Installing Grub2 on Both GPT HD in Software RAID1 on Ubuntu 14.04

I installed Ubuntu 14.04 on 2x 3TB mdadm raid 1 and wanted both drives to be bootable in case one fails. This took a rather long time to figure out but this is how you do it. Below was tested on a vm.

GPT Partition Layout
1MB bios_grub
256MB /boot
3TB mdadm raid1 / lvm

1. Set labels on the /boot
2. Modify fstab to mount by label
3. Copy /boot to /boot of second drive
4. Update grub on the second drive

Ubuntu Test-2014-11-16-16-46-10

Ubuntu Test-2014-11-16-16-26-58

Ubuntu Test-2014-11-16-16-31-14
note: missing from the screenshot, but “grub-install /dev/sdb” might be needed

Posted in Uncategorized | Tagged | Leave a comment

PXE/Network ISO Boot with Ubuntu on Beagleboard and Tomato WRT54G

This is a short guide on configuring Ubuntu linux to provide network boot services to a local network. It works like this: DHCP responds with dhcp-boot option that tells the client to fetch the boot image from a certain computer. I have DHCP running on a WRT54G with the Tomato firmware and a Beagleboard running Ubuntu 12.04 to serve the boot images.

Image server:

sudo apt-get install syslinux
sudo apt-get install tftpd-hpa
sudo vim /etc/default/tftpd-hpa
sudo cp /usr/lib/syslinux/pxelinux.0 /var/lib/tftpboot/
sudo cp /usr/lib/syslinux/menu.c32 /var/lib/tftpboot/
sudo cp /usr/lib/syslinux/memdisk /var/lib/tftpboot/
sudo vim /var/lib/tftpboot/pxelinux.cfg/default
ls /var/lib/tftpboot/
images  memdisk  menu.c32  pxelinux.0  pxelinux.cfg 

* note: might be missing some simple steps (mkdir, etc~

Content of /etc/default/tftpd-hpa:

# /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"

Content of /var/lib/tftpboot/pxelinu.cfg/default:

default menu.c32
prompt 0
timeout 30
ontimeout BootLocal
noescape 1
allowoptions 0
menu title PXE Boot Server
label BootLocal
  localboot 0
label Clonezilla
  kernel memdisk
  append iso initrd=images/clonezilla-live-20140630-trusty-amd64.iso raw
label SystemRescueCD
  kernel memdisk
  append iso initrd=images/systemrescuecd-x86-4.3.0.iso

Setting in Tomato (Advanced DHCP):

dnsmasq

After that, set your bios to boot via network and you should see a menu for boot options at boot.

References:
https://help.ubuntu.com/community/PXEInstallServer
https://help.ubuntu.com/community/PXEInstallMultiDistro

Posted in Uncategorized | Tagged , , | Leave a comment

Amazon Elasticbeanstalk Nginx Https Redirect

I force all traffic to use https. It is much simpler to do the redirect at the application layer but it should really be done at the proxy before hitting the application. Here is the eb.config I use:

Note: This CANNOT be done with just one line in container_commands as the bootstrap script doesn’t like the escaped slashes in the return statement; it will error.

files:
  /tmp/deployment/nginx_https_redirect.sh:
    mode: "000755"
    content: |
      sed -i 's/8080;/8080;\n    if ($http_x_forwarded_proto != https) {\n      return 301 https:\/\/$http_host$request_uri;\n    }/' /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf
container_commands:
  nginx_https_redirect:
    command: "/tmp/deployment/nginx_https_redirect.sh"
Posted in Uncategorized | Tagged , | Leave a comment

Installing NodeJS on CentOS 5 without Compiling

The EPEL repo for CentOS 5.x doesn’t include node. So it’s either compile or grab the precompiled executable. The latter is a lot faster.

1. Download the tar file from Nodejs.org:

1
wget http://nodejs.org/dist/v0.10.26/node-v0.10.26-linux-x64.tar.gz

2. extract

1
tar xvf node-v0.10.26-linux-x64.tar.gz

3. remove files and copy

1
2
3
cd node-v0.10.26-linux-x64
rm ChangeLog && rm LICENSE && rm README.md
cp -r . /usr/
Posted in Uncategorized | Leave a comment

Sideloading Blackberry 10 Android Apps (and Snap)

The chrome tool is clunky, I prefer the GUI deploy tool from the android tool chain.

Requirements:
-development mode enabled (settings > security and privacy > development mode)
-java runtime installed
-running OS 10.2.1+
-connected to local wifi
-proper bar(s) downloaded (snap available at http://redlightoflove.com/snap/)

1. Download and extract the command-line tools (2.0.1 beta at the time of writing). http://developer.blackberry.com/android/tools/
2. Find your Blackberry IP. Settings > About > Category Network > Wifi IPv4.
3. On linux, “./blackberry-deploy” to start the tool. On Windows, open blackberry-deploy.bat.
4. Select the bar, fill in the IP address from (2) and device password (if enabled), and deploy. That’s it!

blackberrydeploydialog

Posted in Uncategorized | Tagged , | Leave a comment

Adding Notch to PCI 5V Card to Fit In 3.3V PCI Slot

I recently ordered a pci-to-usb card and the pcb wasn’t exactly the one as shown in the picture. It’s missing the cutaway to fit in universal or 3.3v PCI slots. Without it, it will only fit in 5V slots. My motherboard only has one 5V slot, and it’s covered up by the video card.

IMG_00000218

Looking at the specs for the VIA 6216L USB controller chip, it is suppose to run at 3.3V, meaning there should be a notch there. So I looked up the pin configuration for PCI slot, made a cut with a hacksaw removing pins 12 and 13, and it slipped right in. Works as expected.

pci_notch

IMG_00000221

Posted in Uncategorized | 3 Comments

Simple Temp Folder Cleanup Script in Windows Task Scheduler

This is a simple script to automatically delete temporary files from a folder that are older than 2 weeks. I tend to download and work on a lot of files that don’t necessarily need to be archived after their first use. They can be used on demand in a batch file or, for me, scheduled to run every two days in task scheduler.

Relevant lines – one delete files, one delete folders:

  • forfiles -p “C:\Users\davychiu\Desktop\Temp Files” -s -m *.* -d -15 -c “cmd /c del /q /s @path”
  • forfiles -p “C:\Users\davychiu\Desktop\Temp Files” -d -15 -c “cmd /c if @ISDIR==TRUE echo rd /q /s @path &rd /q /s @path”

Temp Files Maintenance.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.3" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
  <RegistrationInfo>
    <Date>2013-07-12T20:45:43.8641683</Date>
    <Author>COMTEK\davychiu</Author>
    <Description>Delete files in the Temp Files folder that are at least 15 days old.</Description>
  </RegistrationInfo>
  <Triggers>
    <CalendarTrigger>
      <StartBoundary>2013-07-12T00:00:00</StartBoundary>
      <Enabled>true</Enabled>
      <ScheduleByDay>
        <DaysInterval>2</DaysInterval>
      </ScheduleByDay>
    </CalendarTrigger>
  </Triggers>
  <Principals>
    <Principal id="Author">
      <UserId>S-1-5-18</UserId>
      <RunLevel>LeastPrivilege</RunLevel>
    </Principal>
  </Principals>
  <Settings>
    <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
    <DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
    <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
    <AllowHardTerminate>true</AllowHardTerminate>
    <StartWhenAvailable>false</StartWhenAvailable>
    <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
    <IdleSettings>
      <StopOnIdleEnd>true</StopOnIdleEnd>
      <RestartOnIdle>false</RestartOnIdle>
    </IdleSettings>
    <AllowStartOnDemand>true</AllowStartOnDemand>
    <Enabled>true</Enabled>
    <Hidden>true</Hidden>
    <RunOnlyIfIdle>false</RunOnlyIfIdle>
    <DisallowStartOnRemoteAppSession>false</DisallowStartOnRemoteAppSession>
    <UseUnifiedSchedulingEngine>false</UseUnifiedSchedulingEngine>
    <WakeToRun>false</WakeToRun>
    <ExecutionTimeLimit>P3D</ExecutionTimeLimit>
    <Priority>7</Priority>
  </Settings>
  <Actions Context="Author">
    <Exec>
      <Command>forfiles</Command>
      <Arguments>-p "C:\Users\davychiu\Desktop\Temp Files" -s -m *.* -d -15 -c "cmd /c del /q /s @path"</Arguments>
    </Exec>
    <Exec>
      <Command>forfiles</Command>
      <Arguments>-p "C:\Users\davychiu\Desktop\Temp Files" -d -15 -c "cmd /c if @ISDIR==TRUE echo rd /q /s @path &amp;rd /q /s @path"</Arguments>
    </Exec>
  </Actions>
</Task>
Posted in Uncategorized | Tagged , | 2 Comments

Password Authentication and No-caching Squid Proxy Server

This is a short guide on setting up a password based, non caching, and non logging Squid 3 proxy server. I am using Squid 3.1 on Ubuntu 11.10.

1
2
3
4
sudo apt-get install squid                                                                        
htdigest -c /etc/squid/passwords proxy user
vim /etc/squid/squid.conf
/etc/init.d/squid restart

Add to squid.conf:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# disable all logging
access_log none
cache_store_log none
cache_log /dev/null
cache deny all

# required access controls for Squid version < 3.2
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

# password authentication, *the filename is different depending on the distro*
auth_param digest program /usr/lib/squid/digest_pw_auth -c /etc/squid/passwords
auth_param digest realm proxy
acl authenticated proxy_auth REQUIRED
Posted in Uncategorized | Leave a comment

AES Encryption/Decryption in Python

This is a snippet in using the PyCrypto package in Python to encrypt and decrypt with AES. The first one implements AES CFB mode – padding is not required for byte alignment. The second one implements AES CBC and PKCS7 padding to byte align the secret message.

PyCrypto Reference: https://www.dlitz.net/software/pycrypto/api/current/

Salt – randomizes the hash of the key; prevents rainbow table attacks against the key
IV (initialization vector) – randomizes the encrypted message; prevents rainbow table attacks against the message
Derived Key – lengthens and strengthens the key via hashing; used instead of the original key; slows down brute-force attacks against the key

AES CFB

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
from Crypto import Random

key_size = 32 #AES256
iterations = 10000
key = b'password'
secret = b'a very secret message'

salt = Random.new().read(key_size) #salt the hash
iv = Random.new().read(AES.block_size)
derived_key = PBKDF2(key, salt, key_size, iterations)
cipher = AES.new(derived_key, AES.MODE_CFB, iv)

encodedtext = iv + cipher.encrypt(secret)
decodedtext = str(cipher.decrypt(encodedtext))[16:] #remove iv

AES CBC

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
from Crypto import Random

key_size = 32 #AES256
iterations = 10000
key = b'password'
secret = b'a very secret message'

length = 16 - (len(secret) % 16) #PKCS7 adds bytes of the length of padding
secret += chr(length) * length

salt = Random.new().read(key_size) #salt the hash
iv = Random.new().read(AES.block_size)
derived_key = PBKDF2(key, salt, key_size, iterations)
cipher = AES.new(derived_key, AES.MODE_CBC, iv)

encodedtext = iv + cipher.encrypt(secret)
decodedtext = str(cipher.decrypt(encodedtext))[16:-ord(decodedtext[-1])] #remove iv and padding
Posted in Uncategorized | Tagged , , | Leave a comment

Converting a Bullet List in Word to HTML

The obvious solution is to save as an html document in Word, but the markup produced is not usable. There are several ways to convert the content into clean html.

word-html2

1. Copy/Paste into Dreamweaver in Design Mode.

word-html1

2. Copy/Paste into WordPress in Visual Mode.

word-html3

3. Script a macro to pull out all the links. Referenced from: microsoft

1
2
3
For Each objHyperlink in ActiveDocument.Hyperlinks
    ActiveDocument.Words.Last.InsertAfter(vbcrlf & "<li><a href=""" & objHyperlink.Addres & """>" & objHyperlink.TextToDisplay & "</a></li>")
Next
Posted in Uncategorized | Leave a comment