Friday, November 20, 2015

no matching host key type found. Their offer: ssh-dss

ssh -oHostKeyAlgorithms=+ssh-dss sshd@10.0.0.21

 source: http://www.openssh.com/legacy.html
Posted by at No comments:

Monday, June 1, 2015

one liners 

Find most recently modified file in a dir tree
find . -type f -printf '%T@ %p\n' | sort -n | tail -1 | cut -f2- -d" "
Posted by at No comments:

Saturday, May 30, 2015

find multiple files with find -o switch

find . \( -name r_prog1051_credit.ks -o -name r_prog1037_credit.ks \) -print

Posted by at No comments:

Tuesday, May 5, 2015

svn+ssh url (interactive vs non interactive shell issues with TortoiseSVN)

3 Ways shown below to access svn via ssh

1. svn+ssh://rprajapa@ora-rbtdev-app.xyz.com/appdata/rbt/repo/rakeshP17n_lastrel

svn+ssh with putty

2. svn+ssh://[username]@[putty saved session name]/path/to/repository

or
3. svn+ssh://[putty saved session name]/path/to/repository




I was facing problems in accessing the repository with above methods.  
- I am on a windows machine using Tortoise svn to access the repo on a REDHAT box
- My Putty pageant had loaded the private key to the server successfully..
- I put in the third url method above in the Repo Browser of TortoiseSvn ([] brackets indicate substitute the value there and do not include the brackets itself)
- The repo exists and the path is correct



 The main Issue)
svn command is not in $PATH.
TortoiseSVN runs a non interactive shell to connect to server just like the command below
ssh rprajapa@ora-rbtdev-app.xyz.com "svn"

The above command gave the error "svn command not found"


 Solution 1)
When we login in interactively svn command is found
but
for non interactive shell it does not find the command
(some pointers here for why this is so: http://stackoverflow.com/questions/216202/why-does-an-ssh-remote-command-get-fewer-environment-variables-then-when-run-man )

Since TortoiseSvn uses  non interactive shell way of accessing the repo .. we simply need to add
PATH to .bashrc
file contents pasted below

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

# User specific aliases and functions

 export PATH=$PATH:/opt/ubersvn/bin





 Solution 2)  Using "ssh forced commands"

Modify the ssh key to include the following at the beginning of the key for example
(substitute your path to svnserve below and also tunner-user)

command="/opt/ubersvn/bin/svnserve -t --tunnel-user=rprajapa" ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBiSfTZ9GVSl4XbSZqaCne6F48HgeSL3AJHDphNzOcTjM9t3WYccDfU7OXkv1dZerISvOSE/Eg+N/0/Ur2QMJpaciknY+LQ== rprajapa


This works for the purposes of TortoiseSvn but it has one drawback.. you cannot use this key to login to server interactively
you will get the following message

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries commit-revprops depth log-revprops partial-replay ) ) )

and it will stay there and you will not get a $ prompt.




Posted by at No comments:

Monday, April 27, 2015

Creating a multi hop SSH tunnel by chaining SSH commands and using a intermediate host

$ ssh -A -t -l wb0c rp.mdns.org -p 42121 ssh -A -t -l ora 10.1.1.21

rp.mdns.org is intermediate host here
Posted by at No comments:

Thursday, April 23, 2015

syntax highlighting in nano

1. create a .nanorc file in $HOME
2. Sample contents
include /usr/share/nano/asm.nanorc
include /usr/share/nano/c.nanorc
include /usr/share/nano/groff.nanorc
include /usr/share/nano/html.nanorc
include /usr/share/nano/java.nanorc
include /usr/share/nano/man.nanorc
include /usr/share/nano/mutt.nanorc
include /usr/share/nano/nanorc.nanorc
include /usr/share/nano/patch.nanorc
include /usr/share/nano/perl.nanorc
include /usr/share/nano/pov.nanorc
include /usr/share/nano/python.nanorc
include /usr/share/nano/ruby.nanorc
include /usr/share/nano/sh.nanorc
include /usr/share/nano/tex.nanorc
include /home/rprajapa/bin/ks.nanorc
include /home/rprajapa/bin/ksh.nanorc



the syntax highlighting files are in /usr/share/nano

It did not have files for .ks and .ksh   , so I copied the sh.nanorc to ksh.nanorc and ks.nanorc

and edited its contents.. ie also replace sh with ksh and .ks respectively.

(for some reason it does not like $HOME so had to put absolute path /home/rprajapa)

Thats all.. Enjoy.
Posted by at No comments:

Wednesday, April 22, 2015

Setting font in gvim - windows 7

Open vim editor

:echo $HOME

at the $HOME location

create a file _vimrc with the following contents
:set gfn=Consolas:h11:cANSI
:syn on

:set was optional for the gfn variable above.
Posted by at No comments:

Sunday, March 29, 2015

installing oracle on Centos 


curl -O https://linux.oracle.com/switch/centos2ol.sh 
sh centos2ol.sh
 


yum install oracle-rdbms-server-11gR2-preinstall
Posted by at No comments:

Friday, March 13, 2015

Centos 6.6 minimal install to Desktop

I am going with Centos 6.6 instead of 7.1 because I have Michael Jhang's book which covers version 6

Burn the minimal install CD
Install centos
reboot
At the root prompt


Enable Networking
Edit /etc/sysconfig/network-scripts/ifcfg-eth0 and change 
onboot=yes
bootproto=dhcp  

 #chkconfig network on
#service network restart

 check if u have internet connection

 next 

 
# yum -y groupinstall "Desktop" "Desktop Platform" "X Window System" "Fonts"
optionally
# yum -y groupinstall "Graphical Administration Tools"

# yum -y groupinstall "Internet Browser"

# yum -y groupinstall "General Purpose Desktop"

# yum -y groupinstall "Office Suite and Productivity"

# yum -y groupinstall "Graphics Creation Tools"
Posted by at No comments:

Monday, February 9, 2015

git commands

To restore all those deleted files in a folder enter the following command.
git ls-files -d | xargs git checkout --
Posted by at No comments:

Sunday, February 8, 2015

Configuring Openbsd as a home router -- the missing piece

Setting up Openbsd as a router is really easy and the documentation at Openbsd.com was really good except there was a missing piece of information that eluded me and therefore i spent hours and hours searching and finally i was able to setup the box as a Openbsd Router..
Maybe i don't know how to read the FAQ but it was not clearly given.
(scroll to the end to find what i was missing .. Once i did that it worked like
a charm)

My OpenBsd box
 - Pentium dual core - Dell optiplex 755 small factor
 - 2 Gigabit ethernet nics - one built in and other a PCI card
 - 160 GB Hard drive
 - 4Gb memory

Openbsd 5.6


$ ifconfig -a
lo0: flags=8049 mtu 32768
        priority: 0
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet 127.0.0.1 netmask 0xff000000
em0: flags=28843 mtu 1500
        lladdr 00:1a:a0:7e:df:b7
        priority: 0
        groups: egress
        media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause)
        status: active
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
re0: flags=28843 mtu 1500
        lladdr 00:e0:4c:69:1b:d9
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex,master)
        status: active
        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
enc0: flags=20000
        priority: 0
        groups: enc
        status: active
pflog0: flags=20141 mtu 33144
        priority: 0
        groups: pflog
$


Here em0 is the internet facing nic and re0 is the internal lan facing nic

My configuration files:

/etc/dhcpd.conf

   option domain-name-servers 10.0.0.1 , 68.238.64.12;
   subnet 10.0.0.0 netmask 255.255.255.0 {
       option routers 10.0.0.1;
       range 10.0.0.2 10.0.0.128;
       host server {
           fixed-address 10.0.0.21;
           hardware ethernet 00:25:64:EE:DD:52;
      }
}




$ cat rc.conf.local
dhcpd_flags="re0"
$

$ cat sysctl.conf                                                                      
net.inet.ip.forwarding=1
$

$ cat hostname.re0
inet 10.0.0.1 255.255.255.0 NONE 
$ cat hostname.em0                                                                     
dhcp
$

$ cat resolv.conf                                                                      
# Generated by em0 dhclient
search home
nameserver 192.168.1.1
lookup file bind
$

/etc/mygate file does not exist.. (was not created during the install.. nor i created it later at any point)

resolv.conf is automatically created during the OpenBSD install when u
setup the dhcp on the em0 interface.

This is all that has to be done per documentation and Openbsd should work as a router..
The problem is the clients are able to get the dhcp information and are able to ping the lan nic but cannot connect to internet. I wondered why.. sysctl.conf was configured correctly to set the box as a  forwarding gateway.

I disabled PF and still could not connect to the internet. Enabling or disabling PF had no effect.

The missing piece :
Thanks to bsd now "Episode 011: The Gateway Drug" video it showed how to correctly setup a openbsd router.
What I was not getting was that a pf.conf entry and that PF should be setup for firewall.
The pf.conf entry that did the trick was
pass out on em0 inet from re0:network to any nat-to em0
pass out on em0 inet from re0:network to any nat-to em0
(ie setup NAT i suppose)..

so problem solved. Now i could connect to internet. I used the default pf.conf that came with the install and just added this entry.

pf.conf below:
# cat pf.conf
#       $OpenBSD: pf.conf,v 1.53 2014/01/25 10:28:36 dtucker Exp $
#
# See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.

# increase default state limit from 10'000 states on busy systems
#set limit states 100000

set skip on lo

# filter rules and anchor for ftp-proxy(8)
#anchor "ftp-proxy/*"
#pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021

# anchor for relayd(8)
#anchor "relayd/*"

block return    # block stateless traffic
pass            # establish keep-state

# rules for spamd(8)
#table persist
#table persist file "/etc/mail/nospamd"
#pass in on egress proto tcp from any to any port smtp \
#    rdr-to 127.0.0.1 port spamd
#pass in on egress proto tcp from to any port smtp
#pass in log on egress proto tcp from to any port smtp
#pass out log on egress proto tcp to any port smtp

pass out on em0 inet from re0:network to any nat-to em0

#block in quick from urpf-failed to any # use with care

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010
#


Next I need to learn PF so that i understand what each line above is doing and much more...



Posted by at No comments:

Tuesday, February 3, 2015

syncing git repo when the remote repo is not a bare repo

GIT tip

On the server create a git repo

mkdir GitRepo
cd GitRepo
git init work.git

$ pwd
/pa/ns/r/rprajapa/GitRepo/work.git


On the client windows box.. install git .. While installing choose the option where it recognizes the Putty PLINK

using the GUI : select "Clone Existing Repository"
Enter the Target directory 

URL for existing repo of server : rprajapa@abc.xyz.org:/pa/ns/r/rprajapa/GitRepo/work.git
Choose any Target directory


Now you have cloned the repo and can work on it locally.
When its time to sync back to Server repo.. since its not a bare repo we will have to ftp the local repo
files including the .git directory to the server
say at location below:

$ ls -atlr /pa/ns/r/rprajapa/git_to_pull_from/
total 24
drwx------  28 rprajapa  pa  3072 Feb  3 23:38 ..
drwxr-xr-x   4 rprajapa  pa  2560 Feb  3 23:39 work.git
drwxr-xr-x   4 rprajapa  pa   512 Feb  3 23:43 .
drwxr-xr-x   7 rprajapa  pa   512 Feb  3 23:44 .git
$

Now go to the origin repo

$ pwd
/pa/ns/r/rprajapa/GitRepo/work.git

Enter the pull command to pull 

git pull file:///pa/ns/r/rprajapa/git_to_pull_from/



Posted by at No comments:
Subscribe to: Posts (Atom)

Followers

About Me

Torrance, CA, United States