Setup SSH Forward Tunneling and SSH Reverse Tunneling In The Same Line

Here’s a simple command that setups a local port tunneling via SSH and a reverse SSH Port Tunneling at the same time.

screen -dm autossh -p [22] [111.222.333.444] [-L 5555:localhost:6666] [-R 7777:localhost:22]

Put this is your rc.local file to run this on startup.

  • screen -dm creates a detached mode session other than your current one so you can have the command running after you exit the terminal
  • autossh is like SSH binary but auto reconnects if ever your connection gets terminated.
  • 22 is the SSH port, change this if you modified your server to listen on another port or your firewall does port forwarding
  • 111.222.333.444 is your target server address
  • -L 5555 is the local port number to use to forward your connection
  • localhost no explanation needed
  • 6666 the port on the other end to forward to
  • -R 7777 the port to use on the other side to connect to your home server ( your source )
  • localhost no explanation needed
  • 22 ssh port used, change this if you are listening on another port

So, if you want to connect to your source server ( home server ), all you do is connect to localhost via the port that was opened to do reverse SSH.

:> ssh [email protected] -p 7777

Ubuntu Server No Space Left on Device Error During Kernel Upgrade/Update

This error occurs when updating Ubuntu Server when the Boot partition is full…

Problem:
dpkg: error processing archive [….linux-headers-x.y.z-aaa_b.c.?-???.???_all.deb] (–unpack):
unable to create ‘…linux-headers-???…’ (while processing …. ): No space left on device
No apport report written because the error message indicates a disk full error

Solution:

  1. dpkg -l linux-headers-\* linux-image-\* | grep ^ii

    – This shows a list of headers and images that’s currently installed and taking up space.

  2. dpkg -P linux-headers-X.Y.Z-{a,b,c,d}{,-generic}

    – This removes all the linux-headers and linux-headers-generic packages that has the version of X.Y.Z and all of the version numbers within the { }

  3. dpkg -P linux-image-extra-X.Y.Z-{a,b,c,d}-generic

    – This does the same but with linux-image-extra

  4. dpkg -P linux-image-X.Y.Z-{a,b,c,d}-generic

    – This does the same but with linux-image

  5. apt-get -f install

    – This will reinstall the update/upgrade packages that failed.

PFSense wkhtmltopdf WebApp NAT Loopback/Reflection Woes

Please DO NOT use public IP address when generating your pdf using wkhtmltopdf/wkhtmltojpg if you have PFSense running as a firewall.

Use localhost, this will save you headaches.

I’m using WKHTMLTOPDF to convert html to pdf and inside the html contains links to images. Now the address used is the public IP address but wkhtmltopdf is running internally in the local network with its ‘web browser’. See the problem here? Normally, routers allow NAT Reflection/Loopbank… PFSense blocks this by default. So my images were not rendering, for which leaves the wkhtmltopdf process to lag behind due to it waiting for a reply from the server which PFSense is denying, timeout it around 60 sec ( 1 Min ).

Setup Huawei E1552 SMS Gateway in Raspbian using SMSTools3

Here, I was able to setup Huawei E1552 SMS Gateway in Raspbian using SMSTools3.

Requirements:

Steps:

  1. Install/Burn Raspbian to your microsd card. Instructions here.
  2. After burning/installing the image to your SD card. Install it to your Raspberry PI and configure it so you can SSH into it properly. Sadly, SSH daemon is not automatically configured to start on boot.
  3. To Enable SSH to autostart on boot… do
  4. :> update-rc.d ssh defaults
    :> update-rc.d ssh enable
  5. Restart and try to login remotely
  6. If you can not login, sshd may be configured to deny any remote root connection
  7. Got to /etc/ssh/ and edit sshd_config
  8. Look for this line…
  9. PermitRootLogin.......
  10. And change it to…
  11. PermitRootLogin yes

    Continue Reading

JPMorgan Quorum Cakeshop Setup Ubuntu 16.04.2

I wanted to study JPMorgan’s Quorum Blockchain and going to install Cakeshop, their development environment, under Ubuntu 16.04.2 and Tomcat8 web server.
There were some bumps that were unavoidable but the developer was very helpful in debugging and help me setup the server. Shout out to fixanoid

  • Install Ubuntu 16.04.2
  • Update to latest updates
  • Install Java 8 (Open JDK)
  • Install Tomcat8
  • Follow the installation instruction here… BUT don’t start the server yet.
  • Instead of setenv.sh, edit Tomcat8 startup script under /etc/init.d/ folder.
  • Under catalina_sh() function, go to TOMCAT_SH= line
  • Before that, add this command…. JAVA_OPTS=”$JAVA_OPTS -Dspring.profiles.active=local -Deth.config.dir=[Your/folder/path/accessible/to/tomcat8/user]”
  • Start the server /etc/init.d/tomcat start, then stop it /etc/init.d/tomcat8 stop
  • The server will not yet run peroperly and error logs will populate catalina.out logs, but this will populate config files int the folder you passed in JAVA_OPTS (eth.config.dir=[Your/folder/path/accessible/to/tomcat8/user])
  • No go to the folder, under the local folder, edit application.properties
  • Locate geth.identity=
  • Add any node name you want it to be
  • Save the file, exit and start the server again
  • This should start the server properly now. You check the catalina.out logs.
  • You can access the site via http://IP_ADDRESS:8080/cakeshop/

MariaDB Unknown/unsupported storage engine: InnoDB

I had this problem re-occurring in one of my servers. MariaDB wont start due to this error.

To fix my problem, remove these log files…

/var/lib/mysqld/ib_logfile0
/var/lib/mysql/ib_logfile1
/var/lib/mysql/aria_log_control

ib_logfile may be 0 or 1

If you want to be safe.. just rename it to another file temporarily to see if it works.

Sources for the fix can be found Here and Here

Ubuntu 16.04.02 Hang on Reboot or Shutdown

Had a problem after an update that when I force a restart or a shutdown on my server, it hangs on the last part of the process.

To fix my problem, I had to edit the /etc/default/grub config file and added acpi=force apm=power_off to the config line, between the double quotation marks…

1
GRUB_CMDLINE_LINUX_DEFAULT=""

and

1
GRUB_CMDLINE_LINUX=""

do a update-grub after saving then reboot one more time.. ( force sa restart when it hangs )
After the restart, try another reboot, it should work now without hanging.

Source of the fix is from Here

Heap Dump and Remote Tomcat 8-OpenJDK 8 Memory Monitoring

Memory problem.. the thorn of web apps… I have to connect to my remote server to monitor its memory usage and produce a heap dump.
Bellow is the steps I had to configure the server to allow me to connect a remote monitor tool.

Requirement: VisualVM app, download here

  1. Access your catalina.sh file.
  2. Look for JAVA_OPTS, if none found, you can add your own.
  3. Add …
    1
    
    -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/path/to/heap/dump/folder/

    to the line if found, if not, you can do

    1
    
    JAVA_OPTS="JAVA_OPTS -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/path/to/heap/dump/folder/"

    The above code will force a heamp dump when the server encounter a out-of-mem exception.

  4. Next, to enable remote memory monitoring, add these commands after the line above, within the quotation mark, add proper spacing after each command…
    1
    2
    3
    4
    
    -Dcom.sun.management.jmxremote.port=<port_num>
    -Dcom.sun.management.jmxremote.ssl=false
    -Dcom.sun.management.jmxremote.authenticate=false
    -Djava.rmi.server.hostname=<host_ip_add>
  5. Now, run VisualVM and create a new JMX remote connection, under the CONNECTION field, add host_ip_address:port_num
    ex. 111.111.1.1:5555

Congrats! You should now be able to connect to your server and monitor your memory usage!

Enable Ubuntu 16.04 SSH Tunneling at Boot Time

I wanted to connect to a remote server and setup a tunnel for my MariaDB replication ( yes I migrated to MariaDB ),
the only problem was that sometimes the net is erratic and can’t connect right away on boot time.
Found a code online to check for ping reply, if it does, continue with the tunneling.
I modified this to suit my needs.

In summary, the script checks for a ping reply from Google infinitely. Once it receives a response, it then creates the tunnel.
Source for the code here

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#!/bin/bash
((count = 0))
while [[ $count -ne 1 ]] ; do
    ping -c 1 8.8.8.8
    rc=$?
    if [[ $rc -eq 0 ]] ; then
        ((count = 1))                      # If okay, flag to exit loop.
    fi
 
done
 
if [[ $rc -eq 0 ]] ; then                  # Make final determination.
 
    screen -dm -S tunnel autossh -M 0 -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -p <PORT> <IP_ADDRESS> -L <LOCAL_TUNNEL_PORT>:localhost:<MYSQL_PORT>
 
 
    echo `date` >> log.txt
 
else
    echo "Tunnel Timeout...." `date` >> log.txt
fi

Regenerate Missing MariaDB/MySQL Config(my.cnf) File

I ran into this problem after upgrading/intalling MariaDB, the config file was missing.

 

To regenerate the config file… try executing…

1
dpkg --force-confmiss -i /var/cache/apt/archives/mysql-common*.deb