Friday, August 28, 2015

Pass Store (Password Manager in command line)


Everybody is facing a problem: too many password to remember. If there are too many to store in brian, then its time to store somewhere else. Some people will simply write on a notebook, some will store it in an excel, and some will download a password manager such as KeePass/KeePassX and LastPass. But as a Linux guy I would like to try another tool in command line: Pass (http://www.passwordstore.org/)

Why need a command line password manager? Having a command line password manager can provide flexibility:

  • you use SSH to connect to the Linux so it is secure and you can view a password of a particular account without touching a mouse
  • you can write simple script to deal with the passwords. for example, generate a number of account/ password pair, or dump a password list
  • This tool is very lightweight. You can store your passwords in a Raspberry Pi !


If you visit the website you may find it is not difficult to use. However, there are some tricks

1. You must setup gpg keyrings before initialising the pass store
2. The name of the pass store is the ID of the gpg key.

Once you setup the pass store you are good to enjoy this tool.

The following steps are the example:

Tuesday, August 25, 2015

HP Gen7 N54L Hardware Upgrade


I have a HP Gen7 N54L. Although Gen8 is released but it also makes N54L more attractive. It is a Microserver and it's worth to get one as a home server. There is a 4 bay enclosure. If you make use of the space of optical drive and the eSata output, the server can serve totally 6 SATA devices which is good enough for a storage server for a SME. 

Originally the configuration is a 4GB ECC memory with a 500GB Black disk. The CPU is AMD Turion(tm) II Neo N54L Dual-Core Processor. It is embedded in the mainboard so there is no way to upgrade it. Also, the main board doesn't have any USB3.0, which is not acceptable nowadays. 

So what can we do in order to make it more productive? For me, I have purchased the following :
  • 2x 2TB Green disks (with software raid, will explain later)
  • Add 4GB non-ECC memory (totally 8GB)
  • Add a USB3.0 pci low profile adapter
I also upgraded the BIOS which can make the harddisks hot pluggable. 

Since I need some time to make a short procedure for the hardware, I just show the result at the moment.

# free
total used free shared buff/cache available
Mem: 8052260 826372 6648096 14800 577792 6854592
Swap: 0 0 0
# lspci |grep -i USB.3
02:00.0 USB controller: Renesas Technology Corp. uPD720202 USB 3.0 Host Controller (rev 02)

Of course I am a Linux guy so it is expected I installed a Linux on it. You can see there are 6GB free right now. And I can even use the USB3.0 ports to connect more hard disks (to backup, for example).

Friday, June 28, 2013

Restore HP-UX from ignite tape (with screen dump)

 Objective

To restore HP-UX (11i, 11.23 should work) from a backup (make_tape_recovery)

  1. Login MP console and recycle it
  2. "CO" to console
  3. Within that "10 seconds", press any key and see the menu
    ---- Main Menu ---------------------------------------------------------------
    
         Command                           Description
         -------                           -----------
         BOot [PRI|ALT|]             Boot from specified path
         PAth [PRI|ALT] []           Display or modify a path
         SEArch [DIsplay|IPL] []     Search for boot devices
    
         COnfiguration menu                Displays or sets boot values
         INformation menu                  Displays hardware information
         SERvice menu                      Displays service commands
    
         DIsplay                           Redisplay the current menu
         HElp [|]           Display help for menu or command
         RESET                             Restart the system
    ----
    Main Menu: Enter command or menu > sea
  4. Insert the tape and run "SEA" to search devices
    Main Menu: Enter command or menu > SEA
    
    Searching for potential boot device(s)
    This may take several minutes.
    
    To discontinue search, press any key (termination may not be immediate).
    
    
                                                                               IODC
       Path#  Device Path (dec)  Device Path (mnem)  Device Type               Rev
       -----  -----------------  ------------------  -----------               ----
       P0     0/0/2/0.0          ide.0               Random access media       1    
       P1     0/1/1/0.0          intscsia.0          Random access media       1    
       P2     0/1/1/1.4          intscsib.4          Sequential access media   1    
    
    
    Main Menu: Enter command or menu >
  5. "P2 0/1/1/1.4 intscsib.4 Sequential access media 1" -> which is the tape drive

OpenVPN server setup on Raspberry Pi

Note: it is for bridge mode only


I found that Raspberry Pi is a good choice for setup OpenVPN server. I can always power on it as the power consumption is low. After setting it up, I can connect VPN to home in office or cafe outside. 

You may think port forwarding by router or via SSH is good enough. However, there are limitations when:
  1. there are lots of services you want to connect from outsider, then your port forwarding rules will be massive
  2. as the OpenVPN client can reconnect automatically, I can have a relative stable connection. Sometimes you would like to have a reserve connect from server to client. My own experience is that in my previous company, I setup OpenVPN client in office and connect to my home, leave the connection alive. Then when I go home I can reconnect to my office PC by remote desktop :)

Objective

  • Internal network: 192.168.28.0/24
  • Setup a OpenVPN server such that client connection will connect to the server and assign a 192.168.28.0/24 IP as if it is within the internal network
  • necessary install
    apt-get install  bridge-utils openvpn 

Tuesday, June 18, 2013

Cisco MDS port zoning 101

Objective

  • There are two FC ports (fd0, fd1) on a hp-ux rp3410 (hostname: rp3410 :) )
  • The storage is EMC VNX5100, we will use SPA P1/P2 and SPB P1/P2.

Physical connection

  • rp3410 fd0 will connect to SW1 port 1/7
  • rp3410 fd1 will connect to SW2 port 1/7
  • VNX5100 SPA P1 on SW1 port 1/1
  • VNX5100 SPB P1 on SW1 port 1/2
  • VNX5100 SPA P2 on SW2 port 1/1
  • VNX5100 SPB P2 on SW2 port 1/2

Switch configuration:

We will create 4 zones, 2 on each switch: The zoneset is "full-zoneset"

SW1 wwn is 20:00:xx:xx:xx:xx:xx:xx
SW2 wwn is 20:00:yy:yy:yy:yy:yy:yy

The VSAN of SW1 is 201, SW2 is 202

(it is port zoning, for soft zoning by wwn, it will be ready later)

SW1:
config t

vsan database
vsan 201 interface 1/7
 
interface 1/7
no shutdown
switchport mode F
switchport description "rp3410_fd0"

zone name rp3410_fd0_VNX5100_VNX_SPA1 vsan 201
member interface fc 1/1 swwn 20:00:xx:xx:xx:xx:xx:xx
member interface fc 1/7 swwn 20:00:xx:xx:xx:xx:xx:xx

zone name rp3410_fd0_VNX5100_VNX_SPB1 vsan 201
member interface fc 1/2 swwn 20:00:xx:xx:xx:xx:xx:xx
member interface fc 1/7 swwn 20:00:xx:xx:xx:xx:xx:xx

zoneset name full-zoneset vsan 201
memeber rp3410_fd0_VNX5100_VNX_SPA1
memeber rp3410_fd0_VNX5100_VNX_SPB1
zoneset activate name full-zoneset
 
SW2
config t

vsan database
vsan 202 interface 1/7

interface 1/7
no shutdown
switchport mode F
switchport description "rp3410_fd1"

zone name rp3410_fd1_VNX5100_VNX_SPA2 vsan 202
member interface fc 1/1 swwn 20:00:yy:yy:yy:yy:yy:yy
member interface fc 1/7 swwn 20:00:yy:yy:yy:yy:yy:yy

zone name rp3410_fd1_VNX5100_VNX_SPB2 vsan 202
member interface fc 1/2 swwn 20:00:yy:yy:yy:yy:yy:yy
member interface fc 1/7 swwn 20:00:yy:yy:yy:yy:yy:yy

zoneset name full-zoneset vsan 202
memeber rp3410_fd1_VNX5100_VNX_SPA2 vsan 202
memeber rp3410_fd1_VNX5100_VNX_SPB2 vsan 202
zoneset activate name full-zoneset