Saturday, July 18, 2015

Passing ssh public key to Linux "PAC Manager" app

PAC Manager (PAC for short) is an ssh GUI for Linux that manages multiple session and has some handy features for clusters of Linux/Unix systems.  The only place I have found it is from SourceForge.net (looks like it is finally back on-line, 3 days down, a bummer) at least from a Fedora fan's perspective.

Anyway, I have not used this app because I was not able to figure out how to use public ssh keys that I already have set up with command line ssh on Linux.  I finally did some Google search and was able to locate a post that described how to pass the public key on a remote host connection (sorry, I did not save the URL).

Here is a screenshot that shows where in the PAC GUI the public key file name is specified.  I have not checked but I would hope someone has made a request to add a separate field to specify the key file name (maybe it is already there, maybe I missed it).


The tricky part was using IdentityFile= instead of identity_file=.  The ssh documentation uses the latter.

Linux sed comand to remove entries in authorized.keys file

I do a lot of scripting, coding and installation with various Linux distributions.  Entering passwords using the ssh command from a command line slows me down so I set up passwordless-ssh with encryption keys.  I don't plan to discuss how to create and use encryption keys in Linux for use with ssh because you can find a wealth of examples from a simple Google search.  

What I will show in this post is a simple Linux command to remove an entry in the .ssh/authorized_keys file on a target host.  The authorized_keys file contains the public keys of all the hosts who are allowed to log into the host without using a password.  This assumes you have set up your sshd server properly on the host.
I am sure I am not the only person who re-installs their Linux workstation/server when a new version of a distribution comes along (or I switch to an entirely different distribution because I think I like it more, I always come back to Fedora).  Unless I save my .ssh directory (which I might want to think about doing), I loose my passwordless-ssh capability to other servers.  The reason, I get a new public key and that does not match the remote authorized_keys file.   I have a script that will add my public key to a remote userid but I do not delete an existing key if it exists (just a safety factor I think).  Anyway, I normally go onto the remote host with my userid and manually edit .ssh/authorized_hosts and delete my public key for my workstation.  This can be a bit of a pain so I finally spent the time and located the following sed command that deletes ALL public keys for my workstation from a .ssh/authorized_keys file:

sed -i -e '/redacer/{N;d}' .ssh/authorized_keys

The string 'redacer' is the name of the public key I want to delete.  There can be multiple copies of the same key or a different key for a given host.  The command above will remove all copies.  Please note that this will update the file in-place so if you don't trust the command, you might want to remove the -i option and pipe it to a another file as follows:

sed  -e '/redacer/{N;d}' > akeys.txt

I found this command on the Unix.Stackexchange site so here is a reference to the place I learned about this command.  Another note: I think this will work on Linux and not necessarily on all Unix OS's.

Wednesday, July 15, 2015

Yet another issue with BCM43227 and dnf on Fedora 22

Powered up my Acer Quad-core laptop (the 1TB SSD makes it really fast) and had the ethernet cable plugged in.  For some reason, I checked the network applet in my XFCE system tray and you guessed it, no wireless device listed.  This means trouble.  I tried the fixes in my last post by reinstalling a couple of packages, no luck.

Found the following post: https://ask.fedoraproject.org/en/question/71227/how-to-keep-fedora-22-updates-from-breaking-broadcom-bcm4312-wireless/

The following two commands did it for me.

akmods --force
modprobe wl

The akmods --force takes a few minutes to complete because it runs depmod.

This time, I only spent 20 minutes locating a solution with Google.  Yes, Google is my friend indeed.



Monday, June 22, 2015

More issues with Fedora 22 and BCM43227 wireless adapter

I upgraded my quad-core Acer laptop to Fedora 22 (scratch install, I don't trust fedup and because OS/2 was such a pain) and of course, the Broadcom wireless adapter on my laptop would not work.

I did a lot of Googling on this one but did not find anything that solve my problem.  I checked dmesg and noticed messages about not being able to find b43-open/ucode30_mimo.fw file.  I noticed that /etc/modprobe.d/ files did not have any blacklisting for the b43 driver.  I did notice that /usr/lib/modprobe.d/broadcom-wl-blacklist.conf did contain blacklisting for b43 drivers.  This got me to thinking about why broadcom-wl package is installed.

I looked at the files in the broadcom-wl package
/usr/share/doc/broadcom-wl/README_6.30.223.248.txt made reference to instructions on how the package is built.  I ran the following command to see what was in the directory:

ls /lib/modules/`uname -r`/build

I noticed that the directory was empty.  When I ran the following command:

ls /lib/modules/`uname -r`

I notived the build directory was a symbolic link to the kernel headers.  This link showed up red in my terminator session which I knew right away kernel-devel package was not installed.

I ran the following 2 commands and without rebooting, the NetworkManger applet showed my BCM43227 correctly.

sudo dnf install kernel-devel
sudo dnf reinstall akmod-wl
sudo dnf reinstall broadcom-wl

I am not sure the reinstall of the akmod-wl the is needed but the sequence seemed to get the wireless device working.

I tried reinstalling broadcom-wl and akmod-wl before installing the kernel-devel package. There were no errors.  This might be a bug in one of thw *-wl package prerequisites.  Not sure I want to open a bugzilla or not.

Now I can call it a night!  Only took me 90 minutes to figure out.

Sunday, May 03, 2015

Using XFCE4 on Fedora 21

I recently took my Walmart Red Acer and added a 256GB SSD drive at a cost of $109.  The result was an incredible increase in performance.  Boot time when from about 1.5 minutes or more to right around 30 seconds.  Applications pretty much pop up almost immediately and my colleagues at work were impressed.

I was using Gnome-shell as my desktop but I got tired of all the mousing.  There were a few performance issues that I think were related to Gnome-shell so I switched to my favorite XFCE.  I was disappointed to learn the bluetooth applet was no longer supported.  The solution was to install the bluedevil-autostart package.  This added a startup that gave me a bluetooth icon in the notification icon tray of XFCE.  While I need to manually turn on the bluetooth device using the Acer touchpad (I grew up with a ThinkPad so a touchpad is a challenge for me).  I am sure there is a way to automate the powering on of bluetooth.  I think bluetoothctl is the right place to start.

One more thing...  While I was switching to XFCE in Fedora 21 as my default workspace, I also switched from gdm to lightdm as my desktop manager.  The process for doing this is much similar now.  All I had to do was disable gdm and enable lightdm via systemctl and reboot my laptop.  Here are the commands I used just to be sure:

sudo systemctl disable gdm
sudo systemctl enable lightdm
sudo reboot

Beware of changing the background at the lightdm signon page.  The image mush have an alpha channel in the image.  After some Googling, the magic is to run this command to make sure it has the alpha channel:

 convert wallpaper.jpg wallpaper-with-alpha-channel.jpg

I copied the wallpaper-with-alpha-channel.jpg to /usr/share/backgrounds as root user just to rule out any permissions issues.  The background= line in /etc/lightdm/lightdm-gtk-greeter.conf need to be updated with this new file.

My Walmart Red Acer is now a much faster machine.

Saturday, March 07, 2015

How I fixed Broadcom BCM4318 wireless on Elementary OS Linux

I came across an article on the Internet describing the latest version of Elementary OS (based on Ubuntu).  It looked like it would be nice to try on my Dell Inspiron 1300 laptop (Pentium M, 2GB memory, 250GB HDD).

I first tried the Additional Drivers in the Settings app.  Unfortunately, this only caused an error during install and when I tried to fix it with apt-get --configure -a, the result was a kernel panic.

Here is a link to the web site I used  here to fix this problem.  Seems to work after rebooting.  I do not know if I will have to re-install after every kernel update or not.  I do not think that will be necessary.

Here is a quick summary of the solution:

To fix the problem run the following commands:$ sudo apt-get install b43-fwcutter$ wget http://mirror2.openwrt.org/sources/broadcom-wl-4.150.10.5.tar.bz2$ tar xf broadcom-wl-4.150.10.5.tar.bz2 $ cd broadcom-wl-4.150.10.5/driver/$ sudo b43-fwcutter -w /lib/firmware/ wl_apsta_mimo.o$ sudo modprobe b43$ sudo echo "b43" >> /etc/modules

Sunday, February 15, 2015

Deleting old kernels on Fedora/Red Hat/CentOS

Reference: http://www.if-not-true-then-false.com/2012/delete-remove-old-kernels-on-fedora-centos-red-hat-rhel/

Edit /etc/yum.conf and change/add the following line:

    installonly_limit=2
Install yum-utils:
    sudo yum -y install yum-utils
Run command to reduce total kernels to 2:
   package-cleanup --oldkernels --count=2
Just in case, re-build grub2 config file:
   sudo grub2-mkconfig -o /boot/grub2/grub.cfg

Wednesday, February 11, 2015

Using fiirewall-cmd on Fedora 21 and Red Hat 7

I ran into a situation today where I had to open ports on the fireall on my Acer Aspire One that is running Fedora 21.  I used the firewall GUI but wanted to learn how to do this via the command line via firewall-cmd.  I found the following post on StackOverflow. I had to run the --reload for any changes to take affect.


Here are a few commands I used:

 ZZ=$(sudo firewall-cmd --get-zones); for Z in $ZZ; do echo -n "<Z=${Z}> ";firewall-cmd --zone=$Z --query-port=21/tcp; done

sudo firewall-cmd --get-zones

sudo firewall-cmd --zone=internal --add-port=21/tcp --permanent

sudo firewall-cmd --reload