"; */ ?>
linux / shell / sysadminComments Off on VNC Into Remote Server Without Typing a Password
22
Mar 09

VNC Into Remote Server Without Typing a Password

vnc without typing a password

I have a simple setup where one of my Ubuntu boxes is hooked up to the old Mitsubishi 50” TV via s-video. The box is hidden behind the TV, and is, of course, online. It has Mythbuntu installed, and functions as a full blown multi media center.

Besides all other goodies that are installed on the box, I recently installed rtGui (A web based front-end for rTorrent) on it. Hence anywhere I go, I can connect to it over the web, and throw a torrent link that will start the download right away – convenient. ( here is how to “install rtGui on Ubuntu” )

Currently, I control my media box the most straightforward way – from my laptop. There are many other options available: Gyration Remote (In-air cursor control using Patented Gyroscopic Motion-Sensing technology – 2.4GHz RF technology for up to 100 ft), mini wireless keyboard, and many others, but I don’t mind a semi-manual way to control the box by using my laptop. There is one little problem though – every time I am VNCing to the box, I have to enter a password – not convenient…

First thing I tried to find a “no typing password” solution was:

$ vncviewer remotehost.com -p dummypasswd
VNC server supports protocol version 3.8 (viewer 3.3)
Cannot read valid password from file "dummypasswd"

Here I just wanted to see what the error message would pop up, to get more clues on where to look. Now I’ve got the clue: “there should be a valid password file”. Next thing to do is to read about “vncviewer”:

$ man vncviewer
 
       -passwd passwd-file
              File from which to get the password (as generated by the vncpasswd(1) program).

Excellent – now it is official, just need to use “vncpasswd”:

$ vncpasswd
The program 'vncpasswd' can be found in the following packages:
 * tightvncserver
 * vnc4-common
Try: sudo apt-get install
<selected package>
bash: vncpasswd: command not found

Seems like its not installed, which is an easy problem to solve…

Step 1. Install “tightvncserver”.

$ sudo apt-get install tightvncserver

Check that “vncpasswd” is installed:

$ vnc [TAB][TAB]
vncconnect  vncpasswd   vncserver   vncviewer

Step 2. Create a vnc password file with “vncpassword”.

$ vncpasswd
Using password file /home/user/.vnc/passwd
VNC directory /home/user/.vnc does not exist, creating.
Password: [TYPE YOUR VNC PASSWORD HERE]
Verify: [TYPE YOUR VNC PASSWORD HERE]
Would you like to enter a view-only password (y/n)? n

Step 3. VNC into the remote system without typing the password.

$ vncviewer remotehost.com -p /home/user/.vnc/passwd

As you see the only thing I need to provide now is the password file – no need to type the password every time I need to watch a movie. And to make it even more convenient, I can now create a launcher that will launch “vncviewer remotehost.com -p /home/user/.vnc/passwd” on a simple mouse click:

media center launcher

Want to do something else simple and convenient? Try to “run commands remotely via SSH with no password“.

VNC away!

linux / shell / ssh / sysadminComments Off on Run Commands Remotely via SSH with No Password
10
Mar 09

Run Commands Remotely via SSH with No Password

Run Commands Remotely via SSH with No Password

Extremely useful for system administrators, very useful for application developers when testing with remote services, or how some buzz developers refer to it: Service Oriented Architecture (SOA). Also remote execution is widely used by web masters to sync/backup/create mirrors.

Below 5 simple steps will enable you to run any commands on the remote box/host/server via SSH without a need to provide a password. That is usually useful, if such remote calls need to be automated (work without manual/human intervention).

Step number 6 has an example on how to actually run a command on remote host via SSH.

from the local host

Step 1. Create a public/private keys with “ssh-keygen” (ENTER through everything):

      user@host:~/.ssh$ ssh-keygen -t rsa
 
      Generating public/private rsa key pair.
 
      Enter file in which to save the key (/home/toly/.ssh/id_rsa): 		[ENTER]
      Enter passphrase (empty for no passphrase): 				[ENTER]
      Enter same passphrase again: 							[ENTER]
 
      Your identification has been saved in /home/user/.ssh/id_rsa.
      Your public key has been saved in /home/user/.ssh/id_rsa.pub.
      The key fingerprint is:
      66:fd:11:ca:2d:21:b9:73:c1:b6:fa:1d:b2:2c:71:cd user@host
 
      The key's randomart image is:
      +--[ RSA 2048]----+
      |                         |
      |           .             |
      |          . o           |
      |         o + o         |
      |        E S.o o       |
      |       o. .+.o .       |
      |       . +o o.         |
      |        +. o...        |
      |       ... ..=.         |
      +-----------------+

At this point the public and private keys should be created and saved into “~/.ssh” directory:

      user@host:~/.ssh$ ls -l
      total 20
      -rw------- 1 user group 1675 2009-03-10 14:18 id_rsa
      -rw-r--r-- 1 user group 392 2009-03-10 14:18 id_rsa.pub
      -rw-r--r-- 1 user group 8642 2009-03-10 12:10 known_hosts

Step 2. Add identity to the local ssh authorizer with “ssh-add”.

If you “entered” through the “Enter file in which to save the key (/home/toly/.ssh/id_rsa)” in the previous step, then your identity file should be “id_rsa”:

      user@host:~/.ssh$ ssh-add id_rsa

Otherwise replace “id_rsa” with the file you chose to save your identity in.

In case of a friendly “Could not open a connection to your authentication agent.” error message, start “ssh-agent” as:

eval `ssh-agent`

and re-run “ssh-add”.

Step 3. Copy the public key to the remote host ( server ) under “~/.ssh”:

From the step above “id_rsa.pub” would be the public key that needs to be copied to the remote system you would like to run commands on.

      user@host:~/.ssh$ scp id_rsa.pub remoteuser@remotehost.com:~/.ssh/

from the remote host

Step 4. On remote host add this public key to “authorized_keys”:

      remoteuser@remotehost:~$ cd ~/.ssh
      remoteuser@remotehost:~/.ssh~$ cat id_rsa.pub >> authorized_keys

Step 5. Change “authorized_keys” permissions to allow only you to read/write it:

      remoteuser@remotehost:~/.ssh$ chmod 600 authorized_keys

from the local host

Step 6. Now you can run any command on the remote box from the local box with no password:

Let’s see what that remote box is running at:

       user@host:~$ ssh remoteuser@remotehost.com  uname -a
 
       Linux remotehost 2.6.27-01-generic #1 SMP Thu Mar 21 10:34:21 UTC 2009 i686 GNU/Linux

By runing “ssh remoteuser@remotehost.com uname -a” from the local box, you just ran “uname -a” command on the remote box without a need to enter the password.

Good Luck Remoting!

hibernate / springComments Off on Make Hibernate Update/Create Changed Objects
19
Feb 09

Make Hibernate Update/Create Changed Objects

Make Hibernate Update/Create Changed Objects

While Hibernate is a mature framework it still has a a lot of room for improvement. Starting from polishing documentation: e.g. “MappingException JavaDoc: An exception that usually occurs at configuration time, rather than runtime, as a result of something screwy in the O-R mappings.“, and going towards more powerful default optimization.

In fact, Rod Johnson (leader of Spring Framework’s parenthood gang :)), and other SpringSource consultants, constantly mention that most of their time, on projects that use Hibernate, is spent fixing Hibernate optimization bugs.

A lot of people form their opinions on what characteristics of “a good software framework” are. There are books, articles about it, but people are different, so opinions vary. One of the characteristics that makes a good framework, in my opinion is “while allowing clients to hook into the internal framework code, do not encourage it”. Meaning the flexibility is there, but the framework should not encourage its clients to get inside framework’s stereotypes. This way framework’s code (internal stereotypes) can alter, and still have “older version clients” running without (significant) change.

One of such hooks that Hibernate actually encourages to use is evicting the object from the session.

Here is an example:

While reviewing one of a Spring Batch jobs, I found that under the same “transaction management roof” (HibernateTransactionManager) jdbcTemplate and hibernateTemplate behaved differently: jdbcTemplate updated records in DB, but hibernateTemplate was not even trying.

So I enabled Hibernate logging in “log4j.properties”:

log4j.rootLogger = ERROR, errorsLog
 
# Hibernate logs
log4j.logger.org.hibernate = DEBUG, hibernateLog
log4j.additivity.org.hibernate = false
 
# HIBERNATE APPENDER
log4j.appender.hibernateLog = org.apache.log4j.RollingFileAppender
log4j.appender.hibernateLog.File = ./path-to/hibernate.log
# Set the maximum log file size (use KB, MB or GB)
log4j.appender.hibernateLog.MaxFileSize = 4096KB
# Set the number of log files (0 means no backup files at all)
log4j.appender.hibernateLog.MaxBackupIndex = 10
# Append to the end of the file or overwrites the file at start.
log4j.appender.hibernateLog.Append = false
log4j.appender.hibernateLog.layout = org.apache.log4j.PatternLayout
log4j.appender.hibernateLog.layout.ConversionPattern = [%p] [%d{yyyy-MM-dd @ HH:mm:ss}] [%t|%c{1}] %m%n
 
# ERRORS APPENDER
log4j.appender.errorsLog = org.apache.log4j.RollingFileAppender
log4j.appender.errorsLog.File = ./path-to/hibernate-error.log
log4j.appender.errorsLog.MaxFileSize = 4096KB
log4j.appender.errorsLog.MaxBackupIndex = 1
log4j.appender.errorsLog.layout = org.apache.log4j.PatternLayout
log4j.appender.errorsLog.layout.ConversionPattern = [%p] [%d{yyyy-MM-dd @ HH:mm:ss}] [%t|%c{1}] %m%n

First, I read an object via Hibernate, update it in the code, and then call a dao’s update method to persist it – pretty simple. However while debugging it step by step, after executing the Hibernate update query, in a log, I saw:

[DEBUG] [main|DefaultSaveOrUpdateEventListener] ignoring persistent instance
[DEBUG] [main|DefaultSaveOrUpdateEventListener] object already associated with session: [EntityName#3]

So the Hibernate did not update the object due the fact that it thought that another object was already associated with this Hibernate session. Which, in fact, was the same reference to the same object, only the update was called from a different instance.

The solution to this was to evict the object from the Hibernate session right after reading it:

  ObjectDto objectDto = dao.findById( id );
  dao.getHibernateTemplate().evict( objectDto )

Once the fix was applied, after Hibernate update call, I saw:

[DEBUG] [main|DefaultEvictEventListener] evicting [EntityName]
[DEBUG] [main|DefaultSaveOrUpdateEventListener] updating detached instance
[DEBUG] [main|DefaultSaveOrUpdateEventListener] updating [EntityName#3]
[DEBUG] [main|DefaultSaveOrUpdateEventListener] updating [EntityName#3]

And the object was successfully persisted into the database.

Happy ORMing!

hosting / railsComments Off on Deploy Rails Application on Bluehost
01
Feb 09

Deploy Rails Application on Bluehost

Rails on Bluehost
Deploying Rails application on Bluehost for the first time can be quite frustrating. Bluehost provides 24/7 support via phone, ticketing system and live chat, which could seem appealing at first. However people with knowledge of Rails (and quite frankly simple networking/hosting) is a pretty rare find at Bluehost.

Forget phone and live chat support when it comes to Rails – it is not there – period. Ticketing support has a “24 hour come back” policy and most of the time the answer would be “read documentation in bluehost knowledge database”. And it would be ok (not good, but still ok) if bluehost knowledge database had any useful information – it does not.

The problem being is that bluehost, as any other hosting company, has its own proprietary configuration, and it is fine, but without the supporting documentation, bluehost is just an unusable black box. Hence friendly hacking is the only way to go to open it.

Choosing a Rails host today, I would definitely give a try to hostingrails, site5 or asmallorange, but some of my clients are with Bluehost, and since I like solving problems, here is a solution on how to deploy your Rails application to Bluehost.

Firstly, you would need to have an “SSH/Shell Access” enabled on your bluehost account. This requires you to show your “government issued photo id” (driver license / passport / state id / etc..) to Bluehost support. You can do it either through the ticketing system (upload along with the ticket), or while on the phone, you can upload it to one of your directories (e.g “tmp”) via cPanel, so they can look at it immediately, and activate your SSH access.

Once the access is granted/activated, you can ssh to your domain through cPanel Java Applet:

 Security -> 'SSH/Shell Access' -> 'Connect using SSHTerm (requires Java)'

However the applet will only work on Windows box (at least not via Ubuntu / Mac). Therefore it is much easier to just ssh to your domain from a command line:

user@host:$ ssh yourusername@youdomain.com

‘username’ can be found on the left hand side of the main cPanel view. Password is the same as for your bluehost account.

Now it is time to get to work, and deploy your Rails application.

Before hitting the terminal and work via command line, there are two more things that need to be done via cPanel:

1. Upload your application to the bluehost box. From cPanel main view:

 Files -> 'Unlimited FTP' -> 'UnlimitedFTP' button

That loads a simple FTP Java app inside your browser (this one works on Mac / Ubuntu :) ) with a regular left/right pannel, where you can select you Rails application on your local box (panel on the left), and drag and drop it in a directiry (e.g. “tmp”) to the bluehost box (panel on the right).

2. Create a subdomain by going to cPanel main view:

 Domains -> 'Subdomains', enter "dumbapp" (no quotes) to Subdomain' field, and click 'Create' button

There is no real need to create this subdomain (unless you really need a subdomain), but it will come handy later on for testing, and such.

Now let’s hit that command line… SSH to your box (ssh bluehostusername@yourdomain.com)

3. Go to your home directory (just in case), and create a “dumbapp” rails application:

cd ~
mkdir rails
 
cd rails
rails dumpapp

4. Now you are in “~/rails” directory, copy YOUR real application to it:

cp -r path-where-your-rails-app-is-uploaded/your-rails-app-name .

5. Copy dispatch.* files from the “dumbapp” to YOUR real application:

cp dumpapp/public/dispatch* your-rails-app-name/public

6. Goto “~/public_html”, and create a symbolic link to YOUR application’s public directory

cd ~/public_html
 
ln -s ~/rails/your-rails-app-name/public dumbapp

access your Rails application at: “http://dumbapp.yourdomain.com”

6. You, of course, can change the symlink and subdomain names in case you all you need is a subdomained Rails app, however most of the time it is not the case, and most of the time you would want your Rails application to be accessible from a top-level domain: “http://www.yourdomain.com” (no subdomain)

All you need to do for that is to back up your “~/public_html” directory (just in case), and create a “~/public_html” symbolic link:

cd ~
mv public_html public_html_backup
rm -rf public_html/
 
# creating a symbolic link to YOUR application from "~" directory
ln -s ~/rails/your-rails-app-name/public public_html

You may want to have your “map.root” from (config/routes.rb) to be uncommented and pointed to the main controller (but that is already a pure Rails talk :) )

Now get in the blue train and hit the Rails!
Good Luck!

NOTE:
run “rails -v”
make sure you have the same Rails version in “~/rails/your-rails-app-name/config/environment.rb”.

If the version is not the same, update your ‘RAILS_GEM_VERSION’ setting in “config/environment.rb” for the Rails version Bluehost has installed, or comment out ‘RAILS_GEM_VERSION’ to use the latest version installed.

e.g.

vi ~/rails/your-rails-app-name/config/environment.rb
 
# Specifies gem version of Rails to use when vendor/rails is not present
#RAILS_GEM_VERSION = '2.1.0' unless defined? RAILS_GEM_VERSION
RAILS_GEM_VERSION = '2.2.2' unless defined? RAILS_GEM_VERSION

in case your application is built on 2.1.0, and bluehost has 2.2.2 installed (“rails -v” should give the current Rails version installed)

hardware / linux / ubuntuComments Off on That Hardware RAID is FAKE!
21
Jan 09

That Hardware RAID is FAKE!

Hardware RAIDUbuntu community is straight up about the fact that in the last few years, a number of hardware products have come onto the market claiming to be IDE or SATA RAID controllers. These have shown up in a number of desktop/workstation motherboards. Virtually none of these are true hardware RAID controllers. Instead, they are simply multi-channel disk controllers combined with special BIOS configuration options and software drivers to assist the OS in performing RAID operations. This gives the appearance of a hardware RAID, because the RAID configuration is done using a BIOS setup screen, and the operating system can be booted from the RAID.

If I read it in the news or just while browsing the net, I would not even pay attention, but…

Recently I had to setup a RAID5 on one of the P5 ASUS motherboard on Ubuntu Intrepid with 4 hard drives, 1 TB each . Let me tell you – it seems very “straight up” (like a shot of stoli), but it really is NOT..

Motherboards, like ASUS would claim to have a controller where you can configure a single RAID volume in the BIOS at the “Hardware” level. That is exactly what I tried at first, cause that just makes sense, right?

Well, it appears that this Asus RAID is not in any way “hardware”, therefore Ubuntu installation, sees all 4 drives instead of a single volume, as it should have, in case of a true hardware RAID controller.

So when Intrepid tries to create a Software RAID, out of these 4 drives, it fails, due to the reason that one layer of software RAID is already there – created by Asus.

To solve the problem Asus Raid configuration needed to be wiped out, and the “RAID” option in BIOS for SATA/SCSI should be disabled. Only then Software RAID can be manually created in Ubuntu. Manually, means answer “no” to “Activate Serial ATA RAID devices?” question, and go partition them away manually:

(just an example of a random Ubuntu install screen while configuring RAID1)

configure software raid in ubuntu

Then choose “Configure software RAID”, and create all the multidisk devices (“Create MD device”) from available volumes.

And watch out “that RAID is fake!”. Make sure you do enough research beforehand, to really make sure that the motherboard/controller that has a “Hardware RAID” support in specifications does in reality goes to the metal.

Good luck!

← Older Entries
Newer Entries →