SSH over HTTP Proxy

Using SSH to connecting to an host when an HTTP Proxy is between the client and the host, can not be done directly without some configuration.

On Linux based machines the solution is to install and run corkscrew, a program that can tunnel the SSH protocol through an HTTP Proxy.

So how to do the configuration?

1) First install the corkscrew program with your package manager. On Ubuntu family: apt-get install corkscrew

2) Then you need to configure SSH to use corkscrew when connecting to the host that has a http proxy between.

3) Goto to your home directory and change to the hidden directoy .ssh within a command shell window.

4) Create or edit a file named config. The name is just config. No extensions.

5) Add the following lines to the config file

Host <IP_of _remote_host>  
 ProxyCommand corkscrew <IP_of_HTTP_Proxy> <HTTP_Proxy_Port> %h %p <auth_file>

Where the <IP_of_remote_host> is the public ip address of the host where you wish to connect.

The <IP_of_HTTP_Proxy> and <HTTP_Proxy_Port>  are the IP address and Port of you local http proxy server that you wish to go through.

And finally, if your proxy server requires authentication, by username and password, just give a complete path to a file where Proxy credentials are stored, for example /home/primalcortex/.corkscrew_auth

This file content must be something like:

username:password

For example a complete config file example:

Host 78.0.1.3
    ProxyCommand 192.168.1.1 8080 %h %p /home/primalcortex/.corkscrew-auth

and the .corkscrew-auth file:

myproxyuser:rtwertjwe4

6) Just connect now:

ssh myremoteuser@78.0.1.3

or when not using the default ssh port:

ssh -p 12345 myremoteuser@78.0.1.3

7) Done!

So why we need this?

Well, first is of course, to access a remote machine, but ssh can forward local ports to remote ports, and this is important because, with this feature we can use Thunderbird to directly connect to a remote server by using the standard IMAP and SMTP protocols through an HTTP proxy.

KDE device notifier and Konqueror/Dolphin file manager

This may seem a simple issue, but it took me a while to find why “Open with File Manager” on the device manager opened up the Konqueror file manager instead of Dolphin…

To change it’s easy. Just go to System Settings and Default Aplications. Choose File Manager, and there choose your File Manager of preference.

That’s it.

MySQL on a Ubuntu VPS

Using the great site lowendbox.com I’ve “bought” a Ubuntu based VPS (Virtual Private Server) so that I can use for my testings…

Anyway, I needed to install MySQL database on this Ubuntu Server based VPS, which is simply done by running the following command:

apt-get update
apt-get install mysql-client mysql-server

During the installation process a password for the root user is required. Just make sure that it’s strong enough (Hint: use keypass password generator…)

After installing and running the MySQL server is available at port 3306 and normally only available at the loopback address. But anyway I’ve changed the local firewall rules to block all connections to port 3306 from outside the loopback adapter: Just edit the /etc/rc.local file and add the following lines before the exit 0 command

iptables -A INPUT -p all -s localhost -d localhost -j ACCEPT
iptables -A INPUT -p tcp --destination-port 3306 -j REJECT

Then as the root user just run the file: /etc/rc.local and make sure that the rules are active:

root@vpss:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
REJECT     tcp  --  anywhere             anywhere             tcp dpt:mysql reject-with icmp-port-unreachable
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
ACCEPT     all  --  localhost.localdomain  localhost.localdomain 
REJECT     tcp  --  anywhere             anywhere             tcp dpt:mysql reject-with icmp-port-unreachable

And that’s it.

Now we need a backup policy so that anything goes wrong, at least we have some data to recover…

 

 

Kubuntu upgrade from 12.04 to 13.04

Despite Kubuntu 12.04 being a LTS release, and after some weeks upgrading to 13.04 on my personal desktop computer, I decided to do the same on my Work Laptop.

Things didn’t ran as expected…

First the upgrade from 12.04 to 12.10 deleted a bunch of packages, by my command :( and I ended up with no graphical display… A quick look at Xorg.0.log file showed me that my Xorger’s driver for my Intel graphic card was gone.

Anyway, I’ve installed the xservers-xorg-video-intel package and proceeded to upgrade to 13.04.

At the end despite having a graphical desktop, after login on KDE, a qdbus error appeared… qdbus package was missing… (apt-get install qdbus).

Also on 12.04 the transition from the login greeter to the desktop is silky smooth (it is on my desktop), on my laptop it blanks showing a black screen with a mouse cursor, but the desktop shows up abruptly. I don’t have now the KDE logon progress icons…

And finally, DNS settings from my DHCP servers didn’t worked, I had to manually add the dns servers IP to resolv.conf…  This issue was also a missing package, namely dnsmaq. After adding up the nameserver 127.0.0.1 to my /etc/resolv.conf file, everything is up….

Let’s see what is waiting again in the dark…

Execute a simple Java Console application

How to execute a simple java console program, with a main function?

Sometimes whe need to build a simple java program to test some concept/code/whatever.

So the code is something like (grabbed from stackoverflow for my quick reference):

Sun’s tutorial contains a complete demonstration, but here’s another one from scratch. You need two files:

Test.java:

public class Test {

   public static void main(String[] args){
      System.out.println("Hello world");
   }
}
Then create a Manifest.mf file with the following content:

Manifest-version: 1.0
Main-Class: Test

Then compile the Java source file and create the jar file:

javac Test.java
jar cfm test.jar Manifest.mf Test.class
java -jar test.jar

Output:

Hello world

Synology Mail Station with POP3 retrieval – Hibernation issues

After installing and enabling Synology Mail Station (RoundCube), I added a POP3 external account, so that account’s mail also was available at RoundCube’s interface on my Synology.

The issue is that after that change/configuration the NAS didn’t hibernate any more.

I thought that the issue was related to the pooling interval to the POP3 account, and I was right, it was set to 5 minutes by default. I’ve changed to 4 hour’s (240 minutes), but checking the logs I could see that the pooling was still at 5 minutes… and still the NAS wouldn’t hibernate.

So a quick check I’ve found out that the fetchmail process that fetchs the mail from the external POP3 accounts reads it’s configuration files from /var/packages/MailStation/target/roundcubemail/ext

In my case the POP3 account was defined on the admin accounts, and so there is an admin_fetch file, which might be different if other users are using the POP3 external accounts feature.

Editing this file there is a line

#### .fetchmailrc
set daemon 300

Which means pooling every 5 minutes (300 seconds)

I’ve changed the value to 21600 (4 hours), and waited for the next NAS restart.

After that pooling was set to every 4 hours and the NAS does hibernate now.

Didn’t bother to much to see how to restart the fetchmail process without rebooting the NAS, but probably restarting the Mail Station packages will suffice.