April 2026
M	T	W	T	F	S	S
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Archive for the ‘Power User’ Category

Passwordless SSH

Posted by jpluimers on 2019/01/22

Note: if the system you SSH from is ever compromised, then assume the passwordless targets are also compromised!

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Linux, openSuSE, Power User, SSH, SuSE Linux, TCP, Tumbleweed | Leave a Comment »

Linus Torvalds – Google+: Working gadgets: Ubiquiti UniFi collection (and a whole bunch of Unifi/Ubiquiti/Ubtn links).

Posted by jpluimers on 2019/01/21

Seems my interest in Ubiquiti needs more research: [WayBack] Linus Torvalds – Google+: Working gadgets: Ubiquiti UniFi collection.

Hopefully by now I’ve time to re-design the WiFi coverage in the house and invest in a few of those access points.

[WayBack 1/2/3] Vincent Parrett commented: I have two of these (along with a cloudkey and edgemax switch) in my house, perfect wifi coverage over the whole house. I’m also using ubnt routers and switches for our servers in the US. Less impressed with the edgerouter pro, has overheating issues due to poor thermal design, but still easy to use and configure etc.
[WayBack 1/2] Dear interwebz, what and how many #Ubiquiti devices do I need to cover 5Ghz WiFi with seamless roaming on 3 stacked floors of 10×10 meter home office se… – Jeroen Wiert Pluimers – Google+
- [WayBack] Use a third party POE switch – Ubiquiti Networks Community
  - Apart from alternatives, this observation “FWIW my experience with the TP-Link SF and SG series switches is poor. I have had more than average hardware failures with these, and some versions silently drop packets (most notably BDPUs if using STP).”
- [WayBack] Solved: UAP-AC-Lite with TP-Link TL-SG1008PE – Ubiquiti Networks Community
- Powering the UAP-AC-Lite with a Mikrotik RB960PGS (also known as hEX PoE) over PoE works fine
Tweakers.net:
PoE from other vendors:
- RB260GSP (does passive PoE only) – [WayBack] POE – UAP-AC-LR with Mikrotik RB260GSP? – Ubiquiti Networks Community
- RB960PGS also known as hEX PoE (does 802.3af, see below)
- Mikrotik needs to make up their mind, as they ship a 24V power supply which cannot power any 802.3af/802.3at devices. The 48POW power supply enables 802.3af for the RB960PGS hEX PoE: [WayBack] hEX PoE (RB960PGS) – Need 48V Power Supply – MikroTik
- Ubiquiti UniFi AP-AC LITE production week 2016-38 (first four digits of serial number 1638) and more recent support 802.3af: [WayBack] Bekijk reactie – [Ubiquiti-apparatuur] Ervaringen & Discussie – Deel 2 – Netwerken – GoT
  - 48v PoE should work too, but it is better to assume date code 1646 (officially this is 1641, but not all ones function correctly):
Controller
- The easiest way to configure, is to have a Unifi Controller running in your network.
- The controller can be a [WayBack] Ubiquiti Networks – UniFi® Cloud Key, but does not have to be: a VM, Docker Container, Raspberry Pi, or other solution can work just as well.
- Unifi Controller Versions are released at irregular times, usually at least once a month; I used these places to track them:
  - [WayBack] UniFi Updates Blog – Ubiquiti Networks Community (a bit awkward because the overview has message summaries in addition to the topic)
  - [WayBack] UniFi Updates Blog | UniFi Forum NL (easier to track as the message overview is a simple table that has a message topic column)
  - [WayBack] Chocolatey Gallery | Ubiquiti UniFI Controller 5.8.28
- When using a CloudKey, please avoid sudden power loss: it can brick the database
  - There are various ways to safely power it down:
    - The button on the side is a power down button (see image on the right I got the documentation at [WayBack] https://dl.ubnt.com/guides/UniFi/UniFi_Cloud_Key_UC-CK_QSG.pdf)
    - On the CloudKey interfaces themselves: [WayBack] Solved: Re: Correct way to remove Cloud Key – Ubiquiti Networks Community:
      - There is the “Shutdown” button, in the Unifi Controller UI (https://a.b.c.d.e:8443/manage): Settings -> Maintenance -> Cloud Key Operations -> Shutdown Cloud Key
        
        Similar in the cloud environment as that is a kind of wrapper around the local controller: Settings -> Maintenance -> Cloud Key Operations -> Shutdown Cloud Key
      - There is a “Power Off” button in the Unifi Cloud Key UI (https://a.b.c.d.e:8443/manage/main): Maintenance -> Power Off
  - Resurrecting can be needed, and is relatively easy if you can still SSH into it as root:
    - [WayBack] Solved: Unifi Cloud Key Nonfunctional After Reboot – Ubiquiti Networks Community
    - [WayBack] Solved: Re: Unifi Cloud Key Nonfunctional After Reboot – Ubiquiti Networks Community
      - service unifi stop mongod --repair --dbpath /srv/unifi/data/db service unifi start
  - Sometimes it will not shutdown, so you have to force it, with the risk of having to restore a database backed-up on SD card: [WayBack] Solved: Re: Cloud Key won’t shutdown – Ubiquiti Networks Community
  - More recent CloudKey use a USB C plug, not Micro USB plug [WayBack] Solved: PoE injector for Cloud Key – Ubiquiti Networks Community
  - Powering was a bit tricky:
    - Powering a CloudKey with a TP-Link TL-SG1008PE works fine
    - Powering a CloudKey with a [WayBack] MikroTik Routers and Wireless – Products: hEX PoE (RB960PGS)
      - over PoE fails (it does not come up at all, the Mikrotik PoE led flashes red once when inserting the network cable).
      - over USB fails as well (the CloudKey gets in a reboot loop: white led flashes in the same pattern like for good PoE boot, but goes dark after ~20 seconds, then after a few seconds rinse repeat. This despite the USB 1A power delivery of the Mikrotik: [WayBack] Cloud Key USB-C power adapter recommendation – Ubiquiti Networks Community. CloudKey boot cycle starts a few seconds after the PoE light on the Mikrotik becomes red (meaning PoE is active).
    - Others have better luck on USB: [WayBack] Cloud Key micro-USB power supply electrical requirements (ripple/noise/voltage min/max)? – Ubiquiti Networks Community
    - I have tested the RBS960PGS with firmwares 6.39.2 and 6.42.7 after reading the [WayBack] Manual:PoE-Out – MikroTik Wiki.
    - Passive 48V PoE is also a possible solution: [WayBack] UniFi – Cloud Key Troubleshooting Guide – Ubiquiti Networks Support and Help Center: Powering the UniFi Cloud Key
Configuration:
- Online configuration Portal: https://unifi.ubnt.com/
  - This works way better at device discovery than the Chrome plugin “Ubiquiti Device Discovery Tool” below
  - You can perma-link to your local device; it looks like https://unifi.ubnt.com/5.8.24.0/unifi/site/default/dashboard?d=############000000000#######000000000#######00000000######## where # are digits, 0 are usually zero digits and 5.8.24.0 is .0 prepended by the first 3 parts of your Unifi Controller Version (mine had Version 5.8.24-11016 at that time).
- [WayBack] Ubiquiti Networks – Search | discovery tool
  - [Archive.is/WayBack] Ubiquiti Device Discovery Tool – Chrome Web Store
    - Note that temporarily there was a fake Crome tool: [WayBack] Fake Ubiquiti Device Discovery Tool discovered on the Chrome Web Store – Ubiquiti Networks Community
  - [WayBack] Java https://dl.ubnt.com/tools/beta/discovery-tool/ubnt-discovery.zip
Wireshark
- You can capture AP traffic using Wireshark because the Access Points all support SSH
  - [WayBack] Eric’s Blog: February 2017 – Using WireShark to sniff traffic on your Unifi Wireless Access Points
  - via [WayBack] Capturing network traffic from Unifi APs remotely using Wireshark – Ubiquiti Networks Community
UniFi information:

Splitting 5Ghz and 2.4Ghz SSIDs: two ways (I think the second is cleaner)

Either have one WLAN group with a set of SSIDs, then in each access point disable the 2.4Ghz SSID on the 5GHz radio, and disable the 5Ghz SSID on the 2.4Ghz radio
Have different WLAN groups with an SSID (or set of SSIDs) for each frequency, then in each access point select the appropriate group for each radio

For both the first and second one, you need to configure under “Config” -> “WLANs”.

For the second one, you can clone from the first, then change the SSID names.

–jeroen

Read the rest of this entry »

Posted in Power User, Ubiquiti, WiFi | Leave a Comment »

Installing as a LAN -> WiFi bridge: FRITZ!WLAN Repeater 1750E

Posted by jpluimers on 2019/01/21

I have a bunch of [WayBack] FRITZ!WLAN Repeater 1750E | Overview | AVM International devices; this is the quickest way to install them as LAN -> WiFi bridge (connect ethernet to your LAN; use the WiFi as a bridge).

Connect the FRITZ!WLAN to your LAN
Connect the FRITZ!WLAN to power
Connect your laptop to the WiFi SSID FRITZ!WLAN Repeater 1750E with password 00000000 (that eight times a zero)
Set your laptop with a fixed IP address 192.168.178.127 with netmask 255.255.255.0 and gateway 192.168.178.2 for WiFi.
Connect to your FRITZ!WLAN at http://192.168.178.2
Setup your FRITZ!WLAN for the first time (password, country) and have it reboot
Logon to the FRITZ!WLAN
Change the WiFI password and the SSID for 2.4 Ghz and 5.0 Ghz channels (I use a different SSID for both as many Fritz!Box devices have both bad 2.4Ghz performance and a hard time to automatically switch from 2.4Ghz to 5.0Ghz on the same SSID automagically).
Change your laptop to use DHCP on WiFi
Reconnect to the Fritz!Box with the new SSID and password

–jeroen

Posted in Fritz!, Fritz!WLAN, Internet, Power User | Leave a Comment »

Google Sheet with forwarding addresses. Please feel free to add yours….

Posted by jpluimers on 2019/01/21

[WayBack] I have created a Google Sheet with forwarding addresses. Please feel free to add yours- only the info you are comfortable with. Please DO NOT add full e… – Di Cleverly – Google+

[Archive.is] Forwarding Addresses – Google Sheets

–jeroen

Posted in G+: GooglePlus, LifeHacker, Power User, SocialMedia | Leave a Comment »

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide | Ubuntu blog

Posted by jpluimers on 2019/01/18

For my link archive: [WayBack] National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide | Ubuntu blog

Via: [WayBack] A new best practice guide for hardening #Ubuntu Desktop 18.04 from the National Cyber Security Centre (part of UK gov): https://blog.ubuntu.com/2018/07… – Will Cooke – Google+

–jeroen

Posted in *nix, Linux, Power User, Ubuntu | Leave a Comment »

TigerVNC on Mac OS X with homebrew to check why a Screen Sharing.app connection fails.

Posted by jpluimers on 2019/01/18

Two installation options for TigerVNC:

[WayBack] Client: brew cask install tigervnc-viewer
[WayBack] Server: brew install tiger-vnc

The [WayBack] TigerVNC viewer gives a bit more details on failing VNC connections than the stock OSX Screen Sharing.app does: after performing the logon, the connection would just stall, but TigerVNC would should “write broken pipe (32)” after the logon. Most of the linked search results indicated the VNC server was having a state problem.

So I restarted the VNC server, after which connections could be made again in both tools.

I actually prefer the stock Screen Sharing.app as:

it has been there forever [WayBack] Access the VNC Client in Mac OS X & Create a Screen Sharing App Shortcut
it integrates well with OS X
it is accessible from the command line:
- try open vnc://192.168.178.55:5900 if your VNC server is listening on 192.168.178.55:5900
- or have the connection go over SSH (so you’re sure it’s secure), via [WayBack]Kristian Köhntopp – Google+:
  
  TIL that Apple’s “Screen Sharing” app is command-line accessible.
  ssh username@hostname -L5910:localhost:5900open
  vnc://username:password@localhost:5910

–jeroen

Posted in Apple, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, macOS 10.12 Sierra, OS X 10.10 Yosemite, OS X 10.11 El Capitan, OS X 10.8 Mountain Lion, OS X 10.9 Mavericks, Power User, VNC/Virtual_Network_Computing | 2 Comments »

Resetting the OnePlus data limit behaviour

Posted by jpluimers on 2019/01/18

Somehow I managed to get a OnePlus phone to have the read data limit line stuck at ~5 gigabyte whereas the warning was at ~15 gigabyte.

This caused all sorts of havoc when I passed the 5 gigabyte mark: cellular data would turn off, I would get all sorts of warnings and – worst of all – I could not reset the red line.

The solution was at [WayBack] Unable to remove “Cellular data limit exceeded” notification even after changing the data limit on OnePlus 2’s OOS 3.5.5:

There are numerous discussions offering a solution to this:

Goto Settings > Backup & reset > Network settings reset.

Now select the affected SIM card

Now click Reset Settings.

–jeroen

Read the rest of this entry »

Posted in Android Devices, OnePlus Two, Power User | Leave a Comment »

Raspberry Pi cannot be woken up by WOL, but it can send, and there is Whack-on-LAN

Posted by jpluimers on 2019/01/17

Cool stuff if you want to make your own WOL devices out of spare parts.

From old to new:

They can be woken up by anything sending magic WOL packets, including Raspberry Pi (which cannot be woken up by them, though you could use a Whack-on-LAN for that).

[WayBack] Any success using WOL on a RPi – Raspberry Pi Forums

Basically the Raspberry Pi cannot be woken up with WOL because of a few reasons:

The ethernet chip is connected over USB so it cannot pass the WOL result further on.
If it could, there still is no BIOS to process the WOL result.
When it is halted but has power, the CPU isn’t active. The GPU is, but cannot process the WOL.

It can be a WOL server though: [WayBack] Raspberry Pi As Wake on LAN Server: 5 Steps (with Pictures)

–jeroen

Posted in Development, Ethernet, Hardware Development, Network-and-equipment, Power User, Raspberry Pi, Wake-on-LAN (WoL) | Leave a Comment »

Tools for TCP tunnels over HTTP/HTTPS

Posted by jpluimers on 2019/01/16

With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.

Some old to new links:

Source: elia/corkscrew: Corkscrew mirror repo. Corkscrew is a tool for tunneling SSH through HTTP proxies. (which requires CONNECT)
- it seems defunct as the domain is for sale: [WayBack] corkscrew
q3k/crowbar: Tunnel TCP over a plain HTTP session (does not require CONNECT: works with GET and POST requests)
jpillora/chisel: A fast TCP tunnel over HTTP

CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.

And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).

However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:

SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.

–jeroen

via: [WayBack] VPN through only http – Server Fault answer by [WayBack] neutrinus

Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »

Top 25 Most Dangerous Programming Mistakes

Posted by jpluimers on 2019/01/15

10 years after the publication of the [WayBack] Top 25 Most Dangerous Programming Mistakes, the list for me is still the same.

You can see this from the CWE/SANS revisions: 1.0 in 2009 until 1.0.3 in 2011: not much changed.

Via: [WayBack] Top 25 Most Dangerous Programming Mistakes (2009) – Lars Fosdal – Google+

–jeroen

Posted in Development, Power User, Security, Software Development | Leave a Comment »

« Previous Entries

Next Entries »

	jpluimers on Sony STR-DE205 Receiver…
	jpluimers on Position paper nachtsluiting D…
	jpluimers on Position paper nachtsluiting D…
	Nic3 on Position paper nachtsluiting D…
	Attila Kovacs on Crowbarring Windows 95 into Wi…

The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

Twitter Updates

Pages

All categories

Email Subscription

Archive for the ‘Power User’ Category

Passwordless SSH

Linus Torvalds – Google+: Working gadgets: Ubiquiti UniFi collection (and a whole bunch of Unifi/Ubiquiti/Ubtn links).

Installing as a LAN -> WiFi bridge: FRITZ!WLAN Repeater 1750E

Google Sheet with forwarding addresses. Please feel free to add yours….

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide | Ubuntu blog

TigerVNC on Mac OS X with homebrew to check why a Screen Sharing.app connection fails.

Resetting the OnePlus data limit behaviour

Raspberry Pi cannot be woken up by WOL, but it can send, and there is Whack-on-LAN

Tools for TCP tunnels over HTTP/HTTPS

Top 25 Most Dangerous Programming Mistakes

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

Subscribe

Archives

Recent Comments

Recent Posts

Blog Stats

Meta title

Tag Cloud Title

Top Clicks

Top Posts

My badges

Pages

All categories

Email Subscription

Archive for the ‘Power User’ Category

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this: