If you try to upgrade linux distribution (for example from 14.04 to 16.04) sometimes upgrade fail because of no free space at /boot partition. This happens because there are old kernel installed that are no longer needed. To remove old kernel you shoul issue command like this:
sudo apt-get purge linux-image-x.x.x-xx-generic
where "x" are numbers. so you remove all kernels except one that is used. ( check it with uname -r command). Usually in /boot partition there are many of kernels, so removing them one by one is time consuming operation. To make it more convenient use that crazy long command and wait :)
sudo apt-get purge $(dpkg -l linux-{image,headers}-"[0-9]*" | awk '/ii/{print $2}' | grep -ve "$(uname -r | sed -r 's/-[a-z]+//')")
It remove all unused kernels from your /boot partition.
Wednesday, October 19, 2016
Thursday, October 13, 2016
How to check your "external" ip from command line.
Sometimes when you are behind the NAT you need to know what is your "external" IP address.
You can check it from browser(for ex. http://whatismyip.org), but what if you have only command line? Just type in these lines:
nslookup myip.opendns.com. resolver1.opendns.com
do not forget dot "." after first host.
You can check it from browser(for ex. http://whatismyip.org), but what if you have only command line? Just type in these lines:
nslookup myip.opendns.com. resolver1.opendns.com
do not forget dot "." after first host.
Thursday, October 6, 2016
Install x11vnc on xubuntu 16.04 for remote access
Tight VNC server opens new session, but if you need to connect to active session(like in teamviewer when user see what you are doing) I suggest to install x11vnc.
Installation process as follows:
sudo apt-get install x11vnc -y
next - specify password for remote connections:
sudo x11vnc -storepasswd /etc/x11vnc.pass
now create service unit file:
sudo touch /lib/systemd/system/x11vnc.service
and open it in editor:
sudo nano /lib/systemd/system/x11vnc.service
paste to file:
[Unit]
Description=Start x11vnc at startup.
After=multi-user.target
[Service]
Type=simple
ExecStart=/usr/bin/x11vnc -auth guess -forever -loop -noxdamage -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -shared
[Install]
WantedBy=multi-user.target
now configure service:
sudo systemctl enable x11vnc.service
sudo systemctl daemon-reload
now reboot and try to connect to x11vnc.
Installation process as follows:
sudo apt-get install x11vnc -y
next - specify password for remote connections:
sudo x11vnc -storepasswd /etc/x11vnc.pass
now create service unit file:
sudo touch /lib/systemd/system/x11vnc.service
and open it in editor:
sudo nano /lib/systemd/system/x11vnc.service
paste to file:
[Unit]
Description=Start x11vnc at startup.
After=multi-user.target
[Service]
Type=simple
ExecStart=/usr/bin/x11vnc -auth guess -forever -loop -noxdamage -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -shared
[Install]
WantedBy=multi-user.target
now configure service:
sudo systemctl enable x11vnc.service
sudo systemctl daemon-reload
now reboot and try to connect to x11vnc.
Wednesday, September 28, 2016
How to change product key in Office 2016.
There is no option to change product key in "Add/Remove programs" trough control panel.
Instead of using Control Panel, run command prompt with administrative privileges and run following commands:
to check key status:
For Office 2016 32bit on 32bit version of Windows
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /dstatus
For Office 2016 32bit on 64bit version of Windows
cscript "C:\Program Files (x86)\Microsoft Office\Office16\OSPP.VBS" /dstatus
For Office 2016 64bit on 64bit version of Windows
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /dstatus
you'll get installed license details and last 5 character of Product Key.
you can change product key by entering command /inpkey:value for example:
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /inpkey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Instead of using Control Panel, run command prompt with administrative privileges and run following commands:
to check key status:
For Office 2016 32bit on 32bit version of Windows
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /dstatus
For Office 2016 32bit on 64bit version of Windows
cscript "C:\Program Files (x86)\Microsoft Office\Office16\OSPP.VBS" /dstatus
For Office 2016 64bit on 64bit version of Windows
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /dstatus
you'll get installed license details and last 5 character of Product Key.
you can change product key by entering command /inpkey:value for example:
cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /inpkey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Friday, September 23, 2016
Exchange 2013. Got error 500 when try to login to ECP.
Problem: when trying to access exchange control panel, after entering credentials server returns error 500. If you look to event viewer you find the errors like this:
System.InvalidOperationException: Cannot load Counter Name data because an invalid index 'W3SVC_W3WP' was read from the registry.
Login to OWA is working normally.
Solution: On server run command prompt with administrative privilegies and run command:
lodctr /R
If you get an error, try to run again. After it finished with success, restart IIS with command
iisrestart
After that try to login to ECP.
System.InvalidOperationException: Cannot load Counter Name data because an invalid index 'W3SVC_W3WP' was read from the registry.
Login to OWA is working normally.
Solution: On server run command prompt with administrative privilegies and run command:
lodctr /R
If you get an error, try to run again. After it finished with success, restart IIS with command
iisrestart
After that try to login to ECP.
Friday, September 2, 2016
Exchange 2013. Add mailbox from powershell.
Check database name:
Get-MailBoxDatabase
for existing user mailenable it:
Enable-Mailbox estherv@contoso.com -Database UsersMailboxDatabase
if you create new user:
New-Mailbox -Alias pilarp -Name "Pilar Pinilla" -FirstName Pilar -LastName Pinilla -DisplayName "Pilar Pinilla" -UserPrincipalName pilarp@contoso.com -Password (ConvertTo-SecureString -String 'Pa$$word1' -AsPlainText -Force)
add additional email addresses if needed:
Set-Mailbox "Tom Taylor" -EmailAddresses @{add="tomt@acme.com","tom.taylor@acme.com"}
choose default reply to address:
Set-Mailbox "Tom Taylor" -PrimarySmtpAddress tom.taylor@acme.com
if mailbox is configured to use an email address policy then you shoul disable it first(before doing previous step):
Set-Mailbox "Tom Taylor" -EmailAddressPolicyEnabled $false
check is user created:
Get-Mailbox <Name> | FL Name,RecipientTypeDetails,PrimarySmtpAddress
check what distribution group configured
Get-DistributionGroup
Add mailbox to distribution group
Add-DistributionGroupMember -Identity "Staff" -Member "tomtaylor@acme.com"
Get-MailBoxDatabase
for existing user mailenable it:
Enable-Mailbox estherv@contoso.com -Database UsersMailboxDatabase
if you create new user:
New-Mailbox -Alias pilarp -Name "Pilar Pinilla" -FirstName Pilar -LastName Pinilla -DisplayName "Pilar Pinilla" -UserPrincipalName pilarp@contoso.com -Password (ConvertTo-SecureString -String 'Pa$$word1' -AsPlainText -Force)
add additional email addresses if needed:
Set-Mailbox "Tom Taylor" -EmailAddresses @{add="tomt@acme.com","tom.taylor@acme.com"}
choose default reply to address:
Set-Mailbox "Tom Taylor" -PrimarySmtpAddress tom.taylor@acme.com
if mailbox is configured to use an email address policy then you shoul disable it first(before doing previous step):
Set-Mailbox "Tom Taylor" -EmailAddressPolicyEnabled $false
check is user created:
Get-Mailbox <Name> | FL Name,RecipientTypeDetails,PrimarySmtpAddress
check what distribution group configured
Get-DistributionGroup
Add mailbox to distribution group
Add-DistributionGroupMember -Identity "Staff" -Member "tomtaylor@acme.com"
Wednesday, August 24, 2016
How to turn on "save as..." prompt on Microsoft Edge browser
I really miss the "save as" prompt in Microsoft edge browser. By default it just start to download file without asking where i want to save it. By default it save file to user's profile "download" directory, but what to do if you have no space on that drive and need to download large file? Fortunately there are solution.
- Open command prompt or press "win"+r keys.
- Type in "regedit" and press "enter".
- Navigate to key HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\
- If there no "Download" key create it.
- Navigate to Download key and create DWORD value "EnableSavePrompt"
- Assign value "1" if you want "Save As..." prompt or "0" to turn off.
Tuesday, August 23, 2016
Ubuntu 16.04. How to generate self signed SSl certificate for NGINX and add it to trusted list.
First you need to generate self-signed certificate to NGINX:
Create directory for certificates:
sudo mkdir /etc/nginx/ssl
Now generate ssl certificate:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]: New York
Locality Name (eg, city) []:New York City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Acme, Inc.
Organizational Unit Name (eg, section) []:Research dep.
Common Name (e.g. server FQDN or YOUR name) []:your_domain.com
Email Address []:admin@your_domain.com
Now self signed certificate generated, we need to configure NGINX to use SSL.
open nginx site config file. (usually /etc/nginx/sites-available/<some_name>.conf
you will find something like this:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
server_name your_domain.com;
location / {
try_files $uri $uri/ =404;
}
}
Add the following lines:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html index.htm;
server_name your_domain.com;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
location / {
try_files $uri $uri/ =404;
}
}
save and close file, then restart nginx:
sudo service nginx restart
Then test is your site accessible via https. Open browser and select https: instead of http.
You likely get a warning that you site use untrusted certifcate. That is normal because we use self-signed certificate.
Now if we want to communicate with this server from another machine using https: we need to add our certificate to "trusted list" on another machine:
go to /usr/local/share/ca-certificates/, create new folder folder and copy .crt file.
cd /usr/local/share/ca-certificates
sudo mkdir <dir_name>
make sure that permissions are OK. 755 for the folder and 644 for file.
Next you should update certificate list:
sudo update-ca-certificates
-------- method 2 -----------
go to /usr/share/ca-certificates:
cd /usr/share/ca-certificates
create new dir.
sudo mkdir <dir_name>
issue command:
sudo dpkg-reconfigure ca-certificates calls update-ca-certificates internally
P.S.
I noticed that this will not help if you use try to connect to server using python and urllib3. I always got message:
[SSL: CERTIFICATE_VERIFY_FAILED]
this was solved to add VERIFY='path_to_certificate_file' in requests.post() function
Create directory for certificates:
sudo mkdir /etc/nginx/ssl
Now generate ssl certificate:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
- openssl: This is the basic command line tool for creating and managing OpenSSL certificates, keys, and other files.
- req: This subcommand specifies that we want to use X.509 certificate signing request (CSR) management. The "X.509" is a public key infrastructure standard that SSL and TLS adheres to for its key and certificate management. We want to create a new X.509 cert, so we are using this subcommand.
- -x509: This further modifies the previous subcommand by telling the utility that we want to make a self-signed certificate instead of generating a certificate signing request, as would normally happen.
- -nodes: This tells OpenSSL to skip the option to secure our certificate with a passphrase. We need Nginx to be able to read the file, without user intervention, when the server starts up. A passphrase would prevent this from happening because we would have to enter it after every restart.
- -days 365: This option sets the length of time that the certificate will be considered valid. We set it for one year here.
- -newkey rsa:2048: This specifies that we want to generate a new certificate and a new key at the same time. We did not create the key that is required to sign the certificate in a previous step, so we need to create it along with the certificate. The
rsa:2048portion tells it to make an RSA key that is 2048 bits long. - -keyout: This line tells OpenSSL where to place the generated private key file that we are creating.
- -out: This tells OpenSSL where to place the certificate that we are creating.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]: New York
Locality Name (eg, city) []:New York City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Acme, Inc.
Organizational Unit Name (eg, section) []:Research dep.
Common Name (e.g. server FQDN or YOUR name) []:your_domain.com
Email Address []:admin@your_domain.com
Now self signed certificate generated, we need to configure NGINX to use SSL.
open nginx site config file. (usually /etc/nginx/sites-available/<some_name>.conf
you will find something like this:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
server_name your_domain.com;
location / {
try_files $uri $uri/ =404;
}
}
Add the following lines:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html index.htm;
server_name your_domain.com;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
location / {
try_files $uri $uri/ =404;
}
}
save and close file, then restart nginx:
sudo service nginx restart
Then test is your site accessible via https. Open browser and select https: instead of http.
You likely get a warning that you site use untrusted certifcate. That is normal because we use self-signed certificate.
Now if we want to communicate with this server from another machine using https: we need to add our certificate to "trusted list" on another machine:
go to /usr/local/share/ca-certificates/, create new folder folder and copy .crt file.
cd /usr/local/share/ca-certificates
sudo mkdir <dir_name>
make sure that permissions are OK. 755 for the folder and 644 for file.
Next you should update certificate list:
sudo update-ca-certificates
-------- method 2 -----------
go to /usr/share/ca-certificates:
cd /usr/share/ca-certificates
create new dir.
sudo mkdir <dir_name>
issue command:
sudo dpkg-reconfigure ca-certificates sudo dpkg-reconfigure ca-certificates calls update-ca-certificates internally
P.S.
I noticed that this will not help if you use try to connect to server using python and urllib3. I always got message:
[SSL: CERTIFICATE_VERIFY_FAILED]
this was solved to add VERIFY='path_to_certificate_file' in requests.post() function
Friday, January 8, 2016
Python 3.5.0 do not install on Win7 64bit
Installation was finished with error :
Error 0x80240017: Failed to execute MSU package.
After googling for around an hour solution was founded. All you need is uninstall microsoft update KB2999226. Go to windows update -> installed updates -> find that update and uninstall.
After that start python instalation.
Subscribe to:
Posts (Atom)