• ssh how to verify your host key / avoid MIM attacks


    SSH helps keep us secure in many ways, one of those is the host-key fingerprint which is unique. If you have been connecting to an SSH server that you've made no changes to and suddenly ssh warns that the key doesn't match then you have a problem. But how about connecting to an existing server for the first time on a new machine or client? A lot of new clients calculate it using an SHA256 hash but it is not as easy on your host machine to produce the sam........
  • How to encrypt your SSH private key file id_rsa


    ssh-keygen -p -f /path/to/your/id_rsa Enter new passphrase (empty for no passphrase): After that your rsa private key will be encrypted which is a layer of protection and security in the event that somehow someone acquires your key and tries to access servers that the key is authorized on.........
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution


    If you get error messages like this it is usually because /var/run/sshd does not exist. root@userbox:/# service sshd status ‚óŹ ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab Active: failed (Result: start-limit-hit) since Wed 2019-04-10 02:24:44 EDT; 1 Process: 511 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)........
  • SSH Keep Alive To stop Disconnections


    Are you tired of coming back to your computer only to find your SSH connections have been broken? Even worse are the ones that hang where it appears to be connected but it is really not. The one option you have is an SSHclient side modification to send KeepAlive packets, sometimes this can also keep up your WiFi connection and stop it from disconnecting you as well. To make the keep alive changes for your just yourself (not system wide)........
  • Cisco CUCM Unified Communication Manager Howto Guide and Tutorials


    Shutdown/restart the actual server utils system shutdown utils system restart show hostname show myself change set or reset password set password user [username] set hostname set network hostname service management........
  • SSH persistent and automatic login script for proxy


    #!/bin/bash sshcommand="ssh -N -R 20000:localhost:22 user@8.8.8.8" result=`ps aux|grep $sshcommand"|grep -v grep` if [ -z "$result" ]; then echo "we are going to connect" $sshcommand else echo "we are already connected" fi This is a handy script you can use and then add it to cron. Save........
  • SSH proxy/command in the background or from cron script


    If you have an SSHproxy that you need to run automatically from cron you will need it in the background to work. ssh -N -D 22000 user@domain.com Basically the -N let's it continue running in the background.........
  • ssh reverse proxy to enable remote access behind a LAN and firewall


    So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
  • Cisco Router Setup Guide and Tutorial Howto With Commands and Examples


    In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up. In my case the first goal is often connectivity with the LAN and WAN. LAN = your local area network (eg. in the office/home ) WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet). In these examples I as........
  • VBOX VirtualBox How To Import Raw .img Disk File


    What you need to do if you have taken a dd or real raw image dump of a hard disk: VBoxManage convertdd windows2019-eval-template.img windows2019.vdi --format VDI The .img is the raw dd dump and the .vdi is the output file. --format VDIspecifies to output to .vdi format If you are in a pinch you can always use qemu-kvm binary and manually specify the .img as your disk and i........
  • SSH error cannot Forward or Listen "bind: Cannot assign requested address"


    debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006 debug1: Local forwarding listening on 127.0.0.1 port 18006. debug1: channel 0: new [port listener] debug1: Local forwarding listening on ::1 port 18006. bind: Cannot assign requested address What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
  • X11 SSH Linux Forwarding Error


    Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket. The solution for me on the server side was the following in sshd_config: AddressFamily inet *Remember to restart sshd and also reconnect from the client side. Ihad all the normal X11 settings on the server but it just stopped........
  • iptables linux firewall recommended rules for public computing


    Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything): # Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018 *nat :PREROUTING ACCEPT [160:19844] :INPUT ACCEPT [4:357] :OUTPUT ACCEPT [2955:182236] :POSTROUTING ACCEPT [2955:182236] COMMIT # Completed on Fri Dec 14........
  • Debian 9 SSH root password authentication failure password not working problem / solution


    In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password. The logs also indicate the password is wrong but what is often the case is in the config file Check /etc/ssh/sshd_config cat /etc/ssh/sshd_config|grep -i permitrootlogin Make sure it says: PermitRootLogin yes If not change it and restart SSH........
  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system. The key commands or arguments you will use with systemctl are the following: Unit Commands: list-units [PATTERN...] List loaded units &nbs........
  • What is /dev/pts and why do we need it in Linux?


    A quick check in /dev/pts shows a lot of entries but what are they for?: ls /dev/pts 0 10 12 14 16 18 2 21 23 25 27 29 30 32 4 6 8 ptmx 1 11 13 15 17 19 20 22 24 26 28 3 31 33 5 7 9 Basically they are pseudo-termi........
  • zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more


    zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user. It could also be helpful in just notifying a user when they login with a popup window. I'll give an overview of what's available with zenity: Application Options: --calendar Display calendar dialog --entry Display tex........
  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~] BootModuleConfig.sh echo host-ind nfcd........
  • Linux Mint 18 Screen Goes Dark or Black After Screensaver or even when using the Desktop Solution


    You can search for this bug and it seems like it may be related to ecryptfs and is many years old. The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back. But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot. There is a simple solution: Ctrl + Alt + F1 Ctrl +Alt + F8 Ba........
  • Relocating modules and starting up the kernel - VMWare ESXi 6.7 Error and Solution


    I had this error in an unsupported CPUon VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not). To make sure it proceed when you see "Loading VMWare" Hit "Shift+O" Then add "ignoreHeadless=TRUE" See an example below:........
  • VMWare 6.7 VCSA VSphere ESXi Management SSO Install Guide on Linux using the CLI


    #mount the VCSA DVD mount /dev/sr0 /mnt/cd #alternatively you could mount the iso directly mount -o loop vcsa.iso /your/mount/path #for this purpose we are using the CLI installer on Linux cd /mnt/cd/vcsa-cli-installer/lin64 #no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file ./vcsa-deploy Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
  • not allowed to execute '/usr/bin/apt-get install eclipse' as root linux sudo user permisson issue and solution


    This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files: Now assume your username is "iamtheuser" vi /etc/group adm:x:4:syslog,iamtheuser sudo:x:27:anotheruser,iamtheuser Find the above lines and add a comma and "ia........
  • sign_and_send_pubkey: signing failed: agent refused operation - SSH Solution


    sign_and_send_pubkey: signing failed: agent refused operation This happens when you don't manually add your ssh key with ssh-add it is some weird new feature in SSH or Ubuntu/Debian that causes this weird problem. Solution: ssh-add Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)........
  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication


    One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have. Edit your /etc/ssh/sshd.conf file Set this option PasswordAuthentication no Restart your SSH server. service sshd restart ........
  • Linux How To Clone One System Harddrive to another remote system


    The easiest way is to use SSHand DD or a combination of netcat. SSHwill be a little slower due to encryption but is the most secure way (on two older systems the average clone speed is about 40-50MB/s). This is also OS independent as it doesn't matter what the source OS is because you are literallly cloning the drive so you retain the partition table and settings. Clone HDD using SSH and DD........
  • Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss Solution


    ssh rtt@192.168.1.199 Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss It looks like the DSS option is not considered secure so when connecting from newer Linux systems to an older one you will get the above error. It can be fixed (but you should consider upgrading your SSH daemon): ssh -oHostKeyAlgorithms=+ssh-dss rtt@192.168.1.199........
  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution


    First of all I got this error after accidentally messing up my usergroup by using usermod -G user group When I would login using SSHkeys it would fail: sshd[2020]: Authentication refused: bad ownership or modes for directory /home/one No worries, the fix is simple! chmod g-w /home/use........
  • kdenlive - No LADSPA plugins were found! Check your LADSPA_PATH environment variable. [producer_xml] failed to load transition "qtblend"


    This happens if you are running a kdenlive script from the shell of a remote machine without using SSH "-X" forwarding and it will also cause any areas where you write text to be a white screen for that duration. melt FusionFestival.kdenlive No LADSPA plugins were found! Check your LADSPA_PATH environment variable. [producer_xml] failed to load transition "qtblend" [producer_xml] failed to load transition &q........
  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian


    Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access). 1. Edit /etc/ssh/sshd_config Find the section like this:........
  • rsync specify alternate port non-standard port than 22


    It is not obvious but the rsync --help rsync --help|grep port --port=PORT specify double-colon alternate port number --port does not do anything at all actually for some strange reason it still uses 22 You have to specify a manual ssh command to make it work: -e 'ssh -........
  • [1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900 W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin


    [1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900 W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo I've been getting those errors on a J3455 NUC box with the latest kernel on Linux Mint 18.2. When updating the initramfs I also got the error about the firmware........
  • rsync run as root sudo without password


    This is a common issue, what if a issue shouldn't have root but you want to use that user to make a full backup of a system? They of course need root access. You can actually just give them passwordless sudo access to rsync in /etc/sudoers: sudo vi /etc/sudoers yourusername ALL = NOPASSWD: /usr/bin/rsync Here is how you would execute rsync: The key thing for the remote host is to........
  • ssh forward multiple ports in the same connection and command even works with NAT!


    You can actually just pass multiple "-L" statements to achieve this. An example is as below: ssl -L 80:192.168.10.5:80 -L443:192.168.10.5:443 -L2068:192.168.10.5:2068 -L 8192:192.168.10.5:8192 user@remotehost.com The above essentially is saying forward ports 80,443,2068,8192 to the remote IPof 192.168.10.5 (even though it is behind NAT). Essentially SSH will do the NAT part even if the........
  • Avocent DSR8020 KVM/IP - Network Connect Error - Solution


    This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it. 1. Java Security/TLS Settings issue: This article has the solution to change them all in Linux automatically 2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
  • sshd[10470]: Authentication refused: bad ownership or modes for directory /root


    This can be a case of bad permissions or modes as the error says. Normally one would assume permissions but often a script may change ownership of /root to something else. This was the case half the time I've encountered this. So in short make sure ownership is correct chown -R root.root /root........
  • Ubuntu/Debian OpenVZ Template Problems No Networking and SSH not starting


    It all comes down to a bug essentially where you are running an older kernel that doesn't support the newer Debian templates. The solution is to update your OpenVZ kernel. Here are some symptoms of the problem/lack of kernel support: Ubuntu Template 12.04 requires a manual network start: service networking start sshd will not start: /usr/sbin/sshd PRNG is not seeded mknod /dev/random c 1 8........
  • cp copy all contents of directory to another one including hidden files and folders howto


    cp -a /your/source/. /your/dest/ -a preserves all file atributes and symlinks the "." at the end of /source/ includes all hidden files such as .htacess, .bash_history, .ssh etc.. The / in /dest/ makes sure the contents go into it instead of replacing /dest itself (eg. if you did not have the / at the end).........
  • vi Debian Linux Ubuntu Mint arrow key problem linux ssh bash shell terminal


    Debian/Ubuntu vi keyboard problem, up and down arrows do not work and instead make an A (Up), B (Down), C (Right) or D(Left). The working solution (you could also add the set nocompatible to /etc/vim/vimrc to make it system wide-will not be applied until reboot I believe): echo "set nocompatible" > ~/.vimrc some suggest entering this in vi but it did not work for me: :set term=cons25 The........
  • How to manually save bash history


    This is useful in the case you are not properly logged in via an OpenVZ session or even a normal SSH session that you fear may go down(if the connection is broken the history is not saved). Save your bash_history like this: history -w ~/.bash_history You can always change the above to another file eg /tm........
  • Centos cannot login by console or ssh session closed immediately


    In my case I could login with the initial install but I rsync'd everything over while preserving ownership and permissions to another RAID partition and booted from that.was fine before. The problem is that you are kicked out the second you login and the problem was SELINUX for some reason (perhaps it noticed something strange when it was moved to the new partition) login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) login: ROOT LOG........
  • Installing zoneminder on Ubuntu/Debian Linux Howto


    sudo apt-get install zoneminder [sudo] password for one: Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libuser-perl python-evince kdebase-apps kwrite unixodbc libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp python-mediaprof........
  • ssh session and port forward or reverse port matching or assocation howto


    Use netstat with the -anpe option. The e option shows the inodes and I do not know if it will always work or if it was by fluke but I was dealing with dozens of SSHsessions and needed to know which session was related to which forward (the PIDs of the SSHand SSHD did not match etc...) Notice the "59560675" and "59560762" those are almost identical, if you find two sets that are nearly identical except for the last 3 digits they may match (in my ca........
  • Centos scp or sftp program missing solution/what rpm provides them


    You need the "openssh-clients" package which contains sftp and scp. yum -y install openssh-clients........
  • CPanel Link to all of the command line options


    CPanel says you can access 98% of the functions through CLI which experienced Unix/Linux admins prefer for simplicity and for scripting.  I've never found CPanel easy to use from the admin panel, it seems everything is hard to find and a simple task becomes a series of hunts. So for people like me here's the list: http://cpanel.net/system-administrators/command-line-scrip........
  • Ubuntu Linux Slow/Delayed SSH ping response Solution


    I've only ever seen this in Ubuntu for some reason and it is because of the /etc/nsswitch.conf settings. So the issue is that if the hostname's reverse DNS cannot be found that you need to go back to DNS which was not the default in this nsswitch.conf file for some strange reason. Edit /etc/nsswitch.conf and replace your "hosts" line with this: #hosts: files dns mdns4_minimal [NOTFOUND=return] mdns........
  • yum error installing php solution - exclude php from being installed from third party repos


    Error: Package: php-Monolog-dynamo-1.7.0-1.el6.noarch (epel) Requires: php-aws-sdk Error: php-pecl-zendopcache conflicts with 1:php-eaccelerator-0.9.6.1-1.el6.x86_64 Error: php-xcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64 Error: php-pecl-zendopcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64 Error: Package: php-horde-Horde-Vfs-2.1.2-2.el6.noarch (epel) &n........
  • cPanel VPS Server Cannot Login as root


    I was worried the server was hacked, I was logged in already as root but couldn't login to CPanel or a new SSHsession. I even reset the password from the shell and it did not work still. The reason is CPanel Hulk, it detected a brute-force attack so it locked down the root account entirely even from the correct password. According to cPanel the best way around this is to whitelist your IP.........
  • SSH HowTo Create Port Forwards


    ssh -L 5905:localhost:5900 root@yourserver.com The "-L" means to create a port forward to a port on your server. The 5905 means the port on your computer that will be used to access the port 5900 on the remote server. localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
  • openssh-server has no installation candidate Debian/Ubuntu Solution


    Idon't know why but some installations don't have this in the database by default. To fix it to an: sudo apt-get update;sudo apt-get install openssh-server and then it will work........
  • Android how to copy rsync binary to main system for use in shell/ssh


    Install rsync4randroid and in the shell/ssh do this: ln -s /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/rsync........
  • pxe-32 tftp open timeout


    pxe-32 tftp open timeout The solution was to enable tftp in xinetd with "chkconfig tftp on". See the troubleshooting below: chkconfig --list NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off&n........
  • Execute Local Bash Scripts remotely by SSH


    for ip in `cat fixlist.txt`; do sudo -u apache ssh root@$ip "`cat iptablesrules.sh`" done In the above example we are going to execute the commands within the local file "iptablesrules.sh" on all the machines in "fixlist.txt". This is a great way of performing server maintenance in a clustered or cloud environment.........
  • iptables redirect ports to a different host and port + NAT Masquerade howto/solution


    This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers: Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs). iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22 Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
  • Ubuntu Download Packages/Updates for EOL Unsupported Old Releases


    I installed Ubuntu 11.04 for testing purposes but I couldn't even download SSH server: sudo sed -i -e 's/us.archive.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list After running the above make sure you do a "apt-get update" Note with the above that Ihave the search string of "us.archive.ubuntu.com" change it to whatever is in your sources.list The above does not fix all repositories either, I haven't had a chance t........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • Disable SELinux How To Tutorial Solution


    Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality. The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot. The second line disables it permanently. #!/bin/bash #disable SELinux Immediately echo 0 > /selinux/enforce #disable SELinux Permanently sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
  • Linux/Centos how to block SSH bruteforce/dictionary attacks automatically with denyhosts


    A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH. Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you? This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
  • HowTo Migrate and Import iPhone/Outlook Contacts into Android without using GMail using .vcf files


    I searched for days after getting my Galaxy Note and couldn't find a way to do this (at least not without buying programs for either Android/Windows). All I read was ways to sync and import the contacts to GMail but I don't want to use GMail for privacy reasons. GMail/Google steal all of your personal information and use it for whatever purposes they want to and may sell or release it to who knows where (I don't care what their policy says but this stuff happens), just like the default........
  • SSH error slow login debug1: An invalid name was supplied Cannot determine realm for numeric host address - Solution


    debug1: An invalid name was supplied Cannot determine realm for numeric host address debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3 debug1: An invalid name was supplied Cannot determine realm for numeric host address debug1: An invalid name was supplied A parameter was malformed Validation error Solution, disable auth from the ssh client (this is a client side error)........
  • OpenVPN don't use bridgestart.sh or bridge at all use iptables


    I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH. I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0: iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE Replace "192.168.200.0/24" with your subnet of cour........
  • iPhone Restore/Backup Location of Notes and Contact/Address Book


    *Make sure that the ownership is 501.501 or mobile.mobile when copying back (especially if using ssh or sftp as root on the iPhone) otherwise things will break. Eg. the contacts will be blank even after trying to update due to incorrect ownership/permissions. iPhone Notes Location/Restore: /private/var/mobile/Library/AddressBook AddressBookImages.sqlitedb AddressBook.sqlitedb Once you restore the contacts and restar........
  • scp not found - solution


    Some minimal installs of Centos may be missing the scp command, which is actually part of the "openssh-clients" package. scp not found yum install openssh-clients........
  • Linux Out of Memory OOM Object Killer Solution "Out of memory: kill process 1955 (sshd) score 81 or a child"


    I had a system running a 128MB live CD image with 2.8 gigs of available RAM and the OOM kernel killer went crazy when using dd for more than 8 minutes and kept killing everything. I've read that this is due to a low-memory issue and paging in the kernel and 32-bit systems with lots of RAM. I even enabled swapspace on my LiveCD and the issue happened 25 minutes into dd rather than 8 minutes, so what gives? Also no swap space was ever used! cat /proc/s........
  • iPhone 3G/3GS/4 Undelete Photos/Videos Datarecovery


    I found this technique listed in many places which shows you how to use a common Linux tool "dd" to dump the raw partition of your iPhone. I give credit to this site for showing me the correct way to dd from the iPhone, I never thought to try it in the other direction:http://log.ijulien.com/post/182804914/iphone-3gs-data-recovery Requirements 1.) Jailbreak your........
  • ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory solution


    ls ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory This is not an ldd problem or case of anything missing, this only happened after I upradedUbuntu. declare -x PATH="/home/user/bin:/usr/local/bin:/usr/bin:/bin:/usr/games" "/home/user/bin" is the problem! It's weird because I have no idea how it happened.........
  • SSH Tunnel Dynamic Proxy Stops Working Right Away even with Root and High Port


    I keep getting messages like this shortly after using the proxy (it works for a few seconds/page loads and then stops): channel 12: open failed: administratively prohibited: open failed I'm not sure what the issue is unless there's some kind of hardware firewall on the other end. I've used this exact configuration on multiple servers with no issue and even disabled iptables etc..........
  • sshfs cannot unmount error: device is busy. (In some cases useful info about processes that use the device is found by lsof(8) or fuser(1))


    umount: /home/diret/mount: device is busy. (In some cases useful info about processes that use the device is found by lsof(8) or fuser(1)) I tried everything (fusermount -u) to unmount it but the only thing that worked was actually doing this: ps aux|grep sshfs Then I identified the sshfs connection and did: kill -kill pid........
  • sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys


    sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys I made sure the entire .ssh subdir is owned by the user root (this is root's account); chown -R root.root .ssh chmod 600 .ssh/authorized_keys but it still doesn't work and gives me the same message sshd[7339]: Authentication refused: bad ownership or modes for directory /root chmod 700 /root........
  • SSH delay problem UseDNS and disabling GSSAPI does not help


    The normal solution doesn't help or apply here: ssh -v user@192.168.5.41 OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: i........
  • Cygwin and crontab backups via ssh/scp/rsync


    Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron. The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible. Warning about rsync/cygwin and using the -a archive switch. It's a good thing I caught this because it doesn't work ri........
  • yum in Centos 5/Xen halts and exits suddenly


    yum exits in the middle The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either. echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk L........
  • NotifyByPopup::slotDBusNotificationClosed: 465 -> 0 knotify(31135) NotifyByPopup::slotDBusNotificationClosed: failed to find knotify id for dbus_id 465


    I keep getting this in my SSH/Bash console: NotifyByPopup::slotDBusNotificationClosed: 465 -> 0  ........
  • Ubuntu 10.04 Linux is still not ready for the Desktop world


    I am a huge fan of Linux and the idea of OpenSource but I've said it many times, there are still hurdles in today in 2010 for Linux as a Desktop. Linux is still intended for servers at its very core. This can be changed succesfully though, as Apple has shown us with Mac OS X based on FreeBSD. Half of the issue is lack of driver support and the other half is the Linux Kernel and Window Manages, KDE and GNome still both don't cut it (but they're getting closer). I'll........
  • jailkit for chroot ssh account security tutorial and fix for error


    This was done on Centos butI think it's easier on Debian machines, the paths that it is set to use are tailored towards Debian, so there is some fiddling that needs to be done on Centos. This is for chrooting ssh, but jailkit has other uses than just SSH jails but I won't cover them in this writeup. 1. Install jailkit yum install jailkit 2. Setup Jail Home mkdir /home/jail chown root:root /home/ja........
  • WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The f


    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by th........
  • CPanel OpenVZ VPS Error - *** Notice *** No working loopback device files found. Try running `modprobe loop` as root via ssh and running this script again.


    Ihave no idea how to get the loopback device working in OpenVZ, but what's more frustrating is that I purchased a CPanel license for my VPS and clearly it is not "VPS Optimized". Although everything does seem to work at this point despite that error. The suggestions here: http://forum.openvz.org/index.php?t=msg&goto=1339 don't seem to work at all. This is an OpenVZ issue, but also a CPanel isue, why on earth would loopback support be expected in a VPS a........
  • SSH Automatic/Passwordless Logon - Setup Public Key Encryption In Single Command


    This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that. If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :) Just use this code to easily enable passwordless login with SSHD key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
  • Picking an FTPD (vsftpd) Server in Linux Centos/Debian


    I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find. yum search ftp Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * rpmforge: ftp-stud.fht-esslingen.de * base: mirrors.netdna.com * updates: updates.interworx.info * addons: yum.singlehop.com * extras: mirrors.netdna.com rpmforge........
  • PHP cannot access /usr/bin/openssl


    PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist: [code:1:1fd0f3abbe] if (!file_exists($OPENSSL)) { //echo "ERROR: OPENSSL $OPENSSL not foundn"; }[/code:1:1fd0f3abbe] I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
  • SSH automatic login without password


    SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa -t is the encryption type -f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used A password will be asked; leave this part blank, just pressing Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
  • Updated to Version 3.8 and can't login


    Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from" This occurred during a yum update after upgrading my release, installing the new kernel and rebooting. I got kicked out of sshd after seeing the following during yum update: telnet 100 % done 85/476 tux 100 % done 86/476 ntsysv 100 % done 87/476 rpmdb-redhat 94 % done 88/476........
  • Telus + 2Wire 2700 Router Horrible


    Telus + 2Wire 2700 Router HorribleWell first of all let me say this is the only router/switch that sometimes seems to crash/disconnect computers on the local network. This device also thought it would be smart to block VOIP packets coming from my Sipura ATA VOIP adapters so I disabled the [quote:cb89ba7bff]"Invalid TCP Flag Attacks (NULL/XMAS/Other)"[/quote:cb89ba7bff] option Then all of a sudden I couldn't get onto any web pages, the wireless........
  • SSH Public Key Authentication (Login Without Passwords)


    SSH Public Key Authentication (Login Without Passwords)I've gone over this before but just a quick note! the "authorized_keys" file in ~/.ssh must be chmodded to "600" or public key authentication won't work. I guess it's kind of a security/failsafe feature that I've seen on all Linux and Unix OS's........
  • Basic Port Listing


    Basic Port ListingHopefully someone finds this useful or at least interesting. http://www.sans.org/top20/#u9 Name Port Protocol Description Small services ........
  • iPhone Enable Tethering Manually Update ipcc Carrier Settings/Update via SSH


    Everyone says there is a "manual" way of doing it and then they tell you to use iTunes, but if you're like me, you're travelling on business in a foreign country and your laptop does not have iTunes and you don't have a way of getting it and/or don't want it. For this example I'm using the provider "du" in Dubai, UAE (United Arab Emirates) but this method works for virtually all providers. The requirements in this case to truly "manually update........
  • Unixbench Score with Glusterfs/Openvz & Quad Core Xeon


    This is very disappointing since GlusterFS markets itself as a solution to deploy VPS servers on. On the HNitself I get a Unixbench of about 360. I'm also using an SSH tunnel to secure the communications, but even before that, things seemed very slow. # # # # # # # #####&n........
  • Linux/Unix Open SSH Login Without Password Key Exchange including Debian, Redhat, Fedora, Ubuntu, BSD etc..


    In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window. *Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
  • Why Apple should thank the jailbreakers and not patch/stop the jailbreaking exploits


    First of all, the iPhone is crippled in many ways, but most of my complaints about functionality have been addressed through the jailbreak, Ican run apps in the background of my choosing, I can install a terminal, acccess my phone through SSH and SCP and so much more. It even addresses the 15 minute e-mail problem, I installed a program called "PushMod" and now set the checking time to just 1 minute. Apple should really thank the developers for this gift, it ma........
  • iPhone Backgrounder Adds True and Real iPhone multitasking on jailbroken phones


    Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that. Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes. It seems like it installed fine even with the crash t........
  • iPhone 3GS Jailbreak Information & Benefits


    Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore. A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly. In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
  • iPhone 3GS 32GB "Harsh Review"


    Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone. I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc. With that said........
  • SSH Slow Login even with SSHD UseDNS no parameter


    Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay. The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
  • SSH Server Slow/Lagged/Delayed Login Response


    This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks. The chances are this is the cause of your SSHSlow/Delayed Login problems. The easy solution to SSH Login Problems Edit /etc/ssh/sshd_config Add this line to disable r........
  • SSH Problem User username from 127.0.0.1 not allowed because not listed in AllowUsers


    User username from 127.0.0.1 not allowed because not listed in AllowUsers What's going on? The user was created properly, it has been defined as having a shell entry and the entry for /etc/passwd and /etc/shadow is set just fine. This is a new and very smart/secure feature of SSHD. It is simple and yet effective, but also very annoying if you didn't know about it being implemented and that hand editing of /etc/ssh/sshd_config is required to allow a newly add........
  • Latest Articles

  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks
  • Cisco IP Phone CP-8845 8800/8900 Series How To Reset To Factory Settings Instructions
  • ls how to list ONLY directories
  • How to encrypt your SSH private key file id_rsa
  • Linux Mint 18 Disable User Name List from showing on Login Screen
  • Firefox Cannot Hit Enter Key In Address Bar and Location History Not Working
  • Cisco Unified Communications Manager / CUCM IP 8.6,10,12 Install Error Solution
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution
  • nmap how to scan for all ports and not just the 1000 most common ports
  • Windows 7,8,10 and Server 2008, 2012, 2016, 2019 Read Only Attribute Won't Go Away
  • bind / named how to make a wildcard record and retain defined A records
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM
  • Local Vs Universally Administered MAC Address NIC Refuses to come up
  • Cisco Unified Communications Manager 12 CUCM 12 - How To Enable Video Calling
  • Windows 7, 8, 10, Windows Server 2008, 2012, 2016, 2019 How To AC97 Audio Drivers and Other Unsigned Drivers
  • Cisco Unified Communications Manager / CUCM IP Telephony Definitions
  • tftp Linux xinetd verbose logging
  • Linux delete unused tap devices automatically