Ubiquiti mPower SSH controlled

Had kind of a trouble connection the Ubiquiti mPower to my WiFi. I HAD a MSM430 AP but mPower module is only B/G and my MSM AP would not let the mPower connect to my SSID that where both B/G/N/AC.

Tried to make new SSID that only announced on the B/G/N radio, but no luck. So i decided to buy a Ubiquiti AC-PRO AP. And so fare i am very impressed. But thats an other story.

When first connection your new Ubiquiti mPower is made and you have an IP adresse for it. SSH to the box. i set a new password on it after setup but else std. is ubnt//bunt

1
chmod 750 /etc/persistent/

Type on the machine you want to be able to use for public key login:

1
cat ~/.ssh/id_rsa.pub | ssh username@IP 'cat >> /etc/persistent/.ssh/authorized_keys'

Now you should be able to login like this

1
ssh username@IP

without a password. If so you need to make sure that it stays so even after a reboot:

1
cfgmtd -w -p /etc/

Type ”reboot” to test it!

I have a danish automation system running called “IHC” by Schneider Electric, former LK. Nice hardware but the development is standing still and its, sadly, a dead product.

But instead of having to change the hole system a nice guy have developed IHCaptain. Its a small piece of software able to run on a Pi that makes integration to IHC and everything else you could imagine.

So when i push a button on my IHC system, IHCaption is informed and i have made a senario where it send the SSH command to mPower module and now i am able to control mPower from my existing automation platform. i loovvve it!

SSH command that i send from my IHCaptain installation:

1
/usr/bin/ssh -o StrictHostKeyChecking=no 192.168.x.x -l admin "echo 1 > /proc/power/relay1"
1
/usr/bin/ssh -o StrictHostKeyChecking=no 192.168.x.x -l admin "echo 0 > /proc/power/relay1""
Posted in Uncategorized | Leave a comment

Godaddy SSL and Apache

Godaddy is probably the cheapest SSL certificate provide on the web with their root CA present in all the major browsers.

Now on to the good stuff.

  • Webserver: Ubuntu 12.04 LTS
  • Apache2 with http.conf: /etc/apache2/http.conf

First we need to generate a ‘key’ file that tells our server apart from other servers. You should have openssl installed on your machine, if not, simply type in

1
sudo apt-get install openssl

Then change to the directory to the place you would like to store everything. In my case, I chose:

1
2
3
4
5
mkdir /etc/apache2/ssl
kdir /etc/apache2/ssl/certs
mkdir /etc/apache2/ssl/private
cd /etc/apache2/ssl/private
openssl genrsa -out websitename.key 2048

This will spit out a key for our server to create the CSR which is what we need to send to send to Godaddy in order to get the required files to finish the setup. Next we generate a CSR (so in the same directory):

1
openssl req -new -key websitename.key -out websitename.csr

When filling out the CSR via the terminal it will ask you for several things(Country Name, State or Province, Locality Name, Organization Name, Organizational Unit Name, Common Name, Email Address, and Password) Some of these are optional, but make sure that under Common Name you put your website url (website.com).

Now, we need the contents of this CSR to give to godaddy.

1
cat websitename.csr

Copy the text and paste it into Godaddy’s CSR pane. Make sure you keep the —Begin— and —End— stuff or else godaddy will reject it. I also chose the Starfield Technologies certificate just because it sounded cooler than Godaddy. Once accepted, you would then download the certificate.

Click on the common name [yourwebsite] then on download. Select Apache server type. This will give you a zip file with two files in it. You need to copy the website.crt to /etc/apache2/ssl/certs and the sf_bundle.crt to /etc/apache2/ssl I used a program called WinSCP to drag and drop these files in there via ssh.

Recap:

Folder Layout >
/etc/apache2/ssl/
        -certs
        |__ website.crt
        -private
        |__ website.key
        |__ website.csr (Can be deleted)
        -sf_bundle.crt

We need to edit our http.conf file to make sure that we have a valid path for the SSL. Here is my Vhost listing for the ssl. As you can see I have added a few extra things to make it play nice. I turned on SSLEngine and included the files for it to work properly. Feel free to copy and paste with minor changes.

1
2
3
4
5
6
7
8
9
10
<VirtualHost *:443>
ServerName example.com
ServerAlias example.com
SSLEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/apache2/ssl/certs/website.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/website.key
SSLCertificateChainFile /etc/apache2/ssl/sf_bundle.crt
DocumentRoot /var/www/www.website.com/htdocs
</VirtualHost>

Now when you restart apache:

1
/etc/init.d/apache2 restart
Posted in Uncategorized | Leave a comment

Pandora radio in Denmark

Incredible easy, go to mediahint.com, download the plugin for either firefox or chrome.

When thats done, go to pandoro and sign in. Mediehint is a free proxy service and works without any delay. Super nice and super easy.

Posted in Uncategorized | Leave a comment

Cisco 881W – password recovery for AP module

The following commands will do it.
service-module wlan-ap 0 reset default-config
and then reset the AP module
service-module wlan-ap 0 reset
Posted in Uncategorized | Leave a comment

Change windows key – cli

Command to register a key

Type:
“slmgr.vbs /ipk {product key, including dashes}”
hit enter

Posted in Uncategorized | Leave a comment

“Broken file” when opening attachment from outlook

Soo, customer had this issue when opening attachment from outlook 2010

Fix it by going into security center on the destination app. And in”protected view” tab uncheck the “…. attachments from outlook”

Posted in Uncategorized | Leave a comment

Folding at Home PXE boot

Had the pleasure to play with the brand new HP Moonshot server product. Its a 4,3 Unit high enclosure with 45 small atom s1200 servers, option to have redundant switches, uplink modules, IPMI and power supplies. Need little box, haven’t figured out its main purpose in life but as a webserver farm it would be great.

Since i dont have any high performance websites that needs 45 small servers, what it the next best thing? Yeees, a Folding at Home cluster.. :D

The networking of a moonshot is a story of its own, so that will be covered in an other blogpost.

My initial thought was to have FreeBSD server that had a TFTP server and a NFS share that could be mounted from the PXE boot clients then they would all just run its OS over the NFS share. But didn’t have to time to wrap my brain around all of the aspects of making the PXE boot image look up a config file based on its MAC address i found the next best thing.

http://www.linuxforge.net/docs/crunching had a nice site regarding PXE boot of there custom linux kernels where FAH was integrated as standart.

So with there PXE image i setup a TFTP and NFS server on a FreeBSD server. The DHCP server was pFsense, so i set the boot parameters there. The build-in TFTP server in FreeBSD was not very helpful so after a bit of googleing i found out that a package called “freebsd-tftp” was working much better. After having the TFTP running i got NFS working by reading the FreeBSD handbook.

I testet with just a new VMware vm, i booted just fine and FAH started automatic. So now i just need to try it on the HP Moonshot. But since not even HP it self understand the networking of the box i will have to wait for them to figure out how you get the network running. It will be exiting to have 45 PXE booted server doing FAH with so little effort. Love it..

http://dustingram.com/articles/2009/08/25/creating-a-freebsd-pxe-network-boot-server/ <<< This site also have some good info on the whole PXE process

Posted in Uncategorized | Tagged , , | Comments Off

Simultaneous storage vMotions

Even though i have become a VCP510 i dont know everything…

http://frankdenneman.nl/2012/06/28/limiting-the-number-of-storage-vmotions/

The link above gives a good insight on how to calculate and modify how many simultaneous storage vMotion can run.

“The operation cost of a storage vMotion on a host is “4”, the max cost of a host is “8”. If one Storage vMotion operation is running, the in-use cost of the host resource is “4”, allowing one more Storage vMotion process to start without exceeding the host limit.

As a storage vMotion operation also hits the storage resource cost, the max cost and
in-use cost of the datastore needs to be factored in as well. The operation cost of a Storage vMotion for datastores is set to 16, the max cost of a datastore is 128. This means that 8 concurrent Storage vMotion operations can be executed on a datastore. These operations can be started on multiple hosts, not more than 2 storage vMotion from the same host due to the max cost of a Storage vMotion operation on the host level.”

Very good to know it you dont have a powerfull SAN.

Overstående link giver en god beskrivelse af hvordan at man beregner og modificere hvor mange samtide storage vMotions

VMware official documentationhttp://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.vcenterhost.doc/GUID-F0C0FFD7-FC60-4CF9-B4E4-106FC1B97730.html

Posted in Uncategorized | Tagged , , | Leave a comment

Install megacli userland in esxi

I have a LSI2108 based raid card in by HP Proliant Microserver. Thats all good, but yesterday the was a broken disk in the raid, and the beeping is just anoying! Couldt stop it when vmware esxi was loaded. So after a little research i found following in the vmware community:

1. Download MegaCli bundle from http://www.lsi.com/channel/products/storagecomponents/Pages/MegaRAIDSAS9260-4i.aspx

2. In downloaded archive find vib (vmware-esx-MegaCli-8.04.07.vib) file and copy it to your host /tmp. You can use WinSCP for copying.

3. SSH to you host

4. $ esxcli software vib install -v /tmp/vmware-esx-MegaCli-8.04.07.vib –no-sig-check

5. $ cd /opt/lsi/MegaCLI

6. $ ./MegaCli -AdpAllInfo aAll

And i worked just fine, so now i can stop beeing and many other things with the LSI MegaCLI application from within esxi. Wuuhuu…

Some usefull MegaCLI commands:

Silence active alarm
MegaCli -AdpSetProp AlarmSilence -aALL
Disable alarm
MegaCli -AdpSetProp AlarmDsbl -aALL
Enable alarm
MegaCli -AdpSetProp AlarmEnbl -aALL
Set global hot spare
MegaCli -PDHSP -Set -PhysDrv [E:S] -aN
Show all Battery information
MegaCli -AdpBbuCmd -aALL
Show all controller config info
MegaCli -CfgDsply -aALL
Show all adapter info
MegaCli -AdpAllInfo -aALL
Posted in Uncategorized | Tagged , | Comments Off

Lupo 3l

When owning a VW Lupo 3l you need to take ekstra care of your transmission. Lupo have a sort of “semi-automatic” gearbox, or actually it is a normal polo gearbox with an automatic gear changer. VW have had many problems with the gearbox because of its speciality.

Personally i think many of the problems is related to the driver or that way people drive a Lupo. It is kind of special but when you get to know it, everything turns out fine.

Soo the special care is by making a basic adjustment. I’am no expert in cars, but doing basic adjustment with a computer and a guide is no problem.

http://www.lupo3lklub.dk/forum/viewtopic.php?f=22&t=11

Posted in Uncategorized | Tagged , | Comments Off