SSH

Restore of Checkpoint Fails with “The following hotfixes seem to be missing”

Ran into a slight snag when attempting to restore a production backup into a VM(*VMware*) image of Checkpoint R77.30. I was using the Gaia WebUI to restore image returns a message: “The following hotfixes seem to be missing”.

The message points me to a log file located under /tmp/ which indicates missing updates to the firewall I am restoring to. To get around this the following steps were taken.

 

  1. Log into the Checkpoint firewall via SSH to access the console (You could also console in  (i’m using a vm so the terminal would work also).
  2. Enter ‘Expert’ mode (password required.)
  3. The the command: dbset backup:override_hfs t’ from  the expert mode.
  4. Go back into Gain WebUI and attempt the restore of the backup.

Wait … Wait… The system will reboot and the configuration will be restored.

All done.

Cause of this issue was the backup file was taken from a system which had a version different from the system I was restoring into. In some cases, this message can be safely ignored and the restore can be performed without incident.

Please take time to review your configuration after you restore.

Capture PuTTY Session Logs

In the past week I have had my good share of working on remote systems where I needed to utilize the tool PuTTY to issue commands; not all of them documented. To assist me in documenting my steps I often use the session logs. However this normal has been a manual process in the heat of the moment and sometimes enabling logging is an afterthought.

To guarantee that this is done I have preformed the following steps to the default configuration of my PuTTY client and all saved sessions so that logs are saved and dated for future reference. I wish to record those here for any of you who would like to do the same.

[Press Start]

 

Open PuTTy

Under Category, choose Logging

Under Session Logging, choose the option “All session output”

Under file name: choose a directory and log filename

Using the PuTTY log parameters I configure my logs to consists of host, year, month, data and time for each session.

I also selected the option to “Always append to the end” of the session log which is currently open”

Finally, saving this new log settings to the Default Settings profile in putty making this the default logging option for all future connections and saved profiles.

Note: Profiles that existed before this change will need to be modified if you wish to also log the session output.

Log Parameters:

  • &H = hostname for the session
  • &Y = year
  • &M = month
  • &D = day
  • &T = time

Example Log’s:

Short Video on how to do this

Tech Short: How To Disable and Enable Ports HP ProCurve

Troubleshooting an issue with a switch I needed to disable a port.  Why not share my steps.

To disable a single or multiple ports we do the following

Log into your switch via console (in my case I SSH in using Putty)

When connected type: configure

Then issue the following command (note you can tab complete)

If you were to enable a disabled port you simply you use the enable command.

Before existing the console issue the following to save changes.

You can now exit form the console; the port you specified has been disabled

 

 

HowTo Upgrade OpenMediaVault

Here are some quick and simple steps to upgrade your OpenMediaVault (OMV) to the latest version; OMV 1.0  (Kralizec).

SSH into your OpenMediaVault server; in my case I am running OMV 0.5 and run the following command:

apt-get update && apt-get dist-upgrade && omv-update

Then type the following command:

omv-release-upgrade

Once completed you can either restart the web services or reboot the system and your all set.

 

Using SSH as VPN Solution in Linux

Looking for a quick simple way to have VPN access to your network or simply to secure your connection when you are on a remote network you don’t complete truest such as a public hot-spot.

And while there are many solutions I have one which is simple to use.

It’s called ‘sshuttle’ and all you need a remote server that you have remote SSH access to and a bit of software on your Linux computer.

To install ‘sshuttle’ on Debian releases you simple apt-get install sshuttle

To use sshuttle you just use the following command:

sshuttle -r user@remote_host 0.0.0.0/0 –dns

This will initiate a SSH VPN connection and send all your traffic security from the network your on out of the remote network your trust.

Simple and easy to setup and use.

 

Note: You do require to have access to a remote SSH server. Setting up an openSSH server is simple to do in Linux and even on a Windows host. — Search Google, you’ll find plenty of info, and perhaps it may even take you back to here if I get around to writing up something.  Best of luck to ya.