Author Archives: peter

SSH – warning setlocale: LCC_ALL

If you are getting an error like this when you try to login trough ssh

bash: warning: setlocale: LC_ALL: cannot change locale (en_DK.UTF-8)
-bash: warning: setlocale: LC_ALL: cannot change locale (en_DK.UTF-8)
-bash: warning: setlocale: LC_ALL: cannot change locale (en_DK.UTF-8)

Then it can be the fixed by enable the locale on the remote system.

1. edit the file locale.gen and uncommend the line with the locale you are getting in your error message, in my example it is en_DK.UTF-8

sudo nano /etc/locale.gen

2. generate the new extra locale

sudo locale-gen

How to configure HSTS on Apache

HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking.

Here is how to enable it on Apache2

1. Enable mod_headers

a2enmod headers

2. Add the additional header to the HTTPS VirtualHost directive. Max-age is measured in seconds. Put this into your VirtualHost *:443 section

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

Setting up R to connect to MySQL/MariaDB

If you need R to connect to MySQL or getting the error below from your script:

Error in dyn.load(file, DLLpath = DLLpath, ...) : 
  unable to load shared object '/usr/local/lib/R/site-library/RMySQL/libs/': cannot open shared object file: No such file or directory

Then it can be solved by these commands

R -i

You will get a question about choosing a mirror to get the package from, just choose the one nearest to you.

How to get an A+ Rating with 100% score on the SSLLabs Test with NGINX

It can be a challange to get an A+ rating on a SSLLabs test, but i have done a configuration below that you are welcome to steal.

listen   443;

        ssl    on;
        ssl_prefer_server_ciphers on;
        ssl_session_cache    shared:SSL:50m;
        ssl_session_timeout  10m;
        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
        add_header Strict-Transport-Security "max-age=31536000";
        ssl_certificate    /etc/nginx/ssl/;
        ssl_protocols       TLSv1.1 TLSv1.2;
        ssl_ecdh_curve secp384r1;
        ssl_certificate_key    /etc/nginx/ssl/;

My pem file is just a text file containing the signed certificate and a SSL bundle.

To generate your dhparam.pem file, run in the terminal

openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048