Football Manager 2014 Released, Available For Linux

Football Manager 2014 has been released on Steam and, as it was announced a while back, is available for Linux:

"Play on Linux for the first time, plus the inclusion of ‘cloud-save’ technology which means that managers can now pursue a single career from any computer, anywhere in the world. FM14 also includes integration with Steam Workshop making it easy for managers to create and share customized FM content such as photo/logo packs, new and custom competitions and tailor-made challenges using the new Challenge Editor."

Football Manager is a popular football (soccer) management simulation game series developed by Sports Interactive and published by Sega that started back in 1992, under the "Championship Manager" name.

The game, released as a beta a couple of weeks ago, is already the 4th most popular game on Steam.

The main features of the game are its player database and match engine - they are so realistic that Football Manager has even been recognized by real-life football clubs as a source for scouting players, being considered by many as more than just a game. According to Wikipedia, Everton FC signed a deal with Sports Interactive allowing them to use the game's database to scout players and opposition.

Here are a few Football Manager 2014 (running in Ubuntu) screenshots:

Football Manager 2014 Linux system requirements:

• CPU: 1,8Ghz+
• Memory: 1GB RAM
• Graphics: NVidia GeForce 7300 GT, AMD Radeon HD 2400 Pro, Intel HD 3000/4000: 128MB VRAM
• 3GB of HDD available space

Below you can watch a Football Manager 2014 gameplay video created by Softpedia : http://www.youtube.com/watch?v=BVLiT5In1CY

 

Buy Football Manager 2014 via Steam or its website (49,99€ / $49,99 / £34.99) or download the demo.

 

 

 

http://www.webupd8.org/2013/10/football-manager-2014-released.html

Ini Dia 10 Keunggulan dan Fitur Baru Android 4.4 KitKat

Google akhirnya resmi merilis versi Android terbaru 4.4. Melalui Android terbaru ini, Google dikatakan telah mendesain tampilan yang lebih nyaman, beberapa perbaikan performa dan fitur baru. Android versi terbaru yang akan memulai debutnya bersama Nexus 5 ini.

Dan Kabar baiknya adalah Android 4.4 KitaKat, dapat digunakan untuk perangkat yang menggunakan RAM minimal 512 MB. Sehingga perangkat Android kelas Entry level pun akan dapat merasakan update terbaru dari OS Android terbaru dari Google ini. Dengan munculnya Android baru ini, Google bahkan langsung menargetkan 1 miliar pengguna untuk Android 4.4 KitKat.

Pada fitur dialer Kitkat punya Caller ID yang baru, dimana Google dapat menyesuaikan nomor telepon dan mengenali kontak yang biasa telpon, sehingga  secara otomatis dengan cepat menarik kontak alamat dan nomor kontak dari database, bahkan jika Anda tidak memiliki kontak yang tersimpan dalam buku telepon.

Seperti pada beberapa upgrade OS, Google juga mendesain ulang interface sehingga lebih fresh. Sehingga tidak bosan untuk dilihat. Kini Kitkat lebih banyak menampilkan warna dominan putih/abu-abu dengan tampilan yang lebih sederhana dan lebih minimalis. Mungkin dengan warna ini Kitkan menawarkan sumber daya yang lebih hemat. Default ikon juga berbeda sekarang desain datar, dengan animasi boot yang baru, serta layar kunci ditingkatkan dengan shortcut kamera.

Google memperkenalkan fitur baru pada voice search, dimana ada cara baru untuk menggunakan Google Now. Anda dapat mengaktifkan voice search dari homescreen Anda tanpa menyentuh layar, namun saat ini baru dapat bekerja untuk Nexus 5. Anda juga dapat menswipe dari homescreen untuk mengakses Google Now, dan berbicara kalimat "OK, Google". Dengan begitu Anda dapat mengaktifkan fitur asisten pribadi, yang Google mengklaim 25% lebih akurat, dan dapat menjawab pertanyaan Anda seperti pada SIRI milik Apple.

Layanan instant messenger Google Hangouts kini memungkinkan Anda mengirim mengirim pesan Teks dan MMS juga dalam interface yang sama, sehingga semua percakapan dapat terbaca semua dalam satu interface. Anda juga dapat mengirim file gambar GIF, dan menggunakan fitur Autoawesome untuk mencerahkan video chat dengan menggunakan Hangouts.

Dibeberapa aplikasi, fitur navigasi bisa menghilang secara otomatis sehingga pengguna lebih puas menggunakan layar penuh fullscreen. Seperti ketika Anda membaca, lalu Anda tinggal menggesekkan dari tepi layar akan membawa kembali status bar dan tombol navigasi.

Kitkat juga menyediakan gambar yang disebut dengan “emoji”, sehingga pada keyboard bawaan Android Kitkat membawa simbol Jepang yang berwarna-warni, sehingga anda Anda terlalu repot-repot lagi dalam mengetik "cactus".

Anda juga dapat membuka dan menyimpan file dan gambar dari atau smartphone/tablet dengan Google Drive atau layanan storage cloud lainnya dengan cepat.  Karena kitkat menyediakan framework baru yang tersimpan pada Gallery atau QuickOffice. Bahkan ada daftar file yang baru Anda buka yang bisa langsung Anda pilih kembali.

Dengan dukungan Google Cloud Print, KitKat sekarang Anda dapat mencetak print photos, documents, dan halaman dari smartphone atau tablet secara wireless. Tentunya dengan menggunakan peralatan lain, ePrint HP. Dengan kemampuan ini, mungkin pembuat printer lainnya pasti dengan cepat akan menambahkan kemampuan printernya untuk dapat aplikasi pencetakan secara wireless di Google Play Store.

Kitkat memiliki kemampuan multitasking yang mudah dan cepat diakses. Tidak hanya itu google juga membuat cara mudah untuk menulusuri info saham dan launcher lainnya atau "homescreen repacment". Dengan memilih Settings> Home.

Android 4.4 menambahkan kemampuan perekaman layar yang mampu merekam aktifitas layar dan dapat disimpan dengan file dalam bentuk MP4. Bahkan Anda dapat mengaturnya dengan resolution dan bitrate yang diinginkan



http://www.tabloidpulsa.co.id/news/11626-ini-dia-10-keunggulan-dan-fitur-baru-android-44-kitkat-

How to create custom business cards or labels in Linux

A savvy business person may believe that a lasting impression starts with a good looking business card. That doesn’t necessarily mean that you need to order expensive business cards from somewhere. There are plenty of image editor software that can be used to create DIY great looking business cards or name labels.
In Linux, there is a GNOME desktop program called gLabels which is designed to create labels or business cards. As a hassle free label creator, gLabels offers various predefined templates for labels and business cards, and works with peel-off labels and business card sheets of various sizes, which are commonly found at office supply stores.
In this tutorial, I describe how to design business cards and labels with gLabels.

Install gLabels on Linux Desktop

To install gLabels on Debian, Ubuntu or Linux Mint:

$ sudo apt-get install glabels

To install gLabels on Fedora:

$ sudo yum install glabels

Note that gLabels is designed for GNOME 3.0+, and therefore is not compatible with CentOS or RHEL 6 which comes with GNOME 2.

Design a Business Card with gLabels

With its built-in GUI editor, designing a business card on gLabels is pretty easy.
To launch gLabels on Linux, simply run:

$ glabels-3

You can create a new design by clicking on “New File” icon on the top. Then choose one of several predefined business card templates.

Add images, texts, lines or shapes to customize your business card.

Check the print preview of the design before finalizing.

Design Name Labels with gLabels

When it comes to creating name labels, the most useful feature of gLabel is “mail merge” feature. This feature allows you to design a generic label template, while filling in user-defined areas (e.g., name, address fields) of each label with a unique text, imported from external data files. gLabels supports importing data from text files, Evolution Addressbook and vCards.
In the following, I will demonstrate how to create multiple name labels whose data is pulled from an external text file.
First, you have to prepare a separate text file as shown below. It has four column data (first/last name, division, company), and each column is delimited by tab character. There are as many rows of data as name labels needed.

Now choose one of those ready-made label template on gLabels. Here I choose Avery 5095 name badge labels. Then, click on “Merge properties” under “Objects” menu.

Next specify the source of data: data file format (tab separated value) and location of data file. Once the file is loaded successfully, you should see data values contained in the file as follows. Click on “OK”.

You can include data values from the file by using control code, formatted as ${column_number}$. That is, ${1}$ is from the first column, ${2}$ is from the second column, etc. Below see how I include four control codes as text objects in the template.

Once you are done with the design, check the print view of individualized name labels.
 



http://xmodulo.com/2013/10/create-custom-business-cards-labels-linux.html

Monitor disk io on linux server with iotop and cron

Recently my server was giving notifications of disk io activity rising above a certain threshold at regular intervals. My first guess was that some cronjob task was causing that. So I tried to check various cron tasks to find out which task or process was causing the io burst. On servers specially its always a good practice to monitor resource usage to make sure that websites work fast and well.
However searching manually is not quite easy and this is where utilities like iotop come in. iotop shows what or how much disk io are all current processes doing. Its quite easy to use. Just run it from a terminal and you should see some output like this

Total DISK READ:       0.00 B/s | Total DISK WRITE:     106.14 K/s
  TID  PRIO  USER     DISK READ  DISK WRITE  SWAPIN     IO>    COMMAND                                                                                
  335 be/3 root        0.00 B/s   98.56 K/s  0.00 %  2.03 % [jbd2/sda6-8]
 4096 be/4 www-data    0.00 B/s    0.00 B/s  0.00 %  0.00 % apache2 -k start
    1 be/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % init
    2 be/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [kthreadd]
    3 be/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [ksoftirqd/0]
 4100 be/4 www-data    0.00 B/s    0.00 B/s  0.00 %  0.00 % apache2 -k start
    5 be/0 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [kworker/0:0H]
 4102 be/4 www-data    0.00 B/s    0.00 B/s  0.00 %  0.00 % apache2 -k start
    7 be/0 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [kworker/u:0H]
    8 rt/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [migration/0]
    9 be/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [rcu_bh]
   10 be/4 root        0.00 B/s    0.00 B/s  0.00 %  0.00 % [rcu_sched]

As we can see, each row shows a certain process and the amount of data it is reading or writing to. This information is actually instantaneous, so iotop keeps updating the values at certain interval like 1 second. Running iotop like this just tells the current io usage. What if we want to keep running iotop and record all io activity and analyse it later. This is where cron comes in.

Automatic logging via cron

Cron will run iotop in the background and record io usage details to a file that can be analysed later.
Here is the basic iotop command that we want to run in the background via cron.

$ iotop -botqqqk --iter=60
17:38:13   335 be/3 root        0.00 K/s    7.64 K/s  0.00 %  2.30 % [jbd2/sda6-8]
17:38:13  3296 be/4 enlighte    0.00 K/s   15.28 K/s  0.00 %  0.00 % chrome
17:38:14   335 be/3 root        0.00 K/s    7.62 K/s  0.00 %  3.35 % [jbd2/sda6-8]
17:38:14  3293 be/4 enlighte    0.00 K/s    7.62 K/s  0.00 %  0.02 % chrome
17:38:15  3319 be/4 enlighte    0.00 K/s   19.09 K/s  0.00 %  0.00 % chrome

Note that iotop must be run with root privileges. So use sudo on ubuntu for example.
Now the most important option used in the above command is the "b" option which is for batch/non-interactive mode. In batch mode iotop will keep outputting line after line instead of showing a long list that updates automatically. This is necessary when we want to log io activity over a certain period of time.
The other option called "o" will show only those processes which actually did some io activity. Otherwise iotop would show all processes. The t option adds a timestamp which adds further information if you want to track a specific high io process. The k option shows all figures in kilobytes.
To log the output we simply need to redirect it to a file. The best place is /var/log and the file could be named iotop. So here is the next command

$ iotop -botqqqk --iter=60 >> /var/log/iotop

This will run iotop for 60 seconds where each iteration takes 1 second, and the output would be logged to the file /var/log/iotop. Now the command has to be run every minute which cron would do easily.

Setup cron as root

Get into your linux server as root and create a file

/etc/cron.d/iotop

Add to this file our earlier iotop command that would log the iotop output.

* * * * * root /usr/sbin/iotop -botqqqk --iter=60 >> /var/log/iotop

Simple! Now cron would run the command every minute and every time the command would run for a minute taking samples as 1 second interval and all activity gets logged to /var/log/iotop.
Make sure to mention the full path to iotop otherwise cron might not be able to run it at all. To find the location of iotop on your linux server, use the which command

$ which iotop
/usr/sbin/iotop

Monitor only high io processes

I had to setup this io monitoring because my linux server was giving high io alerts at around 3 AM in the morning when I could not get up to check manually. And since the server alert was showing high disk io activity I decided to monitor only those processes that did high disk io.
Here is a simple command that greps the iotop output to grab process that have over 10 k/s of disk io anywhere.

$ sudo iotop -botqqqk --iter=60 | grep -P "\d\d\.\d\d K/s"
17:49:02   335 be/3 root        0.00 K/s   41.90 K/s  0.00 %  8.43 % [jbd2/sda6-8]
17:49:02  3307 be/4 enlighte    0.00 K/s  152.36 K/s  0.00 %  0.87 % chrome
17:49:10  3310 be/4 enlighte    0.00 K/s   22.80 K/s  0.00 %  0.10 % chrome
17:49:15  3319 be/4 enlighte    0.00 K/s   26.54 K/s  0.00 %  2.50 % chrome
17:49:16  3310 be/4 enlighte    0.00 K/s   19.02 K/s  0.00 %  0.00 % chrome

So it would not show those process that had less than 10 K/s of disk io. It does so by filtering the output using grep and regular expressions. This is very useful when we want to find any process that is causing very high io activity.
High activity would mean around 1 M/s of disk activity for some time. So grepping for values with 4 digits will find those processes right away.
To add the same command to cron replace the earlier command like this

* * * * * root /usr/sbin/iotop -botqqqk --iter=60 | grep -P "\d\d\.\d\d K/s"  >> /var/log/iotop

I used it, and it works quite well. Here is how the output looks when filtered using grep to show only high io process entries.

13:19:01  1325 be/4 root        0.00 K/s 1897.74 K/s  0.00 %  5.65 % [kjournald]
13:24:22  2836 be/4 mysql       0.00 K/s 1071.07 K/s  0.00 %  0.18 % mysqld
13:32:01  1325 be/4 root        0.00 K/s 1469.17 K/s  0.00 %  7.13 % [kjournald]
13:46:18 10978 be/4 binary   1634.31 K/s    0.00 K/s  0.00 % 23.87 % php-fpm: pool binary
13:47:01  2955 be/4 mysql       0.00 K/s 8738.80 K/s  0.00 %  0.00 % mysqld
14:17:01  1325 be/4 root        0.00 K/s 1354.01 K/s  0.00 %  6.84 % [kjournald]
14:23:02  1325 be/4 root        0.00 K/s 1146.18 K/s  0.00 %  4.69 % [kjournald]
14:25:01  1325 be/4 root        0.00 K/s 1494.21 K/s  0.00 % 11.05 % [kjournald]
14:34:01  9938 be/4 mysql       0.00 K/s 2878.55 K/s  0.00 %  0.00 % mysqld
14:36:01  9424 be/4 mysql       0.00 K/s 2694.21 K/s  0.00 %  0.00 % mysqld

So try it out on your server.


http://www.binarytides.com/monitor-disk-io-iotop-cron/

How to Set Up Secure Remote Networking with OpenVPN on Linux, Part 2

Greetings fellow Linux users, and welcome to the second part of our glorious OpenVPN series. When last we met we learned how to set up a simple OpenVPN encrypted tunnel between a home server and a remote node, such as a laptop. Today we're adding refinements such as how to daemonize OpenVPN so we don't have to start it manually, use Network Manager for easy connecting to our remote server, and access services.

Network Manager Integration

Network Manager is a nice OpenVPN client; just make sure you have the network-manager-openvpn plugin installed. We'll use our example configurations from part 1. Open your Network Manager configuration and find the window where you set up a new VPN connection. This looks different on KDE and GNOME, but the information you'll need is the same. When you start you need to see an OpenVPN connection type, like in figure 1; if you don't see this then the plugin is missing. (The figures are from GNOME.)

Figure 1: Creating a new OpenVPN client config in Network Manager.

Figure 2 shows the main configuration screen. Starting from the top:

• Whatever name you want for this connection.
• The Gateway is the IP address of your remote server.
• Select Static Key from the dropdown menu,
• Then use the filepicker to find the key you want to use.
• This is not a directional key, so select None.
• The remote and local IP addresses are your virtual OpenVPN addresses, from your /etc/openvpn/foo.conf files.
• We did not set a password.
• "Available to all users" or just you, whichever you want.

Figure 2: Main Network Manager configuration for OpenVN client.

Save, and then use Network Manager to connect. Easy peasey! Now you can connect and disconnect with the click of a button (figure 3).

Figure 3: Connect and disconnect with a click.

Run OpenVPN Automatically

It's simple to start up OpenVPN manually, but you might want to daemonize it on your server for convenience, and to survive accidental reboots. On Debian/Ubuntu/great-thundering-herd-of-spawn distros this is handled automatically: when you install OpenVPN it's configured to automatically start at boot. So, after installation you need to reboot, or start the daemon with one of these commands:

$ sudo /etc/init.d/openvpn start
$ sudo service openvpn start

The first command is the old-fashioned way, and the second command uses the service command. service first appeared in Red Hat Linux back in the olden days, and if your distro doesn't install it by default it's probably lurking in the repos if you want to use it.
Fedora uses the systemd init system, in contrast to Ubuntu which uses Upstart, and Debian still uses good old SysV init. If you have multiple OpenVPN configurations in /etc/openvpn you can start each one selectively in systemd, like this:

# systemctl start systemctl start openvpn@studio.service

Where "studio.service" references our example /etc/openvpn/studio.conf file from part one. This invocation does not survive a reboot, so it's just like running openvpn /etc/openvpn/studio.conf, which is how we started OpenVPN sessions manually in part 1. You should be able to daemonize OpenVPN on systemd with chkconfig:

# service openvpn start
# chkconfig openvpn on

That should daemonize OpenVPN in the usual way, which is as a monolithic daemon and not individually per .conf file in /etc/openvpn/. systemd supports the chkconfig and servicecommands so it should work. However, the distros that use systemd are quite variable, so if yours is different please let us know in the comments.

Strengthening Your Connection

OpenVPN is robust and is good at maintaining a persistent connection, even with service interruptions. You can make your connection even stronger by adding these lines to your .conf files on clients and server:

persist-tun
persist-key

These are helpful for laptop users who disrupt their connection a lot with power-save and being on the move.

Now What?

Now that you have this all set up and working, what do you do with it? If you're used to using OpenSSH for remote operations you might be stuck in the SSH mindset of being able to log into specific machines and run applications. It doesn't work that way. Rather, think of OpenVPN as a virtual Ethernet cable to your server or LAN, all wrapped in a nice stout layer of encryption. You can run unencrypted and encrypted services over the same tunnel, and you only have to open a single hole in your firewall.
So you can run SSH in the way you're used to over your OpenVPN tunnel, and do remote administration and run applications. You can access network resources such as fileshares and Web applications. You can force all networking on the client to go through your VPN tunnel, but for this series I've assumed that you want to be able to use both your native and VPN networks.
So there you are on your trusty laptop and you can surf the Web, run SSH, do whatever you want on whatever network you're connected to. Then when you want to run something over your OpenVPN tunnel open it up and specify the IP address, like this:

$ ssh carla@10.0.0.1

Web applications are easy: point your Web browser to the virtual IP address of your OpenVPN server and log in as usual. For example, I run various Web services for testing on my home server. So I access Drupal at http://10.0.0.1/drupal and OwnCloud at http://10.0.0.1/owncloud. I use the nice gFTP graphical FTP client, so all I need to connect is the virtual IP address on the Host line, username, and password. Or use the command line:

$ ftp 10.0.0.1 21

You can administer your MySQL database from afar, using your own username and password:

$ mysql -h 10.0.0.1 -u admin -p

So the main thing you need to know is how to add the host specification to whatever command you want to run.
Obviously, this would all be easier with name services instead of having to use IP addresses, so one of these days we'll learn how to implement name services in OpenVPN. Meanwhile, please enjoy your nice secure OpenVPN tunnel.


 http://www.linux.com/learn/tutorials/745233-how-to-set-up-secure-remote-networking-with-openvpn-on-linux-part-2

How to Set Up Secure Remote Networking with OpenVPN on Linux, Part 1

It's always been prudent to wrap a warm comfy layer of encryption over your Internet travels to foil snoops of all kinds, and with our own government slurping up every bit wholesale it's more crucial than ever. OpenVPN is the top choice for protecting networking over untrusted networks. Today we'll learn a quick way to set up OpenVPN so you can securely access your home server when you're on the road.
A quick note on VPNs: there are many commercial VPNs that aren't worth the bits they're printed on. They're little better than SSL-protected Web sites, because they trust all clients. A true VPN (virtual private network) connects two trusted endpoints over untrusted networks. You can't just log in from whatever random PC you find, and this is good because (presumably) you understand that logging in to your private network from an infected host is a bad thing to do, no matter how secure the connection is. So you have to configure both your server and client.

OpenVPN Quickstart

You need two computers on different subnets, like a wired and wireless PC on the same network (or a couple of Linux guests in Virtualbox), and you need to know the IP addresses of both PCs. Let's call our example computers Studio and Shop. Install OpenVPN on both of them. OpenVPN is included in most Linux distributions, so you can install it with your favorite package manager. This example is for Debian, Ubuntu, and their myriad descendants:

$ sudo apt-get install openvpn openvpn-blacklist 

That installs the server and a little program to check the blacklist of compromised keys. You must install the blacklist checker! Because once upon a time Debian distributed a broken version of OpenSSL which had a broken random number generator, so keys created with this are assumed to be too vulnerable to trust. The random number generator was not really random, but predictable. This happened way back in 2008, and everyone who used the defective OpenSSL was supposed to hunt down and replace their weak keys. Even though it's been over five years, it's cheap insurance to use the blacklist checker.
Now let's test it by creating an unencrypted tunnel between our two PCs. First ping each machine to make sure they're talking to each other. Then make sure that OpenVPN is not running, because we're going to start it manually:

$ ps ax|grep openvpn

If it is, kill it. Let's say that Studio's IP address is 192.168.1.125, and Shop's is 192.168.2.125. Open an unencrypted tunnel from Studio to Shop:
$ sudo openvpn --remote 192.168.2.125 --dev tun0 --ifconfig 10.0.0.1 10.0.0.2
Then from Shop to Studio:

$ sudo openvpn --remote 192.168.1.125 --dev tun0 --ifconfig 10.0.0.2 10.0.0.1

When you make a successful connection you'll see something like this:

Wed Oct 16 2013 ******* WARNING *******: all encryption and authentication 
features disabled -- all data will be tunnelled as cleartext
Wed Oct 16 2013 TUN/TAP device tun0 opened
Wed Oct 16 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Oct 16 2013 /sbin/ifconfig tun0 10.0.0.1 pointopoint 10.0.0.2 mtu 1500
Wed Oct 16 2013 UDPv4 link local (bound): [undef]
Wed Oct 16 2013 UDPv4 link remote: [AF_INET]192.168.2.125:1194
Wed Oct 16 2013 Peer Connection Initiated with [AF_INET]192.168.2.125:1194
Wed Oct 16 2013 Initialization Sequence Completed

"Initialization Sequence Completed" are the magic words that confirm you did it right. You should be able to ping back and forth with the tunnel addresses, ping 10.0.0.1 and ping 10.0.0.2. When you build your tunnel you may use whatever IP addresses you want that don't overlap with your existing network. To close your tunnel press Ctrl+c.
Just for fun open an SSH session over your tunnel. Figure 1 shows a successful SSH login over a VPN tunnel, and it also demonstrates the fancy Message of the Day from Put a Talking Cow in Your Linux Message of the Day:

$ ssh carla@10.0.0.2

Figure 1: A successful SSH session over a VPN tunnel, and a fancy MOTD.

Hurrah, it works!

Encrypted VPN Tunnel

This is all fun and exciting, but pointless without encryption, so we'll set up a simple static key configuration. It's not as strong as a proper public key infrastructure (PKI) with root certificates and revocations and all that good stuff, but it's a good-enough solution for the lone nerd needing to call home from the road. OpenVPN helpfully includes a command to create the static key, so create a directory to store the key in, create the key, and make it read-only for the file owner:

$ sudo mkdir /etc/openvpn/keys/
$ sudo openvpn --genkey --secret /etc/openvpn/keys/static.key
$ sudo chmod 0400 /etc/openvpn/keys/static.key

This is a plain-text key that you can open in a text editor and look at if you're curious, and you can name it anything you want; you don't have to call it "static.key". Copy this key to both computers-- yes, the same key. It's not a private-public key pair, but just one single shared key.
Now we'll create some simple barebones configuration files for each computer. (On Debuntu etc. there are no default configuration files, but rather a wealth of example files in/usr/share/doc/openvpn/.) In my little test tab Studio is the server, and Shop is the wandering laptop that will log into the server. My server configuration file is/etc/openvpn/studio.conf, and this is all it has:

# config for Studio
dev tun
ifconfig 10.0.0.1 10.0.0.2
secret /etc/openvpn/keys/static.key

Make this file readable and writable only to the file owner:

$ sudo chmod 0600 /etc/openvpn/studio.conf

The configuration file on the client is similar, with the addition of the IP address of the server:

# config for Shop
dev tun
ifconfig 10.0.0.2 10.0.0.1
secret /etc/openvpn/keys/static.key
remote 192.168.1.125

Mind the order of your IP addresses on the ifconfig line, because they need to be in the order of local > remote. Now fire up OpenVPN on the server, specifying the server configuration file, and do the same on your client:

$ sudo openvpn /etc/openvpn/studio.conf
$ sudo openvpn /etc/openvpn/shop.conf

You'll see the same "Initialization Sequence Completed" message for a successful connection, and you must also look for the absence of this message, which should have appeared when you created your un-encrypted tunnel:

******* WARNING *******: all encryption and authentication features disabled

Firewalls and Dynamic IP Addresses

OpenVPN itself is simple to configure. The biggest hassles are dealing with firewalls and dynamic IP addresses. There are a skillion different firewalls in the world, so I shall leave it as your homework to figure out how to get through it safely. OpenVPN wants port 1194, and then you'll want to have a forwarding rule that points to the computer you want to access.
Dynamic IP addresses are another hassle. Dyn.com is an inexpensive way to manage dynamic IP assignment from your ISP. Or you might be able to pay your ISP a few bucks to get a static address.
At this point you could stop and call it good, because you can manually start OpenVPN on your server and leave it waiting for you, take your laptop out into the world, and connect to your server whenever you want. However, there are some refinements we can add such as daemonizing OpenVPN on the server, using Network Manager to make the connection automatically, and the biggest missing piece in OpenVPN howtos: how to access your remote resources. So come back next week for the rest of the story.

 http://www.linux.com/learn/tutorials/743590-secure-remote-networking-with-openvpn-on-linux