Saturday, November 5, 2016

Linux and Window computers unable to browse home network

Hi have a home network that consists of an ADSL router and a wireless access point.

Among the 4 smart phones, 5 tablets and 4 RaspberryPis I have 1 Linux Mint 18 desktop, 1 Ubuntu 16.04 server, 1 Linux Mint laptop, 3x Windows 10 laptops and 1 Windows 10 desktop. (I know to many for a household of 4 people but it is what I do for a living)

Recently I installed Windows 10 onto a laptop and suddenly was not able to browse the network from any of the network browsers (Linux or Windows). The strange this was that I was able to connect (from linux) using smb://192.168.1.3/ShareName and (from Windows) \\192.168.1.3\ShareName

After searching for the solution and trying many, many of the solutions I was not successful. I shutdown all the devices and started the Linux mint machines first then started the Windows machines (which was a real PITA) but nothing worked.

What finally DID WORK!

On the windows machines I opened a command line as administrator and ran the following:

  1. Click on Start button.
  2. Type Cmd in the Start Search text box.
  3. Press Ctrl-Shift-Enter keyboard shortcut to run command prompt as Administrator. Allow elevation request.
  4. Type netsh winsock reset in the Command Prompt shell, and then press the Enter key.
  5. Restart the computer.

Afterwards I was able to browse the network from both the windows machines as well as the Linux ones.

What netsh winsock reset command does are it resets Winsock Catalog to a clean state or default configuration. It removes all Winsock LSP (Layered Service Providers) previously installed, including the potential malfunctioned LSP that causes loss of network packets transmission failure. So all previously-installed LSPs must be reinstalled. This command does not affect Winsock Name Space Provider entries. (Shamelessly copied from here)

Posted by at No comments:
Labels: , , , , , , , , , , ,

Wednesday, March 26, 2014

SSL Keystore cheat sheet

I often find myself scouring the net for how to create a selfsigned certificate and then how to actually use it.  So I have now created a Cheat Sheet.



JAVA: how to obtain keystore file for a certification (crt) file

Create store with temporary key inside:
keytool -genkey -alias temp -keystore yourkeystore.jks -storepass Hello1
Then delete existing entry:
keytool -delete -alias temp -keystore yourkeystore.jks -storepass Hello1
Now you've got empty store. You can check that it's empty:
keytool -list -keystore yourkeystore.jks -storepass Hello1
Then import your certificate to the store:
keytool -import -alias alias -file cert_file.crt -keypass keypass -keystore yourkeystore.jks -storepass Hello1



  • I like to create a directory to keep my certificates in separately. (for this doc I'll use C:\SSL)
  • Open a command prompt and cd to that dir. (cd c:\ssl)
  • Generate the keystore as follows
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass myPass -keysize 2048

  • You will need to fill in the prompts that follow
                Password: 
                        Use something you will remember.
                First & Last Name:  
                        Use the domain or IP that you will be using to
                        access the site with.
                        If you're only hitting tomcat from the local machine
                        use "localhost".
                        If you don't, the user will be warned that the certificate
                        is for a different domain.
                Organizational Unit: 
                        SXI
                Name of your organization:
                        SXI
                Name of your city:
                        Johannesburg
                Name of your state or province.
                        Gauteng
                The two letter contry code for this unit.
                        Make sure it's upper case ("ZA")
        You will be shown all of your entries and asked to confirm.
        (Is CN=localhost, OU=SXI, O=SXI, L=Johannesburg, ST=Gauteng, C=ZA correct?)
                Hit enter.
        You will be asked for your password again with the option to 
        just hit enter.
                Hit enter

  • You should now have a keystore.jks file in C:\SSL


TO Configure Tomcat to use this keystore


1. Open server.xml, located in TOMCAT\conf. 
(Or right click on the tomcat server in netbeans and click on edit server.xml)
        
2. Find and uncomment the SSL <Connector port entry.
        NOTE: XML uses the "<!--" start and "-->" end symbols 
                to begin and end comments.
        NOTE: There is a comment just above it that looks like this:
         <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

3. Add two more attributes to this tag:
        keystoreFile="C:\SSL\kekstore.jks"
        and:
        keystorePass="myPass"
4. Restart Tomcat.

Example of the section to configure in the server.xml file:

    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
    <Connector port="8443"
               maxHttpHeaderSize="8192"
               maxThreads="150"
               minSpareThreads="25"
               maxSpareThreads="75"
               enableLookups="false"
               disableUploadTimeout="true"
               acceptCount="100"
               scheme="https"
               secure="true"
               clientAuth="false"
               sslProtocol="TLS"
               keystoreFile="c:\ssl\keystore.jks"
               keystorePass="myPass" />



Export the generated server certificate in keystore.jks into the file server.cer

keytool -export -alias selfsigned -storepass myPass -file server.cer -keystore keystore.jks

(NB: the alias >selfsigned< must exist in the keystore)


To add the server certificate to the truststore file sxi.jks 

Run keytool from the directory where you created the keystore and server certificate.

keytool -import -v -trustcacerts -alias selfsigned -file server.cer -keystore /path/to/keystoredir/myServersKey.jks -keypass myPass -storepass myPass

/path/to/keystoredir is obviously the path to where the keystore that your application is going to use (In java you set this property as follows:

System.setProperty("javax.net.ssl.trustStore", "/path/to/keystoredir/myServersKey.jks");
       
If you get keytool error: java.lang.Exception: Input not an X.509 certificate check that the server.cer is not 0 bytes

I hope I can refer to this many times and not have to get the into from loads of different sites in the future again ;)
Posted by at No comments:
Labels: , , , , , ,

Friday, February 21, 2014

Ubuntu 13.10 connect to MS VPN Server

I was not able to make a VPN connection to a MS site. I tried Cisco Anyconnect (openconnect), Cisco Compaitble VPN (vpnc ), OpenVPN or PPTP (the default)

 This was a real source of frustration and the "IT guy" kept telling me that I should just install Windows and have done with it.

 Turns out that this is SIMPLE to fix.

 Setup a new PPTP Connection Type.

 Click the "Advanced" button.  I disabled EAP but when I clicked Use Point-to-Point encryption(MPPE) under "Security and Compression" the window above for "Allow the following authentication methods:" changed and EAP was greyed out.

 I then selected "128-bit (most secure)" from the "Security:" drop down menu and clicked OK

 I was then able to successfully connect to a MS VPN Server.

 Hope this helps... I know in the future it will definitely save me time and effort when setting this up again.

 So there Mr. MS "IT guy" ... 

Posted by at 1 comment:
Labels: , , , ,

Thursday, February 20, 2014

Netbeans 7.4 bold menus in Ubuntu

I have suffered with this problem many times when using Netbeans in Ubuntu and I finally decided not get to the bottom of it.

The problem started only after I installed Wine.  Wine install a whole load of fonts so this was definitely where to look for the problem.

I found out that if I remove the fonts-unfonts-core package my menus go back to normal.  to remove the package run the following

sudo apt-get remove fonts-unfonts-core


I still had a smaller problem in that the menus don't have a border and when they are drawn over a busy development screen it takes me longer to find the item I am looking for.

I found the following tip when trying to fix the bold menu issue and have now made all my netbeans installations look the same.  I think this is a much cleaner theme for netbeans.  It makes it far easier for me to use netbeans at least.

You need to run netbeans with the following switch "
--laf Nimbus


So your command to launch will look as follows

"/home/whatever/netbeans-7.4/bin/netbeans" --laf Nimbus

Posted by at 1 comment:
Labels: , , , ,

Wednesday, October 9, 2013

Mount my SD Card in Ubuntu 12.04

I had several problems mounting my SD Card in Ubuntu.  From NOTHING happening (my worst case of issue ... How can some-one troubleshoot with NO, ZERO messages etc ... to the partitions being mounted but readonly ... So I could never install Raspbmc (or any distro for that matter) onto my  Raspberry Pi 
Until I came across a post on Ask Ubuntu which pointed me in the right direction.
Turned out to be a permissions issue. 
First thing to do is to check the permissions on the hardware device mounting your card. You'll need to find the device name. To do this run the following command:
sudo fdisk -l
Your device will probably be something along the lines of /dev/sdb1, in my case the SD Reader was /dev/mmcblk0p1.
Next you need to get the permissions on this device:
sudo ls -l /dev/mmcblk0p1
Replace "/dev/mmcblk0p1" with your device location. The output will look something like this:
brw-rw---- 1 root disk 179, 1 Feb 3 21:58 /dev/mmcblk0p1
This tells us the device is owned by User 'root' and group 'disk' You need to be a member of group 'disk' to be able to write to the SD card. You can check which groups your a member of with
groups username
In my case I was not a member of the 'disk' group, I rectified this with
sudo usermod -g disk username
This adds you to the group 'disk' which should allow you to now read & write to the SD card
The BIG thing for me was adding my user to the Group 'disk' which sorted everything out.  Thanks to Cage for pointing this out.
Hope this helps.
73
Posted by at No comments:

Tuesday, March 12, 2013

Reading .eml files in Win7

I use webmail (Google) however some of my colleagues insist on using MS Outlook.

 Often when I get an email from them that contains another email that they forwarded the additional message arrives in an attachment called noname.eml

 This freaks me out ... and I have spent much time looking for an app that will read these files (there are some available but I can't really recommend any that stand out as being an elegant solution for me).

I stumbled onto a very simple solution today.
  1. Simply download the file (noname.eml) from your original email
  2. Rename it to noname.mht 
  3. Open it with Internet Explorer 
 No need for any additional software .... which suits me.


Posted by at 1 comment:
Labels: , , , , ,

Saturday, July 21, 2012

Ubuntu Server Disable screen blanking

This is so simple however I always seem to forget how to do it.

I have an Ubuntu server and often want to run htop over a few days while testing something. The problem is though that the screen keeps going blank. This is fine but then I quickly want to see what the current performance is at a glance while walking past. I don't want to have to press a key to get the screen live again.

As root run the following

setterm -powersave off -blank 0


Here are a few more interesting things you can do with setterm.
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)