Tuesday, June 30, 2015

SSH stuck on "expecting SSH2_MSG_KEX_ECDH_REPLY" && using openconnect VPN

Just built a brand new virtual deskop using Vagrant & Puppet to automate the install of a CentOS virtual desktop.  My goal is to build automation into the project from the ground up - the only way to truly do this is to scrap and rebuild many times yet I was having a big issue w/ a fundamental requirement.

I needed openconnect installed to VPN into multiple infrastructure nodes.  Unfortunately, I wasn't able to connect to other infrastructure servers (via ssh) and the system was responding w/ a timing out exception.

To gain a better view I enabled verbose ssh output using the "-vvv" parameter and quickly saw the system was stuck at the  "expecting SSH2_MSG_KEX_ECDH_REPLY" phase.

I was fortunate to have a working VM and performed multiple compare & contrasts against settings.  With debugging enabled I was able to see the server was sending a host key over to the client.  On the broken system it was not receiving that key...

After performing a ton of research to resolve the issue I found many mixed results from individuals.  Seems there are a mix of server (router, sshd, etc) and client side configurations that could be changed to optimize the maximum transmission unit value.

Seems lowering the MTU value in the systems: /etc/sysconfig/network-scripts/ifcfg-enp0s3 worked. 

It was timing out @ 1500 yet worked @ 1200

Reference Link

http://www.microhowto.info/howto/persistently_change_the_mtu_of_a_network_interface_on_redhat.html

 New Settings

bash-4.2$ cat /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s3
UUID=78140972-c1ee-4220-85af-b67ff1bc3cad
DEVICE=enp0s3
ONBOOT=yes
MTU=1200

Thursday, February 26, 2015

How to Shut off ipv6 & enable ipv4 networking in a virtualbox environment

This one's been an annoying feature that I'm going to solution quickly and store for reference.

Here's the problem - No Private network when connected via Bridge Mode due to client network settings.

The goal is to disable ipv6 and enable ipv4, gain a 192.168.1.* address from the local network DHCP server.

Once Complete, I will my port forwarding rules will activate and allow external access to the webserver via http://localhost:8080/ on the host's local web browser.

Solution:
Modify:  /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
 
then restart your network adapter 

Saturday, January 3, 2015

Creating a Linux Launcher for Pentaho Spoon



Reference Article: http://edpflager.com/?p=2322

Main Steps:
1) Create a script which cd's into your pentaho install directory.

  •  cd /usr/local/bin/pentaho
  • ./spoon.sh


2) Move the script to your desktop folder and change permissions accordingly (chmod 755)
3) Right Click -> Properties -> change Icon (selecting the spoon.png icon from your pentaho install directory.
4) Drag the desktop script to the quick launch task bar to create a new application launcher.
5) Modify icon by following step 3 for the application launcher script.

Friday, January 2, 2015

Useful Tips: Open-Source Visio Alternative on MacBook - Libre Office

Libra Office Extensions:

  1. VRT Networks: 
    • Computing Icon Extension: http://www.vrt.com.au/downloads/vrt-network-equipment
      1. To install extension click on the oxt file and install.  
      2. Kill Libre Processes and restart Libre Draw. 
      3. leverage new Extensions by looking @ icons in the Theme's folder