You can't borrow my rack

Sunday, November 16, 2014

Please create RSA keys (of atleast 768 bits size) to enable SSH v2

When the router booted up it already had a key pair generated, but our newly created keypair (1024) has a different name.

The ip ssh rsa keypair-name command was also introduced in Cisco IOS Release 12.3(4)T so that you can enable an SSH connection using the RSA keys that you have configured. Previously, SSH was linked to the first RSA keys that were generated (that is, SSH was enabled when the first RSA key pair was generated). The behavior still exists, but by using the ip ssh rsa keypair-name command, you can overcome that behavior. If you configure the ip ssh rsa keypair-name command with a key pair name, SSH is enabled if the key pair exists, or SSH will be enabled if the key pair is generated later. If you use this command to enable SSH, you are not forced to configure a hostname and a domain name, which was required in SSH Version 1 of the Cisco IOS software.

R1#sh crypto key mypubkey rsa
% Key pair was generated at: 00:02:15 UTC Mar 1 2002
Key name: R1.mydomain.com
Storage Device: private-config
Usage: General Purpose Key
Key is not exportable.
Key Data:
<--- ommited --->
% Key pair was generated at: 00:00:05 UTC Mar 1 2002
Key name: R1.mydomain.com.server
Temporary key
Usage: Encryption Key
Key is not exportable.
Key Data:
<--- ommited --->
% Key pair was generated at: 00:03:28 UTC Mar 1 2002
Key name: R1.gns3.com
Storage Device: not specified
Usage: General Purpose Key
Key is not exportable.
Key Data:
<--- ommited --->

R1(config)#ip ssh rsa keypair-name R1.gns3.com
R1(config)#
*Mar 1 00:05:09.039: %SSH-5-DISABLED: SSH 1.5 has been disabled
*Mar 1 00:05:09.055: %SSH-5-ENABLED: SSH 1.99 has been enabled
R1(config)#ip ssh version 2
R1(config)#do sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3

Sunday, August 17, 2014

Rebuild python-vmcloud from source

The information found here are mainly my own personal technical notes, whatever/however you use it is solely you decision !

Rebuild the python-vmcloud from source

/var/lib/dpkg/info/python-vmcloud.*

Create a working directory named "python-vmcloud", the folder structure will be as below

*** copy all the file listed in python-vmcloud.list !
*** cp -a --- copying of subfolders
*** mkdir -p --- create directory with subdirectory

python-vmcloud/
----DEBIAN/
--------control
--------postinst
--------postrm
--------prerm
----etc/
----usr/
----var/

the files under DEBIAN folder are plain text files. "control" file content is as below but without the "###"

### start of control file ####
Package: python-vmcloud
Priority: optional
Section: python
Installed-Size: 307948
Maintainer: vmcloud-dev <vmcloud-dev@cisco.com>
Architecture: all
Source: vmcloud
Version: 0.5.4-1
Replaces: python-vmcloud-st
Depends: python2.7, python (>= 2.7.1-0ubuntu2), python (<< 2.8), python-pexpect, python-lxml, python-libxml2,
virtinst, libvirt-bin, qemu-kvm, mkisofs, genisoimage, python-bottle, python-paste
Conflicts: python-vmcloud-st
Conffiles:
/etc/vmcloud/internal_config f038aed945325df744cd2d68c35b4705
/etc/vmcloud/vmcloudrc dcd847aae42f25b9982735701c45071b
/etc/init/vmcwebsvc.conf aea48c35713d76fb1894e7ae4385d2d7

Description: Cisco Network Device Emulator Orchestration Tool
### end of control file ####

When all the files/folders are ready, execute the command to rebuild the .deb

# dpkg-deb -b python-vmcloud

Installation of VMcloud

# dpkg -i python-vmcloud.deb

because there are some dependencies, run the command to auto install them

# sudo apt-get -f install

Redo the dpkg installation again

# dpkg -i python-vmcloud

Set the SUID for the file /usr/bin/vmcnet
# sudo chmod 4775 /usr/bin/vmcnet

*** This allow the application to run as root.

Change the ownership to "root"
# chown root:root /usr/bin/vmcloud
# chown root:root /usr/bin/vmcnet
# chown root:root /usr/bin/vmcwebsvc

Testing the installation

Edit the VIRL configuration (3node.virl) to remove out below parameters

# nano /usr/share/vmcloud/data/examples/3node/3node.virl

<entry key="import files" type="String">/usr/share/vmcloud/data/examples/3node/router1.p12</entry>

Run the topology from the template

# vmcloud netcreate -v /usr/share/vmcloud/data/examples/3node/3node.virl 3NODE

Using default configuration: /etc/vmcloud/vmcloudrc
Launching NDE network ...
Created domain: labguide.3NODE.router1 (console=127.0.0.1 3533, aux=127.0.0.1 3534)
Created domain: labguide.3NODE.router2 (console=127.0.0.1 3535, aux=127.0.0.1 3536)
Created domain: labguide.3NODE.router3 (console=127.0.0.1 3537, aux=127.0.0.1 3538)
NDE network launch: Success

Thursday, August 14, 2014

Change Linux command line output color

By default the color when we remotely connect to a Linux shell, the color of folder is signified by the color Navy BLUE. Which is hard to make out from a black color background.

A bit of customizing and you can change it.

# cp /etc/DIR_COLORS ~/.dir_colors

# nano .dir_colors

Scroll down till the DIR and edit the color parameter

Blue = 34
Green = 32
Light Green = 1;32
Cyan = 36
Red = 31
Purple = 35
Brown = 33
Yellow = 1;33
white = 1;37
Light Grey = 0;37
Black = 30
Dark Grey= 1;30

log off from the shell and login back

Sunday, August 3, 2014

Checkpoint R76 SmartConsole prerequisites installation

Checkpoint SmartConsole has some dependencies which will need to be fullfill before it will install.

OS : Windows XP SP3

Windows Installer version 3.1 or higher is required to perform this installation. [LINK]
Microsoft .NET Framework 2 SP2 [LINK]
Microsoft .NET Framework 4 [LINK]
Microsoft Visual C++ 2010 Redistributable Package [LINK]
Windows Imaging Component [LINK]