OpenWrt Snapshot on FRITZ!Box 7530

Install OpenWrt 22.03.4 release on FRITZ!Box 7530, then sysupgrade to SNAPSHOT to enable the VRX518 VDSL modem.

Use the aptly REST API with curl

aptly is good. Very good. If you’ve got it installed, use the REST API to get your work done.

Install aptly with Ansible

aptly is the best thing to happen to debian repository management since sliced bread.

Install VMware deployPkg

deployPkg is sometimes needed for guest customization and is missing from open-vm-tools for no good reason.

Install VMware legacy tools

VMware are moving away from the classic VMware tooling to open-vm-tools, available in most distros as standard. This is a Good Thing (tm).

Start a simple http server with python

python -mSimpleHTTPServer

Testing Prose.io

Basic, WYSIWYG markdown editor.

Download a deb file from a PPA

haproxy example

Get Oracle Java zip and turn it into a debian package

• get JRE/JDK from Oracle’s site
• rename its extension to ‘tar.gz’
• install java-package
  sudo apt-get install java-package
• build a .deb file fakeroot make-jpkg server-jre-8u40-linux-x64.tar.gz

sftp timing out with ProFTPD server

Old version of ProFTPD doesn’t support the default key exchange set so sftp was timing out.

Command line SMTP server test

Swaks - Swiss Army Knife for SMTP

Get users without a profile photo on Google Apps

To find users without a profile photo or avatar, run this in the Google Apps Script editor:

Add second NIC with DHCP interface to VMware vCenter Server Appliance

1. Add the NIC to the box in the vCenter client
2. Reboot the box
3. SSH in
4. In [/etc/sysconfig/network/dhcp] change DHCLIENT_HOSTNAME_OPTION from AUTO to hostname (e.g. foo.domain)
5. Copy [/etc/sysconfig/network/ifcfg-eth0] to ifcfg-eth1
6. run sudo /opt/vmware/share/vami/vami_config_net and set config for eth1 to DHCP
7. service network restart

Show what files are installed by an rpm package

rpm –ql <package name>

Enable ipv4 forwarding

enable ipv4 forwarding (not permanent over reboots!)

Install closed source nVidia drivers for Quadro 5000 on CentOS 6.5 using ELRepo

rpm --import http://elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm
yum install kmod-nvidia
reboot

Rename a Windows computer using command line powershell

netdom renamecomputer "$env:COMPUTERNAME" /Newname "myname"

Manually Install XenServer 6.2.0 Service Pack 1

1. Download the file from Citrix
2. Unpack the zip and copy the files to the root home dir on your machine
3. SSH in and type xe patch-upload file-name=XS62ESP1.xsupdate
4. Wait a few mins and it’ll spit out a UUID when it’s done. Use this for the next command. xe patch-apply uuid=0850b186-4d47-11e3-a720-001b2151a503 host-uuid=5b280513-bfcf-4ce0-9d49-25aa61c110d9

Install Git, Stash and import SVN on Ubuntu 12.04 XenServer guest

Goal

Install Git and Atlassian Stash (backed by PostgreSQL) on Ubuntu 12.04 and import an SVN repo without the normal branch format (i.e. just versioned files, no branch tags etc).

Setup machine

• Install a new linux box - Ubuntu Server 12.04.3 LTS and select OpenSSH server component during install to enable remote access
• Install XenServer tools - load ISO in XenCenter, then mount it and install the software:

mkdir /mnt/xs-tools  
mount /dev/xvdd /mnt/xs-tools  
/mnt/xs-tools/Linux/install.sh

• Reboot, then update the system packages:

sudo apt-get -y update && sudo apt-get -y upgrade

Install a new version of Git

• Add a remote PPA since 12.04.3 current only ships with an older version of Git (1.7.9.5-1)

Enable add-apt-repository for Ubuntu >= 12.10

sudo apt-get install software-properties-common

Enable add-apt-repository for Ubuntu <= 12.04

sudo apt-get install python-software-properties

• Add the Git PPA

sudo add-apt-repository ppa:git-core/ppa  
sudo apt-get update  
sudo apt-get install git

Install Java 7 (Stash pre-requisite)

• Install Java 7 and configure environment variables

sudo add-apt-repository ppa:webupd8team/java  
sudo apt-get-update  
sudo apt-get install oracle-java7-installer  
# set this version as default (java -version)  
sudo apt-get install oracle-java7-set-default

Install PostgresSQL (Stash external database)

sudo apt-get install postgresql  
sudo vim /etc/postgresql/9.1/main/postgresql.conf

Uncomment the following line so server listens for local connections

listen_addresses = 'localhost'

• If access needed remotely above should be set to ‘*’ and then modify pg_hba.conf to allow external connections

vim /etc/postgresql/9.1/main/pg_hba.conf  
# allow all hosts on this subnet to access the DB  
host all all x.x.x.x/x md5

where x.x.x.x/x is your network range and subnet mask.

• Create PostgreSQL user

sudo -u postgres psql postgres  
\password postgres  
# set password  
CREATE ROLE stashuser WITH LOGIN PASSWORD '<password>' VALID UNTIL 'infinity';  
CREATE DATABASE stash WITH ENCODING='UTF8' OWNER=stashuser CONNECTION LIMIT=-1;  
# Quit  
\q

• Atlassian recommend that you should not locate your Stash home directory inside the install directory.

sudo mkdir -p /var/stash/install  
sudo mkdir /var/stash/home

• Secure stash home dir with separate user

adduser stashadmin  
cd /var/stash/install  
sudo wget http://www.atlassian.com/software/stash/downloads/binary/atlassian-stash-2.8.2.tar.gz  
sudo tar xvf atlassian-stash-2.8.2.tar.gz

• Set stash home in setenv.sh to /var/stash/home.

sudo vim atlassian-stash-2.8.2/bin/setenv.sh  
sudo chown -R stashadmin /var/stash  
atlassian-stash-2.8.2/bin/start-stash.sh

• Navigate to the URL displayed and configure Stash.

Install svn2git

 sudo apt-get install git-core git-svn ruby rubygems

• Once you have the necessary software your system, you can install svn2git through rubygems, which will add the svn2git command to your PATH.

sudo gem install svn2git  
svn2git https:/// --rootistrunk --authors ~/authors.txt --username  --verbose

• Output doesn’t render properly on my machine - I have to accept the remote certificate once, then run the command again and and type the remote repo user’s password before I can actually see the prompt.
• Wait for import to complete.
• Create project and repo in Stash.
• Follow on-screen instructions for configuring Git for the first time and pushing the converted repo to Stash (copied below).

Configure Git for the first time

git config --global user.name "Name"  
git config --global user.email "email@domain"

Push code to Git (Stash repository)

git init  
git add --all  
git commit -m "Initial Commit"  
git remote add origin http://<username>@<host>:7990/scm/<stash project>/<stash git repo>.git  
git push origin master

Turn off Synology LEDs

# Power LED off  
 echo \\6 >/dev/ttyS1  
# Status LED off  
 echo \\7 > /dev/ttysS1  
# Copy LED off  
 echo \\B > /dev/ttyS1

Upgrade Cisco IOS and ASDM from Ubuntu Linux

Make sure PC can ping (or contact) ASA.
Install tftpd-hpa (defaults work fine, but conf is /etc/default/tftpd-hpa)
Run it:

# /usr/sbin/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure /var/lib/tftpboot

Copy files to /var/lib/tftpboot directory (asa831-k8.bin, adsm-631.bin etc)

Add IP of ASA to iptables.conf and run it to let traffic from the ASA through.
Example IP tables line:

$IPTABLES -A INPUT -s 192.168.1.1 -j ACCEPT

Optionally test by installing tftp and tftp localhost.

On ASA:

# copy tftp: flash:

enter IP, source and destination file name and wait for copy
repeat for second file (IOS or ASDM)

optional verify:

# verify flash:/<file>

To install, go to global configure:

# adsm image disk0:/adsm<version>  
# boot system disk0:/asa<version>  
# copy run start  
# reload

Reset Cisco switch to factory settings

Reset Cisco switch to factory settings

enable  
config  
config factory-settings  
copy run start  
reload

show IOS version

show version ###### show all file systems  
show file system ###### show files on file system  
show (flash0|disk0 etc):

XenServer 6.2 iSCSI won't connect to Synology 4.3

When attaching an iSCSI LUN to a XenServer pool - only the master connects and the rest remain unplugged.

Make sure your iSCSI target is set up to accept multiple connections on the Synology settings page.

If the storage fails to attatch following that, turn off chap discovery:

http://1bitatatime.blogspot.de/2011/08/initiator-error-0201-and-xenserver.html?m=1

This will work until reboot.

Update/upgrade Dell PowerEdge Server firmware under XenServer 6.2

Run these command on all of your host machines. Don’t reboot the pool master if using pools - change it to a machine that has already rebooted and settled before rebooting the original master.

wget -q -O - http://linux.dell.com/repo/hardware/latest/bootstrap.cgi | bash    
yum install -y dell_ft_install    
yum install -y $(bootstrap_firmware)    
update_firmware --yes

Source

Source

Quickly open a Dell PowerConnect (or anything) serial console in Linux

Find your serial port(s)

dmesg | grep tty

You’ll see…

[   37.531286] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A  
[   37.531841] 00:0b: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A  
[   37.532138] 0000:04:00.3: ttyS1 at I/O 0x1020 (irq = 18) is a 16550A

Looks like one at ttyS0. Access it using

screen /dev/ttyS0

…and you’re in. ‘screen’ also takes a baud rate (such as 19200) if needed.

Quickly install telnet client on Windows server

pkgmgr /iu:"TelnetClient"

Wait 20 seconds, and it’ll be ready to run.

What everyone needs from a communication app

Like not being able to talk to your non-iPhone wielding friends with iMessage?

Run Windows 8 from an encrypted external USB drive on your Macbook Pro

I need windows for work and gaming and I didn’t want to give up space to bootcamp on my internal drive so I installed Windows on an external USB drive by doing this:

1. Find or create a Windows 8 Enterprise computer.
2. Get a desktop/laptop SSD drive (I used a 128GB Samsung 830) and plug it in via USB.
3. Install Windows To Go on the SSD drive from the Windows 8 Enterprise computer. Optionally select whether you would like the drive encrypted using BitLocker full disk encryption.
4. When installed, plug the USB cable into your MacBook and hold option down when you hear the boot noise until it shows you some boot options.
5. Choose the Windows partition and boot it. It will talk about preparing for the first time and you’ll have to reboot again into Windows.
6. The screen will be totally screwed up (Late 2012 rMBP), trust yourself and log into Windows (one keypress to show the login screen, then type your user and pass as normal).
7. Right click in the thin sliver of screen and choose the screen resolution option.
8. Using the top of the window, move the visible part of the window left until you can see the resolution slider. Slide it to something much lower like 1280*1024 and apply it.
9. Ok, so screen is visible, now time for some drivers.
10. Download the latest Boot Camp Support Software from Apple. Copy it to something and then onto the Windows To Go install.
11. Run the installer to install all the drivers.
12. Activate Windows.
13. Reboot and set the resolution up to maximum.
14. Enjoy.
    Windows 8 looks terrible on the Retina display - far too small but you can adjust the text size up a bit. Gaming works fine, I’ve played XCOM and Portal 2 over USB2.

_EDIT: _Have upgraded to an Anker USB 3.0 to SATA Adapter Cable and now get hundreds of MB/second transfer speed. As fast as an internal drive.

Any questions please comment. Like if the solution worked for you.

Reset Dell BIOS password

Explanation.

Can't install aws-sdk gem

Error:

user@host:~$ sudo gem install aws-sdk
Building native extensions. This could take a while...
ERROR: Error installing aws-sdk:
ERROR: Failed to build gem native extension.
/usr/bin/ruby1.8 extconf.rb
checking for libxml/parser.h... no
-----
libxml2 is missing. please visit http://nokogiri.org/tutorials/installing_nokogiri.html for help with installing dependencies.  

Headphones not working on Dell Latitude E4310 on Windows 8

Spontaneously stopped producing sound when plugged in. Were still being recognized as being connected but totally silent.

Downloaded and installed this IDT driver from Dell and they immediately started working without reboot.

Scrub Synology RAID disks

UPDATE 2014-09-25: fsck command updated for Synology DSM 5.

Convert AWS EC2 VolumeWriteOps to Ops/s

When looking at the volume monitoring tab in EC2 you’ll see write throughput measured in ops/s. In CloudWatch however you are given VolumeWriteOps, and it’s not immediately obvious that this is per minute.

To convert to average per second ops, divide by 60.

Activate Windows 8

1. Open an administrator command prompt by moving your mouse to the bottom left corner of the screen, right clicking when the start panel icon appears and then click ‘Command Prompt (Admin)’.
2. Install your product key using slmgr /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx where xxxxx is your product key.
3. Type slmgr /ato to activate Windows.

Delete/backspace doesn't work in terminal or some programs when SSH'd

Encountered during an OSSEC install - when pressing delete, ^H is printed instead.

Fix:

1. Press CTRL-v and then hit backspace. You’ll see what code is sent as “erase”. ^H
2. Type stty erase ^H to change the key setup.

That’s it.

Source: Macworld.

Office 365 user can use OWA but not connect with Outlook after deleting and recreating user.

Problem is that soft deleted user in AD recycle bin is conflicting with newly created user.

Solution:

• Download and install new 365 PoSH tools from http://onlinehelp.microsoft.com/Office365-enterprises/ff652560.aspx
• Connect to posh and log in.

> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication

Basic -AllowRedirection

(prompt for admin credentials)

> Import-PSSession $Session
> Connect-MsolService

> Remove-MsolUser -RemoveFromRecycleBin -UserprincipalName useremail@domain.com

• User will be deleted from recycled bin after about 30 seconds.
• Rename new user to old user in MS Online admin panel.
• User can now send and receive email in outlook as normal.

Kickstarter: simple VPN

Struggled with manual strongswan, struggled with Sophos essential UTM.

Someone make a simple to setup and use secure VPN hub that lets people connect to an Amazon EC2 instance or other linux box, connect to it’s shares and the shares of other connected devices as if it was on a LAN and route Internet traffic out from that point too.

I’ll buy a stripped down Astaro/Sophos UTM (that uses standard IPSEC packages under the covers) with nice web interface that accomplishes the above.

How to log in as Windows domain admin without knowing the domain

Want to log in as the domain administrator but don’t know the domain?
Use the following username:

(local)\administrator

(local) will get converted behind the scenes to the domain name and as long as your password is correct, you’ll be able to log in.

Disable Windows firewall on an unresponsive AWS machine

Courtesy of AWS support

Stop Server and Detach Root Volume

In the AWS console, stop (don’t terminate!) the non-responsive server. Note that the properties for the server show that the instance has a drive attached to /dev/sda1. This is a Linux attach point but the concept should still apply.

Also make note of the instance ID: _______

On the Volumes tab, detach the instance. You may need to refresh the pane after detaching in order to update the console UI. You may want to name this drive, in order to make it easy to keep track of.

Attach Root Volume to the Debug Server

Right click on the volume to attach it. Choose xvdg as the device name.

Fix the Problem

1.  Log in to the debug server.

2.  Click on Start -> Administrative Tools ->Computer Management

3.  Choose the Disk Management node, then right-click on Disk 1 (left-hand portion of that row) to bring the disk online. The disk will most likely appear as Drive E once you complete this step.

4.  Use Windows Explorer to navigate to E:\Windows\System32\Config. (Careful! Not the C drive…) This directory contains the registry files that control, among other things, the network address. We’ll be working with the file that is named SYSTEM.

5.  Click on Start -> Run and start Regedit

6.  To load the errant file, first click on HKEY_LOCAL_MACHINE

—- if you need to adjust the firewall the registry key here is:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall

set to zero (0) for both Domain and Standard profiles

7.  Next we need to load the file. Click on File -> Load Hive, and then select SYSTEM in this directory

8.  You’ll be asked to name the subkey to load the file into. Name it: BadDrive (or something else you choose0

9.  Navigate to:  HKEY_LOCAL_MACHINE\BadDrive\ControlSet001\Services\Tcpip\Parameters\Interfaces{9E9784DE-F79F-48BF-AF55-20DABCC88F0F} (Note that this is ControlSet001, not 002).

10.  Delete all the keys that have anything to do with the static addresses. These are likely the IPAddress, DefautlGateway, and SubnetMask.

11.  Also re-enable DHCP by setting the registry value to 1.

12.  Save the changes by highlighting BadDrive and then choosing File ->Unload Hive. Important! Your changes will not be saved unless you unload the hive.

Detach the Drive

We’re done with the repairs, so detach the drive from this instance. Make certain that Windows Explorer isn’t open and in the E drive, or you will not be able to detach the drive.

1.  Back in Disk Manager, take the drive offline:

2.  Detach the Volume in the AWS Console. You will likely need to refresh the console in order to make it recognize that you detached the volume.

3.  And of course re-attach to the original instance. Enter /dev/sda1 as the device name.

4.  Restart the Instance.

5.  Copy the new DNS name, and log in via Remote Desktop. You may have to wait as long as 10 minutes after restart before RDP will connect. So do not panic if initial attempts time out.

Renaming OSSEC hosts

OSSEC hosts can be centrally renamed by editing the etc/client-keys file.

However, since the client key also contains the host name the client will use, the keys must be re-extracted using manage-agents and the keys imported into the existing client installs.

This is only a small time-saving over removing and re-adding a client but less prone to human error.

Edit:
This also works for changing OSSEC host IPs. Simply update them in the keys file and restart the agent and client and they will reconnect.