 129: | ||
| openssl x509 -req -in sbbs_mqtt.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out sbbs_mqtt.crt | openssl x509 -req -in sbbs_mqtt.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out sbbs_mqtt.crt | ||
| | | ||
| - | copy the / | + | copy the / |
| + | |||
| + | cp / | ||
| + | mv / | ||
| + | cd /sbbs/ctrl | ||
| chown bbsuser: | chown bbsuser: | ||
| Replacing bbsuser and bbsgroup with the username/ | Replacing bbsuser and bbsgroup with the username/ | ||
