shell


22
Mar 09

VNC Into Remote Server Without Typing a Password

vnc without typing a password

I have a simple setup where one of my Ubuntu boxes is hooked up to the old Mitsubishi 50” TV via s-video. The box is hidden behind the TV, and is, of course, online. It has Mythbuntu installed, and functions as a full blown multi media center.

Besides all other goodies that are installed on the box, I recently installed rtGui (A web based front-end for rTorrent) on it. Hence anywhere I go, I can connect to it over the web, and throw a torrent link that will start the download right away – convenient. ( here is how to “install rtGui on Ubuntu” )

Currently, I control my media box the most straightforward way – from my laptop. There are many other options available: Gyration Remote (In-air cursor control using Patented Gyroscopic Motion-Sensing technology – 2.4GHz RF technology for up to 100 ft), mini wireless keyboard, and many others, but I don’t mind a semi-manual way to control the box by using my laptop. There is one little problem though – every time I am VNCing to the box, I have to enter a password – not convenient…

First thing I tried to find a “no typing password” solution was:

$ vncviewer remotehost.com -p dummypasswd
VNC server supports protocol version 3.8 (viewer 3.3)
Cannot read valid password from file "dummypasswd"

Here I just wanted to see what the error message would pop up, to get more clues on where to look. Now I’ve got the clue: “there should be a valid password file”. Next thing to do is to read about “vncviewer”:

$ man vncviewer
 
       -passwd passwd-file
              File from which to get the password (as generated by the vncpasswd(1) program).

Excellent – now it is official, just need to use “vncpasswd”:

$ vncpasswd
The program 'vncpasswd' can be found in the following packages:
 * tightvncserver
 * vnc4-common
Try: sudo apt-get install
<selected package>
bash: vncpasswd: command not found

Seems like its not installed, which is an easy problem to solve…

Step 1. Install “tightvncserver”.

$ sudo apt-get install tightvncserver

Check that “vncpasswd” is installed:

$ vnc [TAB][TAB]
vncconnect  vncpasswd   vncserver   vncviewer

Step 2. Create a vnc password file with “vncpassword”.

$ vncpasswd
Using password file /home/user/.vnc/passwd
VNC directory /home/user/.vnc does not exist, creating.
Password: [TYPE YOUR VNC PASSWORD HERE]
Verify: [TYPE YOUR VNC PASSWORD HERE]
Would you like to enter a view-only password (y/n)? n

Step 3. VNC into the remote system without typing the password.

$ vncviewer remotehost.com -p /home/user/.vnc/passwd

As you see the only thing I need to provide now is the password file – no need to type the password every time I need to watch a movie. And to make it even more convenient, I can now create a launcher that will launch “vncviewer remotehost.com -p /home/user/.vnc/passwd” on a simple mouse click:

media center launcher

Want to do something else simple and convenient? Try to “run commands remotely via SSH with no password“.

VNC away!


10
Mar 09

Run Commands Remotely via SSH with No Password

Run Commands Remotely via SSH with No Password

Extremely useful for system administrators, very useful for application developers when testing with remote services, or how some buzz developers refer to it: Service Oriented Architecture (SOA). Also remote execution is widely used by web masters to sync/backup/create mirrors.

Below 5 simple steps will enable you to run any commands on the remote box/host/server via SSH without a need to provide a password. That is usually useful, if such remote calls need to be automated (work without manual/human intervention).

Step number 6 has an example on how to actually run a command on remote host via SSH.

from the local host

Step 1. Create a public/private keys with “ssh-keygen” (ENTER through everything):

      user@host:~/.ssh$ ssh-keygen -t rsa
 
      Generating public/private rsa key pair.
 
      Enter file in which to save the key (/home/toly/.ssh/id_rsa): 		[ENTER]
      Enter passphrase (empty for no passphrase): 				[ENTER]
      Enter same passphrase again: 							[ENTER]
 
      Your identification has been saved in /home/user/.ssh/id_rsa.
      Your public key has been saved in /home/user/.ssh/id_rsa.pub.
      The key fingerprint is:
      66:fd:11:ca:2d:21:b9:73:c1:b6:fa:1d:b2:2c:71:cd user@host
 
      The key's randomart image is:
      +--[ RSA 2048]----+
      |                         |
      |           .             |
      |          . o           |
      |         o + o         |
      |        E S.o o       |
      |       o. .+.o .       |
      |       . +o o.         |
      |        +. o...        |
      |       ... ..=.         |
      +-----------------+

At this point the public and private keys should be created and saved into “~/.ssh” directory:

      user@host:~/.ssh$ ls -l
      total 20
      -rw------- 1 user group 1675 2009-03-10 14:18 id_rsa
      -rw-r--r-- 1 user group 392 2009-03-10 14:18 id_rsa.pub
      -rw-r--r-- 1 user group 8642 2009-03-10 12:10 known_hosts

Step 2. Add identity to the local ssh authorizer with “ssh-add”.

If you “entered” through the “Enter file in which to save the key (/home/toly/.ssh/id_rsa)” in the previous step, then your identity file should be “id_rsa”:

      user@host:~/.ssh$ ssh-add id_rsa

Otherwise replace “id_rsa” with the file you chose to save your identity in.

In case of a friendly “Could not open a connection to your authentication agent.” error message, start “ssh-agent” as:

eval `ssh-agent`

and re-run “ssh-add”.

Step 3. Copy the public key to the remote host ( server ) under “~/.ssh”:

From the step above “id_rsa.pub” would be the public key that needs to be copied to the remote system you would like to run commands on.

      user@host:~/.ssh$ scp id_rsa.pub remoteuser@remotehost.com:~/.ssh/

from the remote host

Step 4. On remote host add this public key to “authorized_keys”:

      remoteuser@remotehost:~$ cd ~/.ssh
      remoteuser@remotehost:~/.ssh~$ cat id_rsa.pub >> authorized_keys

Step 5. Change “authorized_keys” permissions to allow only you to read/write it:

      remoteuser@remotehost:~/.ssh$ chmod 600 authorized_keys

from the local host

Step 6. Now you can run any command on the remote box from the local box with no password:

Let’s see what that remote box is running at:

       user@host:~$ ssh remoteuser@remotehost.com  uname -a
 
       Linux remotehost 2.6.27-01-generic #1 SMP Thu Mar 21 10:34:21 UTC 2009 i686 GNU/Linux

By runing “ssh remoteuser@remotehost.com uname -a” from the local box, you just ran “uname -a” command on the remote box without a need to enter the password.

Good Luck Remoting!


6
Jan 09

Find USB flash drive device in Linux

Find USB drive in Linux / Unix

Recently I have written a quick “how to” on restoring, formatting a USB flash drive. The “how to” had a lot of hits from different places since then, mostly from GOOGLE, of course, but some from independent bloggers, like my blogging self.

One of such places was www.newlinuxuser.com. Although the guide “saved them” (welcome :)) they had a very constructive critique that one thing the guide missed was how to actually find which device to restore / format.

Hence I decided to write a new little 2 step “how to” that will teach you just that.

Step 1. System Log is your friend, listen to what it has to say…

Imagine you close your eyes, and someone puts an apple in your mouth – would you be able to identify what the heck was put into your mouth? For most people the answer would be “yes”. ( If you’d like to experiment, feel free :). The thing is once you bite on that apple, your brain goes through many lines of code (given that we are written in C), finds that match, and reports:

"The object in your mouth was identified as an Apple - we've had that before.
  I just talked to the stomach, it knows how to digest it."

You would think that your Linux/Unix system is any different? Well, not really.

Right after you insert a USB device into a slot, Linux/Unix will try to read, and identify it. While doing that, it will also assign it to a particular device as “/dev/particular-device”. This device is exactly the information we need, so we can talk to it, and mount it.

Although most people would approach it with running a dmesg, and look at the output, I prefer a more natural OS way to look at things – we’ll look directly in the eye of a System Log!

Let’s use “tail -f”, so we can see real time system log updates:

tail -f /var/log/messages

Now insert your USB drive into a slot and you should see the output similar to:

Dec  5 14:53:19 your-hostname kernel: [81585.308993] usb 4-1: new full speed USB device using uhci_hcd and address 3
Dec  5 14:53:19 your-hostname kernel: [81585.456757] usb 4-1: not running at top speed; connect to a high speed hub
Dec  5 14:53:19 your-hostname kernel: [81585.484884] usb 4-1: configuration #1 chosen from 1 choice
Dec  5 14:53:19 your-hostname kernel: [81585.498817] scsi6 : SCSI emulation for USB Mass Storage devices
Dec  5 14:53:24 your-hostname kernel: [81590.514870] scsi 6:0:0:0: Direct-Access     USB 2.0  USB Flash Drive  0.00 PQ: 0 ANSI: 2
Dec  5 14:53:24 your-hostname kernel: [81590.519874] sd 6:0:0:0: [sdb] 15794175 512-byte hardware sectors (8087 MB)
Dec  5 14:53:24 your-hostname kernel: [81590.522834] sd 6:0:0:0: [sdb] Write Protect is off
Dec  5 14:53:24 your-hostname kernel: [81590.534817] sd 6:0:0:0: [sdb] 15794175 512-byte hardware sectors (8087 MB)
Dec  5 14:53:24 your-hostname kernel: [81590.537814] sd 6:0:0:0: [sdb] Write Protect is off
 
>>>>  Dec  5 14:53:25 your-hostname kernel: [81590.537888]  sdb: sdb1  <---- GOT YOU!
 
Dec  5 14:53:25 your-hostname kernel: [81590.654848] sd 6:0:0:0: [sdb] Attached SCSI removable disk

Note that the USB drive was “connected”, or associated with sdb device

[81590.654848] sd 6:0:0:0: [sdb] 15794175 512-byte hardware sectors (8087 MB)

and more precisely, with sdb1 device

[81590.537888]  sdb: sdb1

And that means we can talk to it! The full name of the guy would be “/dev/sdb1″.

Now let’s greet our friend. Say: “Hi /dev/sdb1″! :)

Step 2. Mount USB drive’s device to the File System.

Just an extra step, in case you need to mount it. If you can’t, and would like to format it, so you can mount it afterwards, read this.

To mount the drive enter this:

sudo mount -t vfat /dev/sdb1 /media/usbdrive/

where “/dev/sdb1″ is the name of the device, we found in the step above. “/media/usbdrive/” is the directory that we are going to mount it to. Make sure this directory exists (otherwise create it “sudo mkdir /media/usbdrive/”). And “-t vfat” is asking your Linux/Unix OS to mount this device as a “vfat” (FAT16, FAT32) device.

Many, if not most, USB devices are VFAT, however if you have an NTFS USB hard drive, for example, you can mount it by entering:

sudo mount -t ntfs-3g /dev/sdb1 /media/usbdrive/ -o force

“sudo” in above couple commands comes from mostly Ubuntu way to “run command as a super user”. If you have any other flavor of Linux/Unix, you may want to just run it as a “root” user.

Eat more apples, and good luck!


24
Oct 08

Getting Return Code from ANT in SHELL

This short tutorial shows how to get an exit code from Ant and act upon it. This can be useful when building a massive application that requires several Ant scripts/targets and a collection of shell scripts.

The rule of thumb when building the system is “when it should fail -> it should fail”. Sounds weird, but it is really true.

If the whole build of the application takes 15-20 minutes, and one of the libraries failed to build (for example), the whole build should fail. Otherwise, if the build master inspects the logs, and sees something went wrong (in case it is logged), s/he would have to spend another 20 minutes to rebuild it. Or what is even worse, the application could end up in an inconsistent state, without anybody raising a flag, and that would be very dangerous, especially if the current release goes beyond integration builds, for example to quality assurance or even worse – to production.

So, above are the reasons, below is an ultra simple example with a solution:

Let’s say we have an Ant script (build.xml) that checks for duplicate jars in a directory. The target name that does that is “check-duplicate-jars”:

build.xml:

    <target name="check-duplicate-jars" depends="some-other-task">
        <!-- does its magic here -->
    </target>

Let’s say we also have a simple shell script that calls “ant “. If this shell script is in the same directory as the “build.xml”, we can call it like this “./callant.sh check-duplicate-jars”, and it should check if there are any duplicate jars. Let’s run the shell script:

[user@host]$ ./callant.sh check-duplicate-jars
ANT: Running check-duplicate-jars task...
Buildfile: build.xml
 
check-duplicate-jars:
     [echo] Checking for duplicate jars......
     [exec] ***********    NO DUPLICATE JARS FOUND IN LIB!    ***********
 
BUILD SUCCESSFUL
Total time: 3 seconds
ANT: Return code is: "0"
GREAT SUCCESS: Niiice - I liiike!

This is an expected behavior. However what would be nice is to have this shell script “fail hard”, in case the Ant script (build.xml) fails.

Let’s try to misspell the target name “check-duplicate-jar” (should be plural: “check-duplicate-jars”) and run it:

[user@host]$ ./call-ant.sh check-duplicate-jar
ANT: Running check-duplicate-jar task...
Buildfile: build.xml
 
BUILD FAILED
Target `check-duplicate-jar' does not exist in this project.
 
Total time: 1 second
ANT: Return code is: "1"
BUILD ERROR: I am failing hard...

Wonderful – it failed! That is an expected behavior. And here is a sneak peek to the magic box – the “callant.sh” shell script:

#!/bin/bash
 
tname=$1
 
echo "ANT: Running $tname task..."
ant $tname
 
antReturnCode=$?
 
echo "ANT: Return code is: \""$antReturnCode"\""
 
if [ $antReturnCode -ne 0 ];then
 
    echo "BUILD ERROR: I am failing hard..."
    exit 1;
else
 
    echo "GREAT SUCCESS: Niiice - I liiike!"
    exit 0;
fi

Hence the whole magic is here:

antReturnCode=$?

In general, “$?” will return an exist code of any executable run within the shell script.
Well, now you ready for the massive build process. Get to work, and may the build force be with you! :)