Let's start with "WHY?":#nerdsLoveToStartWithWhy
I'm developing a customized software to manage a crypto-mining farm where we need to communicate with miners (BITMAIN Antminer) by their hostname instead of IP (just for ease of use).
I know! But I don't want to scan IP ranges, then either SSH to them or use API to pull out the information such as the hostname
My Solution:(please share if you have a better solution)
I've configured a Microsoft Windows Server 2008 Active Directory & DNS with a domain name as ts.facility.com and I'm trying to join my Antminers to this domain.
Scenario:
The SRV1 is my AC DC and visible to the miners. The miner with a hostname as antMinerThree which is running a linux Angstrom V2013.12 are getting reply from the ACDC with its FQDN. the ntpdate package is installed as perquisite:
command: #opkg install ntpdate
Problem:
The problem for now is that when to install required packages:
samba
krb5-config
krb5-user
winbind
libpam-winbind
libnss-winbind
I got the following error: bmminer.list
Failed to open //var/lib/opkg/info/bmminer.list: No such file or directory.
and when I created manually an empty file bmminer.list in the path /var/lib/opkg/info/ I still get this error message, unless it no longer complains about missing bmminer.list:
Question
Does any body know, how to install required packages to joint this miner running Linux Angstrom V2013.12 to a Microsoft Windows Active Directory 2008 in order that I could ping my miners by hostname instead of by their IP addresses?
Related
I am trying to configure the headless VPN only FortiClient on an AWS ubuntu 20.04 ec2 instance, and though I am able to connect to the target, I am then disconnected from the instance and cannot progress.
Setup:
wget http://cdn.software-mirrors.com/forticlientsslvpn_linux_4.4.2328.tar.gz
tar -xzvf forticlientsslvpn_linux_4.4.2328.tar.gz
cd ./forticlientsslvpn/64bit/helper
sudo ./setup.linux.sh
# Accept license
cd ..
./forticlientsslvpn_cli --server serveraddress:port --vpnuser username
# Enter password
##Connected!
At this stage, I am booted out of the instance and cannot reconnect (requiring a soft restart of the instance to gain access again)
I can see that there is a configuration file at forticlientsslvpn/64bit/helper/config but I cannot find any documentation describing what can be configured there or whether it is something I should be concerned with.
The CLI itself doesn't take any other options other than:
forticlientsslvpn_cli [--proxy proxyaddress:proxyport] --server vpnserveraddress:vpnport [--proxyuser proxyuser] [--vpnuser vpnuser] [--pkcs12 pkcs12path] [--keepalive]
I would like to either:
Preserve my original SSH connection (and any future connections) so I can develop within the VPN or;
Limit the VPN to only package traffic that is going to a specific IP range (CIDR block)
I have found three different methods for installing the client (sudo apt install forticlient, sudo apt install -y openfortivpn, see above) and cannot navigate through them. I have looked into FortiClientLinuxGuide and installed that tool but couldn't find out how to configure it as a VPN instead (or where to add the configuration). Similar experience with the second one.
This seems to be the only documentation about how to configure the CLI and its just the bear minimum How to setup and install SSLVPN.
This post seems to be having the same problem ssh-telnet-disconnects and the solution looks like it would work if only I knew how to set that configuration.
alternatively, I have looked up split tunnel configuration which looks like it would be ideal but cannot work out how I would set that up. The documentation is only via the GUI Enable-split-tunnel-feature
(I've provided a simple working solution in response)
I recently moved from macOS to WSL 2. I have two node servers running within WSL 2 (Ubuntu distro). Each must be accessible through a custom hostname for development vs production purposes. I've had difficulty accessing the node servers via custom hostnames (ie set in some ../etc/hosts file) especially given WSL 2's dynamic IP that changes per WSL/pc 'boot'. How does one go about setting custom hostnames in WSL 2?
Scenario:
Each node.js app server (again running within WSL 2) must be accessed from the browser with the following urls/custom hostnames:
www.app1.com:3010
www.app2.com:3020
After searching around I have found the following relatively simple process works. I thought I'd share and save some time and headache for those new to WSL 2. Note, although I'm using node as the server stack, this process should more or less be the same for other app/web server stacks.
Note the following SE post is the basis of the solution. It's also worthwhile to examine MSFT's reference on WSL vs WSL 2. Also note, I haven't provided deep rationale on why these steps are required, why we might need custom hostnames, ipv6 options in ../etc/hosts, the meaning of 127.0.0.1, loopback addresses, WSL 2 and distro management, etc. These are subjects beyond the scope of this post.
Simple scenario:
nodeApp1: node application server with custom hostname: 'www.app1.com' on port 3010 (or whatever)
nodeApp2: node application serverwith custom hostname: 'www.app2.com' on port 3020 (or whatever)
Each node.js app server (again running within wsl 2) can be accessed from the browser with the following urls:
www.app1.com:3010
www.app2.com:3020
Two key items:
The correct etc/hosts files to be modified is on the Windows side (not WSL distro) at: C:\Windows\System32\drivers\etc\hosts (yes in Windows folders). This is a 'hot' update so no need for WSL 2 reboot. The content for this scenario is:
127.0.0.1 localhost
127.0.0.1 www.app1.com
127.0.0.1 www.app2.com
255.255.255.255 broadcasthost
::1 localhost www.app1.com www.app2.com
Please add C:\Users\"you"\.wslconfig with the following content (yes in Windows folders):
[wsl2]
localhostForwarding=true
Note: there's a reference to this in WSL 2 Ubuntu distro's /etc/hosts.
Also note, this requires WSL shutdown and reboot. Shutting down your terminal is insufficient. Also total machine boot is not
required. Simply run:
wsl --shutdown (in Powershell) or
wsl.exe --shutdown (within Ubuntu)
Then restart the Windows Terminal app (or any WSL terminal) to access the updated WSL 2 environment. The apps with custom urls/hostnames will now work in the browser permanently and WSL 2's dynamic IP is circumvented.
So I have a Raspberry PI set up as an access point and I can connect to it as if it was a router to share an internet connection.
just like explained here: http://www.instructables.com/id/How-to-make-a-WiFi-Access-Point-out-of-a-Raspberry/
Now all I want this for is just so I can access files from the RPi and transfer them to other devices.
The question is how can I (after a device connected the RPi via WiFi) access files from the RPi?
You can install any number of server applications to share files, like FTP or HTTP. If you want to share files with computers running Microsoft Windows® the best bet would probably be SAMBA. To do this from the command line, try the following steps:
sudo apt-get install samba samba-common-bin
and then after it's installed you need to edit the configuration:
sudo nano /etc/samba/smb.conf
Uncomment the line that says # security = user by removing the # from the beginning of the line. You also need to find where it says read only = yes in the [homes] section and change it to read only = no. Press [CTRL]+X to exit nano and press y to save.
Then restart the SAMBA service with the new configuration:
sudo service samba restart
Finally, you have to add a password for each user. for the default user pi just enter:
sudo smbpasswd -a pi
Repeat the above command for each user you wish to add.
You should now be able to access your Pi's files from your Windows computer by navigating to it just like any other shared folder: \\raspberrypi\pi or in my case I have to use the IP address because of my network setup \\192.168.0.209\pi
Issue
I have been tasked with creating a Debian imaging server for our company. Unfortunately my knowledge with, both Linux and servers is very limited, (this is part of an up-skilling program).
Steps
Currently I have tried to follow the below tutorials on creating a PXEBoot server and a ProxyDHCP:
ProxyDHCP:help.ubuntu.com/community/UbuntuLTSP/ProxyDHCP
PXE Boot : https://help.ubuntu.com/community/PXEInstallMultiDistro
PXE Boot : https://wiki.debian.org/PXEBootInstall#Installing_Debian_using_network_booting
Originally I had tried to used a configured DHCP server on the Linux server which I had gotten working, however my manager advised that they would prefer the DHCP to come from the router instead.
So I have used apt-get to install below applications and followed sources to get the configs correctly. However it still doesn't seem 100% correct (see latest)
Task
So currently the task I have been set is per below:
Has to be in Debian
Has to be console based server only (no gui interface)
DHCP has to come from router
Server should deploy windows images
Images taken need to bee compacted (all blank space removed)
I can only find Ubuntu guides for these PXEBoot and ProxyDHCP creations, and the problem with this is that the locations they refer to do not always exist in Debian.
So I am stuck with half the options available to me, and because I have a limited knowledge here, I cannot identify where I am going wrong, or if these locations are elsewhere.
Can anyone provide me with a tutorial, or a set of command lines to help?
I would really appreciate this.
Using
I am currently using (on Debian console):
TFTPD-HPA
DNSMASQ
iPXE
SysLinux
Latest
I have been able to get the dnsmaq and tftp-hpa service "working". This is to say when I run them they start. However I still don't seem to be able to boot into an installation with this up and running.
I have another thread on forums.debian.net/viewtopic.php?f=5&t=118315
I have been able to fix my issue using 3 applications and a lot of research.
The applications I have used are; DNSMASQ, TFTPD-HPA and SAMBA
These applications have been configured as per below:
TFTPD-HPA
`apt-get install tftpd-hpa
nano /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot/"
TFTP_ADDRESS="<server address>:69"
TFTP_OPTIONS="-4 –secure --create"
RUN_DAEMON=”yes”
OPTIONS="-l -s /tftpboot"
mk dir /tftpboot
mk dir /tftpboot/pxelinux.cfg`
DNSMASQ
apt-get install dnsmasq
nano /etc/dnsmasq.conf
Interface=eth0
port=0
log-dhcp
log-queries
log-facility=/var/log/dnsmasq.log
tftp-root=/tftpboot
dhcp-boot=pxelinux.0,<server name>,<server address>
dhcp-range=192.168.1.10,proxy,255.255.255.0
dhcp-no-override
pxe-prompt="Press F8 for boot menu", 2
pxe-service=X86PC, "comment", pxelinux
SAMBA
apt-get install samba
nano /etc/samba/smb.conf
[global]
Workgroup = workgroup
Server role = standalone server
Dns proxy = no
Wins support = yes
Passwd program = /usr/bin/passwd %u
Passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *Password\supdated\ssuccessfully*
Syslog = 0
Log file = /var/log/smb.log.%m
Max log size = 1000
Map to guest = bad user
Usershare allow guests = yes
Security = user
[images]
Comment = Network SAMBA share
Path = tftpboot
Create mask = 0775
Guest ok = yes
Browseable = yes
Read only = no
Writeable = yes
For my new project i have to configure cent os linux server with lamp setup and install squid proxy server. Installed machine will act as a server in client side. The main purpose of the count the amount of bandwidth, their mac address , ip address will be logged in server it is will act like a proxy server. Every user will be assigned with bandwidth, total browsing hours, username, password etc.
Each user can access INTERNET via installed proxy server after logging with the username and password defined to them.
User management, mac address, ip addreess fetching all will be done using php code with linux command enabled for mac address from client machine and also for blacklist website filter.
For every action of this project have to access squid configuration file located in /etc/squid/squid.conf for enabling internet support with mac filter and even iptables.
But when my php code try to access the /etc/squid/squid.conf for processing . It is unable to access the file for read, write, append operation.
In my server side i have define the file permission for /etc/squid/squid.conf with read write access with the code executing in my linux server
chmod 777 /etc/squid/squid.conf
After assign the permission also the person logged in to the server unable to access the squid file for processing.
Even the tried
chmod 666 /etc/squid/squid.conf
but no help
How i have to configure my file permission for /etc/squid/squid.conf so even my i logged user via apache server can access the file for processing
is selinux running ? you can temporary disable it with
setenforce 0
selinux may block apache to read your squid config as they are in 2 differents context even if the file is 777 and apache was running as root(bad ideal) . Here some redhat documentation about squid and selinux doc