Install VNC on Debian

For a KDE Desktop run via VNC,

On the server:

apt-get install kde-plasma-desktop tightvncserver xtightvncviewer

Debian Wiki states that for a full KDE installation, one needs to do this:

aptitude install ~tkde-desktop

For LXDE:

apt-get install task-lxde-desktop

Create a user:

useradd -c "Tightvnc user" -m -r -s /bin/bash vncuser
sudo -iu vncuser bash
unset XAUTHORITY
vncserver

Now, create a vncserver instance:

vncserver :1 -geometry 1356x758 -depth 16 -pixelformat rgb565

If you weren’t prompted for a password, set a password for vnc with:

vncpasswd

If you need to reset the server:

tightvncserver -kill :1

Now, edit the file: /root/.vnc/xstartup

Find the line:

gnome-session &

and replace it with:

startkde &

if you prefer kde.

For lxde, the file looks like this:

#cat /root/.vnc/xstartup
#!/bin/sh

xrdb $HOME/.Xresources
xsetroot -solid grey
#x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &
# Fix to make GNOME work
export XKL_XMODMAP_DISABLE=1
/etc/X11/Xsession
lxterminal &
/usr/bin/lxsession -s LXDE &

Optionally setup an alias in .bashrc, and assign:

alias startvnc='vncserver :1 -geometry 1366x676 -depth 16 -pixelformat rgb565'
alias killvnc='tightvncserver -kill :1'
#alias startvnc='vncserver :1 -geometry 1356x758 -depth 16 -pixelformat rgb565'

On Windows, install TightVNC, and connect to url: yourserverip:5901

To enable Copy Paste between Windows and the VNC instance, try this:
Add the following lines to /root/.vnc/xstartup before /usr/bin/lxsession -s LXDE & :

vncconfig  -nowin &
export XKL_XMODMAP_DISABLE=1
autocutsel -fork

The final file for LXDE now looks like this:

#cat /root/.vnc/xstartup
#!/bin/sh

xrdb $HOME/.Xresources
xsetroot -solid grey
#x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &
# Fix to make GNOME work
export XKL_XMODMAP_DISABLE=1

vncconfig  -nowin &
export XKL_XMODMAP_DISABLE=1
autocutsel -fork

/etc/X11/Xsession
lxterminal &
/usr/bin/lxsession -s LXDE &

Now you can copy something in Windows and paste into Tightvnc.


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.
Midnight commander (mc) shows garbled text characters instead of graphics

Midnight commander (mc) shows garbled text characters instead of graphics

On a Debian ssh shell running via Putty on Windows 8, I started getting this weird display on midnight commander:

MWSnap009 2013-05-06, 21_29_08

 

To fix this,

In Putty>Load Session

Putty>Window>Translation>Remote character set>UTF8

MWSnap010 2013-05-06, 21_29_55

Also export the following variable in your .bashrc file:

NCURSES_NO_UTF8_ACS=1

Save the session. Exit and restart Putty. mc is fixed now.

MWSnap011 2013-05-06, 21_31_41

Credits: 
http://www.andremiller.net/content/getting-midnight-commander-line-drawing-work-putty

 


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Cannot sftp, can ssh and scp

I’d noticed an issue on my server where it allows me to login with ssh, or transfer files with scp or rsync, but would not allow me to use Filezilla to transfer files using sftp protocol

My /var/log/auth.log showed the following:

Mar  7 05:31:03 gambit sshd[28323]: Server listening on 0.0.0.0 port 22.
Mar  7 05:31:03 gambit sshd[28323]: Server listening on :: port 22.
Mar  7 05:31:09 gambit sshd[28310]: pam_unix(sshd:session): session closed for user root
Mar  7 05:31:14 gambit sshd[28329]: Accepted password for root from 59.93.41.155 port 55173 ssh2
Mar  7 05:31:14 gambit sshd[28329]: pam_unix(sshd:session): session opened for user root by (uid=0)
Mar  7 05:31:15 gambit sshd[28329]: subsystem request for sftp
Mar  7 05:32:52 gambit sshd[28323]: Received signal 15; terminating.
Mar  7 05:32:52 gambit sshd[28352]: Server listening on 0.0.0.0 port 22.
Mar  7 05:32:52 gambit sshd[28352]: Server listening on :: port 22.
Mar  7 05:32:55 gambit sshd[28329]: pam_unix(sshd:session): session closed for user root
Mar  7 05:33:00 gambit sshd[28358]: Accepted password for root from 59.93.41.155 port 55198 ssh2
Mar  7 05:33:00 gambit sshd[28358]: subsystem request for sftp

I checked my sshd_config at /etc/ssh/sshd_config. The line I was looking for was:

PermitRootLogin yes

However that was already set.

So I was in a delimma. I couldnt find out at all, what the issue was, until I read this comment by mdpc on Server Fault, where he says:

Another issue that I have noticed, is that if your login startup files generate any sort of output, scp and sftp fail. Be sure you bracket things that output to the terminal in your startup scripting using a test on the variable $?prompt if it is non-zero you talking with a terminal.

This made me remember that I wasnt getting this issue immediately after installed a new OS, however only after I’ve worked on it for a while. So I understood that it was because I had .bashrc set to output a few things. So if .bashrc output anything to the terminal, an sftp would fail.

Moving .bashrc fixed the issue.

In fact, once I became aware of the issue, it was easy to find that this situation was rather well documented, in no less than the openssh

http://www.openssh.org/faq.htmlFAQ

2.9 – sftp/scp fails at connection, but ssh is OK.

sftp and/or scp may fail at connection time if you have shell initialization (.profile, .bashrc, .cshrc, etc) which produces output for non-interactive sessions. This output confuses the sftp/scp client. You can verify if your shell is doing this by executing:

ssh yourhost /usr/bin/true

If the above command produces any output, then you need to modify your shell initialization.

There are many solutions you can use, and all of them involve checking what kind of shell you’re running. If it’s a non-interactive shell like xterm, you execute .bashrc. If it’s filezilla, you dont.

So you first rename .bashrc to .bashc_real

Then you insert one of the following code into a new file .bashrc:

if [ "$TERM" = "xterm" ]
then
   source .bashc_real
fi

OR

if [ "$TERM" != "dumb" ]
then
   source .bashc_real
fi

OR

if [ "$SSH_TTY" ]
then
   source .bashc_real
fi

 


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Fix for “ssh-add: Could not open a connection to your authentication agent.”

You might have tried adding a key with:

ssh-add .ssh/id_rsa

only to get this error:

ssh-add .ssh/id_rsa
Could not open a connection to your authentication agent.[/code]
If this happens, it is because your ssh agent is not running in the terminal.

Run this:
exec ssh-agent bash

which will cause it to resource your .bashrc files and start the agent.

Now try readding the key again:

ssh-add .ssh/id_rsa
Identity added: .ssh/id_rsa (.ssh/id_rsa)

 


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Fix “Host key verification failed, offending host key is” error

If you have a VPS/server and reinstall it, you may see a message similiar to the below while logging in to it:

scp .ssh/ [email protected]:~/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
43:ab:e2:c8:66:c3:c3:b7:b3:49:6d:01:57:4b:cd:39.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:4
RSA host key for 192.145.45.167 has changed and you have requested strict checking.
Host key verification failed.
lost connection

 

To fix this, you need to delete the offending host key from .ssh/known_hosts.

You can do this with sed:

sed -i '4d' .ssh/known_hosts[/code]
The "-i" option means, do an "in-place" modification of the file. The "4d" means to delete line number 4 from the file.

So after doing it, try again:
[[email protected]] ~ #sed -i '4d' .ssh/known_hosts
[[email protected]] ~ #scp -r .ssh/ [email protected]:~/
The authenticity of host '192.145.45.167 (192.145.45.167)' can't be established.
RSA key fingerprint is 43:ab:e2:c8:66:c3:c3:b7:b3:49:6d:01:57:4b:cd:39.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.145.45.167' (RSA) to the list of known hosts.
[email protected]'s password:
authorized_keys~                              100%  399     0.4KB/s   00:00
authorized_keys                               100%  801     0.8KB/s   00:00
id_rsa                                        100% 1679     1.6KB/s   00:00
known_hosts                                   100% 1768     1.7KB/s   00:00
id_rsa.pub                                    100%  391     0.4KB/s   00:00

 


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

SSH Error: RSA host key for ‘server’ has changed and you have requested strict checking

I encountered this error while connecting recently too Goo buildserver:

[[email protected] ~]$ ssh2gooserver
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
73:1b:ca:05:7d:e5:10:b2:48:d0:be:70:3a:0f:08:47.
Please contact your system administrator.
Add correct host key in /home/droidzone/.ssh/known_hosts to get rid of this message.
Offending key in /home/droidzone/.ssh/known_hosts:10
RSA host key for buildbot1.snipanet.com has changed and you have requested strict checking.
Host key verification failed.

Solution:

1. Execute the following to remove the key for the server:

$ ssh-keygen -R buildbot1.snipanet.com
/home/droidzone/.ssh/known_hosts updated.
Original contents retained as /home/droidzone/.ssh/known_hosts.old

Now I tried again, and got a different message:

[[email protected] ~]$ ssh2gooserver
The authenticity of host 'buildbot1.snipanet.com (199.167.135.246)' can't be established.
RSA key fingerprint is 73:1b:ca:05:7d:e5:10:b2:48:d0:be:70:3a:0f:08:47.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'buildbot1.snipanet.com' (RSA) to the list of known hosts.
Warning: the RSA host key for 'buildbot1.snipanet.com' differs from the key for the IP address '199.167.135.246'
Offending key for IP in /home/droidzone/.ssh/known_hosts:10
Are you sure you want to continue connecting (yes/no)? yes
[email protected]'s password: 
Creating directory '/home/droidzone'.

I wanted to remove this error message.

So:

emacs /home/droidzone/.ssh/known_hosts

Jump to the offending line: Alt-GG 10

That’s for line number 10, and copy from beginning to end of Line 10 (easier if you have line numbering turned on iin emacs).


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Automating Git for passwordless logins- Setup git key pairs and setup ~/.ssh/config file

I’ve already posted about how to create key pairs fo SSH elsehere.

This is a short listing of the ~/.ssh/config file used for Git:

Host goob
     HostName buildbot1.snipanet.com
     User droidzone
     IdentityFile ~/.ssh/privatekey_goo
     ServerAliveInterval 30
     ServerAliveCountMax 120
Host goo
     HostName upload.goo.com
     User droidzone
     IdentityFile ~/.ssh/privatekey_goo
     ServerAliveInterval 120
     ServerAliveCountMax 120
     Port 2222
Host xda
     HostName build1.dev.xda-developers.com
     User droidzone
     IdentityFile ~/.ssh/xdamachine_key_openssh_pvt
     ServerAliveInterval 30
     ServerAliveCountMax 120
Host sf
     HostName shell.sourceforge.net
     User droidzone
     IdentityFile ~/.ssh/privatekey_sourceforge_ssh
     ServerAliveInterval 30
     ServerAliveCountMax 120
Host bitbucket.org
    IdentityFile ~/.ssh/id_rsa_bitbucket

 

Anatomy of a config file
A config file should be named ~/.ssh/config
The permissions of each key referred to by ssh should be restricted to user only, i.e chmod go=
The “Host” value is an alias
The “Hostname” value should be an ip or actual resolvable hostname
If Port is not 22, it should be specified in the file.

If the hostname is correct, you can login to sourceforge by typing: ssh sf
The username, hostname, key, port will be determined from the file.


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Making your ssh life paradise – Using a config file

The config file can automate many tedious processes.

Eg: You wish to scp a file from the current machine to a host like XDA, using a specific identity key. Of course you can use ssh-add to add the key, but it may not be recognized each reboot.

The usual command is like

scp -i ~/.ssh/path_to_keyfile sourcefilename [email protected]:~/targetpath

Once a .config file is set up, your new command becomes:

scp sourcefile xda:target

Really!

Create a text file in ~/.ssh/config:

[email protected]:~$ cat /home/droidzone/.ssh/config                                                                                                                    
Host bitbucket                                                                                                                                               
    IdentityFile ~/.ssh/bitbucket                                                                                                                                     
Host xda                                                                                                                                                              
     HostName build1.dev.xda-developers.com                                                                                                                           
     User droidzone                                                                                                                                                   
     IdentityFile ~/.ssh/xdamachine_key_openssh_pvt                                                                                                                   
     ServerAliveInterval 30                                                                                                                                           
     ServerAliveCountMax [email protected]:~$

Here, as you can see, I’ve added two hosts. One is my Bitbucket account, and I’ve specified a key file for authentication.

For XDA, I’ve given it a label “xda”, specified the build server username and hostname, specified an identity file, and a timeout interval.


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Fixing the error “warning: setlocale: LC_CTYPE: cannot change locale”

Recently I was granted build server access on Goo. While trying Bash completion, I encountered this error. Every time I tried to use Tab key for completion, this error message would get added to my typed command. It didnt interfere with the actual command execution. Bash seemed to be totally oblivious to the command line getting hijacked in this fashion. But for the user, me, it was an eyesore.

The fix was too simple. I simply needed to add the following to my ~/.bashrc file:

export LC_CTYPE="en_US.UTF-8"

Thanks to bergspot


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.

Convert a Putty private key to openssh format in Linux

First install putty tools

sudo apt-get install putty-tools

 

Now, convert the file with:

Putty Private Key to OpenSSH

puttygen [sourcefile.ppk] -O private-openssh -o [Outputfilename]

Putty Public Key to OpenSSH

puttygen [sourcefile.ppk] -O public-openssh -o [Outputfilename]

OpenSSH Private Key to Putty ppk

puttygen [opensshsourcefilename] -O private -o [Outputfilename.ppk]

OpenSSH Public Key to Putty ppk

puttygen [opensshsourcefilename] -O public -o [Outputfilename.ppk]

You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.