Telstra and the Routable Mobile Internet

There have been many times in the past, that for some reason or another I have needed a routable cellular connection, but these are just not easy to organise, until now. Thanks to a professional contact I have made through an industry group, we now now the code that we need applied to the account/SIM for the connection, and that code is GPTEXB3. You also need to set the APN to telstra.extranet. This has been tested by this person on MicroTik routers but hopefully should work with others. I will be giving it a shot in the near future when testing the 4GLTE backup system I have in mind to test

Justin

LFTP and the Stuck Login

I have been working on a new backup management system that utilizes the Synology and its ability to schedule tasks recently. Whilst I am untimely working on a program written in Go to be able to manage multiple backup configurations utilizing multiple backup protocols to achieve my goal I have been playing with the underlying software and protocols outside this program. One such piece of software is LFTP, this software allows for the transfer of files utilizing the FTP, FTPs, sFTP, HTTP, HTTPS and other protocols but the afore mentioned ones are the ones that are important for the software I am writing, but most importantly it supports mirroring with the FTP series protocols

Whilst I am writing this software I still wanted to get backups of the system running, to this end I was testing the LFTP commands and I hit an issue where the system will simply not connect to the server, yet the regular FTP client works fine.

Firstly we have to understand that LFTP does not connect to the server until the first command is issued, in the case of the example below, this was ls. Once this command is issued LFTP attempts to connect to and log in to the server, and this is where the issue happens, LFTP just hangs at “Logging In”

user@server backupfolder$ lftp -u username,password ftp.hostname.comlftp username@ftp.hostname.com:~> ls`ls' at 0 [Logging in...] 

To work out what the issues I had to do a little research and it comes down the fact the LFTP wants to default to secure connections, which in and of itself is not a bad thing, in fact it is a good thing but many FTP servers are yet to implement the sFTP/FTPs protocols and as such we end up with a hang at login. There is, however, two ways to fix this.

The first way to fix this is to turn off FTP for this connection only which is done through the modified connect command of

lftp -e "set ftp:ssl-allow=off;" -u username,password ftp.hostname.com

This is best if you are dealing with predominantly secure sites, however as I said most FTP servers are still utilising the older insecure FTP protocol at which point it may be more beneficial to change the LFTP configuration to default to insecure mode (and then enable it if needed for the secure connections, depends on which you have more of). To do this we need to edit the LFTP config file, to do this do the following

Utilising your favorite text editor (vi, nano or whatever it matters not) the config file is at /etc/lftp.conf

At some point in the file (I suggest at the end) put the following line

set ftp:ssl-allow false

Save your configuration and the defaulting to secure is turned off and your LFTP connection should work

Have Fun

Justin

Unzip Multiple Zip Files on OSX from Command Line

I recently had a need to unzip a whole bunch of zip files at work containing new client RADIUS certificates to be installed on the clients due to the depreciation of the SHA1 algorithm for security reasons by the software vendors (Microsoft and Apple in this case).

These zip files contained one useful certificate file (a .pfx containing the required certificate and the new certificate chain) per zip and a bunch of other files that are only applicable in certain situations, that I need to remove once decompressed and extracted the files from the zip archive. I consequently used a simple multiple-step process utilizing the power of the terminal prompt/command line to achieve this.

Firstly if you are needing to do this, I am assuming the files are all easily accessible and to make it easier, let’s make a directory to house all the initial zip files and put the files in there, this makes the cleanup so much easier later.

Once this is achived we can utilise the terminal prompt to make the rest of the process easier. I recommend you do this and put the files in their own directory as the following command swquice will unzip ALL zip archives files (or rather it will attempt to unzip anything with a .zip extension) in the directory, and will delete them if you do that part of the process.

Open terminal (Type Terminal into Spotlight Command + Space Bar or it is in the Application/Utilities folder)

In terminal do the following

[code language=”bash”]# go to the containing folder

cd /Users/jpsimmonds/Downloads/AAAA-Certs

#Unzip all the Files in the directory (escape “\” is used to stop wildcard expansion)

unzip \*.zip

#Remove All Zip Files – To change the file types to remove change the “zip” portion of the command

rm -f *.zip[/code]

Nice and easy, the files are now extracted and the initial zips (and other files if you ran the delete command on extra extensions) are removed, leaving you just the files that you require

Installing a non-Windows Secure Boot capable EFI Virtual Machine in Hyper-V

So you have downloaded an operating system installation disk (Ubuntu 16.04.2 used in this instructional) and noticed supports EFI, yet when you try to boot from the ISO message, you are greeted with a message stating that the machine does not detect it as a valid Secure Boot capable disk, as shown below it states that “The image’s hash and certificate are not allowed”

Luckily this is an easy fix, as it is simply secure boot that Ubuntu/Hyper-V are having an argument over the validity of the Secure Boot certificate.

Check out the video I have created showing you how to do this, alternatively keep reading below for instructions and more details

 

 

Turning off your VM, open up the settings page and navigate to the “Security” menu (Server 2016). As you can see in the image below, “Secure Boot” is enabled (checked) and the template is set to “Microsoft Windows”. What this effectively does is limit the Secure Boot function to working only with an appropriately signed Microsoft Windows boot system.

To fix this, there are two options, and it depends on the operating system you are trying to install. Preferably we want to keep the benefits of Secure Boot so the best option if it works for your operating system we want to simply change the template to “Microsoft UEFI Certificate Authority” this opens up the Secure Boot option to work with a greater range of appropriately signed boot systems, as against the Microsoft Windows one exclusively. The settings for this are shown below

Click Apply and this is hopefully now work, and you can check this by running the virtual machine.

Upon booting your virtual machine, you will now be presented with the boot menu from the disk, allowing you to continue on your way

 

If this change in of the CA template for Secure Boot does not work however you may need to disable secure boot entirely.

To achieve this go back to the “Security” menu simply uncheck it as per the image below, click Apply and it should now work.

 

 

Have Fun

Justin

%d bloggers like this: