Unix

How to fix SSH UTF-8 issues in Mac OS X Lion

July 24, 2011 in Computer, How-To, Mac, Unix

After upgrading from Snow Leopard to Lion, ssh connections to remote servers using iTerm2 have issues with non ascii characters.

Luckily that’s easy to fix. Simply comment SendEnv LANG LC_* in /etc/ssh_config out.

 Host *
 # SendEnv LANG LC_*
 # ForwardAgent no
 # ForwardX11 no
 ...

No other changes are needed. You could also permanently change your locale to UTF-8.
Just place export LANG=en_US.UTF-8 in your shell’s source file.

How to activate Serial Console on Debian Squeeze

July 6, 2011 in Computer, Hardware, Network, Software, Unix

Activating a Serial Console starting at the bootloader all the way up to a tty login requires just a few steps, but it took me some time to figure out all the knobs. Here’s how to do it with Debian Squeeze:

To have configruation changes persistent in Debian, you may not edit /boot/grub/grub.cfg directly, but need to edit/add the appropiate lines in /etc/defaults/grub:

GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,9600n8"
GRUB_TERMINAL=console
GRUB_SERIAL_COMMAND="serial --speed=9600 --unit=0 --word=8 --parity=no --stop=1"

Now run update-grub and you’ll get the Bootloader and all Kernel and Init messages on your serial console the next time you boot.

To get a login promt on serial you need to modify /etc/inittab to:

1:2345:respawn:/sbin/getty 38400 tty1
2:23:respawn:/sbin/getty 38400 tty2
3:23:respawn:/sbin/getty 38400 tty3
4:23:respawn:/sbin/getty 38400 tty4
5:23:respawn:/sbin/getty 38400 tty5
6:23:respawn:/sbin/getty 38400 tty6
# Serial console
s0:2345:respawn:/sbin/getty -L 9600 ttyS0 vt102

That’s it. run init q to reload init and activate serial login, or simply reboot.

How to Check services and restart using Monit

March 27, 2011 in Computer, How-To, Unix

I have a monitoring service (Zabbix) which dies every few weeks, because it’s MySQL tables were locked for too long during a backup… Annoying! mostly because it’s then dead unnoticed for not just a few minutes. So, how do you monitor a monitoring service? Or simply… How do you restart any service that has just gone away in a simple way?

I recently came across monit. They state it’s up and running in just 15min. I got it faster

# Daemonize and check every 2mins.
set daemon  120

# Mail settings, in case you want to receive notifications
set mailserver relay.example.org
set mail-format { from: root@host1.example.org }
set alert admin@example.org

# The first check
check process zabbix_server with pidfile /var/run/zabbix/zabbix_server.pid
        start program = "/etc/init.d/zabbix-server start"
        stop program = "/etc/init.d/zabbix-server stop"
        group server

You can also monitor network availability, application availability, file permissions and system utilization…
I think this tool is really great for a small network, though I don’t think it would scale that well. Just give it a try.

How to DSL and UMTS Failover on OpenBSD

March 26, 2011 in Computer, How-To, Network, Software, Unix

OpenBSD. Is. Awesome. pf, carp, pfsync, ifstated, openbgp, openospfd… awesome.

Here is my ifstated.conf to fail-over between DSL and UMTS connections. Note that this only really works with OpenBSD >=4.9, because earlier versions seem to have issues where set-state is executed before init finished, which causes UMTS to start on every 24h disconnect of the DSL line.

init-state auto
# pppoe0 is my DSL connection
pppoe0_up = "pppoe0.link.up"

# figure out which state to start with
state auto {
 if $pppoe0_up {
 set-state dsl_up
 }
 if !$pppoe0_up {
 set-state dsl_down
 }
}

# DSL is up. Don't do anything until it fails.
state dsl_up {
 init {
 run "/sbin/ifconfig | mail -s 'DSL up' root"
 }
 if !$pppoe0_up {
 set-state dsl_down
 }
}

# DSL is down. Wait a few seconds (24h disconnect).
# Then go ahead and start UMTS, but only if DSL isn't back up!
state dsl_down {
 init {
 run "/bin/sleep 30; /sbin/ifconfig | mail -s 'DSL down' root"
 }
 if $pppoe0_up {
 set-state dsl_up
 }
 if !$pppoe0_up {
 set-state umts_start
 }
}

# Start pppd and bring UMTS up, until pppoe0 is still down
state umts_start {
 init {
 run "/usr/sbin/pppd call o2"
 run "sleep 30; /sbin/ifconfig | mail -s 'Starting UMTS' root"
 }
 if $pppoe0_up {
 set-state umts_stop
 }
}

# If pppoe0 is back up, kill pppd and switch back to dsl_up
state umts_stop {
 init {
 run "/usr/bin/pkill pppd"
 run "/sbin/ifconfig | mail -s 'Stopping UMTS' root"
 }
 set-state dsl_up
}

How to OpenBSD with Huawei E1750 UMTS

March 21, 2011 in Computer, How-To, Network, Unix

Getting my OpenBSD (4.8) box to talk an Huawei E1750 USB UMTS Stick as a backup solution turned out to be not very straight forward, so in case you are in a similar situation…

Have a look at man umsm to see which devices are supported by OpenBSD.

The UMTS (USB)-Sticks are registered as /dev/cuaUX, where X is the number of your device… You’ll need userland pppd to connect. Place your peer configuration in /etc/ppp/peers/o2 for example:

cuaU0
connect /etc/ppp/connect.o2
disconnect /etc/ppp/disconnect.o2
nocrtscts
xonxoff
#:0.0.0.2 because 0.0.0.1 is the alias for my DSL default gateway
:0.0.0.2
noipdefault
ipcp-accept-local
defaultroute
novj
nobsdcomp
novjccomp
nopcomp
noaccomp
noauth
nomagic
persist

You’ll also need Chat scripts to connect and disconnect the connection. Note that you’ll need to at least adjust /etc/ppp/connect.o2 to suit your provider:

#!/bin/sh
chat -vs \
 ABORT 'NO CARRIER' \
 ABORT 'NO DIALTONE' \
 ABORT ERROR \
 ABORT 'NO ANSWER' \
 ABORT BUSY '' \
 at OK \
 atz OK \
 # uncomment the following if your SIM is PIN protected
 # and replace **** with your PIN
 #at+cpin=**** OK \
 'AT+CGDCONT=1,"IP","pinternet.interkom.de"' OK \
 'atdt*99***1#' CONNECT

And /etc/ppp/disconnect.o2 looks like:

#!/bin/sh
chat -vs \
 ABORT 'NO CARRIER' \
 ABORT 'NO DIALTONE' \
 ABORT ERROR \
 ABORT 'NO ANSWER' \
 ABORT BUSY '' \
 '\K' '' '+++ATH'

Now make sure ppp0 is initialized on startup…

touch /etc/hostname.ppp0
sh /etc/netstart ppp0

… and to connect simply run pppd call o2 and pkill pppd to disconnect. Run ifconfig ppp0 to see if your connection is up and running:

ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        priority: 0
        groups: ppp egress
        inet 10.150.81.109 --> 0.0.0.2 netmask 0xfffffffc

Next post will be about auto fail-over between this and my regular DSL connection.

How to PXE boot GRML and OpenBSD without NFS (like boot.kernel.org)

March 2, 2011 in Computer, Hardware, How-To, Network, Software, Unix

I was looking for a way to install/rescue a couple of embedded devices in different (remote) locations. PXE booting a Linux system comes to mind, but that usually requires NFS, which is a pain in the ass when it comes to firewalls…

Most Linux based LiveCDs use Busybox and Squashfs for booting… Busybox has wget built in, so it’s possible to skip the NFS part, use wget and HTTP and load the squashfs to RAM. One still has to get TFTP trough firewalls, since it is needed to load the Kernel and Busybox, but OpenBSD for example has tftp-proxy built-in… So you need:

DHCP to supply PXE options
TFTP to serve the base system(s)
PXELINUX as a kind of bootloader
HTTPd to serve the rest of the system(s)

I want to have my favorite LiveCD GRML handy for rescue and Linux install purposes and OpenBSD of course

Let’s start with the Server you want to use to boot from:
Install tftpd-hpa, syslinux and a httpd, start tftpd-hpa with the ‘secure’ flag and place a copy of pxelinux.0 (usually in /usr/lib/syslinux/ in your $tftproot.

For GRML you’ll need to place linux26 and minirt.gz from the grml_netboot_package in your $tftproot. You’ll also need grml.squashfs from either grml-small, grml-medium or grml. I’d suggest grml-small as it needs to fit in your RAM. Place it in your $httproot.

Now configure (ISC) DHCPd to supply PXE informations:

next-server 10.1.32.1;
filename "/pxelinux.0";

Create a file called ‘default’ in a folder pxelinux.cfg in your $tftproot:

label GRML
kernel linux26
append initrd=minirt.gz fetch=http://<serverip>/grml.squashfs boot=live

Most PXE Loaders will try to find a file with the name of their IP Address, written in hex, then remove one case after another and fall back to ‘default’ if it doesn’t find anything. So symlink the appropriate files if you want to speed things up. ‘fetch’ tells GRML’s busybox to load it’s system files from the URL given.

To also serve the OpenBSD installer you need to download pxeboot and place it as pxeboot.0 in your $tftproot. You also need bsd.rd from any Release/Snapshot you want to serve. Call them whatever you want and also place them in your $tftproot. To serve pxeboot.0 (The OpenBSD Bootloader btw) add these two lines to ‘default’ in pxelinux.cfg:

label OpenBSD
kernel pxeboot.0

You’re done. Try booting your System from PXE. You’ll get a ‘boot>’ promt. Select your system, by typing whatever you supplied as ‘label’ in your ‘default’ config… e.g. GRML or OpenBSD… in case of OpenBSD you’ll then need to supply bsd.rd to boot, or whatever you renamed that file to…

If you encounter any problems, grep the logs, use ‘tcpdump’ and have a look at the SYSLINUX Wiki…

Trying Xen 4.0 on Debian 6.0 aka Squeeze

February 25, 2011 in Computer, Hardware, Software, Unix

I have a rather mixed history with all these Virtualization techniques… I started with ranting about Xen and Ubuntu here on the blog, migrated to KVM and Ubuntu and am now considering moving back to Xen… on Debian.

Recently I needed to install Xen on one of our Machines in our Lab at work. KVM was not an option, because the System (a dual-xeon with HT) didn’t have hardware virtualization support. When I last used it, Xen 3 was a pain in the ass with it’s patched old Kernel and full-virtualized guests didn’t perform well. But Xen 4 now has support in upstream Kernel so I thought I’d give it a try… Installation went fine using aptitude. Everything got set up right. But there seems to be a bug with VGA Output though. I haven’t got a login promt or any init-script output until I removed ‘quiet’ from the Kernel’s bootloader options. But this seems to be Hypervisor related, as it does work with the Xen Kernel, but w/o Hypervisor beyond it. So, if all you get is something like

ERROR: Unable to locate IOAPIC for GSI 9

try removing quiet from your bootloader configuration…

How to Fix “The file server has closed down” issues in Mac OS and netatalk

August 23, 2010 in Computer, How-To, Mac, Network, Software, Unix

Netatalk versions older than 2.1.3 had some issues with the TCP/IP Stack on Linux which resulted in errors like

Luckily they seem to have fixed this in 2.1.3 as the ChangeLog states: fix a serious error in networking IO code.

So the solution is as easy as upgrading. I am running Ubuntu, but two months after netatalk-2.1.3 has been released, they don’t even have it in unstable. Lucky Gentoo users you! I needed to fix this very quickly as it started to disrupt my workflow. Sadly I currently don’t have the time to dig into the packaging system of Debian or Ubuntu, so I looked up Debian’s configure options and just compiled from source:

cp -a /etc/netatalk/ ~
aptitude purge netatalk
apt-get build-dep netatalk
wget http://sourceforge.net/projects/netatalk/files/netatalk/2.1.3/netatalk-2.1.3.tar.bz2/download
tar xjvf netatalk-2.1.3.tar.bz2
cd netatalk-2.1.3
./configure  --with-shadow --enable-fhs --enable-tcp-wrappers --enable-timelord --enable-overwrite --with-pkgconfdir=/etc/netatalk --enable-krb4-uam --enable-krbV-uam --with-cnid-dbd-txn --with-libgcrypt-dir --with-cracklib=/var/cache/cracklib/cracklib_dict --enable-debian --disable-srvloc --enable-zeroconf --with-ssl-dir --enable-pgp-uam --prefix=/usr/local/netatalk/
make
sudo make install
mv ~/netatalk /etc/
/etc/init.d/netatalk start

This saves a copy of your running netatalk configuration to your home directory, removes netatalk, downloads all necessary libraries to build netatalk, downloads netatalk from SourceForge, extracts it, configures it, builds it, installs it, restores the configuration and starts it as usual.

I am running netatalk 2.1.3 for a week now and the error seems to be gone

If you know how to easily create a Debian package, feel free to post in the comments.

My Mac OS X tweaks

March 27, 2010 in Computer, Software, Unix

Ohhh nooo! Not another one! However… I’ll make it short:

Use TinkerTool to tweak some hidden preferences
iTerm is a better alternative to Terminal.app
NTFS-3G if you have usb-sticks or external HDDs you want to share with Windows or Linux
MacVim is my favorite editor for anything
The Unarchiver is great for compressed stuff you downloaded
VLC… forget QuickTime X, VLC does more things better
Evernote takes your notes and synchronizes them
Dropbox (link gives my account additional 250Mb) synchronizes your documents with multiple computers

I also enable SSH (System Preferences/Sharing), change the default icon size to 48×48 and install Xcode and MacPorts to get mtr (an interactive traceroute) and unrar (for things ‘The Unarchiver’ doesn’t take).

How to Fast VNC alternativ to Remote Desktop to a Mac using NoMachine

March 24, 2010 in Computer, Mac, Network, Software, Unix

I am a very happy Mac OS user with a Mac mini and a MacBook Pro coming soon, but one things I really miss about Mac OS X is the lack of a fast and standards based remote desktop solution. The VNC server built into Mac OS X isn’t really compatible with all clients, and I still haven’t figured out if it’s possible to run it with a different resolution and color depth than the real screen!!!

But, I recently re-discovered a solution I got to know in my Linux time on a desktop: NoMachine. You’ll need a server running a recent Linux distribution or OpenSolaris which will act as a kind of a proxy and the setup is a bit complex, but it does work well. I’ll show you how to do it running Ubuntu Lucid.

First go to http://www.nomachine.com/select-package.php?os=linux&id=1 select your architecture and download all three files: client, node and server.

Then install them in the following order, fix the missing dependecies and install a vnclient plus vncpassword:

sudo dpkg -i nxclient_3.4.0-7_x86_64.deb
sudo dpkg -i nxnode_3.4.0-11_x86_64.deb
sudo dpkg -i nxserver_3.4.0-12_x86_64.deb
sudo aptitude -f install
sudo aptitude install xvnc4viewer vnc4-common

Since it’s really advisable I hope you already have PasswordAuthentication no in your sshd_config to disable Password authentication and to only allow key-based authentication. You’ll need to tweak nxserver a bit to get it working with key-based auth. Edit /usr/NX/etc/server.cfg to…

EnablePasswordDB = "1"

…edit the following line in /usr/NX/etc/node.cfg to enable VNC…

CommandStartRFB = "/usr/bin/vncviewer -fullscreen"

…create a key for your key-based authentication and restart nxserver.

sudo /usr/NX/bin/nxserver --keygen
sudo service nxserver restart

Your new key is placed at /usr/NX/share/keys/default.id_dsa.key. Copy it the device you want to connect from using scp or similar tools. Now all you need to do is enable the users you wan’t in nxserver:

sudo /usr/NX/bin/nxserver --useradd <user>

This enables the user in NX’s database and copies the previously generated key to the user’s authorized_keys file.

Now just enable VNC on your Mac. Go to “System Preferences”, select “Sharing” and enable “Screen Sharing”:

Now you’ll need to configure your client. Read more…

« Previous entries

Hi, my name is Chris. I am a wannabe photog, traveler & geek that lives in Hesse, Germany.

more about me...

Please consider supporting me

follow me on Twitter

A travel, photography & nerd blog