The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming

    20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now

    20140424-Windows-7-free-disk-space

    More Photos
  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,627 other followers

Archive for the ‘*nix’ Category

Webserver cipher hardening links

Posted by jpluimers on 2016/08/26

There are quite a few pages on Webserver Cypher Hardening. This is yet another one born because I didn’t know how to compare these lists and why they were so different.

Apparently, OpenSSL has various ways of naming (groups of) cyphers. OpenSSL also disregards any cyphers it doesn’t have.

Basically there are two far ends for cypher lists:

  1. Fully name all cyphers and their order: long list fine grained control
  2. Name groups including group order and let OpenSSL expand the groups: short list but coarse grained control.

A way to compere them using openssl ciphers -V is answered at ssl – Hardening web server cyphers: which cypher list to choose, or how to map between Mozilla and Hynek – Server Fault.

Some of the cypher lists I found:

There are two great SSL tests I found out. The first one is online, the second one from the shell.

  1. SSL Labs:
  2. shell based SSL/TLS tester: testssl.sh.

–jeroen

Posted in *nix, OpenSSL, Power User, Security | Leave a Comment »

APC: getting ftp://ftp.apc.com/apc/public/software/pnetmib/mib/417/powernet417.mib turned out to be tricky

Posted by jpluimers on 2016/08/24

I tried updating my downloads for my APC7920 and APC7921 PDUs.

I knew the APC download site http://www.apc.com/nl/en/tools/download/index.cfm was slow and navigation unfriendly (lots of ERR_CACHE_MISS as you cannot ctrl-click on downloads), but it’s also buggy: Some of the ftp download URLs do not contain the authentication and one file would not download at all.

The solution for that is to prepend the credentials as username:password@ like these URLs where each first one is generated by the download site and each second one works:

  • ftp://ftp.apcc.com/restricted/hardware/nmcard/firmware/devipcfg_wiz/502/Device%20IP%20Configuration%20Wizard.exe
  • ftp://restrict:Kop$74!@ftp.apcc.com/restricted/hardware/nmcard/firmware/devipcfg_wiz/502/Device%20IP%20Configuration%20Wizard.exe
  • ftp://ftp.apc.com/restricted/hardware/nmcard/firmware/sec_wiz/104/SecWiz%201.04%20Install.exe
  • ftp://restrict:Kop$74!@ftp.apc.com/restricted/hardware/nmcard/firmware/sec_wiz/104/SecWiz%201.04%20Install.exe

The username is restrict and the password Kop$74! which requires single quotes on the command-line to prevent parameter and event expansion.

Otherwise you will get bash errors like these: event not found for the part starting with an exclamation mark and Login incorrect. for the parts having a dollar.

One file would not download at all: ftp://ftp.apc.com/apc/public/software/pnetmib/mib/417/powernet417 as all download attempts would time out:

  • Chrome with and without username:password@ (you will get a ERR_FTP_FAILED)
  • wget with and without username:password@ (it will result in a )
  • plain curl with and without username:password@ (it will result in a curl: (28) Timeout was reached)

The only command that would work was this:

curl -G ftp://ftp.apc.com/apc/public/software/pnetmib/mib/417/powernet417.mib > powernet417.mib

via: SimplicityGuy/pynoc – Travis CI

The trick is to:

  1. leave username and password away
  2. specify the -G (or –get) parameter forcing GET behaviour (which should be the default).

I’m not sure why it works, but it does.

–jeroen

Posted in *nix, APC Smart-UPS, cURL, Power User, UPS | Leave a Comment »

tombh/texttop: A fully interactive X Linux desktop rendered in TTY and streamable over SSH

Posted by jpluimers on 2016/08/09

Wonder if I can get this to work from macOS / OS X as a client:

texttop – A fully interactive X Linux desktop rendered in TTY and streamable over SSH

Source: tombh/texttop: A fully interactive X Linux desktop rendered in TTY and streamable over SSH

via: Kristian Köhntopp – Google+

Read the rest of this entry »

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Linux, Power User, Software Development, SSH, TCP | Leave a Comment »

OpenSuSE Tumbleweed `zypper dist-upgrade`: `mt-st` versus `mt_st`

Posted by jpluimers on 2016/08/08

TL;DR: I’m not the only one being partially word-blind.

I had the below while performing a zypper distribution upgrade on "openSUSE Tumbleweed (20160726) (x86_64)".

revue:/etc # zypper dist-upgrade
...
Detected 2 file conflicts:

File /usr/bin/mt
  from install of
     mt-st-1.3-1.1.x86_64 (Main Repository (OSS))
  conflicts with file from package
     mt_st-1.3-1.2.x86_64 (@System)

File /usr/sbin/stinit
  from install of
     mt-st-1.3-1.1.x86_64 (Main Repository (OSS))
  conflicts with file from package
     mt_st-1.3-1.2.x86_64 (@System)

File conflicts happen when two packages attempt to install files with the same name but different contents. If you continue, conflicting files will be replaced losing the previous content.
Continue? [yes/no] (no): no

Problem occured during or after installation or removal of packages:
Installation aborted by user

Please see the above error message for a hint.

Did you see the cause of the error in the above message?

Neither did I.

So I went to the #opensuse-factory IRC channel with this information:

revue:/etc # zypper repos --details 
# | Alias                               | Name                       | Enabled | GPG Check | Refresh | Priority | Type   | URI                                                                                    | Service
--+-------------------------------------+----------------------------+---------+-----------+---------+----------+--------+----------------------------------------------------------------------------------------+--------
1 | download.opensuse.org-non-oss       | Main Repository (NON-OSS)  | Yes     | (r ) Yes  | Yes     |   99     | yast2  | http://download.opensuse.org/tumbleweed/repo/non-oss/                                  |        
2 | download.opensuse.org-oss           | Main Repository (OSS)      | Yes     | (r ) Yes  | Yes     |   99     | yast2  | http://download.opensuse.org/tumbleweed/repo/oss/                                      |        
3 | download.opensuse.org-tumbleweed    | Main Update Repository     | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/update/tumbleweed/                                        |        
4 | http-download.opensuse.org-f3ba78e8 | server:monitoring          | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/server:/monitoring/openSUSE_Tumbleweed/      |        
5 | openSUSE-20150508-0                 | openSUSE-20150508-0        | No      | ----      | No      |   99     | yast2  | cd:///?devices=/dev/disk/by-id/ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001 |        
6 | repo-debug                          | openSUSE-Tumbleweed-Debug  | No      | ----      | Yes     |   99     | NONE   | http://download.opensuse.org/debug/tumbleweed/repo/oss/                                |        
7 | repo-source                         | openSUSE-Tumbleweed-Source | No      | ----      | Yes     |   99     | NONE   | http://download.opensuse.org/source/tumbleweed/repo/oss/                               |        
revue:/etc # cat /etc/os-release 
NAME=openSUSE
VERSION="Tumbleweed"
VERSION_ID="20160726"
PRETTY_NAME="openSUSE Tumbleweed (20160726) (x86_64)"
ID=opensuse
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:opensuse:opensuse:20160726"
BUG_REPORT_URL="https://bugs.opensuse.org"
HOME_URL="https://www.opensuse.org/"
ID_LIKE="suse"

There cooloo pointed out both the cause and solution were deceptively simple:

coolo: wiert: zypper remove mt_st ; zypper dup; zypper in mt-st
coolo: the package was incorrectly renamed

My partial word-blindness didn’t spot the difference between mt_st and mt-st, but it was indeed renamed.

So here I went:

zypper remove mt_st ; zypper dist-upgrade; zypper install mt-st

Note that strictly zypper install mt-st isn’t needed on my system as it is part of  Base:System. which means that zypper dist-upgrade automatically re-installed it.

–jeroen

Posted in *nix, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »

bash – How can I convert tabs to spaces in every file of a directory? – Stack Overflow

Posted by jpluimers on 2016/08/05

Kev:

Try the command line tool expand.

expand -t 4 input >output

Chrono Kitsune:

And for those systems that don’t use the GNU Core Utilities, you have a decent chance of expand being installed since it is standardized by The Open Group’s Single Unix Specification. See Issue 6, which is from 2001, though some updates were applied, hence the year of publication being 2004: expand

–jeroen

via bash – How can I convert tabs to spaces in every file of a directory? – Stack Overflow.

Posted in *nix, *nix-tools, bash, bash, Development, Linux, openSuSE, Power User, Scripting, Software Development, SuSE Linux | Leave a Comment »

 
Follow

Get every new post delivered to your Inbox.

Join 1,627 other followers

%d bloggers like this: