Author: doug

Categories
Unix

SSH hangs when expecting SSH2_MSG_KEX_DH_GEX_GROUP

I encountered this odd issue when I went to SSH from a new CentOS 7 box to an older system, and it just hung with no response. Turning on verbose showed me where it was hanging:

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

I found a number of suggestions on the ‘net as to how to handle this, but the below worked for me. It is a compatibility issue with a newer openSSH connecting to an older one that doesn’t have ciphers as strong.

You need to edit /etc/ssh_config and I added the following to the bottom, so it is under the “host *” items:

SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIDelegateCredentials no
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
HostKeyAlgorithms ssh-rsa,ssh-dss
MACs hmac-md5,hmac-sha1,hmac-ripemd160

Categories
Websites

Google Maps API stopped working on IE

Just got reports today from customers that websites with Google Maps Javascript API stopped working, and it seems Google made some changes a day or so ago.

I found a link that had helpful information, http://stackoverflow.com/questions/28582943/google-maps-v3-19-wont-load-using-embedded-vb6-browser and the exact fix that worked for me was adding this META tag:

<meta http-equiv=”X-UA-Compatible” content=”IE=EDGE” >

Categories
Unix

Problem using virsh-install with Debian ISO

Doing a virsh-install with a debian image, specifically debian-7.8.0-amd64-netinst.iso, I was getting the following error:

ERROR Could not find an installable distribution at ‘/home/vm/debian-7.8.0-amd64-netinst.iso’

The location must be the root directory of an install tree.

After trying a number of things, including trying different path locations like /cdrom, it turns out the virsh-install command prefers “-c” instead of “–location” for this ISO! This is similar also to the WindowsXP ISO. So the following worked for me:

virt-install –name=vm_deb1 –ram=8192 –vcpus=1,cores=1 \

–disk path=/home/vm/vm_deb1.img,size=60 –network bridge=br0 \

-c /home/vm/debian-7.8.0-amd64-netinst.iso –os-type=linux –os-variant=debiansqueeze \

–graphics vnc,password=xxx,port=5901,listen=192.168.1.2

Categories
Unix

Chrome on linux generating a ton of syslogd messages

I just did a yum update on my google-chrome-stable package and now whenever I start chrome, or open a new tab, ALL my terminal sessions spit out a bunch of annoying messages like:

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932211] CPU: 0 PID: 23825 Comm: chrome Tainted: PF D C O 3.11.10-100.fc18.i686.PAE #1

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932212] Hardware name: EVGA 122-CK-NF68/122-CK-NF68, BIOS 6.00 PG 09/28/2007

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932214] task: dcc1a760 ti: c0c9a000 task.ti: c0c9a000

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932228] Stack:

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932240] Call Trace:

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932249] Code: 7d fc 89 ec 5d c3 90 8d 74 26 00 c7 43 34 00 00 00 00 b9 d0 1b c3 c0 89 da c7 43 38 00 00 00 00 89 f8 e8 24 eb ff ff 89 c6 eb 91 <0f> 0b 8d b4 26 00 00 00 00 8d bc 27 00 00 00 00 55 89 e5 57 56

Message from syslogd@zx at Dec 31 13:43:51 …

kernel:[1132591.932268] EIP: [<c04c9880>] __audit_syscall_entry+0xf0/0x100 SS:ESP 0068:c0c9bfa4

 

Now this could be due to me having an older Fedora, or an older video card, or lord knows what else, but I just wanted to get rid of those messages! So here’s the fix, edit “/etc/rsyslog.conf” and comment out the line that has “*.emerg”

Then “service rsyslog restart”

A quick and dirty fix for now!

 

Categories
Coding

PHP is unable to retrieve information via $_POST on my localhost but $_GET works

I encountered this odd problem where FORM POSTs would not work! Other peoples comments on this were along the lines of server misconfiguration, which is sort of true — the reason for me was that I had some rewrite rules so I could leave .php extensions off the path — and I had forgotten to put ACTION in the form to leave off the extension!

Once I fixed that it all worked.

Categories
Hardware

Cisco850 router can’t handle the speed

I just got a Comcast upgrade to my home router for new speeds and here is what I found out! My old speed measured was 30 Mbps down, 11 Mbps up.

The guy installed the new Comcast box and then I tried again and same speeds! This was from my PC which went through two hubs, and a cisco850 router before getting to the Comcast box.

I then plugged a laptop right into one of the Comcast ethernet ports and got 120 and 11, which is sweet! Well, the 120 is sweet.

Then I plugged the laptop into the cisco850 and I was back to the 30Mbps again. The cisco is rated for 10/100 so I thought it would go up higher, but no such luck. So now I need to get a new router for my home network and see how that performs!

More later.

Categories
Unix

SSH: Could not load host key: /etc/ssh/ssh_host_rsa_key

After doing a yum update the other day I would get these warnings in /var/log/messages and when doing ssh into the host:

error: Could not load host key: /etc/ssh/ssh_host_key

To fix this, you need to be root and:

/usr/bin/ssh-keygen -A

service sshd restart

 

Categories
Unix

Fedora Xorg.conf Three Monitors Update

I have a Fedora system running with 3 monitors and recently did a yum update that did something to make the three monitors not all come back up properly when rebooted.

I have two monitors on DVI and one is VGA, I had to alter my ModeLine entry to get things back to normal, from:

Modeline “1680x1050_60.00”  147.14  1680 1784 1968 2256  1050 1051 1054 1087  -HSync +Vsync

to

ModeLine       “1680×1050” 119.00 1680 1728 1760 1840 1050 1053 1059 1080

Option       “PreferredMode” “1680×1050”

Now just as a note, the monitor DID come back if I just removed the ModeLine entry all together, but then the VGA screen was a low resolution. Hope this helps someone!

Categories
Unix

Pure-FTPD with TLS, “Certificate verification: Not trusted” Error

I run a few FTP servers that use Pure-FTPD with TLS on it for extra security, and on the ones that don’t have a “real” SSL cert, you will see the following when using LFTP and trying a “ls”:

ls: Fatal error: Certificate verification: Not trusted

The way to work around that is to add the following to your “.lftp/rc” file:

set ssl:verify-certificate no

And you are good to go!

Categories
Unix Windows

Using virt-install with KVM to install Windows XP

As a follow-up to my post on installing centos 6x using KVM, I have since had the need to install a winXP ISO on my KVM host. I had to play with the commands a bit before hitting upon the right mix, so here it is:

virt-install --name=vm_xp --ram=512 --vcpus=1,cores=1 \
--disk path=/opt/vm_xp.img,size=4 --network bridge=br0 \
-c /opt/en_winxp_pro_sp3.iso --os-variant winxp --os-type windows --hvm \
--graphics vnc,password=1234,port=5905,listen=192.168.2.10