tag:blogger.com,1999:blog-47379747356655114072024-03-13T19:05:58.672+00:00Ice Cream in the DungeonA blog from a couple of nerds about Linux, VMware, Android, Windows, Citrix, PowerShell and anything else that we have a play with.Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.comBlogger18125tag:blogger.com,1999:blog-4737974735665511407.post-72058570240181756102016-03-22T20:31:00.001+00:002016-03-22T20:31:24.188+00:00Get all IPs, Mac Addresses, and Network Adapter names for each VM<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Recently I had to write a PowerCLI script to gather all of the MAC address, IP Address, and Network adapter information from all VMs in a cluster. While not super difficult, it proved a bit challenging as I couldn't just use get-networkadapter as that only returns Network Adapter name and MAC address, but not IP information, and conversly the vm.guest.net object returns MAC address and IP information, but not Network Adapter Name. With a ton of nested loops (which takes forever to run) I was able to gather the info and export it to a CSV</span></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$vms = get-vm | sort Name<o:p></o:p></span></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">foreach($vm in $vms)<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">{<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$VMx = get-view $VM.ID<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$HW = $VMx.guest.net<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$adapters = get-networkadapter -VM $vm<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">foreach($dev in $hw)<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">{<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">foreach($ip in
$dev.ipaddress)<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">{<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 1.0in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">foreach($adapter
in $adapters)<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 1.0in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">{<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 1.5in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$out += $dev |
select @{N="Name";E={$vm.name}},
@{N="AdapterName";E={$adapter.Name}},@{N="IP
Address";E={$ip}}, @{N="MAC";E={$dev.macaddress}} | WHERE
{$dev.macaddress -eq $adapter.macaddress}<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 1.0in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">}<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">}<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; text-indent: .5in; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">}<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">}<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; margin-bottom: .0001pt; margin: 0in; orphans: auto; widows: 1; word-spacing: 0px;">
<span style="color: black; font-size: 13.5pt;"><span style="font-family: Courier New, Courier, monospace;">$out | export-csv
.\VM_MAC_IP.csv -notypeinformation</span><o:p></o:p></span></div>
<!--[if gte mso 9]><xml>
<o:DocumentProperties>
<o:Revision>0</o:Revision>
<o:TotalTime>0</o:TotalTime>
<o:Pages>1</o:Pages>
<o:Words>71</o:Words>
<o:Characters>409</o:Characters>
<o:Company>Nutanix</o:Company>
<o:Lines>3</o:Lines>
<o:Paragraphs>1</o:Paragraphs>
<o:CharactersWithSpaces>479</o:CharactersWithSpaces>
<o:Version>14.0</o:Version>
</o:DocumentProperties>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]-->
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>JA</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="276">
<w:LsdException Locked="false" Priority="0" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]-->
<!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:Cambria;
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;}
</style>
<![endif]-->
<!--StartFragment-->
<!--EndFragment--><br />
<div class="MsoNormal">
<br /></div>
</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-9952420498426798952014-01-18T17:08:00.002+00:002014-01-18T17:08:44.976+00:00SELinux and Changing Ports<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="p1">
As with many little Linux projects, what was intended to be a 2 minute activity turned into a 20 minute activity, this time in thanks to our friend SELinux.</div>
<div class="p2">
<br /></div>
<div class="p1">
In the past, I've always just disabled SELinux- what's the need, after all, as I'm usually just setting up projects out of my home lab and SELinux seems like a bit of overkill. What's more, even in the Red Hat Certified System Admin course, they have you turn it off, as managing SELinux is more of a RHCE task.</div>
<div class="p2">
<br /></div>
<div class="p1">
Well, as it so happens, I'm currently studying for my RHCE and figured now is as good a time as any to get some practice in, if only inadvertently.</div>
<div class="p2">
<br /></div>
<div class="p1">
So the task at hand: change the SSH listening port from 22 to 443 so I can s<a href="http://icecreaminthedungeon.blogspot.com/2013/08/socks-proxy-over-ssh-or-safely-browse.html"><span class="s1">afely browse the interwebs and circumvent those pesky proxies</span></a>. So to do so, I log in and edit /etc/ssh/sshd_config:</div>
<div class="p2">
<br /></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># This is the sshd server system-wide configuration file. See</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># sshd_config(5) for more information.</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># The strategy used for options in the default sshd_config shipped with</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># OpenSSH is to specify options with their default value where</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># possible, but leave them commented. Uncommented options change a</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"># default value.</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">#Port 22</span></div>
<div class="p4">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b>Port 443</b></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">#AddressFamily any</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">#ListenAddress 0.0.0.0</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">#ListenAddress ::</span></div>
<div class="p2">
<br /></div>
<div class="p1">
I add a rule in iptables to allow 443:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo iptables -I INPUT 4 -p tcp --dport https -j ACCEPT</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Then I restart sshd:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo service sshd restart</span></div>
<div class="p2">
<br /></div>
<div class="p1">
and attempt to SSH via 443 from my laptop:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@laptop ~]$ ssh usernam@centos01 -p 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">ssh: connect to host centos01 port 443: Connection refused</span></div>
<div class="p2">
<br /></div>
<div class="p1">
... WTF? I try telnet:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ telnet centos01 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Trying 10.21.4.10... </span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">telnet: connect to address 10.21.4.10: Connection refused telnet: Unable to connect to remote host</span></div>
<div class="p1">
Ah, so we're either blocking or not listening on 443. Let's try locally on the box:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@centos01 ~]$ ssh username@localhost -p 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">ssh: connect to host localhost port 443: Connection refused</span></div>
<div class="p2">
<br /></div>
<div class="p1">
So we're not listening. Weird. Perhaps this has something to do with SELinux:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ cat /selinux/enforced</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">1</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Yep, we're enabled. So I temporarily disable SELinux:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo echo 0> /selinux/enforce </span></div>
<div class="p2">
<br />
And let's try that again:</div>
<div class="p2">
<br /></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ ssh username@localhost -p 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ The authenticity of host 'centos01 (10.5.10.10)' can't be established.</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">RSA key fingerprint is 94:21:69:84:1a:87:a7:94:98:64:95:f5:9e:ab:97:c4.</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Are you sure you want to continue connecting (yes/no)?</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Hooraw! Sure enough, it looks like SELinux is gumming up the works. So how do we allow SSH to listen on port 443? Well a bit of Googling tells us we need a tool called semanage, but it's not installed. Right then:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo yum provides /usr/sbin/semanage</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Loaded plugins: rhnplugin</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">policycoreutils-python-2.0.83-19.8.el6_0.x86_64 : SELinux policy core python utilities</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Repo : rhel-x86_64-server-6</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Matched from:</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Filename : /usr/sbin/semanage</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">policycoreutils-python-2.0.83-19.1.el6.x86_64 : SELinux policy core python utilities</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Repo : rhel-x86_64-server-6</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Matched from:</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Filename : /usr/sbin/semanage</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo yum install policycoreutils-python</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Alright, so we have semanage installed, no it's time to append port 443 to the ssh_port_t:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -l | grep ssh</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ ssh_port_t tcp 22</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -a -t ssh_port_t -p tcp 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ /usr/sbin/semanage: Port tcp/443 already defined </span></div>
<div class="p2">
<br /></div>
<div class="p1">
Balls. Okay, so apparently you can only define a TCP port in one SELinux policy. Makes sense. Where is 443 defined?</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -l | grep 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ http_port_t tcp 80, 443, 488, 8008, 8009, 8443</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Ah, of course. It's defined for HTTP. Now then, let's just remove it from HTTP and add it to SSH:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -d -t http_port_t -p tcp 443</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ /usr/sbin/semanage: Port tcp/443 is defined in policy, cannot be deleted</span></div>
<div class="p2">
<br /></div>
<div class="p1">
Double balls. Alright, so we apparently have to <i>modify</i> the port to be included in ssh_port_t:</div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -m -t ssh_port_t -p tcp 443</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">[username@localhost ~]$ sudo semanage port -l | grep 443</span></div>
<div class="p2">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><br /></span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">http_port_t tcp 80, 81, 443, 488, 8008, 8009, 8443, 9000</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">pki_ca_port_t tcp 829, 9180, 9701, 9443-9447</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">pki_kra_port_t tcp 10180, 10701, 10443-10446</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">pki_ocsp_port_t tcp 11180, 11701, 11443-11446</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">pki_tks_port_t tcp 13180, 13701, 13443-13446</span></div>
<div class="p3">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">ssh_port_t tcp 443, 1255, 22</span></div>
<br />
<div class="p1">
Sweet! Done and done. Now we can re-enable SELinux enforcement and ssh to our host! Hat tip to m4ccum4ccu for his <a href="http://marcofalchi.blogspot.com/2013/05/centos-64-redhat-64-fedora-18-change.html">helpful blog post</a> which I've borrowed from heavily for this one.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-35888273420018168302013-11-20T15:50:00.002+00:002013-11-20T15:50:29.847+00:00How to Choose Between Hyper-V and vSphere<div dir="ltr" style="text-align: left;" trbidi="on">
A short whitepaper from Gartner comparing <a href="http://www.gartner.com/technology/reprints.do?id=1-1LV8IX1&ct=131016&st=sb">Microsoft's Hyper-V in Server 2012 and vSphere 5.5.</a> The PoV is high-level, but outlines cost and functionality considerations when comparing the two hypervisors. Key findings are:<br />
<br />
<ul style="text-align: left;">
<li>Hyper-V has made significant strides towards being an actual competitor with vSphere in terms of functionality and cost with the release of Server 2012</li>
<li>Hyper-V may be suitable for small deployments where centralized management is not required.</li>
<li>Functionally Hyper-V falls short to vSphere in SRM, non-Windows based guest support (e.g. live Linux snapshotting), DRS, and Storage DRS.</li>
<li>Although Hyper-V now has equivalent technologies to VMware's HA and affinity rules, it is more complicated to implement and manage, requiring multiple tools</li>
<li>vSphere still has a significant market lead over Microsoft, due in large part to the first-mover advantage and better hybrid cloud offerings</li>
</ul>
Although Microsoft may be moving from being simply a niche player in the hypervisor space, they are still a far cry from gaining significant market share from VMware. Hyper-V has a significant OS footprint relative to that of ESXi (5GB vs 144MB respectively), requiring more patching and likely more downtime as a result. Tools like SRM and DRS are integral to many organization's data center and DR strategies. Lastly, while Hyper-V offers more hardware support than vSphere, this is really only an advantage for small organizations or home labs, as most enterprises have the resources and IT maturity to standardize hardware or purchase blade server technologies. </div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-22026515218567460132013-11-03T23:01:00.000+00:002013-11-03T23:01:25.449+00:00Dammit Apple, you ruin everything<div dir="ltr" style="text-align: left;" trbidi="on">
Not one to miss out on an opportunity for free software/upgrades, I upgraded my 2011 Macbook Pro to OSX Maverick last weekend. The upgrade generally went pretty well, although it was slow. OSX got some minor face lifts, including the launcher menu with an opaque background:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-_iwb2TZtZyI/UnbTCVPXvYI/AAAAAAAAEzE/INARS-5N9do/s1600/Screen+Shot+2013-11-03+at+5.48.59+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="http://4.bp.blogspot.com/-_iwb2TZtZyI/UnbTCVPXvYI/AAAAAAAAEzE/INARS-5N9do/s200/Screen+Shot+2013-11-03+at+5.48.59+PM.png" width="10" /></a></div>
Aside from that, nothing has really changed for me- I don't use Apple Chat/iChat, I don't intend to buy ebooks from Apple ever, and I don't own an iPhone or use iTunes.<br />
<br />
What has significantly changed for me is Apple as decided to dumb down its nifty <a href="http://www.cultofmac.com/113579/use-lions-hidden-wi-fi-monitor-os-x-tips/">Wireless Diagnostic tool introduced with OSX Lion</a>. Gone are the days when I could monitor and track useful performance data for my wireless network connectivity from my MacBook. It has since been replaced with a stripped-down, diluted utility that wraps up logs so you can send them to Apple for support...<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-CBRbTZZMr_8/UnbUIrT_BVI/AAAAAAAAEzQ/kYbdwfH_hgg/s1600/Screen+Shot+2013-11-03+at+5.53.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="222" src="http://1.bp.blogspot.com/-CBRbTZZMr_8/UnbUIrT_BVI/AAAAAAAAEzQ/kYbdwfH_hgg/s320/Screen+Shot+2013-11-03+at+5.53.55+PM.png" width="320" /></a></div>
<br />
<br />
F*ck you Apple. Seriously. You had such a great, useful, practical utility tucked away in your dumbed-down OS and you managed to ruin it and strip it of any meaningful utility.<br />
<br />
Perhaps there is still a way to get the rich monitoring information once before available, but if there is, I haven't figured it out. I'll continue to dig, but the fact that I have to do so is ridiculous- it was perfect before!<br />
<br />
This may be the final tick in the box for me to leave OSX all together to a more useful and practical OS that leaves some semblance of respect for its users. Now where'd I leave that BSD Live CD...</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-52621883799789887442013-10-26T16:30:00.001+01:002013-10-26T16:58:33.306+01:00Exporting and Importing Volume Groups<div dir="ltr" style="text-align: left;" trbidi="on">
Well this is cool. I had to copy my music and movies from the disks in my HTPC to my newly-built NAS, but didn't want my home network bogged down with the rsync file copy. Traditionally this would be pretty easy, as on standard ext4/ntfs/fat filesystems, you can just remove the disk from the originating PC and plug it up in the destination PC and mount it and you're all set. In my case, an extra level of complexity was introduced since I used LVM to create one logical partition across two disks in the HTPC. After a bit of Google Love, I learned that LVM can actually export and import volumes very easily:<br />
<ol style="text-align: left;">
<li>Umount the volume group</li>
<div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ umount /var/media</span></div>
<li>Mark the volume group inactive</li>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ vgchange -an vgmedia</span></div>
<li>Export the volume group</li>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ vgexport vgmedia</span></div>
<li>Shutdown the machine, remove the disks, and hook them up in the destination system.</li>
<li>Import the volume group</li>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ pvscan</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ vgimport vgmedia</span></div>
<li>Activate the volume group</li>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">$ vgchange -ay vgmedia</span></div>
<li>Mount the filesystem</li>
</ol>
<div>
Hat tip to <a href="http://www.tldp.org/HOWTO/LVM-HOWTO/recipemovevgtonewsys.html">www.tldp.org </a>for the how-to. Pretty cool. Constraining factor is that you have enough bays/ports in the destination machine to accommodate all of the disks in the Volume Group. Alternatively, you can attempt to <a href="http://www.tldp.org/HOWTO/LVM-HOWTO/removeadisk.html">remove one or more disks from the Volume Group</a> if you have enough unallocated space on the other disk(s).</div>
</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-24105686118398011772013-10-25T21:09:00.000+01:002013-10-25T22:05:25.481+01:00SAMBA Shares with no Username/Password<div dir="ltr" style="text-align: left;" trbidi="on">
Setting up a NAS/share that you want all users on your network to be able to access without a username or password? If you want to do this in SAMBA 4, you can't use the traditional global setting of:<br />
<div>
<br /></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">security = share</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;"><br /></span></div>
<div>
<span style="font-family: inherit;">as "share" level security is now deprecated. You'll now need to set the parameter </span><span style="font-family: Courier New, Courier, monospace; font-size: small;">map to guest</span><span style="font-family: inherit;">. Instead, use the following settings in /etc/samba/smb.conf:</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;"><br /></span></div>
<div>
<div style="font-family: 'Courier New', Courier, monospace; font-size: small;">
security = user</div>
<div style="font-family: 'Courier New', Courier, monospace; font-size: small;">
map to guest = Bad Password</div>
<div style="font-family: 'Courier New', Courier, monospace; font-size: small;">
passdb backend = tdbsam</div>
<div style="font-family: 'Courier New', Courier, monospace; font-size: small;">
guest account = nobody</div>
</div>
<div style="font-family: 'Courier New', Courier, monospace; font-size: small;">
<br /></div>
<div>
<span style="font-family: inherit;">And if you're doing this, it's a good idea to lock down Samba to your local network:</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;"><br /></span></div>
<div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">interfaces = lo eth0 192.168.1.0/24</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">hosts allow = 192.168.1.0/24</span></div>
</div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;"><br /></span></div>
<div>
<span style="font-family: inherit;">Lastly, don't forget to configure iptables to lock down source ports:</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace; font-size: small;">iptables -A INPUT -p tcp </span><span style="font-family: 'Courier New', Courier, monospace; font-size: small;">-s 192.168.1.0/24</span><span style="font-family: 'Courier New', Courier, monospace; font-size: small;"> --dport netbios-ssn -j ACCEPT</span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace; font-size: small;">iptables -A INPUT -p udp -s 192.168.1.0/24 --dport netbios-ssn -j ACCEPT</span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace; font-size: small;">iptables -A INPUT -p tcp -s 192.168.1.0/24 --dport microsoft-ds -j ACCEPT</span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace; font-size: small;">iptables -A INPUT -p udp -s 192.168.1.0/24 --dport microsoft-ds -j ACCEPT</span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace; font-size: small;"><br /></span></div>
<div>
<span style="font-family: inherit;">Point smbclient/Windows Explorer/Mac Finder to //IP/share_name and you're all set!</span></div>
</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-22659904082060721232013-09-16T21:28:00.001+01:002013-09-16T22:09:32.658+01:00One way to re-IP your NFS array with VMware<div dir="ltr" style="text-align: left;" trbidi="on">
Recently I have been working on a project to replace an old FAS2040 NetApp array with a newer FAS2240. The old FC disk shelves from the 2040 will be re-purposed in the 2240, so will be physically moved to the new array complete with all of the existing VMs in the farm.<br />
<br />
This poses an interesting problem though, the existing filers with their current IP's will disappear and the new filer will have a different hostname and IP. This change will cause all of the VMs to go grey because they cannot reach their disks. With a little googleing you can find a couple of scripts that are able to re-register VMs, these can be modified to fix this issue.<br />
<br />
To add to the interest in this environment we have VMs with multiple disks on different NFS mounts, so we need to fix the vmx files so they point to the new datastores on the new filer.<br />
<br />
So whats the plan then??<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<ol style="text-align: left;">
<li>Get the names of all your templates<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Get-Template | Select-Object Name | Export-Csv -NoTypeInformation -Path ./templates.csv</span></li>
<li>Convert all templates to VMs<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Set-Template -ToVM * -Confirm:$false</span></li>
<li>Run this command to collect the necessary information<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><span style="background-color: white; color: #222222;">get-view -viewtype virtualmachine -property name, config.files.vmpathname, parent, Runtime.Host | select name, @{n="vmxFilePath"; e={$_.config.files.vmpathname}</span><wbr style="background-color: white; color: #222222;"></wbr><span style="background-color: white; color: #222222;">}, parent, @{n="host"; e={$_.runtime.host}} | Export-Clixml -Path ./vms.xml</span></span></li>
<li>Remove all VMs from the inventory<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Get-Datastore <regex to get all affected DS> | Get-VM | Remove-VM -Confirm:$false</span></li>
<li>Enable SSH on a host<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><span style="background-color: white; color: #666666; line-height: 18px;">Get-VMHost <hostname> | Foreach-Object { Start-VMHostService </span><span style="background-color: white; color: #666666; font-weight: bold; line-height: 18px;"><span style="font-weight: normal;">-Confirm:$False </span></span><span style="background-color: white; color: #666666; line-height: 18px;">-HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"} )}</span></span></li>
<li>Get the datastore locations<br />SSH to your host > enter <span style="font-family: Courier New, Courier, monospace;">ls -l /vmfs/volumes/ </span><br /><div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-_5hiKNqGDCM/UjdhFo71oKI/AAAAAAAANvM/2j-hZj2ZuHM/s1600/DS+mapping.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="70" src="http://2.bp.blogspot.com/-_5hiKNqGDCM/UjdhFo71oKI/AAAAAAAANvM/2j-hZj2ZuHM/s400/DS+mapping.PNG" width="400" /></a></div>
<br /><span style="font-family: inherit;">Save this info for later</span></li>
<li>Unmount affected Datastores<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Get-Datastore <regex to match all affected DS> | foreach {Remove-Datastore -Confirm:$false -Datastore $_ -VMHost (Get-VMHost <regex to get all affected hosts>)}</span></li>
<li><span style="font-family: inherit;">Mount your new datastores, since there are heaps of ways to do this I'll leave it to you</span></li>
<li><span style="font-family: inherit;">Get the new datastore locations<br />Just re-do point 6 above</span></li>
<li><span style="font-family: inherit;">Copy this sh script over to your host, make sure you replace OLD-DATASTORE and NEW-DATASTORE with the correct UID's from point 6 and 9.</span><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">#!/bin/sh</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> find /vmfs/volumes/ -name '*.vmx' -maxdepth 3 | while read fl; do</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> echo $fl</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> mv "$fl" "$fl.old"</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> sed 's/<b>OLD-DATASTORE</b>/<b>NEW-DATASTORE</b>/g;s/<b>OLD-DAASTORE</b>/<b>NEW_DATASTORE</b>/g' "$fl.old" > "$fl"</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> chmod 755 "$fl"</span><br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> done</span><br /><span style="font-family: inherit;">You can add as many datastores to rename as you like, just use </span>separate<span style="font-family: inherit;"> them with ; the example above does 2 datastores.</span></li>
<li>Disable SSH<br /><span style="font-size: x-small;"><span style="background-color: white; color: #666666; font-family: 'Courier New', Courier, monospace; line-height: 18px;">Get-VMHost <hostname> | Foreach-Object { Stop-VMHostService </span><span style="background-color: white; color: #666666; font-family: 'Courier New', Courier, monospace; font-weight: bold; line-height: 18px;"><span style="font-weight: normal;">-Confirm:$False </span></span><span style="background-color: white; color: #666666; font-family: 'Courier New', Courier, monospace; line-height: 18px;">-HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"} )}</span></span></li>
<li>Register all your VMs<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Import-Clixml .\vms.xml | foreach { New-VM -VMFilePath $_.vmxfilepath -VMHost (Get-VIObjectByVIView $_.host.toString()) -Location (Get-VIObjectByVIView $_.parent.toString()) -RunAsync}</span></li>
<li>Convert your templates back to templates<br /><span style="font-family: Courier New, Courier, monospace; font-size: x-small;">Import-Csv -Path ./templates.csv | foreach {Set-VM -ToTemplate -VM $_.name -Confirm:$false}</span></li>
</ol>
<div>
<span style="font-family: inherit;">With a little luck you should be all done! :)</span></div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-53317726846111528392013-09-15T17:50:00.002+01:002013-09-15T17:50:54.233+01:00Cable Modems and DHCP<div dir="ltr" style="text-align: left;" trbidi="on">
Fun fact- many new cable modems strictly adhere to DHCP standards. We found this out the hard way when trying to set up our Comcast cable internet connection with our new refurbished <a href="http://www.amazon.com/gp/product/B005S0BYQ6/ref=oh_details_o01_s00_i00?ie=UTF8&psc=1">Cisco Linksys Router</a>. Setting up our connection was not painless, in part as a result of my own fault. To begin, looking for a deal, I purchased a refurbished Motorola Surfboard modem on Ebay, since like many other cable providers, <a href="http://20somethingfinance.com/get-rid-of-your-comcast-modem-rental-fee/">Comcast charges an arm and a leg to lease a modem</a>.<br />
<div>
<br /></div>
<div>
The modem I purchased was explicitly listed as Comcast compatible, however upon initial installation I couldn't "activate" the device using Comcast's online tool. I found this incredibly frustrating because on initial connection, I could resolve and ping external web sites thus proving the cable modem worked, however due to the nature of the Cable internet-provider business, all http traffic is proxied prior to activation (which as I understand it, is just the cable provider sending down a small config file to the modem which sets transfer rates and ensures proper billing). After failed "automated" activation, I had to call customer service where I was directed to a call center in the Philippines. While the call representative was nice, she basically ran through her script, which took about 30 minutes, before finally forwarding me on to an on-shore representative who quickly concluded that because my modem was using the deprecated DOCSIS 2.0 standard, Comcast would not send down a configuration file. Sigh.</div>
<div>
<br /></div>
<div>
I could've waited and just ordered another DOCSIS 3.0 modem online, but wanting an internet connection that day, I hopped in the car and dropped by Best Buy where I picked up a <a href="http://www.bestbuy.com/site/Cable+Modem/4728707.p;jsessionid=A131A6D5F8CF7A144CF3EF5E140F5E13.bbolsp-app02-118?id=1218516238574&skuId=4728707&st=netgear%20cable%20modem&cp=1&lp=1#tab=overview">NetGear CMD31T modem</a>. Upon returning home, I hooked up the new modem and was able to get an internet connection directly connecting my laptop to the modem within minutes. Next came time to hook up our new Cisco Linksys wireless router to the modem. The first thing I noticed was that the "1G ETH" light turned from green, when plugged into my laptop, to orange when plugged into the router.</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-raxD7hxwjaE/UjXlX44d8qI/AAAAAAAAER0/Zq6NzvPZOzo/s1600/netgear_modem.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="http://1.bp.blogspot.com/-raxD7hxwjaE/UjXlX44d8qI/AAAAAAAAER0/Zq6NzvPZOzo/s200/netgear_modem.jpg" width="113" /></a></div>
<br />
<br /></div>
<div>
In addition to that, the router would not pull down the IP from the modem. After a bit of head scratching, I decided to try updating the Cisco firmware on the device, to no avail. Then, in a fit of increasing frustration, I tried flashing <a href="http://www.dd-wrt.com/site/index">DD-WRT</a> on to the router (which is one reason why I chose the router in the first place- due to the DD-WRT support). Still no love. Now at this point, I began my cursing tirade against Cisco selling "refurbished" products that don't work. After letting a friend and colleague visiting from Australia to have a shot of changing the WAN port configuration within DD-WRT, we all but surrendered and I <i>almost</i> ran back to Best Buy to over pay for another modem. Then at the suggestion of my friend, we tried rebooting the modem to see if it would issue a new DHCP lease. Up to this point, we were hesitant to power down the modem out of fear of losing the connection form Comcast. Sure enough, rebooting the modem worked the trick, the router obtained the external WAN IP, and we were up and running!</div>
<div>
<br /></div>
<div>
As it turns out, it looks like newer cable modems more closely adhere to DHCP standards and once an IP is allocated from the modem to the downstream device (be it a router or a laptop), it won't allocate another address until either:</div>
<div>
<br /></div>
<div>
A.) The IP address is released by the client device</div>
<div>
B.) The modem is rebooted</div>
<div>
<br /></div>
<div>
Effectively a simple problem, but it took us the better part of an hour to figure it out. Also, as an aside, I ended up having to flash the Cisco firmware back onto the device, as DD-WRT was providing high latency ping responses. Additionally, DD-WRT does not support the two-antennas as of yet on the router.<br />
<br />
Finally, we are once again bathed in beautiful wifi internets!</div>
</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-22051145072372147312013-08-27T22:44:00.000+01:002013-08-27T22:52:07.475+01:00OSX Guest account "Shakes" and won't log on after power failure<div dir="ltr" style="text-align: left;" trbidi="on">
I have been borrowing a friends mac lately only for a couple of weeks while they are away. They have set up the guest account for me to log into. This is a great idea, it allows me to pretty much do what I like without any risk of damaging the computer (or so Apple will have you think). This assumption is almost correct, but as anyone with a little unix knowledge could tell you, "if you have physical access to the console and are able to reboot it, you can boot into single user mode". This means you can get root access :)<br />
<div>
<br /></div>
<div>
The problem is that this is a iMac, and there is a design flaw with it. The power cable goes into the monitor, this is the only power cable for the whole thing so if it comes out, your computer dies. Now Apple saw fit to put a highly reflective display on this thing so it needs constant adjustment to stop reflections, this means the power cable can work itself loose. Normally this might not be catastrophic since you could just plug back in and boot it up. Sure you might loose some work but since its an apple its unlikely your doing anything important. (Yes I am inferring that if you are a mac user you are probably just playing Facebook games or some sort or art, and yes thats not really important).</div>
<div>
<br /></div>
<div>
Now, rant over, if you are logged in as Guest when this power failure happens you will not be allowed to log back in. You will be faced with the login box, with the guest account, but instead of logging in you get an INFURIATING shaking box with no error message. So what does this mean? Who bloddy knows, the result though is you can't use the computer.</div>
<div>
<br /></div>
<div>
Where to now? Well Apple are no help here, so after a LOT of googleing I found a series of different blog posts that sort of related that I could string together into a solution. Here goes...</div>
<div>
<br /></div>
<div style="text-align: left;">
<ol style="text-align: left;">
<li>Boot into single user mode: Reboot the mac and hold cmd+s you will end up at a terminal prompt as the root user... sort of. </li>
<li>Type:<br /><i>fsck -fy</i><br /><i>mount -uw /</i><br />This will mount the root writable and give you root access to the machine.</li>
<li>Type:<br /><i>passwd root </i>Enter a new root password.</li>
<li>Type:<br /><i>dsenableroot -u root</i><br />Enter the root password you just set three times and the root account will be enabled</li>
<li>Type <i>exit</i> to boot up normally</li>
<li>Log in as the root user by clicking other and entering root as the username and the password you set.</li>
<li>Open System Preferences > Accounts and disable the Guest account by deselecting both check boxes. Close the preferences window.<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-f67Xi06rwJ0/Uh0e4NaYbvI/AAAAAAAANVo/UozYdwNvh4c/s1600/Disable+guest.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="253" src="http://1.bp.blogspot.com/-f67Xi06rwJ0/Uh0e4NaYbvI/AAAAAAAANVo/UozYdwNvh4c/s320/Disable+guest.png" width="320" /></a></div>
</li>
<li>This alone will not actually disable the account so open a terminal and enter:<br /><i>dscl . delete /Users/Guest</i></li>
<li>Now go back to Accounts and re-enable the Guest user.<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-b0m52vp9gJg/Uh0fGad2dhI/AAAAAAAANV4/mMVo1G9IiWA/s1600/Enable+Guest.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="246" src="http://4.bp.blogspot.com/-b0m52vp9gJg/Uh0fGad2dhI/AAAAAAAANV4/mMVo1G9IiWA/s320/Enable+Guest.png" width="320" /></a></div>
</li>
<li>Log out of the root account and you <i>should</i> be able to log in as guest now.</li>
<h4 style="text-align: left;">
OPTIONAL:</h4>
<div>
<br />
<br />
<li>If you don't want anyone to know you enabled the root account, you will want to disable it. Log on as root.</li>
<li>Go back to Accounts > click Login Options</li>
<li>Click the Join box next to Network Account Server</li>
<li>Click Open Directory Utility</li>
<li>Choose Edit(top menu) > Disable Root User<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-5C99jUCul_c/Uh0eks3xsYI/AAAAAAAANVg/16-5Y1g03GY/s1600/Disable+root.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="261" src="http://1.bp.blogspot.com/-5C99jUCul_c/Uh0eks3xsYI/AAAAAAAANVg/16-5Y1g03GY/s400/Disable+root.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
So thanks Apple, that was a right pain in the arse. Fix this bug with the guest account please.</div>
</li>
</div>
</ol>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-44959009912519746212013-08-25T11:12:00.002+01:002013-08-25T11:12:30.866+01:00VMware consolidating disks fails with file lock error<div dir="ltr" style="text-align: left;" trbidi="on">
Recently I came across an issue where I had a VM with lots of snapshot and delta disks but when you look in the snapshot manager there are no snapshots.<br />
<br />
There is a nice little message in the vSphere client pointing to the issue.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-zGIsb0jRZNY/UhnTfR6qaQI/AAAAAAAANQI/V9GOF9Qwy_g/s1600/Disk+Consolidation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="62" src="http://3.bp.blogspot.com/-zGIsb0jRZNY/UhnTfR6qaQI/AAAAAAAANQI/V9GOF9Qwy_g/s320/Disk+Consolidation.png" width="320" /></a></div>
<br />
When I attempted to consolidate the disks I got a horrible error, one of those VMware mystery errors.<br />
<div style="text-align: center;">
<b><span style="font-size: large;"><br /></span></b></div>
<div style="text-align: center;">
<b><span style="font-size: large;">"Unable to access file since its locked"</span></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-93cV61gjtPc/UhnU_fq6OrI/AAAAAAAANQU/paWX9w0Y0Kc/s1600/Unable+to+access+file.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="29" src="http://3.bp.blogspot.com/-93cV61gjtPc/UhnU_fq6OrI/AAAAAAAANQU/paWX9w0Y0Kc/s320/Unable+to+access+file.png" width="320" /></a></div>
<div>
<br /></div>
<div>
Super! Thanks VMware.</div>
<br />
A bit of googleing around led me to a stack of articles talking about backup VM's having the disk mounted causing a file lock. I knew this was not the problem since this is a lab environment and there is no snapshot backup tool.<br />
<br />
It did lead me to look on the array for file locks though. This is on a NetApp array so I ssh'd in and had a poke around. I checked for locks on all of the files in the VM's directory and no matter what I entered I kept getting 'No Locks'<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-EHpyiTFMK1Y/UhnWC-jFqXI/AAAAAAAANQc/ECz7S4i5-tg/s1600/No+Locks.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="71" src="http://3.bp.blogspot.com/-EHpyiTFMK1Y/UhnWC-jFqXI/AAAAAAAANQc/ECz7S4i5-tg/s320/No+Locks.png" width="320" /></a></div>
<br />
OK, so its not an array level file lock, what next?<br />
<br />
I turned on SSH on a host that has access to the files, CD'd to the VMs directory to have a look around. The first thing I noticed that struck me as odd was 2 files starting with .lck-.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-v5UYGPbjcU8/UhnXZYlY4TI/AAAAAAAANQo/vdwHYpgts78/s1600/lck+files.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="59" src="http://4.bp.blogspot.com/-v5UYGPbjcU8/UhnXZYlY4TI/AAAAAAAANQo/vdwHYpgts78/s320/lck+files.png" width="320" /></a></div>
<br />
Since the VM was powered off these should not be there. So I rm'd both files and tried the consolidate again. HUZZAH!! its working.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-VVyAGqoK9oM/UhnYWCmx1LI/AAAAAAAANQw/IzcQLrBtl_8/s1600/Consolidation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-VVyAGqoK9oM/UhnYWCmx1LI/AAAAAAAANQw/IzcQLrBtl_8/s1600/Consolidation.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-52676534635613210462013-08-02T23:20:00.000+01:002013-08-02T23:20:02.870+01:00PowerShell one liners for Active Directory<div dir="ltr" style="text-align: left;" trbidi="on">
Just like my <a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/powercli-one-liners.html" target="_blank">PowerCLI one liners</a> post, I am hoping that this one will improve and expand over time.<br />
<br />
<h4 style="text-align: left;">
Get the user "Luke"<br /><div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: normal;">Get-ADUser -Filter {SamAccountName -Like 'Luke'}</span></span></div>
<div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: normal;"><br /></span></span></div>
</h4>
<h4 style="text-align: left;">
Get all users with the Surname "Jones"<br /><div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: normal;">Get-ADUser -Filter {Surname -like 'Jones'}</span></span></div>
<div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: normal;"><br /></span></span></div>
<div style="text-align: left;">
<span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: normal;"><br /></span></span></div>
<div style="text-align: left;">
Get all disabled users</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: Courier New, Courier, monospace;">Get-ADUser -Filter {Enabled -eq 'False'}</span></span></div>
<div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span></div>
</h4>
<h4 style="text-align: left;">
</h4>
<h4 style="text-align: left;">
<span style="font-family: inherit;">Enable a user account</span><br /><span style="font-family: 'Courier New', Courier, monospace; font-weight: normal;">Set-ADUser -Enabled $True -Identity "Luke"</span></h4>
<h4 style="text-align: left;">
<span style="font-family: inherit;">Get members of a group</span><br /><span style="font-family: 'Courier New', Courier, monospace; font-weight: normal;">Get-ADGroupMember esxadmin | Select-Object SamAcco</span><span style="font-family: 'Courier New', Courier, monospace; font-weight: normal;">untName, Name</span></h4>
<div>
<span style="font-family: 'Courier New', Courier, monospace; font-weight: normal;"><br /></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-8091482912486573672013-08-01T21:42:00.000+01:002016-08-30T04:54:25.791+01:00PowerCLI one liners for VMware<div dir="ltr" style="text-align: left;" trbidi="on">
Hopefully this will be a living post that I will update on a regular basis as I come across more little things I want to do.<br />
<br />
<h4 style="text-align: left;">
Get a list of all VM names fast<br /><div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;">Get-View -ViewType VirtualMachine -Property Name | Select Name</span></span></div>
<div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
</h4>
<h4 style="text-align: left;">
Get a list of all Host names fast<br /><div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">Get-View -ViewType HostSystem -Property Name | Select Name</span></span></div>
<div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><br /></span></span></div>
</h4>
<h4 style="text-align: left;">
Get a list of all VM's and their IP address (only works for powered on VM's)<br /><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">Get-View -ViewType VirtualMachine -Property N</span><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">ame, Guest.IpAddress | Foreach-Object {Add-Member -InputObject $_ </span><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">-MemberType NoteProperty -Name IpAddress -Value $($_.Guest.IpAddress) -Pa</span><br />
<span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">ssThru} | Select Name, IpAddress</span></h4>
<div>
<span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;"><br /></span></div>
<h4 style="text-align: left;">
Get a list of all snapshots that are more than 2 days old and display its age in days<br /><div style="text-align: left;">
<span style="font-family: courier new, courier, monospace;"><span style="font-weight: normal;">Get-Snapshot -VM $(Get-View -ViewType VirtualMachine -Property Name,Config.Template -Filter @{"Config.Template"="False"} | foreach { $_.name }) | Where-Object {$_.Created -lt $(Get-Date).AddDays(-2)} | ForEach-Object {Add-Member -MemberType NoteProperty -InputObject $_ -PassThru -Name Age -Value $((Get-Date) - ($_.Created)).Days} | Select-Object Name, Description, Created, Age</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><br /></span></span>
<br />
<h4 style="text-align: left;">
List any VM's that have CD drives attached (might stop vMotion working)<br /><div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">Get-Vm | Foreach-Object {$CD = Get-CdDrive -Vm $_; If ($CD.IsoPath -or $CD.HostDevice){$_ | Select-Object Name}}</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><br /></span></span>
<br />
<h4 style="text-align: left;">
Detach CD drives from all VM's<br /><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">Get-Vm | Foreach-Object {$CD = Get-CdDrive -Vm $_; If ($CD.IsoPath -or $CD.HostDevice){$Null = Set-CdDrive -CD $CD -NoMedia -Confirm:$False}}</span></span><div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Turn on SSH for all hosts</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;">Get-VMHost | Foreach-Object { Start-VMHostService </span></span><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">-Confirm:$False </span></span><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">-HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"} )}</span></div>
<div style="text-align: left;">
<span style="font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
</h4>
<h4 style="text-align: left;">
Turn off SSH for all hosts<br /><div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">Get-VMHost | Foreach-Object { Stop-VMHostService </span><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">-Confirm:$False </span><span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;">-HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"} )}</span></div>
<div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;"><br /></span>
<br />
<h4 style="text-align: left;">
<span style="font-family: inherit;">Get a list of all VMs (including templates) with their vmx location, current host and folder and export to XML</span></h4>
<span style="font-family: "courier new" , "courier" , monospace;"><span style="background-color: white; color: #222222; font-weight: normal;">get-view -viewtype virtualmachine -property name, config.files.vmpathname, parent, Runtime.Host | select name, @{n="vmxFilePath"; e={$_.config.files.vmpathname}</span><wbr style="background-color: white; color: #222222; font-weight: normal;"></wbr><span style="background-color: white; color: #222222; font-weight: normal;">}, parent, @{n="host"; e={$_.runtime.host}} | Export-Clixml -Path ./vms.xml</span></span></div>
<div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace; font-weight: normal;"><br /></span>
<br />
<h4 style="text-align: left;">
<span style="font-family: inherit;">Import the list and add the VMs to inventory</span></h4>
<div>
<span style="background-color: white; color: #222222; font-size: 13px; font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;">Import-Clixml .\vms.xml | foreach { New-VM -VMFilePath $_.vmxfilepath -VMHost (Get-VIObjectByVIView $_.host.toString()) -Location (Get-VIObjectByVIView $_.parent.toString()) -RunAsync}</span></span></div>
<div>
<span style="background-color: white; color: #222222; font-size: 13px; font-weight: normal;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div>
<br /></div>
</div>
</h4>
</div>
</h4>
</div>
</h4>
<h4>
<span style="font-family: inherit;">Get a list of all VMs and their configured OS </span></h4>
<h4>
<div>
</div>
</h4>
<h4>
<div>
</div>
</h4>
<h4>
<div>
<span style="color: #222222; font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">Get-View -ViewType virtualmachine -property name, config.guestid, config.guestFullName | select name, @{N='guestid'; E={$_.config.guestid}}, @{N='guestFullName'; E={$_.config.guestFullName}} | sort guestid | Export-Csv -NoTypeInformation -Path ./vmguests.csv</span></span><br />
<span style="color: #222222; font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><br /></span></span></div>
</h4>
<h4>
Get report about host CPU, Network and Storage usage (real-time stats)<br /><div>
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">get-vmhost | foreach { </span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><span class="Apple-tab-span" style="white-space: pre;"> </span>$CPU = Get-Stat -Entity $_ -Stat cpu.usagemhz.average -Realtime | measure -Average -Maximum value</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><span class="Apple-tab-span" style="white-space: pre;"> </span>$net = get-stat -Entity $_ -Realtime -stat net.usage.average | where {$_.instance -eq ""} | measure -Average -Maximum value</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><span class="Apple-tab-span" style="white-space: pre;"> </span>$storage = get-stat -Entity $_ -stat storageAdapter.write.average -realtime | measure -average -maximum value</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;"><span class="Apple-tab-span" style="white-space: pre;"> </span>$_ | select @{N='Cluster';E={$_.parent.name}}, name, @{N='CPU MHz Usage Average';E={$CPU.average}}, @{N='CPU MHz Usage Average Max';E={$CPU.Maximum}}, @{N='Net KBps Usage Average';E={$Net.average}}, @{N='Net KBps Usage Average Max';E={$Net.Maximum}}, @{N='Storage KBps Usage Average';E={$CPU.average}}, @{N='Storage KBps Usage Average Max';E={$CPU.Maximum}}</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-weight: normal;">} | Export-Csv -NoTypeInformation -Path ./Host_Usage.csv</span></span></div>
</h4>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-84869072102783946652013-08-01T21:09:00.002+01:002013-08-01T21:09:39.328+01:00Upload and download files over SSH<div dir="ltr" style="text-align: left;" trbidi="on">
This is fairly easy to do if you are used to unix CLI and you are using unix/OSX. For windows as always there is a little more to it.<br />
<br />
<h3 style="text-align: left;">
OSX/Unix</h3>
<div>
Open up a terminal. For mac users press cmd+space then type "terminal" hit enter, in Ubuntu press ctrl+alt+t, for any other unix I assume you know how to do this.</div>
<div>
<br /></div>
<div>
Navigate to the file that you want to upload or the location that you want to download the file to using the cd command. eg. <i>cd ~</i> (this will take you to your home folder)</div>
<div>
<br /></div>
<div>
Now you need to use the <i>scp</i> command to copy your files. it is used like this:<br /><i>scp <file to copy> <destination> </i></div>
<div>
<i><br /></i>If you are using a non standard port (not port 22) for SSH they you will need to specify the port with the -P flag. If you want to copy a folder then you need to specify the -r (recursive copy) flag. </div>
<div>
<i>scp -P 443 -r <file to copy> <destination> </i></div>
<div>
<i><br /></i></div>
<div>
Your remote file path needs to specify your username, server and file path. For example if I wanted to copy example.txt from my home folder to my home folder on my SSH server I would type: <br /><i>scp -P 443 /home/luke/example.txt luke@icitd.com:/home/luke/<br /></i></div>
<div>
If I wanted to copy the same file from my SSH server to my local machine I could type:<br /><i>scp -P 443 luke@icitd.com:/home/luke/example.txt </i><i>/home/luke/txt/</i></div>
<div>
<i><br /></i></div>
<div>
If I wanted to copy the whole txt folder from my home directory to my SSH server I would type:</div>
<div>
<i>scp -P 443 -r </i><i>/home/luke/txt luke@icitd.com:/home/luke/</i><br />remember the -r to recurse the directory!</div>
<div>
<br /></div>
<div>
There are GUI based tools available for OSX and linux if you like, examples are:</div>
<div>
OSX - <a href="http://cyberduck.ch/" target="_blank">Cyberduck</a>, <a href="http://www.panic.com/transmit/" target="_blank">Transmit</a>, <a href="http://rsug.itd.umich.edu/software/fugu/" target="_blank">Fugu</a> or <a href="https://filezilla-project.org/" target="_blank">Filezilla</a></div>
<div>
Ubuntu - Search the app store, or Filezilla is available</div>
<h4 style="text-align: left;">
Large files</h4>
<div>
If you want to copy a large file, a lot of files, or you regularly want to back up a directory then rsync is the tool for you. It is used in a similar way to scp but it only copies the changes to files so if you have a large amount of data that doesn't change much this can save you a lot of time.</div>
<div>
<br /></div>
<h3 style="text-align: left;">
Windows</h3>
<div>
WinSCP is a GUI file transfer program for windows, it has a midnight commander type interface or a standard interface. I find the midnight commander interface to be much more useful.</div>
<div>
<br /></div>
<div>
Download and install <a href="http://winscp.net/eng/download.php" target="_blank">WinSCP</a>, open WinSCP.</div>
<div>
<br /></div>
<div>
You can use either SFTP or SCP for the file protocol, I have not noticed any major differences but SFTP is supposed to be the better protocol. </div>
<div>
In the Host name box enter the IP or hostname of your SSH server, enter the port number you are using (default is 22)</div>
<div>
Enter your user name and password, click Login.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-eGLIMozqD8A/Ufq-RgWZUxI/AAAAAAAAMzQ/2MDLyrnNZmM/s1600/WinSCP+login+box.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="355" src="http://4.bp.blogspot.com/-eGLIMozqD8A/Ufq-RgWZUxI/AAAAAAAAMzQ/2MDLyrnNZmM/s400/WinSCP+login+box.png" width="400" /></a></div>
<div>
<br /></div>
<div>
Agree to saving the fingerprint when prompted, this will open up the file navigator. From here you can drag and drop files from your client to server or server to client. Your local machines files are on the left and the remote machine is on the right.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/--cGl1RdlXYI/Ufq_a6lmDmI/AAAAAAAAMzc/Y_YGhaxYho4/s1600/WinSCP.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="263" src="http://4.bp.blogspot.com/--cGl1RdlXYI/Ufq_a6lmDmI/AAAAAAAAMzc/Y_YGhaxYho4/s400/WinSCP.png" width="400" /></a></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-74345677446977656492013-08-01T20:29:00.000+01:002013-10-09T11:15:49.379+01:00Socks proxy over SSH OR Safely browse the Internet<div dir="ltr" style="text-align: left;" trbidi="on">
This one comes in handy for me in three different scenarios. The first is when I am travelling and relying on free internet hotspots (eg. airports, Mc Donalds, hotels) and I want to safely do banking. Another is when I want to look at a website that is blocked by the network I am attached to. Finally, so that I can look like I am at home when I am not to a website that uses location data based on an IP address.<br />
<div>
<br /></div>
<div>
<br /></div>
<div>
<h3 style="text-align: center;">
What you will NEED</h3>
</div>
<div>
<ol style="text-align: left;">
<li>A working SSH server that you have remote access to. If you don't then have a look <a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/how-to-access-your-home-network-from.html" target="_blank">here</a>.</li>
<li>Firefox (you can do this without firefox if you install third party add-ons or are not using windows)</li>
</ol>
<h3 style="text-align: center;">
How to do it</h3>
</div>
<h4 style="text-align: left;">
Mac</h4>
<div>
Open a SSH session and create a dynamic port forward using the -D flag, you can also add the -C flag to compress the session, this probably wont help much since most web servers already compress the response. eg. <i>ssh luke@icitd.com -C -D 6666</i><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-Rmb0cR2q7i4/Ufq2hAH0YaI/AAAAAAAAMzA/QrBp2VKCkTA/s1600/CLI+SSH+-D.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="145" src="http://2.bp.blogspot.com/-Rmb0cR2q7i4/Ufq2hAH0YaI/AAAAAAAAMzA/QrBp2VKCkTA/s320/CLI+SSH+-D.png" width="320" /></a></div>
</div>
<div>
<h4 style="text-align: left;">
Windows</h4>
</div>
<div>
Open <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html" target="_blank">Putty</a>, enter your server details eg. <i>ssh luke@icitd.com</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-z5RKoI7fjLI/UlUqNbn9eII/AAAAAAAAOB0/vwDsd4LZWyg/s1600/Putty1.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="306" src="http://4.bp.blogspot.com/-z5RKoI7fjLI/UlUqNbn9eII/AAAAAAAAOB0/vwDsd4LZWyg/s320/Putty1.PNG" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Click SSH, Check 'Enable compression' </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-mXd_BNUt46Y/UlUqfMgSk7I/AAAAAAAAOB8/nBatrhyui4I/s1600/Putty2.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="http://3.bp.blogspot.com/-mXd_BNUt46Y/UlUqfMgSk7I/AAAAAAAAOB8/nBatrhyui4I/s320/Putty2.PNG" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div>
Expand SSH and click Tunnels</div>
<div>
Enter 6666 in the source port and select 'Dynamic'</div>
<div>
Click Add</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/--fLvii2jDzc/UlUq2y6PfII/AAAAAAAAOCE/JDDavPv0OaA/s1600/Putty3.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="309" src="http://2.bp.blogspot.com/--fLvii2jDzc/UlUq2y6PfII/AAAAAAAAOCE/JDDavPv0OaA/s320/Putty3.PNG" width="320" /></a></div>
<div>
(Optional) Click back on 'Session', enter a name for the session and click save</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-hoYvVlzfwwA/UlUrSqpJHUI/AAAAAAAAOCM/YceI27u3Gdk/s1600/Putty4.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="310" src="http://4.bp.blogspot.com/-hoYvVlzfwwA/UlUrSqpJHUI/AAAAAAAAOCM/YceI27u3Gdk/s320/Putty4.PNG" width="320" /></a></div>
<div>
<br /></div>
<div>
Click Open, Click Yes to accept the key if this is the first time you are connecting</div>
<div>
Enter your password (there will be no feedback when typing the password)</div>
<div>
You should get a black screen that says <username>@<hostmane>:~$ </div>
<div>
<br /></div>
<div>
Install Firefox, start it up then go to the settings page. These example screen shots are for windows but the process is very similar for mac or linux.</div>
<div>
<br /></div>
<div>
<ol style="text-align: left;">
<li>Click on the firefox menu on the top left, click options, click options<br /><div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-vwZ8vf_borg/UfqyFpDPovI/AAAAAAAAMyI/f6IdDcJwOto/s1600/Firefox+options+options.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="291" src="http://4.bp.blogspot.com/-vwZ8vf_borg/UfqyFpDPovI/AAAAAAAAMyI/f6IdDcJwOto/s400/Firefox+options+options.png" width="400" /></a></div>
</li>
<li>This will open the Options dialogue box<br />click the advanced icon at the top, click the network tab below the icons, click the settings box under Connection.<br /><div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-cL25ZXAIsXo/Ufqy4XRQdRI/AAAAAAAAMyQ/95sg6tFG2og/s1600/Firefox+advanced+network.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="400" src="http://4.bp.blogspot.com/-cL25ZXAIsXo/Ufqy4XRQdRI/AAAAAAAAMyQ/95sg6tFG2og/s400/Firefox+advanced+network.png" width="372" /></a></div>
<div style="text-align: left;">
</div>
</li>
<li>In the Connection settings box click Manual proxy Configuration, in the SOCKS host box type <i>localhost</i>, in the port box beside type a high order port (eg. 6666), click OK to close the Connections settings box, then again to close the options box.<br /><br /><div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-9rHKY33q4mQ/UfqzoUt7rVI/AAAAAAAAMyY/C2GwydYrjbs/s1600/Firefox+proxy+settings.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://2.bp.blogspot.com/-9rHKY33q4mQ/UfqzoUt7rVI/AAAAAAAAMyY/C2GwydYrjbs/s320/Firefox+proxy+settings.png" width="288" /></a></div>
</li>
<li>OPTIONAL: Firefox will still do the DNS lookups on your local network even though it then tunnels the web page over the SSH session. If you are paranoid and don't want your DNS lookups known then you can tell Firefox to do remote DNS lookups.</li>
<ol>
<li>In Firefox, enter <i>about:config</i> in the url bar, <i>click I'll be careful...</i><br /><br /><div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-Ug2wVdrH2hM/Ufq0-DC1bZI/AAAAAAAAMys/zt1EwYNZqOk/s1600/Firefox+about+config.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="290" src="http://2.bp.blogspot.com/-Ug2wVdrH2hM/Ufq0-DC1bZI/AAAAAAAAMys/zt1EwYNZqOk/s400/Firefox+about+config.png" width="400" /></a></div>
</li>
<li>In the search bar type <i>socks</i>, double click <i>network.proxy.socks_remote_dns</i> to change the value to <i>true</i>.<br />here<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-hC9hwvrrhbE/Ufq1jE6TdTI/AAAAAAAAMy0/KWy-iLFmJRs/s1600/Firefox+socks+dns.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="291" src="http://3.bp.blogspot.com/-hC9hwvrrhbE/Ufq1jE6TdTI/AAAAAAAAMy0/KWy-iLFmJRs/s400/Firefox+socks+dns.png" width="400" /></a></div>
</li>
<li>Now Firefox will do remote DNS queries.</li>
</ol>
</ol>
<div>
Thats all there is to it, now all your web traffic is encrypted between you and your home network. To external sites the traffic will seem to come from your home IP address. </div>
<div>
Happy browsing!</div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-31031193356716702772013-08-01T15:49:00.001+01:002013-08-01T15:49:29.865+01:00Mount NTFS as read/write in OSX Mountain Lion<div dir="ltr" style="text-align: left;" trbidi="on">
I hate Apple. Okay, I don't wholly hate them, but I hate how otherwise simple tasks in Linux or Windows become pains in the neck on OSX. I also hate how Apple deliberately and unabashedly devote their development and UI design to ensure that you, the consumer, are locked into the Apple ecosystem forever and ever, amen.<br />
<br />
Case in point? Something as simple as mounting NTFS devices as read/write. Apple should be absolutely and utterly ashamed that OSX didn't support this natively until only recently (OSX Mountain Lion), as basically any other respectable OS (Linux, BSD, Unix, Windows) could do so back in the year 2000. How Apple made it this far without being publicly humiliated for this simple lack of functionality, I don't know. But the good news is although its not supported via the GUI, we can now do so via a simple mount command.<br />
<br />
First, eject the NTFS disk(s) that appear in finder by clicking the eject button next to the partition/disk:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-dRI8vyAkyWQ/Ufp1ESkx7VI/AAAAAAAADkQ/QMprxLotnv4/s1600/Screen+Shot+2013-08-01+at+10.47.32+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="http://4.bp.blogspot.com/-dRI8vyAkyWQ/Ufp1ESkx7VI/AAAAAAAADkQ/QMprxLotnv4/s320/Screen+Shot+2013-08-01+at+10.47.32+AM.png" width="320" /></a></div>
<br />
<br />
Then open a terminal windows and run the following command:<br />
<br />
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;">sudo mount -t ntfs -o force,rw,nobrowse /dev/disk3s2 /media</span><br />
<br />
Where /dev/disk3s2 is the disk partition you're trying to mount and /media is the mount location. I just created /media using sudo mkdir /media since this directory does not exist inherently on OSX. Note that the force command and nobrowse commands are the key differentiators to mounting an NTFS disk in Linux.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-xrQnEJZV3wc/Ufpz6WbOTbI/AAAAAAAADkA/4yDTWCUCfjs/s1600/Screen+Shot+2013-08-01+at+10.41.01+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="254" src="http://1.bp.blogspot.com/-xrQnEJZV3wc/Ufpz6WbOTbI/AAAAAAAADkA/4yDTWCUCfjs/s320/Screen+Shot+2013-08-01+at+10.41.01+AM.png" width="320" /></a></div>
<br />
<br />
And then you're laughing. A super simple command, but it can save hours of headache.<br />
<br />
More to come later for OSX tips to allow you to actually use your Apple computer as a computer, and not as an Apple revenue generation machine.</div>
Matthttp://www.blogger.com/profile/16643874054667906596noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-28534629818003814942013-08-01T11:50:00.001+01:002013-08-01T11:51:13.610+01:00RDP over SSH<div dir="ltr" style="text-align: left;" trbidi="on">
If you want to remotely access your desktop when you are away from home then read on...<br />
<br />
While it is possible to just use your router to forward port 3389 to your desktop and then open an RDP session from anywhere, there are some distinct advantages to doing this over an SSH session.<br />
<br />
<h4 style="text-align: left;">
Compression</h4>
The first reason is the ability to compress the data stream. This will add some CPU overhead to both your client and server to compress and then decompress the data. In my experience this extra CPU usage is tiny, even when using a <a href="http://www.raspberrypi.org/" target="_blank">Raspberry PI</a> the CPU can easily handle it. The effect on the usability of the RDP session, on the other hand, is massive. This all depends on the upload speed from your network but an uncompressed session is generally pretty unusable, where a compressed session is comparable to a local session over a LAN.<br />
When connecting your SSH session you can specify the -C flag. This flag tells your client and server to compress the data that is sent over the network. This will reduce the amount of data flowing out from your home network (a plus if this is counted towards your monthly data allowance) by compressing the data.<br />
<br />
<h4 style="text-align: left;">
Security</h4>
<div>
The RDP protocol was never designed to be Internet facing, if you google it you will find a number of ways to brute-force or dictionary attack the password to gain access. By using SSH you can implements key based authentication to ensure far better security.</div>
<div>
<br /></div>
<h2 style="text-align: center;">
So how do I do it?</h2>
<div>
I am assuming that you have a working SSH server and have remote access to this server. If you don't then have a look <a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/how-to-access-your-home-network-from.html" target="_blank">here</a>. You can also install <a href="http://www.cygwin.com/" target="_blank">cygwin</a> on your desktop to have an all-in-one solution.</div>
<div>
<br /></div>
<div>
When you establish your SSH session you need to tell it to do 2 things; compress the session and create a port forward for the RDP session.</div>
<div>
You specify compression with the -C flag on the command line and in PuTTY click on SSH on the left, then check "Enable Compression".</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-_pjoT7HeYWU/Ufo1Cm5LviI/AAAAAAAAMvk/0GYV1M1WKW8/s1600/Command+line+compression.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="197" src="http://4.bp.blogspot.com/-_pjoT7HeYWU/Ufo1Cm5LviI/AAAAAAAAMvk/0GYV1M1WKW8/s400/Command+line+compression.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-g_Ei357-4_0/Ufo1CtlknNI/AAAAAAAAMvg/EW_38niuj3o/s1600/PuTTY+compression.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="http://1.bp.blogspot.com/-g_Ei357-4_0/Ufo1CtlknNI/AAAAAAAAMvg/EW_38niuj3o/s320/PuTTY+compression.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
The next thing to do is set up the port forward. This works by creating a link between 2 ports one on your client to another on your server. This means any traffic that goes to the local port will travel to your SSH server over the SSH tunnel, then the server will forward it to the destination on your LAN.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<h4 style="text-align: left;">
Unix/Mac</h4>
<div>
The command looks like this: <span style="color: red;">-L</span> <span style="color: #6aa84f;">5566</span>:<span style="color: blue;">192.168.0.5</span>:<span style="color: #674ea7;">3389</span>. Here is what each part of the command means:</div>
<div>
<br /></div>
<div>
<b><span style="color: red;">-L</span> </b>- Local port forward, we are forwarding a local port on our client to the server.</div>
<div>
<span style="color: #6aa84f; font-weight: bold;">5556 </span>- The local port to be forwarded is 5556 (in this example)</div>
<div>
<span style="color: blue;"><b>192.168.0.5</b> </span>- The IP address of your desktop on your LAN (you could use a hostname if your SSH server can resolve it)</div>
<div>
<span style="color: #674ea7;"><b>3389</b> </span>- The remote port that the traffic will exit on</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-LM0O8WC5IdI/Ufo7_v-ipWI/AAAAAAAAMv4/HxUkok9KCIM/s1600/CLI+Port+forward.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="178" src="http://4.bp.blogspot.com/-LM0O8WC5IdI/Ufo7_v-ipWI/AAAAAAAAMv4/HxUkok9KCIM/s400/CLI+Port+forward.png" width="400" /></a></div>
<div>
<br /></div>
<h4 style="text-align: left;">
Windows/PuTTY</h4>
<div>
In PuTTY you specify the same details in a slightly different way. Expand "SSH" in the left panel, then click "Tunnels". Enter your local port <span style="color: #6aa84f;">5566</span> into the "Source Port" box, then enter <span style="color: blue;">192.168.0.5</span>:<span style="color: #674ea7;">3389</span> into the "Destination" box. Don't forget to click "Add"!</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-WeDWbBuPpms/Ufo8DvsBwhI/AAAAAAAAMwE/XI3jB3rStOU/s1600/PuTTY+Port+forward.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="309" src="http://2.bp.blogspot.com/-WeDWbBuPpms/Ufo8DvsBwhI/AAAAAAAAMwE/XI3jB3rStOU/s320/PuTTY+Port+forward.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-MrwXhM6YOp0/Ufo8Dl4YmcI/AAAAAAAAMwA/QbeLh5ilLmU/s1600/PuTTY+Port+forward+1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="http://1.bp.blogspot.com/-MrwXhM6YOp0/Ufo8Dl4YmcI/AAAAAAAAMwA/QbeLh5ilLmU/s320/PuTTY+Port+forward+1.png" width="320" /></a></div>
<h4 style="text-align: left;">
Connecting your RDP sesison</h4>
<div>
Now the easy bit, open up the Remote Desktop client and connect to localhost:5556. This will tell the client to connect to your local machine on port 5556, since we have forwarded that port to port 3389 on our home computer this will create a connection home.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-7PksSlDpCQ4/Ufo9Dt7uGOI/AAAAAAAAMwU/1se4eFe9uuA/s1600/MSTSC+localhost5556.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="197" src="http://2.bp.blogspot.com/-7PksSlDpCQ4/Ufo9Dt7uGOI/AAAAAAAAMwU/1se4eFe9uuA/s320/MSTSC+localhost5556.png" width="320" /></a></div>
<div>
<br /></div>
Enter your user name and password and you will be looking at your home desktop!<br />
<div>
<br /></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-73361856547957319592013-08-01T00:09:00.000+01:002013-08-01T21:10:15.707+01:00How to access your home network from anywhere safely<div dir="ltr" style="text-align: left;" trbidi="on">
I have been asked by friends and colleagues how to do this on a number of occasions so I thought I would put a step-by-step guide together.<br />
<br />
<h3 style="text-align: center;">
Why would you want to do this??</h3>
<div>
There are a number of reasons that I do this on a regular basis. Here are some:</div>
<div>
<ol style="text-align: left;">
<li>RDP to my Windows VM at home</li>
<li>Browse the internet safely from an unsafe location (eg. airport, internet cafe)</li>
<li>Look for files on my NAS</li>
<li>Download or upload files to my NAS</li>
<li>Start a download whilst I am not home so it is finished when I get home</li>
<li>Remote access to my home lab environment</li>
<li>Circumvent the security of the network I am currently connected to (eg. Facebook/ebay/etc. at work)</li>
</ol>
<div>
If this sounds like something you need to do then read on...</div>
</div>
<br />
<h3 style="text-align: center;">
Things you will NEED</h3>
<div>
<ol style="text-align: left;">
<li>SSH server (physical computer, old laptop/netbook, apple tv, NAS, old android phone)</li>
<li>Router that is configured to forward SSH traffic to your server</li>
<li>Static IP address <b>OR </b>a DDNS hostname (something like <a href="http://dyn.com/dns">dyn.com/dns</a> or <a href="http://www.noip.com/">www.noip.com</a>. There are heaps of options)</li>
</ol>
<div>
If you already have these things set up then go on to How to use<br />
<br /></div>
<h3 style="text-align: center;">
Setup</h3>
</div>
<div>
Set up your SSH server. The example I will give here is for Ubuntu but should apply to most distros.</div>
<div>
<ol style="text-align: left;">
<li>Install Ubuntu (I wont cover this since Ubuntu do an excellent job of that themselves <a href="https://help.ubuntu.com/lts/serverguide/installation.html" target="_blank">here</a>)</li>
<li>Set a static IP address for your server on your LAN eg. 192.168.0.x</li>
<li>Install OpenSSH Server (Again <a href="https://help.ubuntu.com/lts/serverguide/openssh-server.html" target="_blank">Ubuntu doco</a> is excellent)</li>
<li>Forward traffic coming from the internet on port 22(SSH port) to your the internal IP address you previously assigned to your SSH server.</li>
<ul>
<li>The process to do this is different for all routers, have a look at your routers doco or google it</li>
</ul>
<li>OPTIONAL: A lot of networks will block traffic leaving on port 22, this will mean that you will not be able to SSH to your home server if you are listening on the standard port. The solution to this is to make your SSH server listen for connections of port 443(SSL) I haven't found any networks yet that have 443 blocked. Read below for instructions</li>
</ol>
<div>
<br /></div>
</div>
<h3 style="text-align: center;">
Changing the port your server listens on</h3>
<div style="text-align: left;">
<span style="text-align: left;">There are 2 ways to do this:</span></div>
<div style="text-align: left;">
<ul style="text-align: left;">
<li>If your router can forward incoming port 443 to your SSH server on port 22, you're in luck. Just set that up and all external traffic on port 443 will be passed to your server on port 22.</li>
</ul>
<br />
<ul style="text-align: left;">
<li>If your router can't do this port translation then you need to configure it to pass the traffic on 443 to your SSH server, then make your server listen on port 443.</li>
<ol>
<li>Make a backup of your configuration file using these commands<br /><i>sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original<br />sudo chmod a-w /etc/ssh/sshd_config.original</i></li>
<li>Edit your sshd_config file, find the line Port 22, make sure it is uncommented and change the 22 to 443 (you can listen on multiple ports by having multiple Port commands in the config file) I use nano to edit files from the command line, but you could use vim, just remember to sudo.<br /><i>sudo nano /etc/ssh/sshd_config</i><div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-5vMCvy0v1ZY/UfmJbGcJ62I/AAAAAAAAMtk/RX0Cl_vphEI/s1600/nano+sshd_config.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="218" src="http://4.bp.blogspot.com/-5vMCvy0v1ZY/UfmJbGcJ62I/AAAAAAAAMtk/RX0Cl_vphEI/s400/nano+sshd_config.png" width="400" /></a></div>
</li>
<li>Save the file by pressing ctrl-x, y, enter</li>
<li>Then restart your ssh server. (This won't kill any active SSH sessions)<br /><i>sudo service ssh restart</i></li>
<li>Test that your SSH server is working by typing <i>ssh localhost -p 443. </i>This should prompt you for your password then drop you at a bash prompt. Press crtl-d to exit the session.</li>
</ol>
</ul>
<br />
<ul style="text-align: left;"><ol>
</ol>
</ul>
<div>
<h3 style="text-align: center;">
How to use this wonderful new thing</h3>
</div>
<div>
From an external network do the following:</div>
<h4 style="text-align: left;">
Unix - including Mac</h4>
<div>
If you have an unix based OS then you probably already have all the tools you need to connect to your server. </div>
<div>
<ul style="text-align: left;">
<li>Open up a terminal (on a mac press CMD+Space, then type terminal, hit enter)</li>
<li>Enter into your terminal <i>ssh <your user name>@<your IP or hostname> -p port</i></li>
<ul>
<li>For example: ssh luke@icitd.com -p 443</li>
<li>The -p tells your ssh client to use port 443 for the connection (if you are using port 22 then you can leave this out)<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-Mfww_epJKIo/UfmV8WbiJgI/AAAAAAAAMuM/y2Nc6cTgOsc/s1600/SSH+client+unix.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="184" src="http://2.bp.blogspot.com/-Mfww_epJKIo/UfmV8WbiJgI/AAAAAAAAMuM/y2Nc6cTgOsc/s320/SSH+client+unix.png" width="320" /></a></div>
</li>
</ul>
<li>The first time you connect you will get asked if you want to add the servers fingerprint to your local known hosts file. Type <i>yes</i> and press enter</li>
<li>Enter in your password (Note. no characters will show when you are typing your password, not ever *'s)</li>
<li> .. and you should be connected to your home server :) Give yourself a pat on the back.<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-l_e-1CMUuI0/UfmWjwZiM0I/AAAAAAAAMuU/ekCO7sCbxbQ/s1600/SSH+client+unix+1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="227" src="http://1.bp.blogspot.com/-l_e-1CMUuI0/UfmWjwZiM0I/AAAAAAAAMuU/ekCO7sCbxbQ/s400/SSH+client+unix+1.png" width="400" /></a></div>
</li>
</ul>
<h4 style="text-align: left;">
Windows</h4>
</div>
<div>
<ul style="text-align: left;">
<li>Download and install PuTTY - <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html" target="_blank">PuTTY download page</a> - <a href="http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.62-installer.exe" target="_blank">Direct link to the installer</a></li>
<li>In the hostname box enter <i><your user name>@<your IP or hostname></i>. eg. luke@icind.com</li>
<li>In the port box enter the port number you are using (22 is default, 443 if you're following my guide)<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-fWyR-QlP2w4/UfmRugrVKqI/AAAAAAAAMtw/mUY_L3P2jjo/s1600/Putty.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="http://3.bp.blogspot.com/-fWyR-QlP2w4/UfmRugrVKqI/AAAAAAAAMtw/mUY_L3P2jjo/s320/Putty.png" width="320" /></a></div>
</li>
<li>Click open</li>
<li>Enter your password when prompted (Note. no characters will show when you are typing your password, not ever *'s)</li>
<li>You should now be connected to your home SSH server :) Give yourself a pat on the back.<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-Y2VyR94Dk24/UfmSgzIIvJI/AAAAAAAAMt8/Q8lJ3BKfjWQ/s1600/Putty+prompt.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="201" src="http://1.bp.blogspot.com/-Y2VyR94Dk24/UfmSgzIIvJI/AAAAAAAAMt8/Q8lJ3BKfjWQ/s320/Putty+prompt.png" width="320" /></a></div>
</li>
</ul>
<h4 style="text-align: left;">
Android</h4>
</div>
<div>
<ul style="text-align: left;">
<li>Open the play store and install <a href="https://play.google.com/store/apps/details?id=org.connectbot" target="_blank">ConnectBot</a></li>
<li>Open ConnectBot</li>
<li>In the username@hostname:port box enter <i><your user name>@<your IP or hostname>:<port>, </i>eg. luke@icitd.com:443 (the port can be left off if you are using port 22)<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-r3p0wTmqgKA/UfmYhTNUO1I/AAAAAAAAMu4/Y_La7RwVejo/s1600/Android+connectbot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://1.bp.blogspot.com/-r3p0wTmqgKA/UfmYhTNUO1I/AAAAAAAAMu4/Y_La7RwVejo/s320/Android+connectbot.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
</li>
<li>Tap Done, enter your password when prompted.</li>
<li>You should now be connected to your home SSH server :) Give yourself a pat on the back.<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-QvaL93D7en8/UfmYhCkzD0I/AAAAAAAAMu8/KvElJQgl7C8/s1600/Android+connectbot+1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://2.bp.blogspot.com/-QvaL93D7en8/UfmYhCkzD0I/AAAAAAAAMu8/KvElJQgl7C8/s320/Android+connectbot+1.png" width="180" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
</li>
</ul>
<h4 style="text-align: left;">
iPhone</h4>
</div>
<div>
<ul style="text-align: left;">
<li>Your outa luck here. I don't have nor have ever had an iPhone so I can't help you. Your good mate google can probably help out though ;)</li>
</ul>
<div>
<br /></div>
</div>
<h3 style="text-align: center;">
Now What?? How do I do all the cool stuff you listed above?</h3>
<div>
Read the following articles, thats how!</div>
<div>
<br /></div>
<div>
<a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/rdp-over-ssh.html" target="_blank">RDP over SSH</a></div>
<div>
<a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/socks-proxy-over-ssh-or-safely-browse.html" target="_blank">Socks proxy over SSH</a> (safely browse on unsafe connection)</div>
<div>
<a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/upload-and-download-files-over-ssh.html" target="_blank">Upload and download files over SSH</a></div>
<div>
Remote torrent - coming soon</div>
<div>
Get around IT/network security - see <a href="http://icecreaminthedungeon.blogspot.co.uk/2013/08/socks-proxy-over-ssh-or-safely-browse.html" target="_blank">Socks Proxy</a>.</div>
<div>
<br /></div>
<h3 style="text-align: center;">
Security</h3>
<div>
Coming soon</div>
<div>
<br /></div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0tag:blogger.com,1999:blog-4737974735665511407.post-4702576020079164142013-07-31T22:15:00.000+01:002013-08-01T00:31:47.705+01:00SSH - add port forward to current session<div dir="ltr" style="text-align: left;" trbidi="on">
How many times have you had an active SSH session then realise that you have forgotten to forward a port that you now need? Heaps I'm sure. Well this little nugget of information will save you opening another session just for a port forward.<br />
<div>
<br /></div>
<div>
From the current open session at the command prompt just type ~C (that is tilda followed by capital c, on a US keyboard its the key to the left of 1)</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-Qe0A_JYnoMI/Ufl6uVlfO3I/AAAAAAAAMsw/xYFO9grC6qk/s1600/SSH+modify+session.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="281" src="http://1.bp.blogspot.com/-Qe0A_JYnoMI/Ufl6uVlfO3I/AAAAAAAAMsw/xYFO9grC6qk/s400/SSH+modify+session.png" width="400" /></a></div>
<div>
This will bring up the ssh> prompt where you can type in you new port forwarding command. You do this just as you would when creating the port forward in the first place, eg. -L 8080:localhost:8080 to forward everything on port 8080 to your ssh server. </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-MAswUBs49cY/Ufl8fx24NSI/AAAAAAAAMtA/7bJ02OmMj1E/s1600/SSH+Modify+session+1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="281" src="http://1.bp.blogspot.com/-MAswUBs49cY/Ufl8fx24NSI/AAAAAAAAMtA/7bJ02OmMj1E/s400/SSH+Modify+session+1.png" width="400" /></a></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/07347187868020303677noreply@blogger.com0