Wednesday, April 5, 2017

Kickstart troubleshooting

This is to see if a server which need to be kickstarted is able to get initial files from TFTP server (which runs on port 69).
[root@kickstarter pxelinux.cfg]# tcpdump -i eth0 port 69
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:30:19.077306 IP srv-9000.ah-esp-encap > kickstarter.domain.com.tftp:  41 RRQ "linux-install/pxelinux.0" octet tsize 0
11:30:19.106252 IP srv-9000.acp-port > kickstarter.domain.com.tftp:  46 RRQ "linux-install/pxelinux.0" octet blksize 1456
11:30:19.183548 IP srv-9000.40769 > kickstarter.domain.com.tftp:  77 RRQ "linux-install/pxelinux.cfg/01-c4-34-6b-b9-16-70" octet tsize 0 blksize 1440
11:30:19.213799 IP srv-9000.40770 > kickstarter.domain.com.tftp:  65 RRQ "linux-install/pxelinux.cfg/0A4461FA" octet tsize 0 blksize 1440
11:30:19.242361 IP srv-9000.40771 > kickstarter.domain.com.tftp:  63 RRQ "linux-install/rhel-as-7u1/vmlinuz" octet tsize 0 blksize 1440
11:30:35.973742 IP srv-9000.40772 > kickstarter.domain.com.tftp:  66 RRQ "linux-install/rhel-as-7u1/initrd.img" octet tsize 0 blksize 1440
^C
6 packets captured
38 packets received by filter
1 packets dropped by kernel

Monday, February 27, 2017

Annoying GUI Pop-up in VNC and how to disable it?

# ls -l /etc/xdg/autostart/gpk-update-icon.desktop
-rw-r--r-- 1 root root 7115 Feb 16 16:04 /etc/xdg/autostart/gpk-update-icon.desktop
Append below line in above mentioned file:
X-GNOME-Autostart-enabled=false

Once done, restart server and the pop-up shown above should be gone.

Monday, June 22, 2015

How to extend X11 forwarding after SUDO?

Most of the time "ssh -X username@servername" works for X11 (display) forwarding via SSH protocol. However, when we need to sudo to any application user, X11 does not work from that point on. Here is a quick fix to that problem.
[/user/johnc] $ ssh -X server1
johnc@server1's password:
Warning: No xauth data; using fake authentication data for X11 forwarding.
Last login: Sat Jun 20 04:58:57 2015 from 10.68.76.230
[johnc@server1 ~]$
[johnc@server1 ~]$ xterm
[johnc@server1 ~]$ xauth list
server1/unix:10  MIT-MAGIC-COOKIE-1  [some output.....]


[johnc@server1 ~]$ sudo -u appuser -H -s
bash-4.1$ xauth add server1/unix:10  MIT-MAGIC-COOKIE-1   [some output.....] 
xauth:  creating new authority file /user/appuser/.Xauthority

bash-4.1$ id
uid=1002(appuser) gid=310(dba) groups=310(dba)

bash-4.1$ xterm
Now XTERM will open with out any problem!

Monday, April 20, 2015

How to check SSL Certificate information from a Linux server?

-bash-3.2# echo | openssl s_client -connect starcat:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates 
issuer= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
subject= /C=US/ST=California/L=Santa Clara/O=ABC Company, Inc./CN=*.abc.com
notBefore=Dec  9 00:00:00 2013 GMT
notAfter=Feb 23 12:00:00 2017 GMT


-bash-3.2# echo | openssl s_client -connect unix:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates 
issuer= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
subject= /C=US/ST=California/L=Santa Clara/O=ABC Company, Inc./CN=*.abc.com
notBefore=Dec  9 00:00:00 2013 GMT
notAfter=Feb 23 12:00:00 2017 GMT

Wednesday, February 26, 2014

How to find VLANs/Portgroups configured in ESXi Standard switch?

Note: Verified for ESXI version 5.1

# esxcli network vswitch standard list vSwitch0 Name: vSwitch0 Class: etherswitch Num Ports: 128 Used Ports: 4 Configured Ports: 128 MTU: 1500 CDP Status: listen Beacon Enabled: false Beacon Interval: 1 Beacon Threshold: 3 Beacon Required By: Uplinks: vmnic0 Portgroups: VM Network, Management Network vSwitch1 Name: vSwitch1 Class: etherswitch Num Ports: 1024 Used Ports: 8 Configured Ports: 1024 MTU: 1500 CDP Status: listen Beacon Enabled: false Beacon Interval: 1 Beacon Threshold: 3 Beacon Required By: Uplinks: vmnic5, vmnic1 Portgroups: VLAN198, NFS vSwitch2 Name: vSwitch2 Class: etherswitch Num Ports: 1024 Used Ports: 17 Configured Ports: 1024 MTU: 1500 CDP Status: listen Beacon Enabled: false Beacon Interval: 1 Beacon Threshold: 3 Beacon Required By: Uplinks: vmnic7, vmnic6, vmnic3, vmnic2 Portgroups: VLAN124, VLAN115, VLAN114, VLAN112, VLAN110, VLAN106, VLAN105, VLAN104, VLAN103, VLAN102, VLAN101, VLAN100, VLAN99, VLAN98, VLAN97, VLAN96, VLAN79, VLAN113, VLAN111, VLAN76, VLAN78