Archive
Create Ubuntu 14.04 LTS (PV) OpenVPN Access Server on AWS
Create AWS Instance
Inbound Security Group Rules
|
Custom UDP Rule
|
UDP
|
943
|
0.0.0.0/0
|
|
SSH
|
TCP
|
22
|
0.0.0.0/0
|
|
Custom UDP Rule
|
UDP
|
1194
|
0.0.0.0/0
|
|
HTTPS
|
TCP
|
443
|
0.0.0.0/0
|
|
Custom UDP Rule
|
UDP
|
443
|
0.0.0.0/0
|
|
Custom TCP Rule
|
TCP
|
943
|
0.0.0.0/0
|
Use PuTTYGen to convert pem to ppk. Add passphrase to the key.
Assign IP
Update DNS
SSH to host DNS name to verify proper name resolution. Login as ubuntu.
sudo apt-get update && sudo apt-get upgrade
The download page for OpenVPN Access Server.
https://openvpn.net/index.php/access-server/download-openvpn-as-sw/113.html?osfamily=Ubuntu
Right click the link and select ‘Copy link address’
From PuTTY download the deb
wget [right click]
Install the deb
sudo dpkg -i openvpn[tab]
Give user openvpn a password
sudo passed openvpn
It appears Ubuntu will open the ports, but I should figure out what is going on.
Open browser to admin page and log in as openvpn
Configure server. Be sure to properly add the server DNS name in Server Network Settings
Open browser to login page
Select “Login”
log in as openvpn
Download and install OpenVPN Connect for Window
Connect to VPN and verify server IP via ‘whats my ip’
Install VMware Tools on Debian 7
Before the tools are installed, you must install make and gcc
sudo apt-get install gcc make
VMware tools requires the Linux Kernel headers
sudo apt-get update
sudo apt-get install linux-headers-$(uname -r)
Insert the CD. Player -> Manage -> Install VMware tools…
Mount the CD
mount /media/cdrom
Extract tool to home
cd ~
tar -zxvf /media/cdrom/VMware[tab]
Execute the installer
cd vmware-tools-distrib
sudo ./vmware-install.pl
Reboot
A Beer Game
I am drinking Left Handed Nitro Milk Stout. This is an amazing beer.
I have a new set of NPR pint glasses.
I try pouring a beer as hard as I can into a glass, such that it will foam and head over, but I cannot accomplish my task.
Try.
Mike
Fix Windows Update Corruption
From:
You can try the following methods
Method 1:
I would suggest you to run the windows update troubleshooter
http://windows.microsoft.com/en-US/windows7/Open-the-Windows-Update-troubleshooter
Method 2:
Put the computer in ‘Clean boot’ and then try to update.
http://support.microsoft.com/kb/929135
Note: When the troubleshooting is over do not forget to reset the computer to normal startup. Follow the step 7 in the above article.
Method 3:
How do I reset Windows Update components?
Local RSYNC NAS Backup
rsync -rtvu /mnt/data/ /mnt/backup/Skywarp/
Note the trailing ‘/’ in the path.
Move User Data Folder via mklink
Works very well.
How To:
http://www.windows7home.net/how-to-move-user-data-folder-to-non-system-partition-in-windows-7vista/
As you know,windows 7/vista put all system data and user data on the same partition,normally it’s drive C.Under this condition we must backup our user data every time we re-install our windows 7/vista.From windows vista ,Microsoft supply us a toolmklink which can create a symbolic link under windows 7 or vista just as the command ln under unix/linux.Below is an example about how to put user data on non-system using mklink in windows 7.
1.Enable administrator account and set a password for it.You can refer How to enable or disable administrator account in windows 7
2.Logoff and login with administrator account
3.Relocate your user data to other non-system partion,for example from C:\users\J to D:\users\J,then REMOVE the old profile folder
robocopy /MIR /XJ C:\Users\J D:\Users\J |
4.Use mklink to create a symbolic link from C:\users\J to D:\users\J
mklink /J C:\Users\J D:\users\J |
5.Re-login use your own account,you will find nothing changed,but in fact your physical user data is on drive D.
6.Done.The next time you re-install your OS ,just use the same user name, remove C:\users\J then run the command of step 3 again then your user data is back.
————————————————–
Why it’s a Directory Junction and not a Directory Symbolic link:
http://superuser.com/questions/343074/directory-junction-vs-directory-symbolic-link
Client OpenVPN as NAT Gateway Router to Local Network
An OpenVPN server exists on the Internet. This is how an individual client will expose to all other clients of the VPN its private network.
The private network is 192.168.99.0/24. Create a ubuntu server installation.
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install openvpn
Go to the VPN server and login admin. Configure your user profile as Admin/Auto-login and:
(not sure Admin is that important, need to remove and test)
The VPN server will now tell all clients that it will handle traffic for 192.168.99.0/24. Your client profile is now configured as a gateway for 99.0/24, so the server will NAT all traffic down the VPN to your client. However, your shiny new ubuntu client must then NAT the server traffic onto 99.0/24.
From http://codeghar.wordpress.com/2012/05/02/ubuntu-12-04-ipv4-nat-gateway-and-dhcp-server.
Everything up to Install DHCP server. Basically just enable routing and add the NAT iptables rules.
I like this post for creating your iptables https://wiki.debian.org/iptables
Log into the http openvpn server (LOGIN not CONNECT). Download your autologin profile, rename to .txt, open with WordPad (not Notepad).
Place the contents of this file in /etc/openvpn/client.conf on the ubuntu client.
Start OpenVPN client:
cd /etc/openvpn/
sudo openvpn client.conf
Fun with SSH
The more I use SSH the more I like it.
This post is along the same lines as my previous Git post regarding SSH tunneling to access a Git repository while behind a firewall.
I want remote access to my home ESXi server, and all it’s running instances. To do this, I will achieve RDC to a Win7 instance running on the server, install vSphere Client, and SSH to any Linux instances.
To achieve RDC I configured my ADSL modem to DMZ my DD-WRT router. I connected externally to DD-WRT via the web interface. So far so good. I then created a RDP port forward rule to my Win7 instance. Trying to connect failed.
When attempting this from work I ran into the same issue that the corporate firewall does not allow outbound connections on 3389 (RDP). Therefore my RDC client will never hit the port forward rule on dd-wrt, it can’t even get to the Internet.
I only have a few outbound ports to work with, 80 (http), 443 (https), and maybe 22 (ssh)????
Back on the DD-WRT web interface I enabled the SSH server. From my remote computer I successfully accessed my router via SSH. GREAT, I have the mechanism to poke an outbound hole in the corporate firewall.
A little research, including my previous Git/SSH post and this http://www.dd-wrt.com/wiki/index.php/Telnet/SSH_and_the_Command_Line
Essentially I used my local SSH client (PuTTY) to connect to the DD-WRT SSH Server. This connection, then creates a Local ssh tunnel, from my local port 1234 to the destination Win7:3389.
It’s important to use the word Destination instead of Remote, because there is a difference between Local port forwarding to a Destination and Remote port forwarding. The above dd-wrt-com link has a good explanation of the two.
So once I configured PuTTY properly and opened the SSH session, I then fired up RDC and connected to localhost:1234. This connection looked like this:
[work]->[corp firewall]->[Internet]->[DSL Router]->[dd-wrt]->[Win7]
or
[localhost:1234]->[ssh tunnel]->[Win7:3389]
The forwarded port in PuTTY was configured as such:
4L1234 192.168.2.200:3389
This essentially says:
4 – IPv4
L – Local forward
1234 – Local port that will be forwarded
192.168.2.200:3389 – The forward Destination. Where the SSH Server will forward this tunnel to.
Lambda IQueryable – ‘statement lambda’ vs ‘expression lambda’
Great article http://www.codeproject.com/Articles/47887/C-Delegates-Anonymous-Methods-and-Lambda-Expressio
There is an important difference between using braces and not using them. When you use them, you are creating a ‘statement lambda’, otherwise it is ‘expression lambda’. Statement lambdas can execute multiple statements (hence the need for braces) and can not create expression trees. You will probably only run into this problem when working with the IQueryable interface. The example below shows the problem.
List<string> list = new List<string>();
IQueryable<string> query = list.AsQueryable();
list.Add("one");
list.Add("two");
list.Add("three");
string foo = list.First(x => x.EndsWith("o"));
string bar = query.First(x => x.EndsWith("o"));
// foo and bar are now both 'two' as expected
foo = list.First(x => { return x.EndsWith("e"); }); //no error
bar = query.First(x => { return x.EndsWith("e"); }); //error
bar = query.First((Func<string,bool>)(x => { return x.EndsWith("e"); })); //no error
The second assignment of bar fails at compile time. This is because IQueryable.First expects an expression as a parameter whereas the extension method List.First expects a delegate. You can force the lambda to evaluate to a delegate (and use the First’s method overload) by making a cast as I did in the third assignment to bar.
Authors
-
Mike Michaelis
- Step 1 Homework
- ssh tunnel with stunnel4 hop
- stunnel4 ssh over https
- Hacking Game
- Big Open Source Blog Idea
- X11 from Ubuntu Server
- Purchase Bitcoin Anonymously
- Using SSH keys for Password-less Logins and Transparent Multi-hop SSH
- SSH SOCKS Tunnel Web Browsing
- Create Debian 7 OpenVPN Client NAT Gateway Router to Local Network
