Doug’s Blog

Handily dispensing information to .00000001% of the world’s population

Archive for the ‘Unix’ Category

SFTP in Perl Connecting to Legacy Server

Tuesday, January 16th, 2018

We had a client that had a need to do automated SFTPs to various sites. It turns out that some of the sites had an older SSHD that would generate an error like “DH Group Exchange reply out of range”, and that required this parameter if you were using SFTP from the command line:


Now in Perl we were using Net::SFTP and it took some finagling (yes, that’s really a word) to figure out the proper settings, so here they were in case you were having trouble. And we had to add the warn flag otherwise we would get this warning:

Couldn’t fsetstat: Permission denied

Another oddity was that when we were putting files, the SFTP server allowed multiple files with the same name! Very odd, so we had to make sure to add a $sftp->do_remove command prior to the put command.

Here is what we used for the function call:

%sftp_args =
( “user” => “myuser”,
“password” => “mypass”,
“debug” => 0,
“warn” => 0,
“ssh_args” => [ options => [ “KexAlgorithms diffie-hellman-group1-sha1″ ] ]

$sftp = Net::SFTP->new($sftp_host,%sftp_args);

Adding Skype to Pidgin

Thursday, July 13th, 2017

I’m running Fedora Linux using KDE and like using the IM client Pidgin to handle gmail/yahoo im services. But I just recently added Skype which is nice… I did get an error message from Pidgin at first, “Failed getting PIE value” which was due to the skype client plugin being too old in my yum installation. So, I installed by source as follows and everything worked great!

git clone git://
cd skype4pidgin/skypeweb
sudo make install


Postfix shows Connection Timed Out but direct telnet works

Saturday, November 26th, 2016

I ran into an interesting problem the other day when a client’s mail server was failing to send email. If you viewed the mail queue you would see a lot of “Connection timed out” errors.

Now one way to test this is to manually telnet to port 25 of the server you are emailing to, and walk through the handshaking manually. This in fact worked in this case! So why wouldn’t Postfix work?

The one thing that comes to mind is the ISP is not allowing port 25 outgoing, or in general it is a firewall issue. But as I said, I could use telnet just fine.

I found that the server had multiple IP addresses configured, and indeed it was a firewall issue, BUT only on some of the IPs! You can configure Postfix to use certain IPs outbound under certain scenarios, which was exactly the problem. After editing “/etc/postfix/” and reviewing the lines with “smtp_bind_address”, once I updated those address settings to be the main server IP that was allowed outbound, then everything worked.

Installing Node.js4 in Centos7 with Yum

Saturday, July 23rd, 2016

A quick summary that may help people who are installing AngularJS v2 and need to make sure they have the latest stuff.

First off, CentOS does not use a recent version of Node,js or NPM due to, well, lots of reasons! In fact the version the repo has for Nodejs is ZERO and it is already up to 4, 5 and 6. So that’s pretty damn old. When I’m in the software store and the guy asks “hey, do you want version 6 of that software?”, I rarely find myself saying, “Nah, please hit me with version zero.” What software store do I speak of? Well, this one of course!

All your software needs conveniently located at the shopping mall

Anyway, here is what you do to get the version 4 for nodejs etc:

curl –silent –location | bash –

yum install -y nodejs

Disable search in google chrome address bar

Thursday, July 14th, 2016

I dislike how Chrome has turned the address bar (also known as a “location bar” or “URL bar”) into an “Omnibox”. Since I run Chrome on my Linux box, and I have a bunch of test hosts defined in my /etc/hosts file, everytime I try to shortcut by just typing a dev hostname, Google pops up a damn search result!

There are some posted methods to avoid this. One was to check chrome://flags, which does have a bunch of nice settings, however my version of Chrome DID NOT have the one to do this!

Instead I found that creating my own search engine option was the solution. Go to chrome://settings/ and choose “Manage Search Engines”. In there, add a new one with “none”, “null” and “http://%s” as the options.

Boom! No more annoying forced search! Suck it, Omnibox!

OK, deep breath.

Increasing Network Connections in Centos7

Wednesday, February 24th, 2016

I had a client who was losing network connectivity intermittently recently and it turns out they needed to increase the high limit for network connections. Centos7 has some variable name changes from previous versions so here are some helpful tips on how to increase the limits.

In older Centos you might have seen these error messages:

ip_conntrack version 2.4 (8192 buckets, 65536 max) – 304 bytes per conntrack

In newer verions, something like:

localhost kernel: nf_conntrack: table full, dropping packet

The below is for Centos versions that have renamed the ip_conntrack to nf_conntrack.

To get a list of network parameters:

sysctl -a | grep netfilter

This shows current value for the key parameter:

/sbin/sysctl net.netfilter.nf_conntrack_max

This shows your system current load:

/sbin/sysctl net.netfilter.nf_conntrack_count

So now to update the value in the kernel to triple the limit, of course make sure your RAM has room with what you choose:

/sbin/sysctl -w net.netfilter.nf_conntrack_max = 196608

To make it permanent after reboot, please add these values to the /etc/sysctl.conf

net.ipv4.netfilter.ip_conntrack_max = 196608

Hope this helps!

Getting Motion working with Vivotek IP Camera

Thursday, August 27th, 2015

I finally got around to looking into rigging up some security cameras around my home so I can find out what damn neighbors have been letting their dogs do their business in front of my gate! I actually caught one woman and her dog and when I pointed out nicely that there was a tree only 20 feet down the sidewalk, she said her dog wants to urinate where it wants, so she lets it because it pulls the leash. Yeah, well, that’s why you are the HUMAN and the master to the animal. Ah, don’t get me started, that is a whole other blog post.

Anyway, where were we? Oh, right! IP cameras! I decided upon the Vivotek IB8369 since, well, it’s awesome. Works at night, great resolution, nice range, can be outdoors, uses POE, and a bunch of other stuff, check the website, what am I, a sales guy?

OK, next step, I wanted to rig this up using my Linux box, not Windows. So I decided to use Motion to capture AVI video when there is motion detected. It will do so, AND store individual JPG frames so you can pick one that is a nice shot and then post it all around your neighborhood with a caption that says “BAD DOG OWNER”. Your needs may differ.

Getting Motion working was a bit of a hassle, here are a few things I did that could help you if you are trying to set this up also.

First, the camera itself, you should set a static IP on it using it’s web interface, and then I had to go into Configuration->Media->Video and set stream 1 to use JPEG. You will also need to set the “Frame size” to something where the width/height are divisible by 16, otherwise you will see messages like below from the Motion logs:

[1] [CRT] [NET] [Aug 27 18:45:01] netcam_start: netcam image height (1080) is not modulo 16

And here is a screenshot of the webcam settings page:

The next thing is to make sure your /etc/motion.conf has good settings. If you haven’t, you could see messages in the log like:

[1] [NTC] [STR] [Aug 27 18:49:06] http_bindsock: motion-stream testing : IPV4 addr: port: 8081
[1] [CRT] [STR] [Aug 27 18:49:06] http_bindsock: motion-stream bind() failed, retrying:
[1] [ERR] [STR] [Aug 27 18:49:06] http_bindsock: motion-stream socket failed, retrying:
[1] [CRT] [STR] [Aug 27 18:49:06] http_bindsock: motion-stream creating socket/bind ERROR:
[1] [ERR] [ALL] [Aug 27 18:49:06] motion_init: Problem enabling motion-stream server in port 8081:

Most are okay from the defaults, here are the ones I changed to make things work:

netcam_keepalive on
target_dir /var/motion
stream_motion on
stream_localhost off
webcontrol_localhost off

And then finally the commands to run Motion:

chown motion /var/motion/
service motion start
tail -f /var/log/motion.log

The error log is your friend, and once you have things working nicely, change the log level in the conf file to something more reasonable.




Too many systemd: Created slice !

Tuesday, August 4th, 2015

Installing the recent linux version seems to come with a default setting of flooding the /var/log/messages with entirely annoying duplicitous messages like:

 systemd: Created slice user-0.slice.
systemd: Starting Session 1013 of user root.
systemd: Started Session 1013 of user root.
systemd: Created slice user-0.slice.
systemd: Starting Session 1014 of user root.
systemd: Started Session 1014 of user root.

Here is how I got rid of these:

vi /etc/systemd/system.conf

And then uncomment LogLevel and make it: LogLevel=notice


systemctl restart rsyslog
systemd-analyze set-log-level notice


Fedora21 and Video Configuration

Tuesday, May 19th, 2015

Another Fedora upgrade, another few hours spent mucking about with xorg.conf and video settings!

So I have two workstations I was upgrading, one I chose to stick with nouveau and the other I used nvidia drivers.

The nouveau one, I had an older card, the GeForce GTX 275, and the nvidia drivers I downloaded did not work well, so it was easier to stick with nouveau. You can use lspci to see your card info:

/sbin/lspci | grep VGA

Fedora found my card and monitors, but one of them did not get the proper resolution. After a number of failed attempts at configuring xorg.conf, I ended up just using the following in my .xinitrc:

/bin/xrandr –addmode DVI-I-2 1920×1080
/bin/xrandr –output DVI-I-2 –mode 1920×1080

and that worked. You could also put that in a file like “/etc/X11/xinit/xinitrc.d/99-xrandr” like this, and make sure you “chmod a+x” on the file:

/bin/xrandr –addmode DVI-I-2 1920×1080
/bin/xrandr –output DVI-I-2 –mode 1920×1080

For the nvidia install, I had to do the following steps

  • Download the driver from
  • Drop out of the GUI with “init 3″ as root
  • Run the driver file, i.e. “sh ./”
  • When you run the file, it will ask if you want to blacklist the nouveau stuff, and the answer is yes! It will create “/etc/modprobe.d/nvidia-installer-disable-nouveau.conf” with the following:

# generated by nvidia-installer
blacklist nouveau
options nouveau modeset=0

Then you need to edit your grub file “/boot/grub2/grub.cfg” and find your recent vmlinuz line and add this to the end of it:


Then you can reboot. You’ll need to muck with the xorg.conf, you can see my version here.

Another thing to note, you should make note of your IP address, if you wreck your video output and can’t get the GUI to show anymore, you can still SSH into the machine and change things and reboot. I got into a case where my box had DHCP so I didn’t know the IP anymore, and I did the following to get in and fix my xorg.conf:

  • Boot up the live CD
  • You want to mount your drive now, but first you need to find it via “pvs”
  • Pvs will show you the name to use for “lvdisplay fedora” as an example, you may need to change “fedora” to your drive name
  • Lvdisplay will show you the LVM partitions, you want to mount the root partition to get into /etc/X11, I had to do “mount /dev/fedora/lv_root /mnt”

Once mounted, you can tweak the grub or the xorg.conf, whichever caused you to lose the video settings!

Hope this helps someone!

Installing MDB Tools in CentOS 7

Wednesday, February 25th, 2015

MDB tools sure do come in handy when you have to handle someone’s old nasty microsoft access files!

On older Centos, I could just yum add mdbtools, but on Centos 7 I found the following was required.

First, you need to make sure you add these packages (you may need others in addition but these were the ones I had to add):

yum -y install glib2-devel
yum -y install autoconf
yum -y install automake
yum -y install txt2man
yum -y install gnome-doc-utils
yum -y install libtool
yum -y install unixODBC unixODBC-devel
yum -y install flex flex-devel bison bison-devel

Why did I split all that into 8 lines when I guess we could have just stuck them all in one? Why did I put flex and bison in one line, but not others? Who knows! Just roll with it.

Then you need to grab the source and compile:

mkdir tmp1; cd tmp1
git clone mdbtools
cd mdbtools
autoreconf -i -f
./configure –with-unixodbc=/usr
make install