semjonov.de blog

rss feed ›

Set up 2FA app for PayPal

tl;dr: the option to add TOTP security keys on PayPal is somewhat hidden, it uses Verisign Identity Protection provisioning

It is becoming common knowledge that you should use two-factor authentication whenever possible. Some services allow the use of TOTP apps on your smartphone, some only want so send you SMS codes .. and others use proprietary tokens.

read on »

Install ESXi 6.5 on a Supermicro X10SBA

tl;dr: Work around problems with the installer by using a serial connection.

Trying to install VMware ESXi on a number of Intel Bay-Trail boards apparently fails with a hanged installation right after a message like Relocating modules and starting the kernel. There’s multiple forum posts around the internet where people suggest various workarounds, which never seemed to work for me. One suggestion which stood out to me as most promising was completely disabling the internal graphics chip and using a dicrete graphics card in the PCI Express slot. read on »

Create a CentOS mirror for Kickstarting

This is an update over my earlier post about PXE booting. I’ve learned a few more things and refined some rough edges. My Motivation is similar to the last post: I started building my homelab with virtual machines. Most of them are based on a minimal CentOS 7 installation, and as such I have a lot of very similar systems. Yes, I could probably use containers to great effect. But I prefer the separation/isolation that I get from virtual machines on ESXi. read on »

Truncated IPMI Passwords

tl;dr: webui truncates new passwords to 19 chars

read on »

Local PXE Boot Server

1. motivation Today I set out to setup a local CentOS mirror for quicker PXE installations of my virtual machines. In the long run this will probably be superseded by a Spacewalk machine and until now netboot.xyz has served me well. For the time being I just wanted a faster alternative. The kpxe file for netboot.xyz is tiny and can easily be used with the builtin TFTP server of OpenWRT / LEDE project or any other TFTP server. read on »