Category Archives: Computer

All Computer Stuff

Bulk import DHCPD data into pfSense

Similar to my previous post, if you are trying to bulk import your current DHCPD data into pfSense, the built-in pfSense shell comes in handy.

Here we’ll start to use the current ISC-DHCPD configuration file, /etc/dhcp/dhcpd.conf, which will have entries like this:

Then run the following script – modify it to your needs – which will print out the commands for the pfSense shell. Since my DHCPD configuration is relying upon existing DNS entries and I am having hostnames as “fixed-address” entries, I need to resolve these entries with a dig command. If your file is always using IP addresses, just parse them out:

This will generate the following output, ready to paste into the pfSense shell:

Please keep in mind the index starts at 0, valid for an empty list of host names in your pfSense DHCPD configuration. For each already existing entry you have to add 1 to the starting index of 0.

Bulk import DNS data into pfSense

If you are trying to bulk import your current DNS data into pfSense, the built-in pfSense shell comes in handy.

First, get your current data into a file with 2 columns like this:

Then run the following script – modify it to your needs – which will print out the commands for the pfSense shell:

This will generate the following output, ready to paste into the pfSense shell:

Please keep in mind the index starts at 0, valid for an empty list of host names in your pfSense Unbound/DNS configuration. For each already existing entry you have to add 1 to the starting index of 0.

OpenVPN complains about wrong user/password without you requesting one?

If your OpenVPN client is complaining about a wrong user/password combination (AUTH_FAILED), although you are not requesting it on your server, it might be a completely different reason.

After migrating to a new operating system but taking OpenVPN’s configuration with me, I was running into this problem. All clients were complaining about wrong username and password.

The reason is simple:

I configured OpenVPN to send an email on connect and disconnect of a client. The script wants to use the mail command – which is not installed as default by Xenial. This leads to a client-connect-script error which in turn leads OpenVPN to respond with an AUTH_FAILED. Which in turn gives the “Wrong username/password” error message on the clients.

Solution: Make the client-connect script working again 😀

Installing a Vagrant BaseBox of CentOS

  • Install a minimal system of CentOS in VirtualBox
  • Activate networking on boot by enabling eth0 in
  • Add a vagrant user and assign the password vagrant to it
  • Give sudo rights to that user by adding vagrant ALL=(ALL) NOPASSWD: ALL with visudo
  • Disable requirement of having a TTY by commenting out the following settings with visudo:
  • Add insecure Vagrant public key from https://github.com/mitchellh/vagrant/blob/master/keys/vagrant.pub to vagrant’s authorized_keys
  • Add development tools for building the guest addons with
    The repo options are useful if you want to install from local installation media (ISOs) instead of fetching all from the net.
  • Install guest addons with
  • halt the machine
  • Remove all hardware that is not necessary from the base machine or else it will be available on the machines set up with Vagrant later!
  • Package Box with

Done!

Should Vagrant be unable to connect to your boxes derived from that base box, you might have a problem with SELinux, see here how this can be fixed!

SSH doesn’t allow logins with keys? SELinux!

If you have correctly setup your authorized_keys and are sure it should allow you logins with keys – then maybe SELinux is giving you a hard time. Especially if your user is not under the normal home directory folder /home. In your /var/log/{auth,secure} files you will see that sshd is not allowed to open authorized_keys and/or authorized_keys2 after you set the “LogLevel DEBUG” in /etc/ssh/sshd_config.

In that case, try to set the correct settings again:

chcon -t ssh_home_t ~PROBLEMATIC_USER/.ssh/
chcon -t ssh_home_t ~PROBLEMATIC_USER/.ssh/authorized_keys

Now everything will work again.

Charge HP Stream 7 while using it with an OTG cable

After a quite frustrating experience with an HP Stream 7 tablet, which refused to get charged while having a USB stick connected to it via an OTG cable, I found an extremly easy solution:

Just disable the Microsoft AC Power Supply which can be found in the device manager under Batteries.

Voila – that’s it.

I have the German version only where it says Microsoft Ladegerät and can be found under Akkus.

Installing Debian Jessie on an APU1D4

To install Debian Jessie on an APU1D4, it is easiest to go for a network installation. You need
– a TFTP server
– a DHCP server
– the Debian file structure in the TFTP server’s root directory

For DHCP you will need something like the following configuration:

For the TFTP server you need something like the following configuration:

Then simply extract the debian installer files into /src/tftp . I have included my working configuration into netboot_serial_20150107.tar. Should you want to change its configuration, simply edit the file pxelinux.cfg/default file. Mine looks as follows and is preconfigured for serial console output:

Attach a serial console cable and fire it up!

Frontend for openssl to check key chains

Since checking SSL key chains with openssl is sometimes a bit tricky, I have written a little perl script as wrapper around it.

Just download check_chain.zip, unzip it and run it as follows:

./check_chain.pl -p server port

-p (optional) prints out the certificates as well
server is the server to check
port (optional) is the port to connect to.

Here is the code:

Its output is as follows: