I've generated key pairs using PuttyGen, but they are not compatible with OpenSSH. How do I use these keys with OpenSSH?
Well, PuttyGen supports exporting to an OpenSSH compatible format.
[codesyntax lang="bash"]
Open PuttyGen Click Load Load your private key Go to Conversions->Export OpenSSH Save the new OpenSSH key when prompted.
[/codesyntax]
Setup a socks proxy (check this page for more details) on port 8888 (the port is not that important).
Start chrome with the following parameters:
[codesyntax lang="bash"]
chrome --proxy-server="socks5://localhost:8888"
[/codesyntax]
Also we can check if this works and run the following command on the SSH server. The tcpdump will show show dns traffic for any activity in Chrome.
[codesyntax lang="bash"]
tcpdump -i eth0 port 53
[/codesyntax]
As I said with a previous ocasion in China the goverment is filtering the internet traffic (including mobile trafic, dohh) so you can't access different websites and/or services and this thing is very annoying. Well, what do you have to do if you want to navigate to youtube.com for instance? Hmmm... you will have to encrypt your traffic somehow. Bellow I will tell you what do you need and how to accomplish this from your Android device.
First of all you will need a ssh server configured somewhere outside China (preferably on a different port).
After getting a ssh server, you will need to download from Android Market the SSH Tunnel application written by MAX LV.
All you have to do is to complete Host, Port, User and Password filds and thick Use socks proxy, Enable GFW List, Enable DNS Proxy (this one is extremly important) options.
That's it!
The approach is simple: generate a list of installed packages on Debian-based systems and install this list of packages on the new box. This approach is useful when you want to install the same packages on another fresh OS install for example.
1. To export the list of installed packages, proceed as follows:
[codesyntax lang="bash"]
dpkg --get-selections | grep -v deinstall > LIST_FILE
[/codesyntax]
The file LIST_FILE is small so it can be emailed to yourself by using:
[codesyntax lang="bash"]
dpkg --get-selections | grep -v deinstall > LIST_FILE && cat LIST_FILE | mailx -s "`hostname -f`: Package list" "user@test.org"
[/codesyntax]
2. Once you’ve got your server up and running with a fresh base install
[codesyntax lang="bash"]
apt-get update apt-get dist-upgrade
[/codesyntax]
3. Move your LIST_FILE file into your home directory and run the following commands to recover the previous generated list:
[codesyntax lang="bash"]
dpkg --clear-selections dpkg --set-selections < LIST_FILE
[/codesyntax]
4. Install the packages
[codesyntax lang="bash"]
aptitude install
[/codesyntax]
If you are using CentOS the answer is pretty simple:
[codesyntax lang="bash"]
chkconfig --list | grep $(runlevel | awk '{ print $2}'):on
[/codesyntax]
But how about Debian Linux? How is this done?
[codesyntax lang="bash"]
R=$(runlevel | awk '{ print $2}')
for s in /etc/rc${R}.d/*; do basename $s | grep '^S' | sed 's/S[0-9].//g' ;done
[/codesyntax]
If you like - and I am sure most of you will - you can use rcconf, Debian Runlevel configuration tool.
Let's assume that when you are trying to install apticron the default config file is not created and when you are trying to execute postinst configure the following error message occurs:
Not replacing deleted config file /etc/apticron/apticron.conf
The fix is:
[codesyntax lang="bash"]
aptitude -o DPkg::Options="--force-confmiss" reinstall apticron
[/codesyntax]
First of all we are going to use a nice little tool called Google sites liberation (GSL). If you don't have time to read what is all about this tool I will quote from the User's Guide:
The Sites Liberation import/export tool uses the Sites GData API to allow users to export an entire Google Site as static html pages to a directory on their hard drive.
1. Download GSL locally.
[codesyntax lang="bash"]
wget -c http://google-sites-liberation.googlecode.com/files/google-sites-liberation-1.0.4.jar
[/codesyntax]
2. Execute GSL
[codesyntax lang="bash"]
java -jar google-sites-liberation-1.0.4.jar
[/codesyntax]
3. To export google sites data.
If you do use google apps then you will have to fill the fields as follows:
Host: sites.google.com
Domain: test.org
Webspace: webspace
Username: user
Password: password
If you don't use google apps then you will have to fill the fields as follows:
Host: sites.google.com
Domain:
Webspace: webspace
Username: user@gmail.com
Password: password
Where can you find the webspace? The webspace is usually the latest word in the link. Just take a look at the URL in your browser.
https://sites.google.com/site/webspace/
https://sites.google.com/a/test.org/webspace/
If you can't login to a server via serial console and you got login: pam_securetty(login:auth): access denied: tty 'ttyS0' is not secure ! in logs then you have to add at the end of the file /etc/securetty the following lines:
# Standard serial ports
ttyS0
ttyS1
For production server I am using a securetty file which is attached to this page.
Files: securetty.zip
Introduction
How to check entropy level:
[codesyntax lang="bash"]
watch -n1 cat /proc/sys/kernel/random/entropy_avail
[/codesyntax]
If the value is to low (around 100) install haveged daemon
How to install haveged on Linux
Debian
[codesyntax lang="bash"]
apt-get install haveged
[/codesyntax]
CentOS
haveged daemon is available for CentOS via EPEL repository.
First, we download and import the GPG keys for EPEL software packages:
[codesyntax lang="bash"]
wget http://ftp.riken.jp/Linux/fedora/epel/RPM-GPG-KEY-EPEL-6 rpm --import RPM-GPG-KEY-EPEL-6 rm -f RPM-GPG-KEY-EPEL-6
[/codesyntax]
Download EPEL repository for 32-bit CentOS
[codesyntax lang="bash"]
wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm
[/codesyntax]
Install EPEL repository on 32-bit CentOS
[codesyntax lang="bash"]
rpm -ivh epel-release-6-7.noarch.rpm
[/codesyntax]
You can start install and use EPEL the repository to install the software packages, input yum command like follows:
[codesyntax lang="bash"]
yum --enablerepo=epel install haveged
[/codesyntax]
This document describes the necessary steps required to clean up the content of the folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\
1. Stop the Service Endpoint Protection services
[codesyntax lang="bash"]
start -> run -> services.msc
[/codesyntax]
Symantec Embedded Database
Symantec Endpoint Protection
Symantec Endpoint Protection Manager
Symantec Event Manager
Symantec Management Client
Symantec Settings Manager
2. Navigate to the folder C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\ and then from each of the folders present under the CONTENT folder, go in and delete ALL the sub-folders with names in DIGITS.
3. At the END of the file C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties add:
scm.lucontentcleanup.threshold=x (preferably between 1 to 5, since 10 is the default value).
4. Start all services stopped at the step 1.
Recent Comments