• SSH cannot connect to old servers/devices/switches/routers/Cisco/Juniper Unable to negotiate with 192.168.20.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hell


    A lot of older devices either support telnet or very old SSH keyx algorithms which are insecure and disabled by all newer/modern SSH clients for security reasons. However, sometimes you may be on a LAN via VPNor some other secured network or for whatever reason, absolutely, need to connect to this device and sometimes old/embedded devices may not be possible to update to a newer SSH server. If you run into this you may be using a modern/newer SSH client and get thi........
  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL


    Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
  • How To Get Started on Ubuntu with gpt-2 OpenAI Text Prediction


    apt install software-properties-common add-apt-repository ppa:deadsnakes/ppa apt update apt install python3-pip apt install python3.7 curl gnupg python3.7-dev git ln -s /usr/bin/python3.7 /usr/bin/python3 pip3 install numpy keras_preprocessing curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add - echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
  • How To Install OpenProject on Centos 7 Step-by-Step Guide


    There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting. Before starting install epel or you will be missing tesseract: yum -y install epel-release #1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
  • python ModuleNotFoundError: No module named 'bs4' even though you have the module


    In this case I am executing using "python3" but what you find in cases like this can be surprising. The most common issues are that someone has a module for python 2 "pip" and doesn't realize they need "pip3" to install it for python3, but this is not one of those cases. ModuleNotFoundError: No module named 'bs4' OKmaybe we didn't install it for python3? [........
  • Cannot Print PDF Solution and Howto Resize


    If you can print other PDFs but not a particular one it is very likely that the PDF size is A4 (the longer, skinnier Asian paper size) instead of the North American letter size ( 8.5" x 11"). This breaks printing in most cases. Or it may print if you find a program that ignores the size issue. Here is an example of an A4 being rejected by a printer in Ubuntu Linux via CUPS Cannot print PDF CUPS Samsung C460: Processin........
  • RTNETLINK answers: Network is unreachable


    This often happens if you are adding a secondary route, especially with Linux source based routing. ip route add default via 10.10.10.254 table 10 RTNETLINK answers: Network is unreachable If that happens you will probably find that it is unreachable because your NIC does not have an IP in the 10.10.10.0/24 range so just assign an IP in that range to your NIC and try again. eg. ifconfig eth0 10.10.10.254 netmask 255.255.255.0 up........
  • VMWare Vsphere VCSA Graphical Install Creates json


    yes it does create its own json ============================================ cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json 2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1 --> ........
  • OpenVPN auth-user-pass-verify ENV script error


    Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script. Prior to that you could also use the auth-user-pass-verify like this: auth-user-pass-verify ./validate.pl "$username $password $ip" via-env Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
  • OpenVPN cannot ping remote IP routing loop issue after connecting


    Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop. This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication


    One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have. Edit your /etc/ssh/sshd.conf file Set this option PasswordAuthentication no Restart your SSH server. service sshd restart ........
  • USB 3.0 PCI x1 Card Review VIA VL805 on Linux Review and Experience


    This is a VIA made VL805 USB 3.0 Chipset with 4-ports and MOLEX powered. First of all this unit was cheap at about only 9 USD with fast shipping. My biggest concern was if this was a quality unit and would it really give you full USB 3.0 speeds (some people reported with similar cards that for some weird r........
  • Avocent DSR8020 KVM/IP - Network Connect Error - Solution


    This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it. 1. Java Security/TLS Settings issue: This article has the solution to change them all in Linux automatically 2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
  • MySQL Allow Access from Remote Host IP and Update All Users


    Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure). UPDATE user SET Host="192.168.5.99" where Host="localhost" or for any/wildcard UPDATE user SET Host="%" where Host="localhost&qu........
  • Centos and obfsproxy install errors


    pip install obfsproxy /usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning. InsecurePlatformWarning You are using pip version 7.1.0, however version 8.1.1 i........
  • openvpn 2.3.10-1.el6 issues auth-env does not work correctly for auth-user-pass-verify


    openvpn 2.3.10-1.el6 issues in the .conf auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env auth-env does not work correctly in OpenVPN 2.3: Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure But OpenVPN 2.2 does work as expected. It could be that the specified script automatically receive........
  • Linux Debian/Ubuntu/Centos How To Force Internet Traffic Through PPTP L2TP OpenVPN Account Only


    The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway. The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using): route del default eth0 50.80.20.2 is the VPN server you connect to 192.168.1.1 is your........
  • How to manually save bash history


    This is useful in the case you are not properly logged in via an OpenVZ session or even a normal SSH session that you fear may go down(if the connection is broken the history is not saved). Save your bash_history like this: history -w ~/.bash_history You can always change the above to another file eg /tm........
  • Sipura / Linksys PAP/VOIP/SIP Adapter Issue Can't receiving incoming phone calls and you're behind a NAT router (99% of people)? solution


    Sipura / Linksys PAP/VOIP/SIP Adapter Issue Can't receiving incoming phone calls and you're behind a NAT router (99% of people)? 1. Login to the adapter. 2. Click on "Advanced" (location varies but usually somewhere on top) 2. Click on "SIP" 3. Scroll down to "NAT" (usually at the bottom). You'll find 2 columns with 4 rows of drop-down boxes (they'........
  • Bash weird variable whitespace missing when echoing printing


    Bash weird variable whitespace missing var=`cat tlds.csv|grep .ca,` # echo "var=:$var:" :ar=:.ca,Canada Why is the v missing in the last line? It should be :var=:.ca,Canada instead of :ar=:.ca,Canada I noticed a problem with the file with doing a "cat -v" on it. Here's the issue, the file contains carat M ^M: .vg,British Virgin Island........
  • WD 20EARX 2TB Bad within days


    This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad. ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0 ata1.00: irq_stat 0x40000008 ata1.00: failed command: READ FPDMA QUEUED ata1.00: cmd 60/00:00:........
  • Country List Names in HTML Select From


    This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others: Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
  • Samsung Galaxy Note I717M Canadian Version, Root and Unlock


    I chose this because I heard a lot of stories about scams and that many providers I contacted said they can't unlock the Canadian I717s (one said "my Bell server" is down). This method worked perfectly on my Bell I717M and should work for all I717 in Canada, I was able to insert a foreign SIMcard. This will work abroad too but remember entering CWM mode is different for I717's in other countries (at least theUS). Step 1 - Root + CWM........
  • Login and download all files script


    This is very handy if you're too busy and don't have time to download whatever files you need. The -D specifies the domains allowed, this is because I specified -H which means foreign hosts are allowed, if you don't restrict them you'll end up going to the whole internet via ads and other links just like a search Engine would follow. -l 0 specifies to go deep, to as many levels as possible/as exist. -e robots=off is important because robots.txt often says you can't vie........
  • Disable SELinux How To Tutorial Solution


    Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality. The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot. The second line disables it permanently. #!/bin/bash #disable SELinux Immediately echo 0 > /selinux/enforce #disable SELinux Permanently sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
  • Yahoo Mail (email) DNS Server Out Of Date Problems


    I don't expect this to be solved soon but some of Yahoo's DNS servers are out of whack. I changed the IPs of some nameservers of some domains and now most Yahoo users can't e-mail to those domains! As you can see below by the "No MX or A records for mychangedomain.com", now Yahoo's DNS/mailserver DNS cache is wrong. You would think they would at least have cached the old incorrect records, but instead for some reason their DNS cache has no entry and doesn't seem........
  • Enable SPAMASSASSIN on Postfix in 5 minutes


    Centos 5 Postfix and SPAMASSASSIN Tutorial yum install spamassassin chkconfig spamassassin on vi /etc/mail/spamassassin/local.cf ############## #required_hits 5 #report_safe 0 #rewrite_header Subject [SPAM] #5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives require........
  • Understanding /etc/aliases from sendmail when using with postfix or other MTA's


    understanding /etc/aliases *remember to apply changes you need to run "newaliases" after editing /etc/aliases one thing I don't get is that it doesn't allow you to specify the whole e-mail address on the left-hand side eg: yourfullemail@domain.com: someotheremail@domain.com postalias: warning: /etc/aliases, line 109: name must be local (if you try the above) It works more like this: your........
  • Cygwin and crontab backups via ssh/scp/rsync


    Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron. The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible. Warning about rsync/cygwin and using the -a archive switch. It's a good thing I caught this because it doesn't work ri........
  • CPanel OpenVZ VPS Error - *** Notice *** No working loopback device files found. Try running `modprobe loop` as root via ssh and running this script again.


    Ihave no idea how to get the loopback device working in OpenVZ, but what's more frustrating is that I purchased a CPanel license for my VPS and clearly it is not "VPS Optimized". Although everything does seem to work at this point despite that error. The suggestions here: http://forum.openvz.org/index.php?t=msg&goto=1339 don't seem to work at all. This is an OpenVZ issue, but also a CPanel isue, why on earth would loopback support be expected in a VPS a........
  • Choose Which GCC Version to compile with via CC environment variable.


    It's very common to have multiple GCC versions for different reasons, as annoying as it is. Some newer/older programs only compile properly or at all on specific versions. You can export the following variable CC: export CC=gcc-4.1 Replace gcc-4.1 with the filename of the gcc you want eg. gcc-99........
  • tar gzip: stdout: File too large - Error Size Limit on Large file > 17GB


    The folder I was trying to archive is about 72GB, but much like rsync at about 17GB it chokes because of the filesize. What's with so many common and essential Linux tools having such limitations? I guess it is likely that the authors never wrote their code with the idea that files would be so large but it's still very annoying. It's important to stay on top of these limitations on production servers because I didn't realize what happened until I checked the file with "........
  • Picking an FTPD (vsftpd) Server in Linux Centos/Debian


    I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find. yum search ftp Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * rpmforge: ftp-stud.fht-esslingen.de * base: mirrors.netdna.com * updates: updates.interworx.info * addons: yum.singlehop.com * extras: mirrors.netdna.com rpmforge........
  • Load Balancing/Clustering


    Load Balancing/ClusteringAn interesting article that discusses the pros, cons and viability of load balancing/clustering http://www.wwwcoder.com/main/parentid/493/site/4189/68/default.aspx ZoneEdit seems to offer an interesting Fail Over Service as well: http://www.zoneedit.com/doc/faq.html#fo........
  • Adventures in pre-paid SIM Cards and data GPRS/Edge/3G in China with China Mobile in Shenzhen, Guangzhou, Shanghai, Beijing and other cities


    This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far: You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
  • iPhone Enable Tethering Manually Update ipcc Carrier Settings/Update via SSH


    Everyone says there is a "manual" way of doing it and then they tell you to use iTunes, but if you're like me, you're travelling on business in a foreign country and your laptop does not have iTunes and you don't have a way of getting it and/or don't want it. For this example I'm using the provider "du" in Dubai, UAE (United Arab Emirates) but this method works for virtually all providers. The requirements in this case to truly "manually update........
  • How To Enable 3rd/third party packages in RHEL/Redhat/Centos 4/5 Linux via RPMForge


    It's a bit of a pain that many basic third party tools that aren't put of the main Centos/RHEL repositories are not available unless you compile them or install the RPMForge Repo. *Updated 08/29 with new download location changed from apt.sw.be to rpmforge.sw.be Here's a quick, simple/cut&paste way to do it: wget http://rpmforge.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.5.1-1.el5.rf.i386.rpm rpm -i rpmforge........
  • The power of passive vs air cooling. Small fans make a world of difference.


    I bought a Dynatron A46G for my AMD X4 620 AM3 Quad Core CPU. Just judging by touch, the stock OEM fan/heatsink combo kept things so cool, I could leave the 1U server on the floor and it barely felt warm to the touch, including the heatsink itself. I thought the Dynatron A46G would be enough with passive cooling (it has no fan), but the same setup became burning hot on the underside of the server and also by touching the heatsink itself within minutes. I thought that th........
  • Latest Articles

  • vi how to delete everything to the end of the line or the rest of the line from the cursor
  • Cisco Howto Configure Console Port/Terminal/Comm Server with Async Cable Setup
  • Ubuntu/Debian Linux/Unix Howto Setup Install Syslinux Bootable USB with EFI and MBR from Command Line/CLI Terminal
  • Cisco Switch Howto Reset Password
  • SSH cannot connect to old servers/devices/switches/routers/Cisco/Juniper Unable to negotiate with 192.168.20.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hell
  • ksnapshot missing in Ubuntu and Linux Mint Solution
  • bash how to hide username/customize prompt Linux Debian Redhat Ubuntu Solution
  • Cisco Router Password Reset Howto Guide Solution Cannot Login /Unknown Enable Password 2600, 2800, 2900, 3900
  • VirtualBox VBox Nat Network Handing Out Wrong IP Address Subnet Solution
  • Unable to mount location Failed to retrieve share list from server: Connection timed out - Samba/Linux Filesharing Not working Ubuntu Mint Linux Solution
  • How To Resize, Reduce a Video to a Specific Size and Quality Ubuntu Linux using ffmpeg
  • vi how to delete all lines in the file
  • Linux Mint / Ubuntu 20 Intel I219 NIC disconnects
  • Linux can't boot/grub boot loader screen with no options solution
  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL
  • Aruba/HP/Dell IAP Wireless Controller Common Default Passwords
  • Debian, Mint Ubuntu how to remove package and associated config files
  • Linux Grub not booting the intended kernel solution in Debian, Mint, Ubuntu how to specify which kernel to boot by default
  • QEMU KVM Keyboard Problems Not Working Right Repeating Characters, Ctrl+C Copy and Paste not working right when using PS2 mouse in guests Solution
  • Linux how to compile binary with static sharedobjects embedded instead of dynamic to use on multi-distributions and avoid glibc compatiblity issues