• OpenWrt Snapshot on FRITZ!Box 7530

    Install OpenWrt 22.03.4 release on FRITZ!Box 7530, then sysupgrade to SNAPSHOT to enable the VRX518 VDSL modem.

  • Use the aptly REST API with curl

    aptly is good. Very good. If you’ve got it installed, use the REST API to get your work done.

  • Install aptly with Ansible

    aptly is the best thing to happen to debian repository management since sliced bread.

  • Install VMware deployPkg

    deployPkg is sometimes needed for guest customization and is missing from open-vm-tools for no good reason.

  • Install VMware legacy tools

    VMware are moving away from the classic VMware tooling to open-vm-tools, available in most distros as standard. This is a Good Thing (tm).

  • Start a simple http server with python

    python -mSimpleHTTPServer

  • Testing Prose.io

    Basic, WYSIWYG markdown editor.

  • Download a deb file from a PPA

    haproxy example

  • Get Oracle Java zip and turn it into a debian package

    • get JRE/JDK from Oracle’s site
    • rename its extension to ‘tar.gz’
    • install java-package
      sudo apt-get install java-package
    • build a .deb file fakeroot make-jpkg server-jre-8u40-linux-x64.tar.gz
  • sftp timing out with ProFTPD server

    Old version of ProFTPD doesn’t support the default key exchange set so sftp was timing out.

  • Command line SMTP server test

    Swaks - Swiss Army Knife for SMTP

  • Get users without a profile photo on Google Apps

    To find users without a profile photo or avatar, run this in the Google Apps Script editor:

  • Add second NIC with DHCP interface to VMware vCenter Server Appliance

    1. Add the NIC to the box in the vCenter client
    2. Reboot the box
    3. SSH in
    4. In [/etc/sysconfig/network/dhcp] change DHCLIENT_HOSTNAME_OPTION from AUTO to hostname (e.g. foo.domain)
    5. Copy [/etc/sysconfig/network/ifcfg-eth0] to ifcfg-eth1
    6. run sudo /opt/vmware/share/vami/vami_config_net and set config for eth1 to DHCP
    7. service network restart
  • Show what files are installed by an rpm package

    rpm –ql <package name>

  • Enable ipv4 forwarding

    enable ipv4 forwarding (not permanent over reboots!)

  • Install closed source nVidia drivers for Quadro 5000 on CentOS 6.5 using ELRepo

    rpm --import http://elrepo.org/RPM-GPG-KEY-elrepo.org
    rpm -Uvh http://elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm
    yum install kmod-nvidia
    reboot
    
  • Rename a Windows computer using command line powershell

    netdom renamecomputer "$env:COMPUTERNAME" /Newname "myname"

  • Manually Install XenServer 6.2.0 Service Pack 1

    1. Download the file from Citrix
    2. Unpack the zip and copy the files to the root home dir on your machine
    3. SSH in and type xe patch-upload file-name=XS62ESP1.xsupdate
    4. Wait a few mins and it’ll spit out a UUID when it’s done. Use this for the next command. xe patch-apply uuid=0850b186-4d47-11e3-a720-001b2151a503 host-uuid=5b280513-bfcf-4ce0-9d49-25aa61c110d9
  • Install Git, Stash and import SVN on Ubuntu 12.04 XenServer guest

    Goal

    Install Git and Atlassian Stash (backed by PostgreSQL) on Ubuntu 12.04 and import an SVN repo without the normal branch format (i.e. just versioned files, no branch tags etc).

    Setup machine

    • Install a new linux box - Ubuntu Server 12.04.3 LTS and select OpenSSH server component during install to enable remote access
    • Install XenServer tools - load ISO in XenCenter, then mount it and install the software:
    mkdir /mnt/xs-tools  
    mount /dev/xvdd /mnt/xs-tools  
    /mnt/xs-tools/Linux/install.sh
    • Reboot, then update the system packages:
    sudo apt-get -y update && sudo apt-get -y upgrade

    Install a new version of Git

    • Add a remote PPA since 12.04.3 current only ships with an older version of Git (1.7.9.5-1)

    Enable add-apt-repository for Ubuntu >= 12.10

    sudo apt-get install software-properties-common

    Enable add-apt-repository for Ubuntu <= 12.04

    sudo apt-get install python-software-properties
    • Add the Git PPA
    sudo add-apt-repository ppa:git-core/ppa  
    sudo apt-get update  
    sudo apt-get install git

    Install Java 7 (Stash pre-requisite)

    sudo add-apt-repository ppa:webupd8team/java  
    sudo apt-get-update  
    sudo apt-get install oracle-java7-installer  
    # set this version as default (java -version)  
    sudo apt-get install oracle-java7-set-default

    Install PostgresSQL (Stash external database)

    sudo apt-get install postgresql  
    sudo vim /etc/postgresql/9.1/main/postgresql.conf

    Uncomment the following line so server listens for local connections

    listen_addresses = 'localhost'
    • If access needed remotely above should be set to ‘*’ and then modify pg_hba.conf to allow external connections
    vim /etc/postgresql/9.1/main/pg_hba.conf  
    # allow all hosts on this subnet to access the DB  
    host all all x.x.x.x/x md5

    where x.x.x.x/x is your network range and subnet mask.

    • Create PostgreSQL user
    sudo -u postgres psql postgres  
    \password postgres  
    # set password  
    CREATE ROLE stashuser WITH LOGIN PASSWORD '<password>' VALID UNTIL 'infinity';  
    CREATE DATABASE stash WITH ENCODING='UTF8' OWNER=stashuser CONNECTION LIMIT=-1;  
    # Quit  
    \q
    sudo mkdir -p /var/stash/install  
    sudo mkdir /var/stash/home
    • Secure stash home dir with separate user
    adduser stashadmin  
    cd /var/stash/install  
    sudo wget http://www.atlassian.com/software/stash/downloads/binary/atlassian-stash-2.8.2.tar.gz  
    sudo tar xvf atlassian-stash-2.8.2.tar.gz
    • Set stash home in setenv.sh to /var/stash/home.
    sudo vim atlassian-stash-2.8.2/bin/setenv.sh  
    sudo chown -R stashadmin /var/stash  
    atlassian-stash-2.8.2/bin/start-stash.sh
    • Navigate to the URL displayed and configure Stash.

    Install svn2git

     sudo apt-get install git-core git-svn ruby rubygems
    • Once you have the necessary software your system, you can install svn2git through rubygems, which will add the svn2git command to your PATH.
    sudo gem install svn2git  
    svn2git https:/// --rootistrunk --authors ~/authors.txt --username  --verbose
    • Output doesn’t render properly on my machine - I have to accept the remote certificate once, then run the command again and and type the remote repo user’s password before I can actually see the prompt.
    • Wait for import to complete.
    • Create project and repo in Stash.
    • Follow on-screen instructions for configuring Git for the first time and pushing the converted repo to Stash (copied below).

    Configure Git for the first time

    git config --global user.name "Name"  
    git config --global user.email "email@domain"

    Push code to Git (Stash repository)

    git init  
    git add --all  
    git commit -m "Initial Commit"  
    git remote add origin http://<username>@<host>:7990/scm/<stash project>/<stash git repo>.git  
    git push origin master
  • Turn off Synology LEDs

    # Power LED off  
     echo \\6 >/dev/ttyS1  
    # Status LED off  
     echo \\7 > /dev/ttysS1  
    # Copy LED off  
     echo \\B > /dev/ttyS1
  • Upgrade Cisco IOS and ASDM from Ubuntu Linux

    Make sure PC can ping (or contact) ASA.
    Install tftpd-hpa (defaults work fine, but conf is /etc/default/tftpd-hpa)
    Run it:

    # /usr/sbin/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure /var/lib/tftpboot

    Copy files to /var/lib/tftpboot directory (asa831-k8.bin, adsm-631.bin etc)

    Add IP of ASA to iptables.conf and run it to let traffic from the ASA through.
    Example IP tables line:

    $IPTABLES -A INPUT -s 192.168.1.1 -j ACCEPT

    Optionally test by installing tftp and tftp localhost.

    On ASA:

    # copy tftp: flash:

    enter IP, source and destination file name and wait for copy
    repeat for second file (IOS or ASDM)

    optional verify:

    # verify flash:/<file>

    To install, go to global configure:

    # adsm image disk0:/adsm<version>  
    # boot system disk0:/asa<version>  
    # copy run start  
    # reload
  • Reset Cisco switch to factory settings

    Reset Cisco switch to factory settings
    enable  
    config  
    config factory-settings  
    copy run start  
    reload
    
    show IOS version
    show version ###### show all file systems  
    show file system ###### show files on file system  
    show (flash0|disk0 etc):
    
  • XenServer 6.2 iSCSI won't connect to Synology 4.3

    When attaching an iSCSI LUN to a XenServer pool - only the master connects and the rest remain unplugged.

    Make sure your iSCSI target is set up to accept multiple connections on the Synology settings page.

    If the storage fails to attatch following that, turn off chap discovery:

    http://1bitatatime.blogspot.de/2011/08/initiator-error-0201-and-xenserver.html?m=1

    This will work until reboot.

  • Update/upgrade Dell PowerEdge Server firmware under XenServer 6.2

    Run these command on all of your host machines. Don’t reboot the pool master if using pools - change it to a machine that has already rebooted and settled before rebooting the original master.

    wget -q -O - http://linux.dell.com/repo/hardware/latest/bootstrap.cgi | bash    
    yum install -y dell_ft_install    
    yum install -y $(bootstrap_firmware)    
    update_firmware --yes

    Source

    Source

  • Quickly open a Dell PowerConnect (or anything) serial console in Linux

    Find your serial port(s)

    dmesg | grep tty

    You’ll see…

    [   37.531286] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A  
    [   37.531841] 00:0b: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A  
    [   37.532138] 0000:04:00.3: ttyS1 at I/O 0x1020 (irq = 18) is a 16550A

    Looks like one at ttyS0. Access it using

    screen /dev/ttyS0

    …and you’re in. ‘screen’ also takes a baud rate (such as 19200) if needed.

  • Quickly install telnet client on Windows server

    pkgmgr /iu:"TelnetClient"

    Wait 20 seconds, and it’ll be ready to run.

  • What everyone needs from a communication app

    Like not being able to talk to your non-iPhone wielding friends with iMessage?

  • Run Windows 8 from an encrypted external USB drive on your Macbook Pro

    I need windows for work and gaming and I didn’t want to give up space to bootcamp on my internal drive so I installed Windows on an external USB drive by doing this:

    1. Find or create a Windows 8 Enterprise computer.
    2. Get a desktop/laptop SSD drive (I used a 128GB Samsung 830) and plug it in via USB.
    3. Install Windows To Go on the SSD drive from the Windows 8 Enterprise computer. Optionally select whether you would like the drive encrypted using BitLocker full disk encryption.
    4. When installed, plug the USB cable into your MacBook and hold option down when you hear the boot noise until it shows you some boot options.
    5. Choose the Windows partition and boot it. It will talk about preparing for the first time and you’ll have to reboot again into Windows.
    6. The screen will be totally screwed up (Late 2012 rMBP), trust yourself and log into Windows (one keypress to show the login screen, then type your user and pass as normal).
    7. Right click in the thin sliver of screen and choose the screen resolution option.
    8. Using the top of the window, move the visible part of the window left until you can see the resolution slider. Slide it to something much lower like 1280*1024 and apply it.
    9. Ok, so screen is visible, now time for some drivers.
    10. Download the latest Boot Camp Support Software from Apple. Copy it to something and then onto the Windows To Go install.
    11. Run the installer to install all the drivers.
    12. Activate Windows.
    13. Reboot and set the resolution up to maximum.
    14. Enjoy.
      Windows 8 looks terrible on the Retina display - far too small but you can adjust the text size up a bit. Gaming works fine, I’ve played XCOM and Portal 2 over USB2.

    _EDIT: _Have upgraded to an Anker USB 3.0 to SATA Adapter Cable and now get hundreds of MB/second transfer speed. As fast as an internal drive.

    Any questions please comment. Like if the solution worked for you.

  • Reset Dell BIOS password

    Explanation.

  • Can't install aws-sdk gem

    Error:

    user@host:~$ sudo gem install aws-sdk
    Building native extensions. This could take a while...
    ERROR: Error installing aws-sdk:
    ERROR: Failed to build gem native extension.
    /usr/bin/ruby1.8 extconf.rb
    checking for libxml/parser.h... no
    -----
    libxml2 is missing. please visit http://nokogiri.org/tutorials/installing_nokogiri.html for help with installing dependencies.  
    
  • Headphones not working on Dell Latitude E4310 on Windows 8

    Spontaneously stopped producing sound when plugged in. Were still being recognized as being connected but totally silent.

    Downloaded and installed this IDT driver from Dell and they immediately started working without reboot.

  • Scrub Synology RAID disks

    UPDATE 2014-09-25: fsck command updated for Synology DSM 5.

  • Convert AWS EC2 VolumeWriteOps to Ops/s

    When looking at the volume monitoring tab in EC2 you’ll see write throughput measured in ops/s. In CloudWatch however you are given VolumeWriteOps, and it’s not immediately obvious that this is per minute.

    To convert to average per second ops, divide by 60.

    AWS dashboard interface showing Ops/s graph

  • Activate Windows 8

    1. Open an administrator command prompt by moving your mouse to the bottom left corner of the screen, right clicking when the start panel icon appears and then click ‘Command Prompt (Admin)’.
    2. Install your product key using slmgr /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx where xxxxx is your product key.
    3. Type slmgr /ato to activate Windows.
  • Delete/backspace doesn't work in terminal or some programs when SSH'd

    Encountered during an OSSEC install - when pressing delete, ^H is printed instead.

    Fix:

    1. Press CTRL-v and then hit backspace. You’ll see what code is sent as “erase”. ^H
    2. Type stty erase ^H to change the key setup.

    That’s it.

    Source: Macworld.

  • Office 365 user can use OWA but not connect with Outlook after deleting and recreating user.

    Problem is that soft deleted user in AD recycle bin is conflicting with newly created user.

    Solution:

    • Download and install new 365 PoSH tools from http://onlinehelp.microsoft.com/Office365-enterprises/ff652560.aspx
    • Connect to posh and log in.

    > $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication

    Basic -AllowRedirection

    (prompt for admin credentials)

    > Import-PSSession $Session
    > Connect-MsolService

    > Remove-MsolUser -RemoveFromRecycleBin -UserprincipalName useremail@domain.com

    • User will be deleted from recycled bin after about 30 seconds.
    • Rename new user to old user in MS Online admin panel.
    • User can now send and receive email in outlook as normal.
  • Kickstarter: simple VPN

    Struggled with manual strongswan, struggled with Sophos essential UTM.

    Someone make a simple to setup and use secure VPN hub that lets people connect to an Amazon EC2 instance or other linux box, connect to it’s shares and the shares of other connected devices as if it was on a LAN and route Internet traffic out from that point too.

    I’ll buy a stripped down Astaro/Sophos UTM (that uses standard IPSEC packages under the covers) with nice web interface that accomplishes the above.

  • How to log in as Windows domain admin without knowing the domain

    Want to log in as the domain administrator but don’t know the domain?
    Use the following username:

    (local)\administrator

    (local) will get converted behind the scenes to the domain name and as long as your password is correct, you’ll be able to log in.

  • Disable Windows firewall on an unresponsive AWS machine

    Courtesy of AWS support

    Stop Server and Detach Root Volume

    In the AWS console, stop (don’t terminate!) the non-responsive server. Note that the properties for the server show that the instance has a drive attached to /dev/sda1. This is a Linux attach point but the concept should still apply.

    Also make note of the instance ID: _______

    On the Volumes tab, detach the instance. You may need to refresh the pane after detaching in order to update the console UI. You may want to name this drive, in order to make it easy to keep track of.

    Attach Root Volume to the Debug Server

    Right click on the volume to attach it. Choose xvdg as the device name.

    Fix the Problem

    1.  Log in to the debug server.

    2.  Click on Start -> Administrative Tools ->Computer Management

    3.  Choose the Disk Management node, then right-click on Disk 1 (left-hand portion of that row) to bring the disk online. The disk will most likely appear as Drive E once you complete this step.

    4.  Use Windows Explorer to navigate to E:\Windows\System32\Config. (Careful! Not the C drive…) This directory contains the registry files that control, among other things, the network address. We’ll be working with the file that is named SYSTEM.

    5.  Click on Start -> Run and start Regedit

    6.  To load the errant file, first click on HKEY_LOCAL_MACHINE

    —- if you need to adjust the firewall the registry key here is:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall

    set to zero (0) for both Domain and Standard profiles

    7.  Next we need to load the file. Click on File -> Load Hive, and then select SYSTEM in this directory

    8.  You’ll be asked to name the subkey to load the file into. Name it: BadDrive (or something else you choose0

    9.  Navigate to:  HKEY_LOCAL_MACHINE\BadDrive\ControlSet001\Services\Tcpip\Parameters\Interfaces{9E9784DE-F79F-48BF-AF55-20DABCC88F0F} (Note that this is ControlSet001, not 002).

    10.  Delete all the keys that have anything to do with the static addresses. These are likely the IPAddress, DefautlGateway, and SubnetMask.

    11.  Also re-enable DHCP by setting the registry value to 1.

    12.  Save the changes by highlighting BadDrive and then choosing File ->Unload Hive. Important! Your changes will not be saved unless you unload the hive.

    Detach the Drive

    We’re done with the repairs, so detach the drive from this instance. Make certain that Windows Explorer isn’t open and in the E drive, or you will not be able to detach the drive.

    1.  Back in Disk Manager, take the drive offline:

    2.  Detach the Volume in the AWS Console. You will likely need to refresh the console in order to make it recognize that you detached the volume.

    3.  And of course re-attach to the original instance. Enter /dev/sda1 as the device name.

    4.  Restart the Instance.

    5.  Copy the new DNS name, and log in via Remote Desktop. You may have to wait as long as 10 minutes after restart before RDP will connect. So do not panic if initial attempts time out.

  • Renaming OSSEC hosts

    OSSEC hosts can be centrally renamed by editing the etc/client-keys file.

    However, since the client key also contains the host name the client will use, the keys must be re-extracted using manage-agents and the keys imported into the existing client installs.

    This is only a small time-saving over removing and re-adding a client but less prone to human error.

    Edit:
    This also works for changing OSSEC host IPs. Simply update them in the keys file and restart the agent and client and they will reconnect.