The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘*nix-tools’ Category

« Previous Entries
Next Entries »

MultiBootUSB

Posted by jpluimers on 2020/05/07

Cool tool:

MultiBootUSB is a cross platform software written in python which allows you to install multiple live linux on a USB disk non destructively and option to uninstall distros. Try out the world’s first true cross platform multi boot live usb creator for free. Download Now!

Information and downloads on [WayBackMultiBootUSB.

There are actually a few repositories within [WayBack] mbusb (multibootusb) · GitHub of which one has a ruby implementation as well.

A more elaborate article is on [WayBack] How to Install Multiple Linux Distributions on One USB, but the site should get you going just fine.

Via: [WayBack] Multiple Linux distributions on one UBS stick. I just tried it with: * CloneZilla * Lubuntu * LiteLinux The tool they describe – MultiBootUSB – comes w… – Thomas Mueller (dummzeuch) – Google+

–jeroen

Posted in *nix, *nix-tools, Development, Hardware, Linux, Power User, Python, Software Development, USB | Leave a Comment »

OpenSSH keygen guidelines

Posted by jpluimers on 2020/05/01

Verify [WayBack] OpenSSH: Key generation before generating keys.

At the time of grabbing it was this (for the mozilla tag; use another tag if you prefer):

# RSA keys are favored over ECDSA keys when backward compatibility ''is required'',
# thus, newly generated keys are always either ED25519 or RSA (NOT ECDSA or DSA).
$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_mozilla_$(date +%Y-%m-%d) -C "Mozilla key for xyz"

# ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
# This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_mozilla_$(date +%Y-%m-%d) -C "Mozilla key for xyz"

This was not changed based on [WayBack] Key generation: pass-a and -o argument? · Issue #68 · mozilla/wikimo_content · GitHub: a discussion on the KDF rounds (-a parameter) and storage format (-o parameter).

This is slightly less strong than in [WayBack] Upgrade Your SSH Key to Ed25519 | Programming Journal, but seems to be OK when writing this in 2018.

For comparison, a similar discussion is at [WayBack] public key – How many KDF rounds for an SSH key? – Cryptography Stack Exchange.

In practice, I am not for one ssh ID per host, but I use different tags depending on where the ssh ID applies. More discussion on this is at [WayBack] privacy – Best Practice: ”separate ssh-key per host and user“ vs. ”one ssh-key for all hosts“ – Information Security Stack Exchange

Based on the above, I also learned about this password generator: [WayBack] GitHub – gdestuynder/pwgen

–jeroen

Posted in *nix, *nix-tools, Encryption, Hashing, Power User, Security, ssh/sshd | Leave a Comment »

KiTTY auto-reconnect ssh tunnel so you can RDP from remote machine into local one

Posted by jpluimers on 2020/04/27

I needed this equivalent in KiTTY while also keeping the connection alive:

ssh -o "ExitOnForwardFailure yes" -R :3389:127.0.0.1:3389 

Here, (via [WayBack] SSH options, Port Forwarding over SSH, Keepalives – zwilnik), -R Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side. This works by allocating a socket to listen to port on the remote side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host port hostport from the local machine.

This is unlike most port forwarding examples which shows you how to forward a local port to a remote one (for instance [WayBack] Portforwarding with SSH (Putty)).

 

I wanted this on Windows, but auto connect, and not depend on OpenSSH. So I used the portable edition of [WayBack] Download KiTTY., which is a PuTTY derivative with more features.

With OpenSSH it is easier, but requires either Windows 10 (having it pre-installed) or an OpenSSH installation. How simple? This simple: [WayBack] openssh – How do I keep SSH connection alive on Windows 10? – Stack Overflow

The portable version of KiTTYensures all configuration is in configuration files (not the registry like the regular edition: [WayBack] KiTTY Session Configuration Location – Chase’s Notes)

I bumped into KiTTY because in another situation, I needed to execute a remote command and found [WayBack] ssh – How to run a remote command in PuTTY after login & keep the shell running? – Super User

Later I found other references as it can also auto-logon:

Kitty has a URL based update checker; for instance [WayBackwww.9bis.net/kitty/check_update.php?version=0.70.0.6 checks if a newer version than 0.70.0.6 is available. If you do not trust it, you can run that URL over TLS as well.

These screenshots seem to do just get the above configuration:

  1. Under “SSH”, in “Tunnels”
    • tick “Remote ports do the same (SSH-2 only)”
    • fill in a source port (that’s the remote port and will become the :3389: bit above)
    • fill in destination 127.0.0.1:3389 (that’s the local RDP port on your Windows machine)
    • tick “Remote”
    • tick “Auto”
    • click “Add” to get to the second screenshot

  2. Under connection:
    • Ensure “Seconds between keepalives” is larger than zero (I took 1)
    • Tick “Disable Nagle’s algorithm”
    • Tick “Enable TCP keepalives”
    • Tick “Attempt to reconnect on system wakup”
    • Tick “Attempt to reconnect on connection failure”
  3. On the “SSH” tab:
    • Do not enter a “Remote command” (seems unneeded on my system)

So for now, I can do without things like:

–jeroen

Posted in *nix, *nix-tools, Power User, ssh/sshd, Windows | Leave a Comment »

This means your SD card is dead for writing: “fsck.ext4: unable to set superblock flags on ROOT”

Posted by jpluimers on 2020/04/24

A while ago I had a "fsck.ext4: unable to set superblock flags on ROOT" on an SD card in a Raspberry Pi: it basically means the SD card is dead.

Back then Google found only one entry: [WayBack] Bad Superblock – Raspberry Pi Forums

–jeroen

Posted in *nix, *nix-tools, Development, Hardware Development, Power User, Raspberry Pi | Leave a Comment »

Create a large file filled with zeros on Linux – twm’s blog

Posted by jpluimers on 2020/04/13

Interesting read as there are at least 3 options of which I only knew the first (dd): [WayBackCreate a large file filled with zeros on Linux – twm’s blog.

  • dd (fully allocated storage; zeros, random or another data source)
  • truncate (sparse storage; always gets zeros)
  • fallocate (fully allocated storage; always gets zeros)

–jeroen

via: [WayBack] Sometimes you need a large file for testing purposes or just to take up space that should not be available on the file system. There are several options… – Thomas Mueller (dummzeuch) – Google+

Posted in *nix, *nix-tools, Power User | Leave a Comment »

xrdp

Posted by jpluimers on 2020/04/06

I totally missed this the last 5 years. Where have I been (:

[WayBack] xrdp: An open source remote desktop protocol(rdp) server.

It runs on top of either Xvnc (which I have used) or X11rdp and should be usable with any RDP client (like the excellent Microsoft RDP for Mac OS X).

Related

Via:

–jeroen

Posted in *nix, *nix-tools, Power User, Remote Desktop Protocol/MSTSC/Terminal Services, VNC/Virtual_Network_Computing, Windows | Leave a Comment »

Workaround for “Nmap 7.8 Assertion failed: htn.toclock_running == true” · Issue #1764 · nmap/nmap · GitHub

Posted by jpluimers on 2020/03/27

I got this on Windows 10, 8.1 and 7, MacOS and Linux:

C:\bin>nmap -sn 192.168.71.0/24
Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-24 13:44 W. Europe Standard Time
Assertion failed: htn.toclock_running == true, file ..\Target.cc, line 503

Luckily [WayBack] Nmap 7.8 Assertion failed: htn.toclock_running == true · Issue #1764 · nmap/nmap · GitHub has a solution: add the --max-parallelism 100 parameter:

C:\bin>nmap -sn --max-parallelism 100 192.168.71.0/24
Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-24 13:48 W. Europe Standard Time
Nmap scan report for 192.168.71.1
...
Host is up.
Nmap done: 256 IP addresses (50 hosts up) scanned in 54.07 seconds

The other workaround is to have at least one ARP request succeed.

Via [WayBack] “Assertion failed: htn.toclock_running == true, file ..\Target.cc, line 503” – Google Search

–jeroen

Posted in *nix, *nix-tools, nmap, Power User | Leave a Comment »

Postfix for relaying SMTP, some info about my own configuration

Posted by jpluimers on 2020/03/20

I’ve a bunch of secondary MX servers using postfix (which I like a lot over sendmail). Basically all their configurations are very similar:

  1. To the file /etc/postfix/relay, add a list of domains to relay for, each ending with a space followed by OK as per
    [WayBack] Configure Postfix to relay mail to multiple internal mail servers w/different domains
  2. Run postmap /etc/postfix/relay to update the relay database file.
  3. Ensure that /etc/postfix/main.cf has these settings (note that the FQDN – in the example smtp3.example.org – isn’t always returned by hostname --fqdn, see below):
    1. inet_interfaces = all
    2. myhostname = smtp3.example.org
    3. smtpd_helo_required = yes
    4. smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname
  4. rcpostfix restart && rcpostfix status

Check the functionality with journalctl -u postfix.

FQDN – how to get myhostname

This usually gives a good indication of your external FQDN, but depending on your network circumstances it might not at all be the FQDN of your machine:

dig +noall +answer +short -x `curl -s ipv4.whatismyip.akamai.com` | sed 's/\.$//'

I got there through these StackExchange answers:

Testing with sendEmail

Then test with sendEmail from [WayBack] GitHub – mogaal/sendemail: lightweight, command line SMTP email client, with statements like these

The most recent version is now at [Wayback/Archive.is] GitHub – zehm/sendEmail: SendEmail is a lightweight, command line SMTP email client.

  • sendEmail -o fqdn=sending.example.org -f sender@example.org -t recipient@example.com -u message-subjetc -s smtp3.example.org -m message-text
  • sendEmail -o fqdn=sending.example.org -f sender@example.org -t recipient@example.com -u message-subjetc -s smtp3.example.org -m message-text -v -v -v -v

If you get an error containing 450 4.7.1Helo command rejected: Host not found, then reject_unknown_helo_hostname works, but your -o fqdn= parameter contains an invalid hostname.

More sending examples are in the sendEmail documentation.

If you want to know more about fighting SPAM, then continue at [WayBack] Fighting Spam – What can I do as an: Email Administrator, Domain Owner, or User? – Server Fault

–jeroen

Posted in *nix, *nix-tools, postfix, Power User, sendmail | Leave a Comment »

bash – How to add a progress bar to a shell script? – Stack Overflow

Posted by jpluimers on 2020/03/17

From [WayBackbash – How to add a progress bar to a shell script? – Stack Overflow (thanks Mitch Haile!):

You can implement this by overwriting a line. Use \r to go back to the beginning of the line without writing \n to the terminal.

Write \n when you’re done to advance the line.

Use echo -ne to:

  1. not print \n and
  2. to recognize escape sequences like \r.

Here’s a demo:

echo -ne '#####                     (33%)\r'
sleep 1
echo -ne '#############             (66%)\r'
sleep 1
echo -ne '#######################   (100%)\r'
echo -ne '\n'

–jeroen

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »

Mounting a Time Machine backup under Linux so you can send it to Backblaze using Restic…

Posted by jpluimers on 2020/03/16

[WayBack1/WayBack2] Memo to self: Ich will ein Time Machine Backup unter Linux mounten, um das “Latest” Verzeichnis mit Restic an Backblaze senden zu können. Schritt 1: Sp… – Kristian Köhntopp – Google+:

Memo to self: Ich will ein Time Machine Backup unter Linux mounten, um das “Latest” Verzeichnis mit Restic an Backblaze senden zu können.

Schritt 1: Sparsebundle mounten

# ls -l /export/tm_kk/
total 8
drwx—— 3 kris users 4096 Oct 21 16:24 KK.sparsebundle

Geht mit

# git clone git://github.com/torarnv/sparsebundlefs.git
# cd sparsebundlefs; make
# mkdir -p /bundles/tm_kk
# sparsebundlefs /export/tm_kk/KK.sparsebundle /bundles/tm_kk
# ls -lh /bundles/tm_kk
total 0
-r——– 1 root nogroup 1.5T Oct 21 16:24 sparsebundle.dmg

Schritt 2: DMG loopmounten

# fdisk -l /bundles/tm_kk/sparsebundle.dmg
Disk /bundles/tm_kk/sparsebundle.dmg: 1.5 TiB, 1648462135296 bytes, 3219652608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 15FCCBBD-49E4-42BB-B359-EF662F9916CF

Device Start End Sectors Size Type
/bundles/tm_kk/sparsebundle.dmg1 40 409639 409600 200M EFI System
/bundles/tm_kk/sparsebundle.dmg2 409640 3219390423 3218980784 1.5T Apple HFS/HFS+

# kpartx -a -v /bundles/tm_kk/sparsebundle.dmg
add map loop8p1 (253:1): 0 409600 linear 7:8 40
add map loop8p2 (253:19): 0 3218980784 linear 7:8 409640

# mkdir -p /hfs/tm_kk
# mount -o ro -t hfsplus /dev/mapper/loop8p2 /hfs/tm_kk
# b=$(readlink /hfs/tm_kk/Backups.backupdb/KK/Latest)
# ls -l /hfs/tm_kk/Backups.backupdb/KK/$b
total 0
drwxr-xr-x 1 root root 30 Oct 21 14:26 ‘Macintosh HD’

Schritt 3: tmfs mount

Ein Time Machine Backup enthält doofe Hardlinks auf Verzeichnisse. Das kann Linux so nicht, und man muß das noch einmal mit tmfs fusemounten. Seufz.

# apt-get install tmfs
# mkdir -p /tmfs/tm_kk
# tmfs /hfs/tm_kk /tmfs/tm_kk
# ls -l /tmfs/tm_kk/KK/Latest/
total 0
drwxr-xr-x 1 root root 30 Oct 21 14:26 ‘Macintosh HD’

Das durchzulesen ist nicht mal langsam.

Schritt 4: Abbauen

# umount /tmfs/tm_kk
# umount /hfs/tm_kk/
# kpartx -d -v /bundles/tm_kk/sparsebundle.dmg
del devmap : loop8p1
del devmap : loop8p2
loop deleted : /dev/loop8
# umount /bundles/tm_kk

Schritt 5: Den Mist scripten

A few important comments from the WayBack2 link:

Jeroen Wiert Pluimers:

So your time machine data is on a Linux disk that you export from Linux to MacOS? (as otherwise, I don’t understand what /export/tm_kk/KK.sparsebundle is for)

Kristian Köhntopp:

Yes, I am running netatalk, SMB and NFS on an Ubuntu 18.04.

Jeroen Wiert Pluimers:

+Kristian Köhntopp Thanks. What do you envision as steps to restore a complete time machine?

Kristian Köhntopp:

We will see. I do not see that as normally necessary. Mostly I do not want to lose the work on my laptop, and am just to lazy to restrict the backup to that. In general, it should be possible to create this as a writeable setup so that I get the data back. I will probably never recreate a full runnable mac setup from this emergency offsite backup.

Tools used:

–jeroen

Posted in *nix, *nix-tools, Apple, Backup, Mac, Mac OS X / OS X / MacOS, MacBook, Power User | Leave a Comment »

« Previous Entries
Next Entries »