I Just Wanted to ...

So I just wanted to add my HPE ProLiant MicroServer Gen8 Server FreeNAS TrueNAS system – which I brought with me from Vienna when I traveled to my girlfriends place in Cologne – to her local fritz.box network. What I forgot was that I configured both NICs to static IP addresses in my Vienna LAN, so there was no way for me to access the box remotely and reconfigure it.

My first attempt to fix this: connect a display and a USB-keyboard to the server and fix it on the local console. This was unsuccessfull, as my girlfriend is not a hoarder of old, obsolete hardware like me and does not own a single display with a VGA connector. So I had to get a VGA->gt;HDMI adapter.

Once Amazon delivered, I got a picture until all the HW initialized but not afterwards. Apparently, something in the HPE boot selection screen confuses the adapter in very specifc way, so it stops working. Another option gone.

But then I rememberd (yes, it really took me this long), that the Gen8 has a „dedicated” (sort of) ILO4 network port, which is per default configured for DHCP and should therefore be available to me. Furthermore, the ILO4 webinterface allows for a „remote console” to the booted OS, so I could configure my TrueNAS via that „console”.

Plugged the cable into the ILO port, checked in the fritz.box network management interface and „low and behold”, the ILO interfaced fetched an IP address (of course the „.42”). And even more surprisingly, the webinterface responded on that IP, prompting me for username and password. Fortunately, I also brought the toe tag of the server with me, wich had the username and password printed on it. And like a well trained pavel dog, I added these credentials to my KeePassXC database, reminding mysef to change the password later on.

After some clicking around I had to suspend my activities for that evening, due to personal reasons and continued working on this project on the following day. Which started with the ILO interface not accepting my credentials (from the KeePassXC store of course). I double checked the password with the dog tag, entered it manually, nothing helped.

OK, what to do? Thankfully, DuckDuckGo found instructions on how to Reset the HPE ILO Inband Root/Administrator Password in Linux.

OK, so now I need a bootable USB stick with a linux on it, which can facilitate the ProLiant’s NICs to provide a SSH connection over. This, I would be able to use to connect to it, so i can download the hpconf tool on it to reset the ILO4 password of the server.

Linux of choice in such a case is of course the wonderful Austrian/Graz based sysadmin workhorse Linux distribution „grml”. But reading up on it, I realized, that they do not provide an SSH server per default. So some customizing was needed.

Fortunately, the grml project provides a blog entry from 2011 where they describe the steps necessary to create a custom grml ISO with my personal project ssh keys added and the ssh server configured for autostart. Surprisingly, I had a sufficiently sized (slow) USB stick at hand and after abput 30 minutes of creating a new ssh key for this and building and writing the iso to USB stick, I was able to plug it into the ProLiant and boot it.

Thanks to the wonderful people who built grml, I was able to hear that grml has finished booting from the comfort of my couch. So now I only had to download hpconf, create the xml file with the new password and be done with it. Right?

Hahahahhahaha. No.

The easiest way I found to the get hpconf installed was to add it to the apt-sources of grml, which was easier said, then done. The steps I followed to update the password were:

  1. Grab the signatures, otherwise apt will stop working for security reasons and make your life hell with security prompts:
    curl http://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub | apt-key add -
    

  2. Add the HP ressources to the apt sources list, as the .debs from the downloadable ISO are way out of date …
    echo "# HPE Management Component Pack" >/etc/apt/sources.list.d/hp-nonfree.list
    echo "deb http://downloads.linux.hpe.com/SDR/repo/mcp stable/current non-free" >>/etc/apt/sources.list.d/hp-nonfree.list
    

  3. Finally, install the hponcfg utility:
    apt-get update
    apt-get install hponcfg
    

  4. Create the xml file with the password:
    cat <<__UND_AUS__ > /root/pwd.xml
    <RIBCL VERSION="2.0">
      <LOGIN USER_LOGIN="x" PASSWORD="x">
      <USER_INFO MODE="write">
        <MOD_USER USER_LOGIN="Administrator">
          <PASSWORD value="horse staple battery"/>
        </MOD_USER>
      </USER_INFO>
      </LOGIN>
    </RIBCL>
    __UND_AUS__
    

  5. Update the ILO password
    hponcfg -f /root/pwd.xml
    


So after doing that, I unplugged the grml USB stick, plugged in the ILO port, rebooted and …

… again, I was not able to login.

So I looked more closely and guess what …

I misspelled the username
as „Adminstrator” in the KeePassXC entry. Once I fixed this, I was able to log into ILO and change passwords, update BIOS and ILO firmware, etc.

And once I took care of that housekeeping, I was actually able to use the ILO4 „HTML5 console” to reconfigure the NICs to DHCP once TrueNAS has booted. So now I finally have a server in the fritz.box network, that I can actually access.

Again, a lot of shaved yaks, just to fix a typo.

Tagged as: , , , , , , , | Author:
[Samstag, 20210130, 14:26 | permanent link | 0 Kommentar(e)


Links from 2021-01-24

dyff: /ˈdʏf/ - diff tool for YAML files, and sometimes JSON

dyff is inspired by the way the old BOSH v1 deployment output reported changes from one version to another by only showing the parts of a YAML file that change.

Each difference is referenced by its location in the YAML document by using either the Spruce or go-patch path syntax. The output report aims to be as compact as possible to give a clear and simple overview of the change.

Tagged as: , , , | Author:
[Montag, 20210125, 05:00 | permanent link | 0 Kommentar(e)


Links from 2021-01-17

Oh Shit, Git!?!

Git is hard: screwing up is easy, and figuring out how to fix your mistakes is fucking impossible. Git documentation has this chicken and egg problem where you can’t search for how to get yourself out of a mess, unless you already know the name of the thing you need to know about in order to fix your problem.

So here are some bad situations I’ve gotten myself into, and how I eventually got myself out of them in plain english.

Tagged as: , , , , , , | Author:
[Montag, 20210118, 05:00 | permanent link | 0 Kommentar(e)


Links from 2021-01-11

How to level up your soldering

Maybe you know how to solder a bit, but you suck at it. Or it’s frustrating and never comes out nice and you hate it.

Here’s how to make it enjoyable, and get good results as a side effect.

Tagged as: , , , , , , , , | Author:
[Dienstag, 20210112, 05:00 | permanent link | 0 Kommentar(e)


Links from 2021-01-09

The London Sound Survey featuring London maps, sound recordings, sound maps, local history, London wildlife

Welcome to the London Sound Survey, a web project which collected over 2,000 recordings of everyday life in London between 2008 and 2020. It also has a wide and unique range of historical resources on the theme of urban sound.

Truly, madly, deeply: meet the people turning their basements into secret fantasy worlds

It’s one thing turning your basement into a wine cellar, but some people are building replica streets, theme parks and even trains beneath their homes

Paper Pulp Printer – Beer Holthuis

A paper revolution is coming! From both my interest in sustainability and fascination for tools and techniques grew the idea of a 3D printer to recycle paper.

Simulating the PIN cracking scene in Terminator 2

The next thing I wondered was, “How difficult would it be to write that program?” Not a program that actually cracks PIN numbers from debit cards, I don’t think you can actually do that with a serial cable and some aluminum foil wrapped around a debit card, but a program that can simulate the output of the palmtop in that scene.
Let’s gather some product requirements!

This tool lets you confuse Google’s ad network, and a test shows it works

Google can’t read your mind, of course. But it can read your search history. It tracks a lot of your web browsing, too. Google has an enormous amount of data about its users, and it uses that data to make an unimaginable amount of money from advertising: over $120 billion a year. The company runs a vast profiling machine, fitting people into categories that say who they are, what they’re worth, and how they’re expected to act. Google isn’t just organizing the world’s information; it’s sorting the world’s populations.

Tagged as: , , , | Author:
[Sonntag, 20210110, 05:00 | permanent link | 0 Kommentar(e)


Links from 2021-01-06

Masters of Production: Hugh Padgham

Hugh Padgham is one of the world’s top producers, on par music industry legends like Phil Spector, George Martin, Quincy Jones, Phil Ramone, Brian Eno, and Rick Rubin, to name but a few. The reason why Padgham enjoys, perhaps, not quite the same name recognition is because he prefers to remain behind the scenes, or, in his case, the desk. He likes to call himself “an invisible catalyst,” someone who gets the best out of the artists he works with, without taking any of the limelight.

Over the course of a career spanning five decades, Padgham has been the “invisible catalyst” behind dozens of best-selling, multi-platinum albums, many of them genuinely ground-breaking. Among them are recordings by XTC, Peter Gabriel, The Police, Yes, Phil Collins, Genesis, Kate Bush, David Bowie, Howard Jones, Paul McCartney, Sting, Roger Waters, Suzanne Vega, Sheryl Crow, The Bee Gees, Peter Frampton, McFly, and many more. Altogether it earned him four Grammy Awards.

Zyxel hat Backdoor in Firewalls einprogrammiert

Tagged as: , , , , , , | Author:
[Donnerstag, 20210107, 05:00 | permanent link | 0 Kommentar(e)


Fedora 33, Nvidia and Blank Screens

If Not True Then False published very detailed instructions on howto install NVIDIA proprietary drivers on Fedora 33/32/31/30/29 and disable the Nouveau driver.

And although I was (at least I thought, I was) following the instructions closely, I wasn’t able to install the drivers. The installer was always blanking the screen and stalling, forcing me to reboot the machine. As this was not related to the issue of the screen blanking after installing and rebooting (GDM related, IIRC), for which there was an abundance of postings and rants available online, DuckDuckGo and Google were not of much help.

After much headscratching, commandline-options combining and documentation reading, I found a pointer to /var/log/nvidia-installer.log, the nvidia-installer log file. And lo and behold, this file was a lot more helpful, then the black screen of the installer. It clearly stated:

NVIDIA driver appears to have been installed previously using a different installer.

To uninstall the package, use the following command:
 
sudo yum remove xorg-x11-drv-nvidia\* kmod-nvidia\*

And suprisingly, a yum list installed | grep -i nvidia confirmed the installers diagnosis. For some obscure reason, I still had some nvidia drivers installed.

A quick

yum remove xorg-x11-drv-nvidia*
yum remove nvidia-settings.x86_64

and a reboot later – suprise, surprise – suddenly the installer worked like a charm and dropped the most recent Nvidia drivers into my laptop.

Since then, I enjoy a much smoother, more responsive and quieter (much less fan noise from the CPU) Fedora 33 desktop experience.

Tagged as: , , | Author:
[Dienstag, 20210105, 18:48 | permanent link | 0 Kommentar(e)


Links from 2021-01-02

Enterprise presentations – Coté

True words

How to use Bash history commands

In Bash, the history command is capable of much more than what’s been covered here, but this is a good start for getting used to using your history instead of just treating it as a reference. Use the history command often, and see how much you can do without having to type commands. You might surprise yourself!

Zsh and Fish’s simple but clever trick for highlighting missing linefeeds – Vidar’s Blog

I recently noticed that zsh and fish will instead show a character indicating a missing linefeed, and still start the prompt where you’d expect to find it:

vidarholen-vm2% echo -n "hello zsh"
hello zsh%
vidarholen-vm2%

If you’re disappointed that this is what there’s an entire blog post about, you probably haven’t tried to write a shell. This is one of those problems where the more you know, the harder it seems

Why is there a "V" in SIGSEGV Segmentation Fault?

[…] the signal name stands for "Segmentation Violation".
So it’s essentially: SIGnal SEGmentation Violation.

But there’s more!

Originally the signal was called SIGSEG. It was subsequently renamed SIGSEGV
in the userspace and a bit later - around 1980 - to SIGSEGV on the kernel
side.

Maersk, me & notPetya

Maersk is the world’s largest integrated shipping and container logistics company. I was massively privileged (no pun intended) to be their Identity & Access Management (IAM) Subject Matter Expert (SME), and later IAM Service Owner. Along with tens (if not hundreds) of others, I played a role in the recovery and cybersecurity response to the events of the well-publicised notPetya malware attack in 2017. I left Maersk in March 2019, and as is customary I wrote the obligatory thank you and goodbye note. But there was always a lot more to add. A story to tell.

Milestones of User Interface Design

In order to contribute to historical awareness in our field, we have compiled a list of interaction design classics. Our aim was to include examples that we find inspiring and insightful — which led to our greatest challenge, keeping in mind that we wanted to create a concise list — leaving things out. So, we decided to focus on productivity software — in a very broad sense — and to order the projects chronologically. We didn’t address user interfaces from games, websites or artistic projects; that really would have been too much.

Put your bash code in functions

Notice the line makepdf & makedoc & openapp. Here I am are running the 3 functions in parallel. The wait command does exactly that, waiting for the previous things to finish. When everything is done, the pdf file opens. Let’s look at the timing now:

real 0m24.677s
user 0m21.669s
sys 0m1.746s

It is running ~27% faster. Only by wrapping the code in different functions.

As an extra, in bash the code is not evaluated all at once. If you edit a script while it is being executed, the script behaves differently. Wrapping it in functions solves that problem too.

Tagged as: , , , , , , , , , , , , , , , , | Author:
[Sonntag, 20210103, 05:00 | permanent link | 0 Kommentar(e)


Links from 2021-01-01

Kristian Köhntopp: Go Away Or I Will Replace You With A Very Little Shell Script - YouTube

Keynote for the GUUG FFG 2015, Stuttgart (Video: FrosCON, deutsche Sprache)

Five tips for clear writing

Be authoritative. Tell your readers what they need to know, not what you might ideally like them to know. Tell them also what they need to think about it.

Save your readers time. If you are summarising a file of documents for them, you do not need to give them the experience of reading it themselves. Don’t use a piece of writing as a dumping ground for evidence; use the evidence sparingly to illustrate your argument.

Pick your battles. You may need to prove some points laboriously, especially if the ground is controversial. But you can’t do this across the board. Work out where a blow-by-blow account is necessary and where a simple allusion will suffice.

Don’t include details just because they are fun or interesting. If they don’t serve your argument or your story, they should go.

Observe the 5% rule. Any text, whether it’s a 1,000-page novel or a tweet, can be reduced by 5% without serious sacrifice of meaning. In fact, the true percentage is probably higher …

How NAT traversal works · Tailscale Blog

That’s fundamentally all that the STUN protocol is: your machine sends a “what’s my endpoint from your point of view?” request to a STUN server, and the server replies with “here’s the ip:port that I saw your UDP packet coming from.”

For example, we’ve observed that the UC Berkeley guest WiFi blocks all outbound UDP except for DNS traffic. No amount of clever NAT tricks is going to get around the firewall eating your packets. So, we need some kind of reliable fallback no matter what.

You could implement relays in a variety of ways. The classic way is a protocol called TURN (Traversal Using Relays around NAT). We’ll skip the protocol details, but the idea is that you authenticate yourself to a TURN server on the internet, and it tells you “okay, I’ve allocated ip:port, and will relay packets for you.” You tell your peer the TURN ip:port, and we’re back to a completely trivial client/server communication scenario.

Interactive Connectivity Establishment (ICE) protocol. Like STUN and TURN, ICE has its roots in the telephony world, and so the RFC is full of SIP and SDP and signalling sessions and dialing and so forth. However, if you push past that, it also specifies a stunningly elegant algorithm for figuring out the best way to get a connection.

Ready? The algorithm is: try everything at once, and pick the best thing that works. That’s it. Isn’t that amazing?

Let’s look at this algorithm in a bit more detail. We’re going to deviate from the ICE spec here and there, so if you’re trying to implement an interoperable ICE client, you should go read RFC 8445 and implement that.

How to take back control of /etc/resolv.conf on Linux

Several DNS-related programs want to automatically manage the DNS name server and resolution configuration file at /etc/resolv.conf. In some situations, you may want to manage this file yourself. Here is how you identify which programs are automatically managing this file on your Linux distribution, and how you can take back manual control of the file.

There are quite a few different tools that fight to control a Linux system’s DNS resolution configuration file /etc/resolv.conf including netconfig, NetworkManager, resolvconf, rdnssd, and systemd-resolved.

Tagged as: , , , , , , , , , , , , , , , , , | Author:
[Samstag, 20210102, 05:00 | permanent link | 0 Kommentar(e)


Make working with PuTTY on Windows more bearable

Unfortunately, I had the „pleasure” of having to use „Enterprise” configured Windows machines extensively lately to connect to Linux boxes. One of the things that drove me crazy, is the akward way of pasting stuff into a PuTTY session.

Thankfully, the author of PuTTY, Simon Tatham, addressed this in the recent versions of PuTTY (which was surprisingly available to me in this „enterprise” environment).

So in Version 0.71 and higher, you can configure Ctrl+Shift+C/V to behave as Ctrl+C/V, which makes working with PuTTY „keyboard only” much more managable.

PuTTY Reconfiguration

/via stackexchange

Tagged as: | Author:
[Freitag, 20210101, 21:18 | permanent link | 0 Kommentar(e)


Resize A4 PDF for Moleskin Inclusion

Command to resize A4 PDF files so I can glue it into my Moleskin (Classic):

pdfjam --landscape --frame true --nup '2x1' --templatesize '{17cm}{27cm}' 
--noautoscale false  --outfile moleskin.pdf source_file1.pdf sourc_file2.pdf 

Tagged as: | Author:
[Freitag, 20210101, 16:00 | permanent link | 0 Kommentar(e)


Links from 2020-12-31

The sounds of (old) computer games loading

In the 8-bit age, data screeched slowly off tape decks. In the 16-bit era, floppy drives whirred, clinked and chunked according to the peculiarities of the system’s disk controller. For the BBC’s "Boring Talks"—podcasts about things most people would find boring—journalist Keith Stuart remembers.

Tagged as: , , , | Author:
[Freitag, 20210101, 05:00 | permanent link | 0 Kommentar(e)


Disclaimer

„Leyrers Online Pamphlet“ ist die persönliche Website von mir, Martin Leyrer. Die hier veröffentlichten Beiträge spiegeln meine Ideen, Interessen, meinen Humor und fallweise auch mein Leben wider.
The postings on this site are my own and do not represent the positions, strategies or opinions of any former, current or future employer of mine.
Impressum / Offenlegung gemäß § 25 Mediengesetz

Search

Me, Elsewhere

Tag Cloud

2007, 2blog, 2do, 2read, a-trust, a.trust, a1, accessability, acta, advent, age, ai, amazon, ankündigung, apache, apple, at, audio, austria, backup, barcamp, basteln, bba, big brother awards, birthday, blog, blogging, book, books, browser, Browser_-_Firefox, bruce sterling, buch, bürgerkarte, cars, cartoon, ccc, cfp, christmas, cloud, coding, collection, command line, commandline, computer, computing, concert, conference, copyright, covid19, css, database, date, datenschutz, debian, delicious, demokratie, design, desktop, deutsch, deutschland, dev, developer, development, devops, digitalisierung, digitalks, dilbert, disobay, dna, dns, Doctor Who, documentation, Domino, domino, Douglas Adams, download, downloads, drm, dsk, dvd, e-card, e-government, e-mail, e-voting, E71, education, Ein_Tag_im_Leben, elga, email, encryption, essen, EU, eu, event, events, exchange, Extensions, fail, fedora, feedback, film, firefox, flash, flightexpress, food, foto, fsfe, fun, future, games, gaming, geek, geld, git, gleichberechtigung, google, graz, grüne, grüninnen, hack, hacker, handtuch, handy, hardware, HHGTTG, history, how-to, howto, hp, html, humor, ibm, IBM, ical, iCalendar, image, innovation, intel, internet, internet explorer, iot, iphone, ipod, isp, IT, it, itfails, itfailsAT, itfailsDE, java, javascript, job, jobmarket, journalismus, keyboard, knowledge, konzert, language, laptop, law, lego, lenovo, life, links, Linux, linux, linuxwochen, linuxwochenende, live, living, living, lol, london, lost+found, lotus, Lotus, lotus notes, Lotus Notes, LotusNotes, lotusnotes, lotusphere, Lotusphere, Lotusphere2006, lotusphere2007, Lotusphere2008, lotusphere2008, lustig, m3_bei_der_Arbeit, mac, mail, marketing, mathematik, media, medien, metalab, microsoft, Microsoft, mITtendrin, mITtendrin, mobile, mood, motivation, movie, mp3, multimedia, music, musik, männer, nasa, nerd, netwatcher, network, netzpolitik, news, nokia, notes, Notes, Notes+Domino, office, online, OOXML, open source, openoffice, opensource, orf, orlando, os, outlook, patents, pc, pdf, performance, perl, personal, php, picture, pictures, podcast, politics, politik, pr, press, press, presse, privacy, privatsphäre, productivity, programming, protest, public speaking, qtalk, quintessenz, quote, quotes, radio, rant, rant, recherche, recht, release, review, rezension, rezension, rip, rss, science, search, security, server, settings, sf, shaarli, Show-n-tell thursday, sicherheit, silverlight, smtp, SnTT, social media, software, sony, sound, space, spam, sprache, sprache, spö, ssh, ssl, standards, storage, story, stupid, summerspecial, summerspecial, sun, surveillance, sysadmin, talk, talk, talks, technology, The Hitchhikers Guide to the Galaxy, theme, think, thinkpad, thunderbird, tip, tipp, tools, topgear, torrent, towel, Towel Day, TowelDay, travel, truth, tv, twitter, ubuntu, ui, uk, unix, update, usa, usb, vds, video, video, videoüberwachung, vienna, vim, Vim, vintage, vista, vorratsdatenspeicherung, vortrag, wahl, wcm, wcm, web, web 2.0, web2.0, Web20, web20, webdesign, werbung, wien, wiener linien, wikileaks, windows, windows, windows 7, wired, wishlist, wissen, Wissen_ist_Macht, wlan, work, workshops, wow, writing, wtf, wunschzettel, Wunschzettel, www, xbox, xml, xp, zensur, zukunft, zukunft, zune, österreich, österreich, övp, übersetzung, überwachung

AFK Readinglist