Sunday 17 November 2013

Windows 8.1 update notes

Just some notes from my experience of Windows 8.1 upgrade.

1. It's slow to install.  Like I'm sure it took longer than the initial install of Windows 8!

2. Start button is a have.  Just goes to Metro.  It's Metro I'm not a fan of, which is odd given I spend most of my time in Gnome 3 and I use metro in the same way.  Press windows key and start typing. Metro is just to busy.

3. App problems.  I was going to say none but VMWare player had to be repaired as the networking bridging sopped worked. I showed the interface as down and the bridge interface list was empty.  After being repaired it was fine..

Tuesday 10 September 2013

Cisco IOS certificate handling

This is primarily for sslvpn type stuff first off.

I use startssl.com for certs etc. They great, they're free for the common stuff and browsers recognise them.  All in all they rock.  Thanks startssl.com

Importing the cert so I can use it on the router.  Seems simple but there are some gotchas.

StartSSL give you a private key..

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,32C45D65DFE1A50C983B5F75F341764D

yeahrightlikeimgoingtogiveyoumykey

-----END RSA PRIVATE KEY-----

and a public key

-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIDC+X4MA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
...
bZB1pUEw1HLbbuN66szP7jyua2YWbKm+Q2kdi9lOGFado4n1ka3Evc7N6e9gvKrk
ADc=
-----END CERTIFICATE-----


First gotcha all they guides i've seen are old and say

crypto ca import

Most new IOS use instead

crypto pki

Second big gotcha is the IOS doesn't do AES.  So see in the private key, 3rd line it has AES we need to convert that.

It's easy if you have a Mac or a Linux box.  With windows you need to install openssl.

Save your private key on your Desktop as oldkey.pem, open the terminal and type

openssl rsa -in Desktop\oldkey.pem -out Desktop\newkey.pem -des3

Open the newkey.pem file and your public key and download the  CA certificate for your provider. They'll have a link in FAQs etc.

Log into the router, enable etc and go to config t.

To be continued


Friday 21 June 2013

unix utils translation

I've been jumping back and forth between a few OSes lately and I keep typing the wrong thing at the prompts for day to day admin.  So I'm putting it here so I don't forget :-)

This is the commands for general update current packages, install new packages etc type stuff

Gentoo Linux:

update: emerge --sync && emerge -DuN --keep-going world
install:  emerge --sync && emerge packagename
search:  emerge --sync && emerge -s name
or emerge --sync && emerge --searchdesc

FreeBSD (9.1 if it makes a difference)

packages (pre-compiled)

update: freebsd-update --

and for ports (from source)

update: portsnap fetch update && portupgrade -a
install: cd /usr/ports/catagory/package && make WITH_LDAP="YES" install clean


Centos 6.3

update: yum check-update && yum update
install: yum install packagename
search: yum search 

More to come..

Control break on an RDP session from a Mac keyboard

Found this by accident.  I was trying to do a control break to show ping statistics.

If you do control F13 F14 quickly it does a control break.  Control F13 by self didn't but if you keep control down and do F14 as well it shows me the ping stats and carries on as you'd expect. I did get it to work once with just a few control F13s but couldn't confirm that one.

Hope that save some time for someone..

Wednesday 23 January 2013

DHCP fills with BAD ADDRESS

I've seen this happen for a few reasons but had a new one today.

We had a new 3750 that I'd set to DHCP on VLAN1 to plug in.  I then changed the native VLAN to 111 and added voice etc VLANs

Then we plugged a phone in and started seeing the Windows DHCP server fill with BAD ADDRESS entries and when you cleared them the came back in seconds.

Hmm.. unplugged the phone and PC on the back of it.  Still filled the DHCP table.

Turns out the core switch had VLAN1 decommissioned but it still had a helper and so the new switch's DHCP requests on VLAN 1 were going to the server and turning up as short MAC addresses (8 or 10 characters) and Windows went no, next and so on.

Odd. I would have thought it would have said no range defined and ignored it.  So the helper must be doing something bizarre.

Moral of the story:  look for stray helpers on your layer 3 devices as another source of BAD ADDRESS problems.


Sunday 13 January 2013

Alfa Romeo 155 handbrake not working

My other love apart from technology is cars.  Especially Italian and English ones and for the last decade or so especially Alfa Romeos...

They're a bit quirky but they feel nice, the sound nice, they look nice. They're just a nice place to be :-)

One thing I've run into a couple of times that I want to know so I remember it and other may save some time.

Alfa 155 handbrake: leave it high!

The handbrake if set to low will stop the rears auto adjusting and you'll lose rear braking  (and be all nosey when you brake hard) and the handbrake will be next to useless. Leave the hand brake about 45 degrees and you'll be fine.

Any one know where to find exhaust cam follows for a v6 155?  I'll pay handsomely for that info!

Gentoo grub-probe not working

 I have a bunch of history commands I run when I d a new kernel etc and one stopped working. grub-mkconfig would fail with grub-probe for /....