# configure terminal
(config)# crypto key generate ssh
will generate host key (rsa)
(config)# ip ssh
will enable ssh server daemon
* nb: by default, if a password is not set, then ssh root@switch will
function... sans password
(config)# no telnet-server
adeus telnet...
(config)# write memory
once done, this also means that one may no longer use free HP OpenManage switch tools to configure the switches.
Wednesday, May 26, 2010
telnet is fine, but ssh is better
on your hp procurve switch cli:
Thursday, May 20, 2010
sophos sometimes fails and has enterprise console problems
if when updating a CID or downloading a new package, the following message appears:
to right sophos, do the following, per sophos technical support:
"There is a task currently being executed. Please, wait until the task is finished, before starting a new task."the culprit is usually that a download or change has stalled and sophos is unable to honor the request. unfortunately, there is not a corresponding error message in the sophos or system event log.
to right sophos, do the following, per sophos technical support:
"Close down the consoles on your server, the open your Task Manager and click on Processes. On that list kill the DLLLOADER.EXE process. Next go into services and restart the 'Sophos Enterprise Manager Scheduler service.' Now go into EmLibrary and change your parent and it should take this time."
Monday, May 17, 2010
who or what perpetually changes directory names on my public nfs export
i sure hate it when people move or delete stuff on nfs exports. sure, root isn't squashed and half a dozen people need to work on the same thing. so, as opposed to breaking everyone's fingers, i can focus on just one.
place this snippet of code someplace useful and crontab it to run before EOD; just make sure you have perl, tcpdump & bzip installed. in crontab, make sure you have the script's path in the PATH statement.
if you were fancy, you could do something with logrotate or maybe even pipe it off to splunk. if you were fancy.
crontab entry
nfs-mon-script
place this snippet of code someplace useful and crontab it to run before EOD; just make sure you have perl, tcpdump & bzip installed. in crontab, make sure you have the script's path in the PATH statement.
if you were fancy, you could do something with logrotate or maybe even pipe it off to splunk. if you were fancy.
crontab entry
50 23 * * * root /usr/local/bin/nfs-remove-mon
nfs-mon-script
#!/usr/bin/perl
$PIDFILE = "/var/run/nfs-remove-mon.pid";
$LOGFILE_BASE = "/var/log/nfs-remove-mon";
$EXIT = 0;
$SIG{CHLD} = IGNORE;
if ( -e $PIDFILE ) {
$PID = `cat $PIDFILE`;
`kill -HUP $PID`;
$DATE=`date +%F`;
chomp $DATE;
unlink "$LOGFILE_BASE.$DATE.log";
unlink "$LOGFILE_BASE.$DATE.log.bz2";
rename "$LOGFILE_BASE.log", "$LOGFILE_BASE.$DATE.log";
unless (fork()) {
sleep 5;
`bzip2 -9 $LOGFILE_BASE.$DATE.log`;
exit;
}
}
open PID, ">$PIDFILE";
print PID $$;
close PID;
open LOG, ">$LOGFILE_BASE.log";
$STDOUT = select LOG;
$|=1;
select $STDOUT;
open TCPDUMP, "tcpdump -vvvvvv -l -i any -s 0 tcp 2>/dev/null |";
$STDOUT = select TCPDUMP;
$|=1;
select $STDOUT;
$SIG{HUP} = sub { $EXIT = 1; };
while ($line = < tcpdump >) {
if ($line =~ /remove/) {
print LOG $line;
}
last if $EXIT;
}
close TCPDUMP;
close LOG;
Monday, May 10, 2010
solaris 10, your mounts are hanging
On Solaris10 machines, eventhough, mount -o vers=3 host:/remotedir /localdir Is specified, the NFS client will not properly mount the NFS share; in automounter it will not show up, or "not owner" error message will appear when manaully mounting. To resolve the issue, set NFS version to be compatible with earlier version of NFS by forcing nfs-version 3 for clients: Edit /etc/default/nfs - change NFS_CLIENT_VERSMAX=3 Restart nfs client: svcadm restart nfs/client test example: mount -F nfs -o rw,vers=3 server:/export /tmp/import/ Restart automounter by issuing: automount
Friday, May 7, 2010
solaris 10, why don't you unzip nicely?
so, i try to unzip an archive, provided to me by sun, and i get the joyous:
go to a linux box and...
or! just scp over the unzipped directory and burn some candles or something.
didn't find end-of-central-dir signature at end of central dirthat's sort of evil. what to do?
go to a linux box and...
$ unzip -q 10_Recommended.zip $ tar cf - 10_Recommended | gzip > 10_Recommended.tgzand then scp that junk over and use tar xvfz on that bad sun box. if you see this:
tar: ././@LongLink: typeflag 'L' not recognized, converting to regular fileoops. just use your friend:
/usr/sfw/bin/gtaror! just use the -format ustar when creating the tarball.
or! just scp over the unzipped directory and burn some candles or something.
Subscribe to:
Posts (Atom)