A lot of older devices either support telnet or very old SSH keyx algorithms which are insecure and disabled by all newer/modern SSH clients for security reasons. However, sometimes you may be on a LAN via VPNor some other secured network or for whatever reason, absolutely, need to connect to this device and sometimes old/embedded devices may not be possible to update to a newer SSH server.
If you run into this you may be using a modern/newer SSH client and get thi........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
apt install software-properties-common
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
In this case I am executing using "python3" but what you find in cases like this can be surprising.
The most common issues are that someone has a module for python 2 "pip" and doesn't realize they need "pip3" to install it for python3, but this is not one of those cases.
ModuleNotFoundError: No module named 'bs4'
OKmaybe we didn't install it for python3?
If you can print other PDFs but not a particular one it is very likely that the PDF size is A4 (the longer, skinnier Asian paper size) instead of the North American letter size ( 8.5" x 11"). This breaks printing in most cases. Or it may print if you find a program that ignores the size issue.
Here is an example of an A4 being rejected by a printer in Ubuntu Linux via CUPS
Cannot print PDF CUPS Samsung C460:
This often happens if you are adding a secondary route, especially with Linux source based routing.
ip route add default via 10.10.10.254 table 10
RTNETLINK answers: Network is unreachable
If that happens you will probably find that it is unreachable because your NIC does not have an IP in the 10.10.10.0/24 range so just assign an IP in that range to your NIC and try again.
eg. ifconfig eth0 10.10.10.254 netmask 255.255.255.0 up........
yes it does create its own json
cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
2018-08-09T17:56:04.238-07:00 verbose OVFTool [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-22.214.171.12400-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script.
Prior to that you could also use the auth-user-pass-verify like this:
auth-user-pass-verify ./validate.pl "$username $password $ip" via-env
Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop.
This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have.
Edit your /etc/ssh/sshd.conf file
Set this option
Restart your SSH server.
service sshd restart
This is a VIA made VL805 USB 3.0 Chipset with 4-ports and MOLEX powered. First of all this unit was cheap at about only 9 USD with fast shipping. My biggest concern was if this was a quality unit and would it really give you full USB 3.0 speeds (some people reported with similar cards that for some weird r........
This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it.
1. Java Security/TLS Settings issue:
This article has the solution to change them all in Linux automatically
2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure).
UPDATE user SET Host="192.168.5.99" where Host="localhost"
or for any/wildcard
UPDATE user SET Host="%" where Host="localhost&qu........
pip install obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
You are using pip version 7.1.0, however version 8.1.1 i........
openvpn 2.3.10-1.el6 issues
in the .conf
auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env
auth-env does not work correctly in OpenVPN 2.3:
Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure
But OpenVPN 2.2 does work as expected.
It could be that the specified script automatically receive........
The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway.
The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using):
route del default eth0
126.96.36.199 is the VPN server you connect to
192.168.1.1 is your........
This is useful in the case you are not properly logged in via an OpenVZ session or even a normal SSH session that you fear may go down(if the connection is broken the history is not saved).
Save your bash_history like this:
history -w ~/.bash_history
You can always change the above to another file eg /tm........
Sipura / Linksys PAP/VOIP/SIP Adapter Issue
Can't receiving incoming phone calls and you're behind a NAT router (99% of people)?
1. Login to the adapter.
2. Click on "Advanced" (location varies but usually somewhere on top)
2. Click on "SIP"
3. Scroll down to "NAT" (usually at the bottom).
You'll find 2 columns with 4 rows of drop-down boxes (they'........
Bash weird variable whitespace missing
var=`cat tlds.csv|grep .ca,`
# echo "var=:$var:"
Why is the v missing in the last line?
It should be
I noticed a problem with the file with doing a "cat -v" on it.
Here's the issue, the file contains carat M ^M:
.vg,British Virgin Island........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others:
Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
I chose this because I heard a lot of stories about scams and that many providers I contacted said they can't unlock the Canadian I717s (one said "my Bell server" is down).
This method worked perfectly on my Bell I717M and should work for all I717 in Canada, I was able to insert a foreign SIMcard. This will work abroad too but remember entering CWM mode is different for I717's in other countries (at least theUS).
Step 1 - Root + CWM........
This is very handy if you're too busy and don't have time to download whatever files you need.
The -D specifies the domains allowed, this is because I specified -H which means foreign hosts are allowed, if you don't restrict them you'll end up going to the whole internet via ads and other links just like a search Engine would follow.
-l 0 specifies to go deep, to as many levels as possible/as exist.
-e robots=off is important because robots.txt often says you can't vie........
Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality.
The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot.
The second line disables it permanently.
#disable SELinux Immediately
echo 0 > /selinux/enforce
#disable SELinux Permanently
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
I don't expect this to be solved soon but some of Yahoo's DNS servers are out of whack. I changed the IPs of some nameservers of some domains and now most Yahoo users can't e-mail to those domains!
As you can see below by the "No MX or A records for mychangedomain.com", now Yahoo's DNS/mailserver DNS cache is wrong. You would think they would at least have cached the old incorrect records, but instead for some reason their DNS cache has no entry and doesn't seem........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
*remember to apply changes you need to run "newaliases" after editing /etc/aliases
one thing I don't get is that it doesn't allow you to specify the whole e-mail address on the left-hand side
postalias: warning: /etc/aliases, line 109: name must be local (if you try the above)
It works more like this:
Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron.
The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible.
Warning about rsync/cygwin and using the -a archive switch.
It's a good thing I caught this because it doesn't work ri........
Ihave no idea how to get the loopback device working in OpenVZ, but what's more frustrating is that I purchased a CPanel license for my VPS and clearly it is not "VPS Optimized". Although everything does seem to work at this point despite that error.
The suggestions here: http://forum.openvz.org/index.php?t=msg&goto=1339 don't seem to work at all. This is an OpenVZ issue, but also a CPanel isue, why on earth would loopback support be expected in a VPS a........
It's very common to have multiple GCC versions for different reasons, as annoying as it is. Some newer/older programs only compile properly or at all on specific versions.
You can export the following variable CC:
Replace gcc-4.1 with the filename of the gcc you want eg. gcc-99........
The folder I was trying to archive is about 72GB, but much like rsync at about 17GB it chokes because of the filesize. What's with so many common and essential Linux tools having such limitations? I guess it is likely that the authors never wrote their code with the idea that files would be so large but it's still very annoying. It's important to stay on top of these limitations on production servers because I didn't realize what happened until I checked the file with "........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
Load Balancing/ClusteringAn interesting article that discusses the pros, cons and viability of load balancing/clustering
ZoneEdit seems to offer an interesting Fail Over Service as well:
This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far:
You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
Everyone says there is a "manual" way of doing it and then they tell you to use iTunes, but if you're like me, you're travelling on business in a foreign country and your laptop does not have iTunes and you don't have a way of getting it and/or don't want it.
For this example I'm using the provider "du" in Dubai, UAE (United Arab Emirates) but this method works for virtually all providers.
The requirements in this case to truly "manually update........
It's a bit of a pain that many basic third party tools that aren't put of the main Centos/RHEL repositories are not available unless you compile them or install the RPMForge Repo.
*Updated 08/29 with new download location changed from apt.sw.be to rpmforge.sw.be
Here's a quick, simple/cut&paste way to do it:
rpm -i rpmforge........
I bought a Dynatron A46G for my AMD X4 620 AM3 Quad Core CPU. Just judging by touch, the stock OEM fan/heatsink combo kept things so cool, I could leave the 1U server on the floor and it barely felt warm to the touch, including the heatsink itself.
I thought the Dynatron A46G would be enough with passive cooling (it has no fan), but the same setup became burning hot on the underside of the server and also by touching the heatsink itself within minutes.
I thought that th........