Improving font rendering on Ubuntu
I did not like the default font rendering in Ubuntu.

I found a patch to freetype2, that gives you a lot more flexibility over the font rendering, and does a decent job mimicking the rendering in OSX or Windows.

I found instructions here.
The remainder of this post is copy and paste:
 - Download freetype 2.4.8 from freetype.org and unzip it somewhere.
- Download the infinality .tar.gz file, and unzip it somewhere.
- cd to the freetype-2.4.8 directory from a terminal and run these commands (edit the paths to match where you unzipped): 
patch -p1 < /path/to/your/extracted/files/freetype-add-subpixel-hinting-infinality-20111117-1.patch 
patch -p1 < /path/to/your/extracted/files/freetype-enable-subpixel-hinting-infinality-20100909-1.patch
patch -p1 < /path/to/your/extracted/files/freetype-entire-infinality-patchset-20111117-1.patch
./configure
make
sudo mkdir /usr/lib/freetype-infinality/ sudo
find . -name libfreetype.so.6.8.0 -exec mv {} /usr/lib/freetype-infinality/ \;
cd /usr/lib/freetype-infinality ln -s libfreetype.so.6.8.0 libfreetype.so.6
Then look at the README file for instructions on where to put the configuration files.

http://blog.adamdklein.com/?cat=17

Создание сертификатов клиента для OpenVPN

newcert.sh
Вызывается: newcert.sh имя_сертификата

#!/usr/local/bin/bash
cd /usr/local/etc/openvpn/scripts
export KEY_CONFIG="/usr/local/etc/openvpn/scripts/openssl.cnf"
export KEY_DIR="/usr/local/etc/openvpn/scripts/keys" # Каталог, в котором создаются ключи
export KEY_SIZE=1024 # Длина ключа
export KEY_COUNTRY="RU"
export KEY_PROVINCE="RU" # Значение должно совпадать со значением в CA сервера
export KEY_CITY="Your_city" # Значение должно совпадать со значением в CA сервера
export KEY_ORG="Your_company" # Значение должно совпадать со значением в CA сервера
export KEY_EMAIL="mail@mail.ru"
cd /usr/local/etc/openvpn/scripts
export NEWKEY_NAME=$1 # Будет содержать имя последнего созданного сертификата
./build-key $NEWKEY_NAME # Создание сертификатов
echo $NEWKEY_NAME

if [ ! -d /usr/local/etc/openvpn/clients/$NEWKEY_NAME ]; then
mkdir /usr/local/etc/openvpn/clients/$NEWKEY_NAME
else echo "Каталог существует";
fi

cp $KEY_DIR/ca.crt /usr/local/etc/openvpn/clients/$NEWKEY_NAME/
cp $KEY_DIR/$NEWKEY_NAME.* /usr/local/etc/openvpn/clients/$NEWKEY_NAME/ # Копируем все сертификаты в каталог с именем клиента для последующей выдачи ему.
ls -la /usr/local/etc/openvpn/clients/$NEWKEY_NAME # Любуемся



openssl.cnf

HOME = .
RANDFILE = $ENV::HOME/.rnd
oid_section = new_oids
[ new_oids ]
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = $ENV::KEY_DIR # Where everything is kept
certs = $dir # Where the issued certs are kept
crl_dir = $dir # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir # default place for new certs.
certificate = $dir/ca.crt # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = $ENV::KEY_SIZE
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = $ENV::KEY_COUNTRY
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = $ENV::KEY_PROVINCE
localityName = Locality Name (eg, city)
localityName_default = $ENV::KEY_CITY
0.organizationName = Organization Name (eg, company)
0.organizationName_default = $ENV::KEY_ORG
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
emailAddress = Email Address
emailAddress_default = $ENV::KEY_EMAIL
emailAddress_max = 40
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
basicConstraints=CA:FALSE
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ server ]
# JY ADDED -- Make a cert with nsCertType set to "server"
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
[ crl_ext ]
authorityKeyIdentifier=keyid:always,issuer:always

В принципе, всё по дефолту.