February 12th meeting - CA Cert


CAcert.org is a community-driven certificate authority that issues free public key certificates to the public (unlike other certificate authorities which are commercial and sell certificates).

At the February TriLUG meeting, we will learn about certificates and certificate authorities, and we will have a chance to become "certified" to issue our own certificates through CA Cert. These certificates can be used to enable SSL on a web server or a mail server.

If you would like to be certified, bring 2 forms of government-issued ID. You might also want to do some homework on the CA Cert web site beforehand.

Time: Thursday, 12 February, 7:00pm Place: Red Hat HQ, NCSU Centennial Campus Directions: http://www.redhat.com/about/contact/ww/americas/raleigh.html

(UPDATE - 2009-02-04 - How you should prepare)

The February TriLUG meeting is rapidly approaching (next week), and I wanted to send out a quick note that might help you get the most out of the talk.

First of all, some background. What is "CAcert"?

It is a certificate authority, just like Verisign or Thawte or GoDaddy. You can generate certificates to use on your web server or mail server, and they will sign it.

Many people use self-signed certificates on their web servers and mail servers. This provides HTTPS/IMAPS (SSL) encryption, but it is trivial to spoof. An attacker just sits in between you and your server, providing you with his own self-signed certificate.

YOU <---encrypted---> SPOOFER <---encrypted---> WEBSERVER

For this reason, on Firefox 3, you get the screen with the yellow passport man icon saying "Secure Connection Failed". And then they make you jump through several hoops before you can accept the certificate and see the page. In theory, you're supposed to verify fingerprints and what-not, but who does?

If you want to avoid this problem, you can get your certificate signed by somebody: Verisign, Thawte, GoDaddy, or CAcert.

There are two main differences between these CA's:

(1) price... CAcert is free, the others are not

(2) ease-of use... most browsers already know who the other guys are, but you have to tell it who CAcert is (by downloading their root certificate and importing it into your browser).

We'll talk a lot about these points at the meeting.

BUT... if you follow these steps, you will be able to generate your own certificates, and then have your certs signed by CAcert.

I did it today, and it was very easy.


0) See the detailed instructions here:


If you have a concern or spot a conflict between those instructions and these in this email, contact Cristóbal Palmer, cmp@cmpalmer.org

1) SIGN UP with CAcert here:


2) PRINT out a CAP form. See here:

http://wiki.cacert.org/wiki/FAQ/AssuranceByCAP Click on item #4.

3) BRING two forms appropriate government-issued ID.

Examples: passport, id-card, driver's license

The names should match on both. One must have a photo, but both is ideal.

4) COME to the meeting! Enjoy the show! Get assured!

Alan and Cristóbal

January 8th Meeting - VMware


In January, we will welcome Justin Parker into the LUG in the harshest way we know how... by inviting him to be a speaker.

Justin recently moved to the Triangle. His previous job was with VMware, one of the pioneers of virtualization. He will give us an overview of virtualization, and the features of the various VMware products. And he will guide us through setting up a virtual server. All of this, he says, without trying to sound too much like a "fanboy".

Slides available here (OpenOffice ODP format).

December 11th Meeting - Holiday Social


Following the TriLUG tradition, the December meeting will be a social event, with no formal program. Members and friends are invited to gather, eat, and blow each other to bits (in bzflag or any other game of your choice).

Dinner will be potluck. Bring a dish to share. Sign up on the wiki.

October 9th Meeting - Linux at NASA


Robert Singleterry, a researcher from NASA Langley Research Center will be speaking on his discovery of open source software in his quest to study space radiation.

Robert will discuss the trials and tribulations of a Student / GPC / EI International / Grad Student / ANL-W / NASA engineer, and his trip from sole source software to the open source world. There were mountains to climb, holes to watch out for, and eventually smooth sailing ahead for this engineer's usage of open source software at NASA, all while doing his real job of space radiation research.

Robert will share his experiences of sole source and open source software, and how the two interact with each other. And he will describe the environments in which he made the open source transition, which range from a single work laptop to high performance computing clusters.

September 11 Meeting - Rolling Your Own, building a REAL internet appliance


Have you ever wanted to run a bare-bones Linux system? One that is smaller than your normal desktop or server distro? Does DSL (Damn Small Linux) seem bloated and bulky to you?

Have you ever wanted to cook your food over an SSL connection? Do any of your kitchen appliances have a penguin sticker on them?

This month, our very own Alan Porter will share his experience at "the oven place" (www.tmio.com), creating a Linux-based kitchen appliance for home use. Weighing in at 256 MB of flash and 256 MB of RAM, this 550-pound appliance connects to the internet, refrigerates AND cooks food, and allows you to control it remotely. Alan will show us what goes into the minimalist Linux distro that powers this nifty gadget. Cooking demo included.

August 14 Meeting - Women in Technology, panel discussion


This month's program will be a panel discussion on Women in Technology, and the issues that women face in a male-dominated industry. The discussion will be led by five local women who work in various areas of technology, and will be moderated by Janet Babin of the Marketplace Innovations Desk at WUNC.

July 10 Meeting - Deploying DNSSEC in 6 minutes


There have been many tutorials on DNSSEC in the past, but few have focused on just how easy it really is to deploy secure DNS. In this presentation, Alan Clegg will provide an easy to understand and follow tutorial on rapid deployment of DNSSEC.

Additionally, Alan will comment on the newly released CERT advisory regarding DNS Infrastructure vulnerability.

Preview slides.

Speaker BIO:

Alan Clegg has over 20 years experience providing support and management of Internet facing systems. As a Dale Carnegie trained public speaker, Alan has provided tailored learning experiences to corporations (Banc One, Jefferson Pilot Communications), at conventions and meetings (BSDcon, InfraGard, HTCIA), and now, as part of his job with Internet Systems Consortium (ISC).

During the NSF funded rollout of Internet access to higher education, Alan assisted in the deployment of “high speed” (56k!) network access to all 2 and 4 year degree granting, publicly funded colleges and universities in North Carolina. Later, as a member of the technical staff of Berkeley Software Design, he provided training and support for the BSD/OS and FreeBSD operating systems. More recently, Alan was a member of the senior engineering team at Hosted Solutions, a data center solutions provider with multiple data centers in North Carolina and Massachusetts.

Alan is involved with InfraGard, a public/private partnership between the Federal Bureau of Investigation and providers of infrastructure in the United States, and recently stepped down from the office of President of the board of directors for the Eastern Carolina Chapter.

Serving as a volunteer firefighter for over 18 years, Alan became an American Red Cross Disaster Services volunteer following Hurricane Katrina. He is also a trainer for the FEMA Community Emergency Response Team, specializing in CERT response to acts of terrorism.


The Linux Users Group of the Triangle. Serving Raleigh, Durham, Chapel Hill, and RTP.


Our monthly meetings are hosted by:

Dr. Warren Jasper

Hosting Sponsor

Hosting for TriLUG's infrastructure is provided by:


3D Printed "TriTuxes" provided by:
Brian Henning