Posts Tagged ‘and’

Monitoring network traffic tools to debug network issues in console interactively on Linux

Thursday, December 14th, 2023

transport-layer-fourth-layer-data-transport-diagram

 

In my last article Debugging and routing network issues on Linux (common approaches), I've given some step by step methology on how to debug a network routing or unreachability issues between network hosts. As the article was mostly targetting a command line tools that can help debugging the network without much interactivity. I've decided to blog of a few other tools that might help the system administrator to debug network issues by using few a bit more interactive tools. Throughout the years of managing multitude of Linux based laptops and servers, as well as being involved in security testing and penetration in the past, these tools has always played an important role and are worthy to be well known and used by any self respecting sys admin or network security expert that has to deal with Linux and *Unix operating systems.
 

1. Debugging what is going on on a network level interactively with iptraf-ng

Historically iptraf and today's iptraf is also a great tool one can use to further aid the arsenal debug a network issue or Protocol problem, failure of packets or network interaction issues SYN -> ACK etc. proto interactions and check for Flag states and packets flow.

To use iptraf-ng which is a ncurses based tool just install it and launch it and select the interface you would like to debug trafic on.

To install On Debians distros

# apt install iptraf-ng –yes

# iptraf-ng


iptraf-ng-linux-select-interface-screen
 

iptraf-ng-listen-all-interfaces-check-tcp-flags-and-packets


Session-Layer-in-OSI-Model-diagram
 

2. Use hackers old tool sniffit to monitor current ongoing traffic and read plain text messages

Those older who remember the rise of Linux to the masses, should remember sniffit was a great tool to snoop for traffic on the network.

root@pcfreak:~# apt-cache show sniffit|grep -i description -A 10 -B10
Package: sniffit
Version: 0.5-1
Installed-Size: 139
Maintainer: Joao Eriberto Mota Filho <eriberto@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.14), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libtinfo6 (>= 6)
Description-en: packet sniffer and monitoring tool
 Sniffit is a packet sniffer for TCP/UDP/ICMP packets over IPv4. It is able
 to give you a very detailed technical info on these packets, as SEQ, ACK,
 TTL, Window, etc. The packet contents also can be viewed, in different
 formats (hex or plain text, etc.).
 .
 Sniffit is based in libpcap and is useful when learning about computer
 networks and their security.
Description-md5: 973beeeaadf4c31bef683350f1346ee9
Homepage: https://github.com/resurrecting-open-source-projects/sniffit
Tag: interface::text-mode, mail::notification, role::program, scope::utility,
 uitoolkit::ncurses, use::monitor, use::scanning, works-with::mail,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/s/sniffit/sniffit_0.5-1_amd64.deb
Size: 61796
MD5sum: ea4cc0bc73f9e94d5a3c1ceeaa485ee1
SHA256: 7ec76b62ab508ec55c2ef0ecea952b7d1c55120b37b28fb8bc7c86645a43c485

 

Sniffit is not installed by default on deb distros, so to give it a try install it

# apt install sniffit –yes
# sniffit


sniffit-linux-check-tcp-traffic-screenshot
 

3. Use bmon to monitor bandwidth and any potential traffic losses and check qdisc pfifo
Linux network stack queues

 

root@pcfreak:~# apt-cache show bmon |grep -i description
Description-en: portable bandwidth monitor and rate estimator
Description-md5: 3288eb0a673978e478042369c7927d3f
root@pcfreak:~# apt-cache show bmon |grep -i description -A 10 -B10
Package: bmon
Version: 1:4.0-7
Installed-Size: 146
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.17), libconfuse2 (>= 3.2.1~), libncursesw6 (>= 6), libnl-3-200 (>= 3.2.7), libnl-route-3-200 (>= 3.2.7), libtinfo6 (>= 6)
Description-en: portable bandwidth monitor and rate estimator
 bmon is a commandline bandwidth monitor which supports various output
 methods including an interactive curses interface, lightweight HTML output but
 also simple ASCII output.
 .
 Statistics may be distributed over a network using multicast or unicast and
 collected at some point to generate a summary of statistics for a set of
 nodes.
Description-md5: 3288eb0a673978e478042369c7927d3f
Homepage: http://www.infradead.org/~tgr/bmon/
Tag: implemented-in::c, interface::text-mode, network::scanner,
 role::program, scope::utility, uitoolkit::ncurses, use::monitor,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/b/bmon/bmon_4.0-7_amd64.deb
Size: 47348
MD5sum: c210f8317eafa22d9e3a8fb8316e0901
SHA256: 21730fc62241aee827f523dd33c458f4a5a7d4a8cf0a6e9266a3e00122d80645

 

root@pcfreak:~# apt install bmon –yes

root@pcfreak:~# bmon

bmon_monitor_qdisc-network-stack-bandwidth-on-linux

4. Use nethogs net diagnosis text interactive tool

NetHogs is a small 'net top' tool. 
Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
 

root@pcfreak:~# apt-cache show nethogs|grep -i description -A10 -B10
Package: nethogs
Source: nethogs (0.8.5-2)
Version: 0.8.5-2+b1
Installed-Size: 79
Maintainer: Paulo Roberto Alves de Oliveira (aka kretcheu) <kretcheu@gmail.com>
Architecture: amd64
Depends: libc6 (>= 2.15), libgcc1 (>= 1:3.0), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libstdc++6 (>= 5.2), libtinfo6 (>= 6)
Description-en: Net top tool grouping bandwidth per process
 NetHogs is a small 'net top' tool. Instead of breaking the traffic down per
 protocol or per subnet, like most tools do, it groups bandwidth by process.
 NetHogs does not rely on a special kernel module to be loaded.
Description-md5: 04c153c901ad7ca75e53e2ae32565ccd
Homepage: https://github.com/raboof/nethogs
Tag: admin::monitoring, implemented-in::c++, role::program,
 uitoolkit::ncurses, use::monitor, works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/n/nethogs/nethogs_0.8.5-2+b1_amd64.deb
Size: 30936
MD5sum: 500047d154a1fcde5f6eacaee45148e7
SHA256: 8bc69509f6a8c689bf53925ff35a5df78cf8ad76fff176add4f1530e66eba9dc

root@pcfreak:~# apt install nethogs –yes

# nethogs


nethogs-tool-screenshot-show-user-network--traffic-by-process-name-ID

5;.Use iftop –  to display network interface usage

 

root@pcfreak:~# apt-cache show iftop |grep -i description -A10 -B10
Package: iftop
Version: 1.0~pre4-7
Installed-Size: 97
Maintainer: Markus Koschany <apo@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.29), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libtinfo6 (>= 6)
Description-en: displays bandwidth usage information on an network interface
 iftop does for network usage what top(1) does for CPU usage. It listens to
 network traffic on a named interface and displays a table of current bandwidth
 usage by pairs of hosts. Handy for answering the question "Why is my Internet
 link so slow?".
Description-md5: f7e93593aba6acc7b5a331b49f97466f
Homepage: http://www.ex-parrot.com/~pdw/iftop/
Tag: admin::monitoring, implemented-in::c, interface::text-mode,
 role::program, scope::utility, uitoolkit::ncurses, use::monitor,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/i/iftop/iftop_1.0~pre4-7_amd64.deb
Size: 42044
MD5sum: c9bb9c591b70753880e455f8dc416e0a
SHA256: 0366a4e54f3c65b2bbed6739ae70216b0017e2b7421b416d7c1888e1f1cb98b7

 

 

root@pcfreak:~# apt install –yes iftop

iftop-interactive-network-traffic-output-linux-screenshot


6. Ettercap (tool) to active and passive dissect network protocols for in depth network and host analysis

root@pcfreak:/var/www/images# apt-cache show ettercap-common|grep -i description -A10 -B10
Package: ettercap-common
Source: ettercap
Version: 1:0.8.3.1-3
Installed-Size: 2518
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Architecture: amd64
Depends: ethtool, geoip-database, libbsd0 (>= 0.0), libc6 (>= 2.14), libcurl4 (>= 7.16.2), libgeoip1 (>= 1.6.12), libluajit-5.1-2 (>= 2.0.4+dfsg), libnet1 (>= 1.1.6), libpcap0.8 (>= 0.9.8), libpcre3, libssl1.1 (>= 1.1.1), zlib1g (>= 1:1.1.4)
Recommends: ettercap-graphical | ettercap-text-only
Description-en: Multipurpose sniffer/interceptor/logger for switched LAN
 Ettercap supports active and passive dissection of many protocols
 (even encrypted ones) and includes many feature for network and host
 analysis.
 .
 Data injection in an established connection and filtering (substitute
 or drop a packet) on the fly is also possible, keeping the connection
 synchronized.
 .
 Many sniffing modes are implemented, for a powerful and complete
 sniffing suite. It is possible to sniff in four modes: IP Based, MAC Based,
 ARP Based (full-duplex) and PublicARP Based (half-duplex).
 .
 Ettercap also has the ability to detect a switched LAN, and to use OS
 fingerprints (active or passive) to find the geometry of the LAN.
 .
 This package contains the Common support files, configuration files,
 plugins, and documentation.  You must also install either
 ettercap-graphical or ettercap-text-only for the actual GUI-enabled
 or text-only ettercap executable, respectively.
Description-md5: f1d894b138f387661d0f40a8940fb185
Homepage: https://ettercap.github.io/ettercap/
Tag: interface::text-mode, network::scanner, role::app-data, role::program,
 uitoolkit::ncurses, use::scanning
Section: net
Priority: optional
Filename: pool/main/e/ettercap/ettercap-common_0.8.3.1-3_amd64.deb
Size: 734972
MD5sum: 403d87841f8cdd278abf20bce83cb95e
SHA256: 500aee2f07e0fae82489321097aee8a97f9f1970f6e4f8978140550db87e4ba9


root@pcfreak:/ # apt install ettercap-text-only –yes

root@pcfreak:/ # ettercap -C

 

ettercap-text-interface-unified-sniffing-screenshot-linux

7. iperf and netperf to measure connecitivity speed on Network LAN and between Linux server hosts

iperf and netperf are two very handy tools to measure the speed of a network and various aspects of the bandwidth. It is mostly useful when designing network infrastructure or building networks from scratch.
 

If you never used netperf in the past here is a description from man netperf

NAME
       netperf – a network performance benchmark

SYNOPSIS
       netperf [global options] — [test specific options]

DESCRIPTION
       Netperf  is  a benchmark that can be used to measure various aspects of
       networking performance.  Currently, its focus is on bulk data  transfer
       and  request/response  performance  using  either  TCP  or UDP, and the
       Berkeley Sockets interface. In addition, tests for DLPI, and  Unix  Do‐
       main Sockets, tests for IPv6 may be conditionally compiled-in.

 

root@freak:~# netperf
MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to localhost () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  65536  65536    10.00    17669.96

 

Testing UDP network throughput using NetPerf

Change the test name from TCP_STREAM to UDP_STREAM. Let’s use 1024 (1MB) as the message size to be sent by the client.
If you receive the following error send_data: data send error: Network is unreachable (errno 101) netperf: send_omni:

send_data failed: Network is unreachable, add option -R 1 to remove the iptable rule that prohibits NetPerf UDP flow.

$ netperf -H 172.31.56.48 -t UDP_STREAM -l 300 — -R 1 -m 1024
MIGRATED UDP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.31.56.48 () port 0 AF_INET
Socket Message Elapsed Messages
Size Size Time Okay Errors Throughput
bytes bytes secs # # 10^6bits/sec

212992 1024 300.00 9193386 0 251.04
212992 300.00 9131380 249.35

UDP Throughput in a WAN

$ netperf -H HOST -t UDP_STREAM -l 300 — -R 1 -m 1024
MIGRATED UDP STREAM TEST from (null) (0.0.0.0) port 0 AF_INET to (null) () port 0 AF_INET : histogram : spin interval
Socket Message Elapsed Messages
Size Size Time Okay Errors Throughput
bytes bytes secs # # 10^6bits/sec

9216 1024 300.01 35627791 0 972.83
212992 300.01 253099 6.91

 

 

Testing TCP throughput using iPerf


Here is a short description of iperf

NAME
       iperf – perform network throughput tests

SYNOPSIS
       iperf -s [options]

       iperf -c server [options]

       iperf -u -s [options]

       iperf -u -c server [options]

DESCRIPTION
       iperf  2  is  a tool for performing network throughput and latency mea‐
       surements. It can test using either TCP or UDP protocols.  It  supports
       both  unidirectional  and  bidirectional traffic. Multiple simultaneous
       traffic streams are also supported. Metrics are displayed to help  iso‐
       late the causes which impact performance. Setting the enhanced (-e) op‐
       tion provides all available metrics.

       The user must establish both a both a server (to discard traffic) and a
       client (to generate traffic) for a test to occur. The client and server
       typically are on different hosts or computers but need not be.

 

Run iPerf3 as server on the server:

$ iperf3 –server –interval 30
———————————————————–
Server listening on 5201
———————————————————–

 

Test TCP Throughput in Local LAN

 

$ iperf3 –client 172.31.56.48 –time 300 –interval 30
Connecting to host 172.31.56.48, port 5201
[ 4] local 172.31.100.5 port 44728 connected to 172.31.56.48 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-30.00 sec 1.70 GBytes 488 Mbits/sec 138 533 KBytes
[ 4] 30.00-60.00 sec 260 MBytes 72.6 Mbits/sec 19 489 KBytes
[ 4] 60.00-90.00 sec 227 MBytes 63.5 Mbits/sec 15 542 KBytes
[ 4] 90.00-120.00 sec 227 MBytes 63.3 Mbits/sec 13 559 KBytes
[ 4] 120.00-150.00 sec 228 MBytes 63.7 Mbits/sec 16 463 KBytes
[ 4] 150.00-180.00 sec 227 MBytes 63.4 Mbits/sec 13 524 KBytes
[ 4] 180.00-210.00 sec 227 MBytes 63.5 Mbits/sec 14 559 KBytes
[ 4] 210.00-240.00 sec 227 MBytes 63.5 Mbits/sec 14 437 KBytes
[ 4] 240.00-270.00 sec 228 MBytes 63.7 Mbits/sec 14 516 KBytes
[ 4] 270.00-300.00 sec 227 MBytes 63.5 Mbits/sec 14 524 KBytes
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-300.00 sec 3.73 GBytes 107 Mbits/sec 270 sender
[ 4] 0.00-300.00 sec 3.73 GBytes 107 Mbits/sec receiver

Test TCP Throughput in a WAN Network

$ iperf3 –client HOST –time 300 –interval 30
Connecting to host HOST, port 5201
[ 5] local 192.168.1.73 port 56756 connected to HOST port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-30.00 sec 21.2 MBytes 5.93 Mbits/sec
[ 5] 30.00-60.00 sec 27.0 MBytes 7.55 Mbits/sec
[ 5] 60.00-90.00 sec 28.6 MBytes 7.99 Mbits/sec
[ 5] 90.00-120.00 sec 28.7 MBytes 8.02 Mbits/sec
[ 5] 120.00-150.00 sec 28.5 MBytes 7.97 Mbits/sec
[ 5] 150.00-180.00 sec 28.6 MBytes 7.99 Mbits/sec
[ 5] 180.00-210.00 sec 28.4 MBytes 7.94 Mbits/sec
[ 5] 210.00-240.00 sec 28.5 MBytes 7.97 Mbits/sec
[ 5] 240.00-270.00 sec 28.6 MBytes 8.00 Mbits/sec
[ 5] 270.00-300.00 sec 27.9 MBytes 7.81 Mbits/sec
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bitrate
[ 5] 0.00-300.00 sec 276 MBytes 7.72 Mbits/sec sender
[ 5] 0.00-300.00 sec 276 MBytes 7.71 Mbits/sec receiver

 

$ iperf3 –client 172.31.56.48 –interval 30 -u -b 100MB
Accepted connection from 172.31.100.5, port 39444
[ 5] local 172.31.56.48 port 5201 connected to 172.31.100.5 port 36436
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-30.00 sec 354 MBytes 98.9 Mbits/sec 0.052 ms 330/41774 (0.79%)
[ 5] 30.00-60.00 sec 355 MBytes 99.2 Mbits/sec 0.047 ms 355/41903 (0.85%)
[ 5] 60.00-90.00 sec 354 MBytes 98.9 Mbits/sec 0.048 ms 446/41905 (1.1%)
[ 5] 90.00-120.00 sec 355 MBytes 99.4 Mbits/sec 0.045 ms 261/41902 (0.62%)
[ 5] 120.00-150.00 sec 354 MBytes 99.1 Mbits/sec 0.048 ms 401/41908 (0.96%)
[ 5] 150.00-180.00 sec 353 MBytes 98.7 Mbits/sec 0.047 ms 530/41902 (1.3%)
[ 5] 180.00-210.00 sec 353 MBytes 98.8 Mbits/sec 0.059 ms 496/41904 (1.2%)
[ 5] 210.00-240.00 sec 354 MBytes 99.0 Mbits/sec 0.052 ms 407/41904 (0.97%)
[ 5] 240.00-270.00 sec 351 MBytes 98.3 Mbits/sec 0.059 ms 725/41903 (1.7%)
[ 5] 270.00-300.00 sec 354 MBytes 99.1 Mbits/sec 0.043 ms 393/41908 (0.94%)
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-300.04 sec 3.45 GBytes 98.94 Mbits/sec 0.043 ms 4344/418913 (1%)

UDP Throughput in a WAN

$ iperf3 –client HOST –time 300 -u -b 7.7MB
Accepted connection from 45.29.190.145, port 60634
[ 5] local 172.31.56.48 port 5201 connected to 45.29.190.145 port 52586
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-30.00 sec 27.4 MBytes 7.67 Mbits/sec 0.438 ms 64/19902 (0.32%)
[ 5] 30.00-60.00 sec 27.5 MBytes 7.69 Mbits/sec 0.446 ms 35/19940 (0.18%)
[ 5] 60.00-90.00 sec 27.5 MBytes 7.68 Mbits/sec 0.384 ms 39/19925 (0.2%)
[ 5] 90.00-120.00 sec 27.5 MBytes 7.68 Mbits/sec 0.528 ms 70/19950 (0.35%)
[ 5] 120.00-150.00 sec 27.4 MBytes 7.67 Mbits/sec 0.460 ms 51/19924 (0.26%)
[ 5] 150.00-180.00 sec 27.5 MBytes 7.69 Mbits/sec 0.485 ms 37/19948 (0.19%)
[ 5] 180.00-210.00 sec 27.5 MBytes 7.68 Mbits/sec 0.572 ms 49/19941 (0.25%)
[ 5] 210.00-240.00 sec 26.8 MBytes 7.50 Mbits/sec 0.800 ms 443/19856 (2.2%)
[ 5] 240.00-270.00 sec 27.4 MBytes 7.66 Mbits/sec 0.570 ms 172/20009 (0.86%)
[ 5] 270.00-300.00 sec 25.3 MBytes 7.07 Mbits/sec 0.423 ms 1562/19867 (7.9%)
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-300.00 sec 272 MBytes 7.60 Mbits/sec 0.423 ms 2522/199284 (1.3%)
[SUM] 0.0-300.2 sec 31 datagrams received out-of-order


Sum it up what learned


Debugging network issues and snooping on a Local LAN (DMZ) network on a server or home LAN is useful  to debug for various network issues and more importantly track and know abou tsecurity threads such as plain text passowd communication via insecure protocols a failure of proper communication between Linux network nodes at times, or simply to get a better idea on what kind of network is your new purchased dedicated server living in .It can help you also strenghten your security and close up any possible security holes, or even help you start thinking like a security intruder (cracker / hacker) would do. In this article we went through few of my favourite tools I use for many years quite often. These tools are just part of the tons of useful *Unix free tools available to do a network debug. Tools mentioned up are worthy to install on every server you have to administratrate or even your home desktop PCs, these are iptraf, sniffit, iftop, bmon, nethogs, nmon, ettercap, iperf and netperf.
 If you have some other useful tools used on Linux sys admin tasks please share, I'll be glad to know it and put them in my arsenal of used tools.

Enjoy ! 🙂

Check the Type and Model of available installed Memory on Linux / Unix / BSD Server howto

Monday, October 30th, 2023

how-linux-kernel-manages-memory-picture

As a system administrator one of the common task, one has to do is Add / Remove or Replace (of Broken or failing Bank of RAM memory) a piece of additional Bank of memory Bank to a Linux / BSD / Unix server.  Lets say you need to fullfil the new RAM purchase and provide some information to the SDM (Service Delivery Manager) of the compnay you're hirder in or you need to place the purchase yourself. Then you  need to know the exact speed and type of RAM currently installed on the server installed.

In this article i'll shortly explain how do I find out ram (SDRAM) information from a via ordinary remote ssh shell session cmd prompt. In short will be shown how can one check RAM speed configured and detected by Linux / Unix kernel ? 
As well as  how to Check the type of memory (if it is DDR / DDR2 / DDR or DDR4) or ECC with no access to Hardware Console.  Please note this article will be definitely boring for the experienced sysadmins but might help to a starter sysadmins to get on board with a well know basic stuff.

There are several approaches, of course easiest one is to use remote hardware access interrace statistics web interface of ILO (on IBM machine) or the IDRAC on (Dell Server) or Fujitsu's servers iRMC. However as not always access to remote Remote hardware management interface is available to admin. Linux comes with few commands that can do the trick, that are available to most Linux distributions straight for the default package repositories.

Since mentioning about ECC a bit up, most old school admins and computer users knows pretty well about DDRs as they have been present over time but ECC is being used over actively on servers perhaps over the last 10 / 15 years and for those not dealt with it below is a short description on what is ECC RAM Memory.

ECC RAM, short for Error Correcting Code Random Access Memory, is a kind of RAM can detect most common kinds of memory errors and correct a subset of them. ECC RAM is common in enterprise deployments and most server-class hardware. Above a certain scale and memory density, single-bit errors which were up to this point are sufficiently statistically unlikely begin to occur with enough frequency that they can no longer be ignored. At certain scales and densities of memory arbitrary memory errors that are literally "one in a million chances" (or more) may in fact occur several times throughout a system's operational life.

Putting some basics, Lets proceed and Check RAM speed and type (line DDR or DDR2 or DDR3 or DDR4) without having to physically go to the the Data Center numbered rack that is containing the server.


Most famous and well known (also mentioned) on few occasions in my previous articles are: dmidecode and lshw

Quickest way to get a quick overview of installed servers memory is with:
 

root@server:~# dmidecode -t memory | grep -E "Speed:|Type:" | sort | uniq -c
      4     Configured Memory Speed: 2133 MT/s
     12     Configured Memory Speed: Unknown
      4     Error Correction Type: Multi-bit ECC
      2     Speed: 2133 MT/s
      2     Speed: 2400 MT/s
     12     Speed: Unknown
     16     Type: DDR4

 

To get more specifics on the exact type of memory installed on the server, the respective slots that are already taken and the free ones:

root@server:~# dmidecode –type 17 | less

Usually the typical output the command would produce regarding lets say 4 installed Banks of RAM memory on the server will be like:

Handle 0x002B, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
       
Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM A1
        Bank Locator: A1_Node0_Channel0_Dimm1
       
Type: DDR4
        Type Detail: Synchronous
       
Speed: 2400 MT/s
        Manufacturer: Micron
       
Serial Number: 15B36358
        Asset Tag: CPU1 DIMM A1_AssetTag
       
Part Number: 18ASF2G72PDZ-2G3B1 
        Rank: 2
       
Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x002E, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: Unknown
        Data Width: Unknown
        Size: No Module Installed
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM A2
        Bank Locator: A1_Node0_Channel0_Dimm2
        Type: DDR4
        Type Detail: Synchronous
        Speed: Unknown
        Manufacturer: NO DIMM
        Serial Number: NO DIMM
        Asset Tag: NO DIMM
        Part Number: NO DIMM
        Rank: Unknown
        Configured Memory Speed: Unknown
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

 

Handle 0x002D, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM B1
        Bank Locator: A1_Node0_Channel1_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2400 MT/s
        Manufacturer: Micron
        Serial Number: 15B363AF
        Asset Tag: CPU1 DIMM B1_AssetTag
        Part Number: 18ASF2G72PDZ-2G3B1 
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x0035, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0031
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM D1
        Bank Locator: A1_Node0_Channel3_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2133 MT/s
        Manufacturer: Micron
        Serial Number: 1064B491
        Asset Tag: CPU1 DIMM D1_AssetTag
        Part Number: 36ASF2G72PZ-2G1A2  
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x0033, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0031
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM C1
        Bank Locator: A1_Node0_Channel2_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2133 MT/s
        Manufacturer: Micron
        Serial Number: 10643A5B
        Asset Tag: CPU1 DIMM C1_AssetTag
        Part Number: 36ASF2G72PZ-2G1A2  
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

 

The marked in green are the banks of memory that are plugged in the server. The

field Speed: and Configured Memory Speed: are fields indicating respectively the Maximum speed on which a plugged-in RAM bank can operate and the the actual Speed the Linux kernel has it configured and uses is at.

It is useful for the admin to usually check the complete number of available RAM slots on a server, this can be done with command like:

root@server:~#  dmidecode –type 17 | grep -i Handle | grep 'DMI'|wc -l
16


As you can see at this specific case 16 Memory slots are avaiable (4 are already occupied and working configured on the machine at 2133 Mhz and 12 are empty and can have installed a memory banks in).


Perhaps the most interesting information for the RAM replacement to be ordered is to know the data communication SPEED on which the Memory is working on the server and interacting with Kernel and Processor to find out.

root@server:~#  dmidecode –type 17 | grep -i "speed"|grep -vi unknown
    Speed: 2400 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2400 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2133 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2133 MT/s
    Configured Memory Speed: 2133 MT/s

 

If you're lazy to remember the exact dmidecode memory type 17 you can use also memory keyword:

root@server:~# dmidecode –type memory | more

For servers that have the lshw command installed, a quick overview of RAM installed and Full slots available for memory placement can be done with:
 

root@server:~#  lshw -short -C memory
H/W path                 Device        Class          Description
=================================================================
/0/0                                   memory         64KiB BIOS
/0/29                                  memory         64GiB System Memory
/0/29/0                                memory         16GiB RIMM DDR4 Synchronous 2400 MHz (0.4 ns)
/0/29/1                                memory         RIMM DDR4 Synchronous [empty]
/0/29/2                                memory         16GiB RIMM DDR4 Synchronous 2400 MHz (0.4 ns)
/0/29/3                                memory         RIMM DDR4 Synchronous [empty]
/0/29/4                                memory         16GiB RIMM DDR4 Synchronous 2133 MHz (0.5 ns)
/0/29/5                                memory         RIMM DDR4 Synchronous [empty]
/0/29/6                                memory         16GiB RIMM DDR4 Synchronous 2133 MHz (0.5 ns)
/0/29/7                                memory         RIMM DDR4 Synchronous [empty]
/0/29/8                                memory         RIMM DDR4 Synchronous [empty]
/0/29/9                                memory         RIMM DDR4 Synchronous [empty]
/0/29/a                                memory         RIMM DDR4 Synchronous [empty]
/0/29/b                                memory         RIMM DDR4 Synchronous [empty]
/0/29/c                                memory         RIMM DDR4 Synchronous [empty]
/0/29/d                                memory         RIMM DDR4 Synchronous [empty]
/0/29/e                                memory         RIMM DDR4 Synchronous [empty]
/0/29/f                                memory         RIMM DDR4 Synchronous [empty]
/0/43                                  memory         768KiB L1 cache
/0/44                                  memory         3MiB L2 cache
/0/45                                  memory         30MiB L3 cache

Now once we know the exact model and RAM Serial and Part number you can google it online and to purchase more of the same RAM Model and Type you need so the installed memory work on the same Megaherzes as the installed ones.
 

Improve MobaXterm Best Windows terminal client with some additional settings tune ups / Install extra Linux Cygwin tools on MobaXterm and various post install configuration goodies

Friday, January 20th, 2023

mobaxterm-logo_400x400-terminal-client-tune-up-howto-for-a-new-install

Earlier I've written a an article MobaXTerm: A good gnome-terminal like tabbed SSH client for Windows / Windows Putty Tabs Alternative in which I've introduced the best in my opinion SSH / Telnet / VNC / RDP / Xserver in one Terminal client emulator for Windows operating systems.

The client has been around for quite some time and it has been improving rapidly over the last 10 years, where it now more looks like a separate Operating System than a single terminal client. It's size is quite compact as well and my opinion and every self respectiving developer, system administrator, IT geek or a hacker would definitely
use the mobaxterm at home or at work place on a daily. I guess some of my readers, who have already migrated SuperPutty / SecureCRT or Putty / XMing or whatever kind of exotic Remote SSH Console terminal is used could validate this 🙂

Therefore as I've set up Mobaxterm on a multiple computers all around, I've found it useful to write a small article with some post-install hints (tune ups) one can do immediately once he has installed the Desktop or Portable Apps version of mobaxterm on desktop PC / notebook.
 

1. Set up your bashrc server / command aliases

Lets say you need to setup some rules for connectivity via a socks proxy to dig holes over a harsh company firewalls or add
custom options to every ssh client attempt to remote server, or simply alias some of your servers with custom connectivity options
and so on simply open vi / vim text editor from mobaxterm local terminal and place inside your rules, for example that could be anything like:

 

alias ssh='ssh -o stricthostkeychecking=no -o passwordauthentication=yes -o PreferredAuthentications=password  -v'
alias sftp='sftp -o stricthostkeychecking=no -o passwordauthentication=yes -o PreferredAuthentications=password'

alias work-server='ssh UserName@work-server -v -o passwordauthentication=yes -o PreferredAuthentications=password'

alias proxy='ssh -D 3128 UserName@proxyIP-host1 -o ConnectTimeout=80'
alias proxy1='ssh -D 3128 UserName@proxy-host2 -p 443 -o ConnectTimeout=60'
alias proxy3='ssh -D 3128 Username@proxy-host3 -p 443 -o ConnectTimeout=60'

Simply open the terminal and setup whatever you require
export ftp_proxy="http://proxy-host:8080"
export https_proxy="https://proxy-host:8080"
export http_proxy="http://proxy-host:8080"
export HTTP_PROXY="http://proxy-host:8080"
export HTTPS_PROXY="http://proxy-host:8080"

 

2. Set mobaxterm presistent directory / persistent root directory and default text editor

Make sure you have properly defined at least Persistent directory / Persistent directory if you want to keep the files under your /home/mobaxterm and root directory be able to save your data from local mobaxterm terminal work you have done.

To do so o to Configuration -> General

MobaXterm-persistent-home-directory
 

3. Change default settings for Opening / Closing Terminal tabs just like in gnome-terminal

MobaXterm is really awesome as the developer, followed pretty much the logic of some common GNU / Linux Terminal clients like Gnome-Terminal and KDE's default Konsole terminal.

One of the first things to do once Mobaxterm is installed on the PC is to set up nice key binds as default onces might be heard to learn at the beginning or you might have already the habit to use the certain set of key combinations on your Linux desktop:

Common once are:

1. Open tab / Close tab common once I bind to are (CTRL + T / CTRL + W)
2. Previous tab move / Next tab move keys common one I use are (ALT + LEFT / ALT + RIGHT)
3. Find in terminal (CTRL + F)

rebind-mobaxterm-standard-keys
 

4. Make MobaXterm to automatically open a terminal to not Start local terminal every time

By default mobaxterm it is really annoying cause every time you run it after system reboot you have to select
Start local terminal
Once you run the terminal you get this prompt and you have to press on Start local terminal

mobaxterm-start-local-terminal


How to make Mobaxterm automatically open local Terminal Tab on every boot?
 

To fix this so every time a local terminal is spawn on MobaXterm you have get to:
 

Settings -> Configuration -> Misc


Open the Following tab at startup by default it will be

<Home (Pinned)>

Change it to:

<Terminal>

mobaxterm-open-the-followintab-tab-in-startup

That's it on next login your Local Terminal with /bin/bash.exe will auto load !
 

[hipo.WINDOWS-PC] ➤ env|grep -i SHELL
SHELL=/bin/bash.exe
PATH=/bin:/drives/c/Users/hipo/DOCUME~1
/MobaXterm/slash/bin:/drives/c/Windows:/drives/c/Windows/system32:/drives/c/Windows/system32:/drives/c/Windows:/drives/c/Windows/System32/Wbem:
/drives/c/Windows/System32/WindowsPowerShell/v1.0:/drives/c/Windows/sysnative
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
CMDPATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\sysnative\;
C:\Users\hipo\DOCUME~1\MobaXterm\slash\bin
WINPATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\sysnative\


5. Make menu buttons to appear smaller


Go to menu and select
View -> (Small Buttons)

mobaxterm-select-small-buttons-screenshot

6. Disable auto start of XServer to prevent a port listener on the machine on TCP port

By default mobaxterm opens XServer listener, so you can immediately connect from a remote SSH servers missing Xserver and install software requiring an XServer, for example software such as Oracle Database or some MiddleWare WebLogig or IBM's Web Sphere. This is useful but if you want to have a good security only allow this server on a purpose. Otherwise the XServer will run in parallel with rest of your Moba and just load up your PC and eat up some RAM memory. To disable it go to:

mobaxterm-x11-automatically-start-X-server-disable-stop-at-startup

7. Change the mobaxterm Default theme to Dark

This is optional I like to set the Theme to Dark, also as a Theme for Windows as well as for MobaxTerm, the aim of that is simply to not put extra stress on my eye sight. Being on the PC around 8 to 10 hours and spending some 6 to 8 hours on console work is enough. If you want to do as well.

mobaxterm-change-default-theme-to-dark-theme

8. Install additional set of common Linux tools to mobaxterm to use on Windows
 

Tools such as:

1. Midnight Commander (mc)
2. Wget
3. Curl
4. Vim
5. Screen
6. Rsync
7. Perl
8. W3m
9. dosunix
10. unix2dos
11. gnupg
12. diffutils
13. mysql
14. mpg123
15. whois


If you want to have a set of packages pre-installed that are including above as well as the rest of mine, here is a dump of my installed mobapt manager packages:

For more simply use the experimental Mobaxterm  Graphical Package installer
 

[hipo.WINDOWS-PC] ➤  for i in $(cat Downloads/installed-packages-mobaxterm.txt ); do apt-cyg install $i; done
 

Found package GeoIP-database

Installing GeoIP-database
Downloading GeoIP-database-20180505-1.tar.xz…
Unpacking GeoIP-database-20180505-1.tar.xz…


Running postinstall scripts
Package GeoIP-database installed.

Rebasing new libraries

Found package adwaita-icon-theme

Installing adwaita-icon-theme
Downloading adwaita-icon-theme-3.26.1-1.tar.xz…


You will be prompted for a single Yes for the respository

MobApt Packages Manager

mobapt-pkg-manager-install-git-from-gui-mobaxterm-package-installer

Though it is said it is experimental, I have to say the MobApt Apt Manager works quite good, I never had any issues with it so far.

9. Mobaxterm.ini the settings storage file that can help you move your configurations

If you have to prepeare new MobaXterm on multiple PCs frequently perhaps it is best to just copy the Mobaxterm.ini file. 
Here is an example of my mobaxterm.ini for download.
 

10. Change terminal colors and curor type and enable blinking (customizations)


Settings -> Configuration -> Terminal -> (Default Terminal Color Settings)
 


mobaxterm-change-terminal-colors-and-blinking-cursor-setting-screenshot

11. Use very useful moba Tools
 

mobaxterm-terminal-great-useful-tools-screenshot
For sysadmins Moba has plenty of other jems such as:

  • Network Port scanner such as Nmap with GUI

  • list open network ports (GUI interface to netmap)

  • SSH tunnel tool

  • Moba Diff

  • Wake on Lan

  • Network Packet capturer (such as tcpdump)

  • List running processes (such as taskmgr in simple form)

  • List machine hardware devices (such as Windows Device manager)

 
12. Remote monitoring of opened ssh session


To enable remote monitoring for a Saved session simply use the "Remote monitoring" button on the down left corner of the terminal.

mobaxterm-remote-monitoring-of-remote-ssh-server-screenshot-button

Or to enable it for a new host, open:

1. "Saved sessions"
2. Click over "User sessions"
3. New Session -> (SSH)
4. Basic SSH Settings (Remote host) -> OK
5. Click over the new created session
6. Click on Remote monitoring for the opened session

remote-monitoring-from-mobaxterm-screenshot

13. Play some mobaxterm console games

As you might have pissed off of configuring go on and enjoy some of the great console games, some of which are also present on a normal Linux new distribution installation. 🙂

mobaxterm-list-of-games-screenshot

List of Moba Games

teamwalk-mobaxterm-console-connect-network-routers-game
TeamWalk (Use your mouse or keyboard to connect every server to the central router)

ctris-console-text-game-mobaxterm

Ctris Console tetris from Mobaxterm

solitaire-text-console-game-played-on-mobaxterm-screenshot

Text console Solitaire from Moba
 

Ninvaders-console-game-mobaxterm

Here is NinVaders (Text Version of Space Invaders Arcade Classic)
 

Enjoy ! 🙂

The short historical path of the Holy Relics of Saint Andrew the First-called of the Apostles of Christ

Friday, December 2nd, 2022

St_Andrew_the_Apostle_-_Bulgarian_icon-by-icon-Yoan-from-Gabrovo-iconographer

Why saint Andrew the Apostle is special for the Bulgarian Orthodox Church
and the Eastern Churches?

 

According to Church tradition saint Andrew the Apostle the First-called was the apostle from which wide areas of the Eastern lands was christianized, by his fervent preach of the Gospel and the good news of the Resurrection of Christ who suffered on the Cross for the salvation of mankind.
The Ecumenical Patriarchy of Constantinople and the Ancient Eastern Byzantium Church has received its apostleship in practice, exactly from st. Apostle Andrew.
During his apostleship mission saint Andrew has preached the Gospel and gave the faith for a first time in the Ist century according to Church tradition, as he passed by the Black sea borders, today part of which are in Bulgaria, he went through Romania, where he has spent some time living as a hermit in a cave and then up to Kiev and Scythia, where he made a prophecy that the Christian faith will put its Roots and that soon the pagan tribes of Kiev lands will accept the faith and put the Cross high over their lands.

When Bulgaria was later Christianized by saint Boris-Michael, and the Holy Bulgarian church was established on this lands thanks to the missionary works of Saint Kiril and Methodius, Saint Kliment of Ohrid, saint Gorazd, Naum, Sava, Angelarius and  whole pleade of saints and teachers, Bulgaria has received, also the gift of priesthood and apostleship (has received its own hierarchy of bishops governing the Bulgarian Orthodox Church), thus by spiritual line the Holy Spirit here in Bulgaria was received from Saint Andrew, later this enlightnements achievement, the Books in Church Slavonic, the services and most importantly the Cyrllic alphabet was transffered from Bulgaria and later Serbia to the endless steppes territories of capital Kiev that was a capital of the Rus at that time and in all Scythia today the territories of Russia. Thus all the Byzantine Eastern Churches and  Bulgaria

After the end of the persecution of Christians, in the 4th century AD, Saint Equal-to-the-Apostles Emperor Constantine the Great began to erect numerous Christian temples.

Among them was the temple of the Holy Apostles in the new capital of the empire – Constantinople. After the death of St. Constantine in 337, his son, Constantius, ascended the throne.
The new ruler, fulfilling the will of his father, decided to bring to the capital of the empire the holy relics of the Apostles Andrew, Luke, Timothy and lay them in the church of the Holy Apostles, where the Equal-to-the-Apostles Emperor himself was buried.

Originally, the holy relics of Saint Andrew the First-Called rested at the place of his martyrdom, in Patras, in the Peloponnese, Greece. According to Western tradition, a few days before the relics were transferred to Constantinople, Regulus, who was guarding them, removed the lid of the sarcophagus in which the relics of the Apostle rested, separated from them one shoulder, three fingers of the right hand, part of the knee and a tooth.

holy-right-hand-of-saint-Andrew-the-Apostle-first-called-Vatopedi

Holy right hand of saint Andrew the First-Called

With these relics Regulus left Patras and set out to preach the Gospel among the pagans inhabiting Scotland.
The inhabitants of the country welcomed the enlightener with great honor and together with their King accepted Holy Baptism.
In Scotland, the first Christian church was built in the name of Saint Andrew, in which parts of his holy relics were laid. Which played the role for Scotlands patron saint protector to become Saint Andrew the Apostle.

The deposition of the holy relics of Saint Apostle Andrew the First-Called in Constantinople took place on May 3, 357 in the presence of the Patriarch of Constantinople Macedonius I and Emperor Constantius.
In the 9th – 10th centuries, the Byzantine autocrats usually sent as a donation for the built monasteries and temples parts of the holy relics that rested in Constantinople, including the relics of the holy Apostles.

In the second half of the 9th century, following an urgent request and special intercession before the emperor, the honorable head of St. Apostle Andrew the First-Called was delivered to the St. Andrew's Church in the city of Patras, where it rested until the middle of the 15th century.

In 1460, to the walls of The army of the Ottoman Sultan Mohammed II was approaching the town of Patras. The Governor /Archon/ of the city of Patras, Thomas Paleologus (brother of the Byzantine Emperor Constantine XI, who died during the capture of Constantinople by the Turks in 1453, father of Princess Sofia, the future wife of the Grand Duke John III of Moscow), losing all hope of preserving independence of the city, took the precious and holy treasure of the city from St. Andrew's Church and arrived in Rome with it to collect funds and forces for the liberation of the Orthodox Christian East from the yoke of the infidels.

The holy head of St. Andrew the First-Called Apostle was in Rome until 1964, when, by the decision of Pope Paul VI, this shrine together with parts of the cross of St. Andrew was returned to the Greek Orthodox Church.

Now these relics are located in one of the largest cathedrals in the Balkans, Saint Andrew the First-Called in Patras, Greece, i.e. in this place where the first disciple of Christ preached and ended his martyr's earthly life.

saint-Andrew-first-called-of-the-apostles-X-shaped-cross-icon.jpg

X shaped cross of Saint Andrew according to medieval tradition

The honorable head of the Apostle rests on the throne in a silver coffin, and behind the throne – saint Andrew's cross-relic (according to middle-ages tradition to be X shaped cross in which are embedded parts of the real cross of Saint Andrew, on which he was crucified.

Head-of-Saint-Andrew-the-first-called-Apostle-reliquary

Mount Athos received the hand of St. Andrew as a gift in the Great Lavra of Athos, founded by Saint Athanasius (the Great) at the request of his friend and companion and patron of the Byzantine emperor Nikephoros Phocas (963-969).
Parts of the holy relics of holy Apostle are also kept in other monasteries on Mount Athos.

foot-of-saint-Andrew-the-first-call-Apostle-holy-relic

Foot Relic of Saint Andrew the Apostle

Likewise, part of the forehead bone is kept in the Saint Andrew's hermitage (scythe), in the scythe of saint Prohet Elijah is preserved the foot of the Apostle.
This walking stick was given in 1806 by Hieromonk Dionysius /in Kyzikon (Kyzicheska) Diocese/, who left the eparchy with these relics from the monastery of Saint Marina, cause the monastery was
looted and sacked by the Turks.

In the Russian monastery of Saint Panteleimon on Holy Mount Athos, the second foot of the First Called Disciple of Christ is preserved.

Part of the relics of Saint Andrew also rest in the nun's monastery dedicated to his name, which is located on the island of Catalonia in the village of Peratata.

Fragments of the honest relics of the Apostle are also found in the monastery of Saint Nicholas on the island of Euboea.

Material written from sources according to information from the Holy Kiev-Pechersk Lavra, on the occasion of the stay from June 27 to 29, 2003 during which the the foot of St. Andrew the First-Called, was given for veneration from the monastery of saint Panteleimon, Mount Athos.

 

Transferring a part of the relics of Saint Andrew to the church dedicated to Saint Andrew in Sofia, Bulgaria

 
Holy-relics-of-saint-Andrew-first-of-the-Apostles-in-church-of-saint-Andrew-Sofia-Bulgaria


In 2001, the Metropolitan of Patras, Greece at that time Nicodemus, presented a piece of holy relics from the knee of Saint Andrew and a cross in which pieces of the cross on which St. Andrew the Apostle was crucified were placed.
On November 29, 2001, on the occasion of the feast of St. Andrew the First-Called, the Reliquary was carried in a litany procession from the Bulgarian Church Synodal Palace to the capital church "Свети Андрей Първозвани / (Saint Andrew the First-called)".

A Holy Liturgy was served which was  attended by Their Eminences the Metropolitans: Metropolitan Kiril of Varna and Great Preslav, metropolitan Joseph of America and Australia, metr. Gelasius of New York, metr. Grigoriy of Velikoturno, metr. Neophyte of Dorostol and Cherven (currently Patriarch of Bulgaria) , metr. Gavriil (Gabriel) of Lovchan eparchy, His Eminence Bishop Nikolai of Znepol (then) and now metropolitan of Plovdiv, Patriarchal Vicar, Archimandrite Boris,  the secretary of Holy Synod, numerous priests, the graduates of the Sofia Theological Seminary "Saint Ivan Rilski" and many laymen.

When the litany reached its destination, the church "Stsaint Andrew the First-Called", the relics were welcomed, received and placed in the church for worship by Patriarch Maxim (Rest In Peace). Immediately after that, Great Vespers with five loaves of bread as the orthodox tradition is, was served by the Most Reverend (then) Bishop of Znepol, Nikolay, together with Archimandrite Boris and the temple clergy. The Most Holy Patriarch Maxim (already in his 90s) and some of the bishops attended the service in prayer. After the service, the relics remained exposed for worship in the House of God, which was also open at night. It should be noted that this was the only Orthodox church in Bulgaria dedicated to saint Ap. Andrei.

Also, the fact that for the first time the relics of St. Apostle Andrew are coming to our country is important. Part of the relics were transferred to the church on the island of Saint Anastasia near Burgas in the diocese of Sliven.
The reason for the transferral of relics to st. Anastasia is that according to tradition, the Apostle Andrew himself passed through this island in his apostleship mission.

Every year on November 30 – Saint. Andrew's Day, in the church the holiday is celebrated with a solemn Holy Liturgy, celebrated by His Holiness the Bulgarian Patriarch and Metropolitan of Sofia (today Neofitos), and in his absence, by a bishop, visiting clergy and the church clergy.

From materials from Church newspaper (official newspaper of the Bulgarian Orthodox Church)

Living of New Martyr Saint Onuphrius of Gabrovo, a Bulgarian saint martyred in year 1818

Friday, June 17th, 2022

sveti-Onufrij-Gabrovski-saint-Onufrius-Gabrovski

The New Martyr saint Onufrij ( Onuphrius ) (1786 – 1818) was born in Gabrovo, Veliko Tarnovo Diocese, to pious and noble parents.
(His father Decho later became a monk under the name of Daniel in the same Hilendar monastery on Mount Athos, where his son was then active).
The child Onuphrius was given the name Matthew in Holy Baptism.
When he grew up, he was sent to a one of scarce Bulgarian schools, where he studied well.
When he was 17 years old, his parents once punished him for some childish thing unrest, and out of frivolous childishness, he declared in the presence of Turks that he would accept the Muslim faith.

In such cases, the Turks immediately seized the person who gave the promise to convert to islam and performed the rite of Mohammedan circumcision on him.

To prevent this, his parents hid him and perhaps sent him to the "fotress" of Christian Orthodox FaIth and keeper of Bulgarian spirit, the Troyan Monastery "Holy Mother of God".
In Troyan Monastery, to this day there is a the mouth to mouth legend that the Venerable Martyr Onuphrius began his monastic feat and received his first monastic haircut here with the name Manasseah (Manasij).

sveti-Onufrij-Gabrovski-Bylgarski-svetec

He ascended diligently in spiritual life, but the voice of his conscience began to rebuke him more and more for his public denial of Christianity, even if only in words.
Probably because of this he went to Holy Mount Athos, hoping that there, under the guidance of more experienced elders, he would repent enough and calm his conscience.
Manasseah spent some time in the Hilendar Monastery (a monastery that at this time has been inhibited with many Bulgarian monks), where he was ordained a deacon.

But, as the holy fathers of the Church say, the more a Christian grows in virtue, the deeper he humbles himself and his small sins seem great., same happened with Hierodeacon Manasseah.

He was always impressed by the words of the Savior Christ:

"Whosoever shall confess me before men, him will I confess also before my Father which is in heaven; but whosoever denieth me before men, him will I also deny before my Father which is in heaven." (Matt. 10: 32-33).

And from the lives of the saints he was especially deeply moved by the example of the holy martyr Barlaam, who held his hand without trembling over the burning pagan altar until his hand burned completely, but did not drop incense on the altar, to protect the occusation that he has offered incense to the idols.
His heart was inflamed with jealousy when the Venerable Euthymius, Ignatius and Acacius (Agathius), performed their martyrdom.
Then Manasseah secretly left Hilendar and went to the Forerunner's Hermitage to the local clergyman (elder) Nicephorus with a request to prepare him for such a martyrdom.

For four months he worked hard on enormous spiritual and bodly feats under the guidance of this elder.
Every day Manasseh made four thousand bows; his prayer was unceasing; his remorseful mood brought tears to his eyes.

During these four months of preparation he ate two and a half kilograms of dried grapes, and in the strictest forty-day fast he ate 30 grams of bread every two or three days and drank water in moderation.
After Elder Nicephorus thus prepared him for the impending martyrdom, he cut his hair in a great scheme receiving the great-schema name of Onufrij ( Onuphrius ) and sent him to the island of Chios with the same companion, Elder Gregory, whom he sent with the other martyrs анд вхере тхеир feat would take place there.

On Island Chios Saint Onuphrius lived one Sunday in fasting and prayer, while on Friday, the day of Christ's suffering, he appeared in Turkish robes before the local turkish judge, openly blasphemed Muhammad and threw the green turban on his head.

holy-new-martyr-Onufrius-Onufrij-of-Gabrovo

He was exhorted, thrown into prison, tortured, and sentenced to death the same day.
On January 4, 1818, his head was cut off on the seashore and along with his blood his body was thrown into the sea, so that Christians could not take for granted his holiness any particle veneration of the Venerable Martyr.

Before his death, some asked him about his name and homeland.
The Venerable Martyr replied that his name was Matthew and that he was from Veliko Tarnovo.
In this way he wanted to save the Holy Mount Athos and his monastery from troubles by the Turks.
Soon after his martyrdom, the Greeks from Mount Athos, soon canonized him and compiled a (living) biography and a service in his honor.

Text Translated from:

© Lives of the Saints. Synodal Publishing House of Bulgarian Orthodox Church, Sofia, 1991, edited by Parthenius, Bishop of Lefkada and Archimandrite Dr. Athanasius (Bonchev).

In Praise of Holy 40 Martyrs of Sebaste – a medieval work by Saint Clement of Ohrid (The Wonderworker)

Wednesday, March 9th, 2022

Holy_40_Martyrs-martyrdom-Bulgarian-icon

I consider / think for the will of the same mind and the equality of wisdom of these fourty martyrs and in amazement, I resort to Christ,  by whom clearly comes every good giving and every gift, as the Many-Blessed Paul said and blessed: “Thou are Christ – a God’s power and wisdom.” And with that power, were filled the many-blessed fourty warriors, martyrs for Christ.

They shone in the world like the brightest stars and illuminated the whole universe with the rays of the knowledge of God, having among them the spiritual sun – Christ. Illuminated by its light and adorned with great beauty, they blossomed with special faith like fragrant lilies, abundantly watered with the dew of the Holy Spirit. Decorating themselves with good deeds, they became beloved of their Lord, because in purity and love they surpassed each other. They shone like lamps with spiritual radiance: some with fasting and abstinence, others with good faith and hospitality; some with kneeling prayer and sincerity, and others with humility and meekness; some with vigilance and sincere love, and others with love and mercy for the poor. Indeed, the power of the Holy Spirit was with them, urging them to every good deed and by faith protecting them from every calamity.

And so, they were as homogeneous in appearance and beauty. Weaved through faith and love like a golden necklace, they were connected to each other by unanimity. Leaving the vain way of life, they zealously wished to stand before the unspoken glory of God through good deeds and sincere love. They urged each other to hurry to the holy path of feat. Instead of armor, they put on the faith, and instead of a shield, they armed themselves with The Cross and appeared in battle like Lightning – Riding against thousands and tens of thousands and were glorified with Victory. They fought a double war – with Visible and Invisible enemies.

Ivory_Relief-from-Constantinople_40_Martyr-10th-century-now-kept-in_Bode-museum-Berlin

Ivory Relief icon 40 Martyr 10th century from Constantinople now kept in Bode museum Berlin

The devil, who could not see their beauty and faith, as well as their pure life, fought against them by entering the malevolent court of Licinius, who was autocratic at the time. He raised persecution against Christians. Wanting to deceitfully capture the faithful martyrs, Licinius forced everyone to worship idols. But the ancient prophet proclaimed and said: “Lord will not leave the rod of the wicked on the lot of the righteous, so that the righteous do not stretch out their hands to iniquity. Lord, do good to the good and to the righteous at heart! ” With this light they illuminated themselves, striving brilliantly and wonderfully in martyrdom, despising the ordinary pleasure of joy. Cheering each other on, they said to each other, “Brethren, let us not be afraid of this short-lived torment, which passes quickly like a shadow, but brings us into the eternal dwellings. Therefore, brothers, stand firmly armed against the adversery-enemy, so that we may be adorned with victorious crowns of Christ God!
Because for the sake of earthly life and for the sake of the mortal king we did not spare ourselves in battles, but, having fallen into many troubles, protected by the power of God, we emerged victorious, then – if we try to follow him, taking upon ourselves his voluntary sufferings, we hope that he will be with us, as he promised: “When you are taken to assemblies, to authorities, to prisons, to kings and princes, and to tormentors for my name's sake, do not worry about what to say or what to answer, for I will give you words and wisdom that all your adversaries will not be able to resist or contradict. And do not be afraid of those who kill the body and can do no harm to the soul; but be afraid of him; who, after the murder, has the power to throw into hell. "

With these words, they learned and supported each other, and powerfully trampled on the devil's cunning. They gladly endured all kinds of sorrows, saying to themselves the apostolic word: "God is not unjust, brethren, to forget your labor."

40_Holy_Martyrs-of-Sebaste-Sebastia-in-the-ice-cold-lake-icon

40 Holy Martyrs of Sebaste martyrdon in the Lake Εκκλησιαστικό Μουσείο (Alexandrupoli, Greece Church Museum)

When they stood at night, in the cold, in the middle of the swamp, near the town of Sebastia, here is one of them, turning away, ran to the bathroom (built near the plateau) and, touching the heat, it melted like ice and died. And suddenly an unspeakable light shone from the sky on them, and the cold turned from it into warmth. And forty crowns descended from heaven upon their heads. Only one wreath remained, with nowhere to stop.The guardian, seeing this miracle, took off his clothes, jumped to the martyrs and cried out in a loud voice: “I believe in the Son of God Jesus Christ, in whom even these holy martyrs believe; may He honor me with the same glory, so that I may complete with them a martyr's deed! ” And immediately the crown of unspeakable glory descended on his head and stood. This is God's mercy, as the Lord Himself said, "The last shall be first, and the first last."

oly_Forty_Martyrs_Church-in-Veliko-Tarnovo-Trnov-Bulgaria
Church of Holy Martyrs, ex-Capital of Bulgarian Empire Tarnovo / Trnov, Bulgaria

Therefore, how can we praise the most holy company, from which this wretched man fell away, as Judas once fell away from God's chosen company, and as the devil fell away from the angelic staff and from the light and became the ruler of darkness and deserved eternal torment. His envy engulfed this wretched man. But still the devil was trampled by the invincibles.

The church nourished them with spiritual food, crowned them with the brightest wreaths; he made them companions of the angels and showed them to the whole universe as bright lamps. With their miracles they shine more than the sun. The prophet announced about them in antiquity, saying: “You have tested us, O God, you have melted us as silver is melted; put men over our heads. We went through fire and water and you set us free. " As they desired this eternal peace, they left behind the beauty of life, houses, wealth, fathers, mothers, sisters and brothers, wife, children, and even despised their lives, according to the Lord's command. That is why the Lord has miraculously shown all His favor to them. Indeed, they were vessels of good use, chosen for the service of the only ruler and our savior, Jesus Christ. Nothing could separate Christ's love from them: no fire, no water, no other suffering.

That is why today we celebrate their memory with respect and, giving them the due praise, we say: "Rejoice, all-honorable and wonderful company of the most glorious army!"

They became like the disembodied forces and surpassed them; for they, being disembodied, stand in their place and enjoy the unspeakable beauty. And the martyrs, having swum the earthly ravaged sea , illuminated the whole world with their blood. With spiritual wings, they flew up and stood before the unspeakable glory of God. They abundantly heal the sick, cast out demons, alleviate suffering, enlighten churches, keep the peace, guide people to good deeds, cast out demons and quickly destroy their cunning, enrich the poor in two ways – mentally and physically – destroy heresies. Shining with the brightest dawns, they became great advocates – martyrs for the faith.


Chapel_of_the_Forty_Martyrs_holy-martyrs-holy-relics-Church-of-Holy-Sepulchre-Jerusalem

Chapel of the Forty Martyrs containing the Holy Relics Church of Holy Sepulchre Jerusalem


So what mouth or which tongue will be able to praise these heavenly lamps, which appeared brighter than the sun? With their pure relics, they illuminated the whole world like stars. They warmed the day's frost, ignited by the Holy Spirit. And fiery flames extinguished them, as once the godly youths in Babylon. With their golden bones they illuminated the streams of the river, adorned all the churches with their fragrant relics, delighted the world with their unspeakable miracles, banished deception, and planted the truth, stepped on the devil, rejoiced Christ! That is why the right hand of the Almighty adorned them with bright wreaths and illuminated them with the rays of the unspeakable light, honored them wonderfully and with the honor to stand before God, clothed them with God-woven clothes, filled them with the power of the Holy Spirit and made them equal to disembodied forces. . That is why God is wonderful among his saints, always glorifying those who glorify him, and miraculously honoring them with unspeakable miracles. I want to tell one of their many miracles, namely how children listen to their noble mother.

Sveti-40_Mychneici-Bylgaria-Holy-40-Martyrs-Manastir_-_Vrachesh-Bulgaria

A Nun Monastery near Vrachesh Village, Bulgaria – Monastic Church

When these blessed martyrs surrendered their holy souls into the hands of the Lord, one of them was still breathing. His mother, seeing that he was left alive, rejected the female weakness, took male audacity, took his beloved son on his shoulders and, following him (after the car loaded with the bodies of the martyrs), said to him: "Do your best, Sufferer for Christ, be courageous and strengthen your heart, and may my soul rejoice for you! Do not fall away, as Judas once fell away from the apostles, nor as one of you has now fallen away, but give God all your hope and your spirit, and he will support you; for, behold, Christ is standing before you, brother, to receive your soul and await your arrival. ” As she spoke this, her son, carried by her, surrendered his soul into the hands of the Lord. She took it, placed it with the saints, and said, "Rest, child, with your holy company, and remember me with them in your holy prayers, so that I may accomplish your martyrdom." Then she returned with joy, praising God. Have you heard, brethren, of the love and boldness of the Christ-loving mother? How she feared neither the king, nor the tormentor, nor the sword, nor the fire, but only the life-giver of God.

Merdanya_monastery_40_Martyrs-after-the-battle-of-Klokotnitsa-by-Bulgarian-ruler-Ivan_Asen-II-near-Lyaskovec

Church of 40 Holy Martyrs in Merdanya Monastery near Lyskovec Veliko Tarnovo, Bulgaria (The monastery in thankfulness to the martyrs for helping the Bulgarian King Ivan Asen II in the Famous Medieval battle of Klokotnitsa which occured on 9th of March year 1230 near the Village of Klokotnitsa – As a result, Bulgaria emerged once again for short time as the most powerful state in South-Eastern Europe)

Therefore, if we reject from ourselves any fear of men, let us make room in ourselves for the fear of God. May he enlighten our souls and hearts! May we always abide in fasting, in purity and sincere love, in meekness and obedience, abstaining from all evil. Let us adorn ourselves with good deeds, like these most holy martyrs, glorifying the Most Holy Trinity, one in three persons – the Father, and the Son, and the Holy Spirit – now and always, and forever. Amen!

Text originally existing in Church Slavonic and translated to Bulgarian language by Archimandrite Dr. Atanasii Bonchev (who was also the Author of the Book the Living of the Saints used in the Bulgarian Orthodox Church even today)
 

The Menaion (one of Liturgy service books) of the Eastern Orthodox Church lists the names of the Forty Martyrs as follows:

  • Hesychius, Meliton, Heraclius, Smaragdus, Domnus, Eunoicus, Valens, Vivianus, Claudius, Priscus, Theodulus, Euthychius, John, Xantheas, Helianus, Sisinius, Cyrion, Angius, Aetius, Flavius, Acacius, Ecditius, Lysimachus, Alexander, Elias, Candidus, Theophilus, Dometian, Gaius, Gorgonius, Eutyches, Athanasius, Cyril, Sacerdon, Nicholas, Valaerius, Philoctimon, Severian, Chudion, and Aglaius.


A curious fact is in the Eastern Orthodox Church, there is a prayer mentioning the Forty Holy Martyrs of Sebaste is also placed in the Orthodox Wedding Service (referred to as a "crowning") to remind the bride and groom that spiritual crowns await them in Heaven also if they remain as faithful to Christ as these saints of long ago.

Hearing on the enormousness of Saintship of the Holy Fourty Martyrs and their endurance. 
Let us ask them for their holy prayers for more peace, love, faith and hope and endurance and patience on the hard trials each one of us face constantly!

Holy 40 Martyrs of Sebastia Pray the Lord Jesus Christ so we find mercy in God!

Saint Prophor Pchinski Saint Jochichim of Osogovo and Saint Gabriel of Lesnovo the three little known Bulgarian spritual followers of Saint John of Rila

Saturday, January 15th, 2022

Biography of St. Prohor Pshinski

Saint_Prohor_Pchinski-face-icon

St. Prohor Pshinski. Mural from the 15th century in the church "St. Archangel Michael" in Saparevo near Kyustendil. Source: bartol, bartol.blog.bg

 St. Prohor Pshinski. Mural from the 15th century in the church "St. Archangel Michael" in Saparevo near Kyustendil. Source: bartol, bartol.blog.bg The Rev.

Prohor Pshinski was a Bulgarian by birth from pious parents in the Ovce Pole region of northern Macedonia. It was given by God to childless parents for their prayers and sucked in along with his mother's milk and her high piety. When he grew up, his parents insisted on marrying him. But he once heard in the temple the words of the Savior: "He that loveth father or mother more than me is not worthy of me," (Matt. 10:37). the town of Vranje in Yugoslavia. He lived in a cave where water springs for 32 years. Once a frightened deer ran to him, chased by a hunter who soon appeared.

Saint_Prohor_Pchinski_Fresco-Byzantine-Empire-icon
Prophor Pchinski (Pshinksi) Byzantine Empire Icon

At his first meeting, the monk called the hunter by name and predicted that he would soon become a Byzantine emperor. At that time Bulgaria was under Byzantine slavery (1018 – 1186). And indeed, after some time this man reigned under the name of Roman Diogenes (1067-1071). Astonished by the fulfillment of this prophecy, he discovered the incorruptible relics of the late Prohor Pshinski and built a large temple in the name of the saint on the site of his asceticism. His holy relics were laid there and a monastic fraternity gathered.

This monastery still exists. The Venerable Prohor Pshinski died on September 14, but due to the great feast of the Exaltation of the Holy Cross, the celebration of his memory was postponed to January 15. His monastery celebrates his memory on September 19.

© Lives of the Saints. Synodal Publishing House, Sofia, 1991, edited by Parthenius, Bishop of Lefkada (Levkijski) and Archimandrite Dr. Athanasius (Bonchev).

Saint_Prohor_Pshinski-XV-century-wall-painting-icon-Kyustendil-Bulgaria

Saint Prohor Pchinski (Pshinski) Wall Painting icon XV century Kyustendil Bulgaria

The prologue biography of St. Prohor Pshinski is an original ancient Bulgarian writting, known in a single transcript in the New Prologue from the beginning of the 14th century (GIM, Uvar. 70). Under the date of October 19, the Venerable Hermit Saint is mentioned next to St. Ivan Rilski. Both texts are published by Kl. Ivanova (1977). D. Chesmedjiev (2009) points out that the cult of St. Prohor Pshinski is poorly fixed in the written tradition. All the details about the saint are known from his prologue. St. Prohor lived in the 11th century, working in the Kozyak mountain (near the village of Staro Nagorichino). After his death, his relics were transferred to the church he founded, called Pshinya, where he was healed.

Saint Prophor Pchinski in Modern Theology

His cult probably originated during the Byzantine rule. His memory is celebrated on September 13 and October 19. In the New Prologue, in addition to biographies of St. Ivan Rilski and St. Prohor Pshinski, there are also biographies of St. Achilles of Larissa, St. Simeon of Serbia and others. 30 years ago Kl. Ivanova (Ivanova 1977: 59) has suggested that the manuscript was compiled in the Pshin Monastery itself, but the spelling and language features of the collection are Serbian. According to the latest research by the same researcher, Nora's prologue originates from Jerusalem and was created in the Serbian monastery "St. Archangel Michael ”(Ivanova 2008: 68–70).

 

Biography of Saint Joachim of Osogovo

Images of St. Ivan Rilski and St. Joachim of Sarandapor from the Poganovo Monastery, end of the 15th century. It is not known where he came from, from his life it is known that he came from the west, according to Ivan Snegarov, perhaps from Zeta, in the Osogovo Mountains, where he sought monastic asylum.

An unknown boyar from the village of Gradets, not far from Kriva Palanka, today in northern Macedonia, shows him the place he was looking for monastic solitude – a cave by the Sarandapor River, today's Kriva River. Here St. Joachim spends his life as a hermit, in fasting and prayer, and the local Bulgarians revere him as a holy man. 

Osogovo Monastery.

Kutugenski-Manastir-Sveti-Joachim-Ioakim-Osogovski
Osogovo Monastery Saint Joachim Icon

Joachim Osogowski died on August 16, 1105.On this date the Bulgarian Orthodox Church commemorates him.

Years later, the widowed priest Theodore of the Sheep Field settled in the place of Joachim's hermitage, adopting the monastic name Theophanes. After his saint appears, he discovers his miraculous relics, which are laid in the church built in his memory. In the 12th century, the cult of St. Joachim became so popular in northwestern Macedonia that a monastery of the same name was built around the temple. 

Joachim-of-Osogovo-known-also-as-Sarandopolski-Poganovo_Ivan_Rilski

Images of St. Ivan Rilski and St. Joachim of Sarandapor from the Poganovo Monastery, end of the XV-th century ( the three most famous spiritual pupils of Saint John of Rila )

In the monastery, similar to the life of St. Ivan Rilski, a life of St. Joachim was created, known from later transcripts, as well as a service of the saint. Around the middle of the 14th century the cult of St. Joachim spread to the eastern Bulgarian lands, and at the end of the 14th century it was transferred to Russia.

Biography of Saint Gavriil (Gabriel) Lesnovski

Saint-Gabriel-of-Lesnovo-320px-Archangels_Chapel_in_Rila_Monastery_Gabriel_of_Lesnovo_-_year-1845

Saint Gabriel of Lesnovo fresco from Archangels Chapel Rila Monastery, Bulgaria

Saint_Gabriel-of-Lesnovo-icon-St-Alexander-Nevski
St. Gavriil Lesnowski.
Detail of a mosaic on one of the doors of the Patriarchal Cathedral "St. Alexander Nevsky" in Sofia St. Gavriil Lesnowski. Detail of a mosaic on one of the doors of the Patriarchal Cathedral "St. Alexander Nevsky" in Sofia

Reverend Gavriil Lesnovski is one of the three great followers of the Rila desert dweller St. Ivan Rilski. He lived in the XI – XII century. He was born in the village of Osiche, Palaneshko (Macedonia). He came from rich Bulgarian parents and received a good education. When he was old, his parents betrothed him to a good-looking bride. Soon, however, his fiancée died. Then he entered a monastery and became a monk. With the inheritance he received from his parents, Gabriel built a monastery with a church named after St. Archangel Michael in the Lesnovo Mountains, northern Macedonia, near the present town of Kratovo.

The Venerable Father gathered monks, appointed an abbot, and he himself secluded himself in the mountains of desert life and silence, doing so for 30 years. He then returned to his monastery and died on January 15. Thirty years after the death of the Venerable Gabriel, a Russian monk named Joseph in the town of Sredets (Sofia) – at the suggestion of the saint – went to the place where the Venerable struggled, found his grave, found his incorruptible relics, laid them in a coffin and provided for prayer worship to believers.

For many years the holy relics of the Reverend Gabriel rested in the Lesnovo Monastery and performed many miracles. Probably in the thirteenth century one of the Bulgarian kings of the Assen dynasty brought them to his capital Tarnovo and laid them in the church "Holy Apostles" in Trapezitsa. According to the Reverend's prologue of 1330, "they have lain there until now and give healing." After the Ottoman invasion of Bulgaria, traces of the holy relics of the Venerable Gavriil Lesnovski are lost. The monastery he founded was later named after him and became an important literary center. © Lives of the Saints. Synodal Publishing House, Sofia, 1991, edited by Parthenius, Bishop of Lefkada (Levkijski) and Archimandrite Dr. Athanasius (Bonchev).

Saint-Gabriel_Lesnovski-Saint-_Joachom_Osogovski_and-saint_Prohor-Pchinski-Saint_Alexander_Cathedral_SofiaSaint Gabriel of Lesnovo, Saint Joachim of Osogovo and Saint Prohor Pchinski mosaic saint Alexander Nevski Cathedral Church, Sofia, Bulgaria

The Saints Prohor Pchinski, Joachim of Osogovo together with Saint Gabriel of Lesnovo according to Bulgarian Orthodox Church tradition are considered to be 3 of the many pupil monks of Saint John of Rila who spread the light of Holy Eastern Orthodox Christian faith in whole Bulgarian lands and from there towards Russia and far west Serbia, Croatia, Hungary who historically has been orthodox and later converted to Roman Catholicism.

KVM Virtual Machine RHEL 8.3 Linux install on Redhat 8.3 Linux Hypervisor with custom tailored kickstart.cfg

Friday, January 22nd, 2021

kvm_virtualization-logo-redhat-8.3-install-howto-with-kickstart

If you don't have tried it yet Redhat and CentOS and other RPM based Linux operationg systems that use anaconda installer is generating a kickstart file after being installed under /root/{anaconda-ks.cfg,initial-setup- ks.cfg,original-ks.cfg} immediately after the OS installation completes. Using this Kickstart file template you can automate installation of Redhat installation with exactly the same configuration as many times as you like by directly loading your /root/original-ks.cfg file in RHEL installer.

Here is the official description of Kickstart files from Redhat:

"The Red Hat Enterprise Linux installation process automatically writes a Kickstart file that contains the settings for the installed system. This file is always saved as /root/anaconda-ks.cfg. You may use this file to repeat the installation with identical settings, or modify copies to specify settings for other systems."


Kickstart files contain answers to all questions normally asked by the text / graphical installation program, such as what time zone you want the system to use, how the drives should be partitioned, or which packages should be installed. Providing a prepared Kickstart file when the installation begins therefore allows you to perform the installation automatically, without need for any intervention from the user. This is especially useful when deploying Redhat based distro (RHEL / CentOS / Fedora …) on a large number of systems at once and in general pretty useful if you're into the field of so called "DevOps" system administration and you need to provision a certain set of OS to a multitude of physical servers or create or recreate easily virtual machines with a certain set of configuration.
 

1. Create /vmprivate storage directory where Virtual machines will reside

First step on the Hypervisor host which will hold the future created virtual machines is to create location where it will be created:

[root@redhat ~]#  lvcreate –size 140G –name vmprivate vg00
[root@redhat ~]#  mkfs.ext4 -j -b 4096 /dev/mapper/vg00-vmprivate
[root@redhat ~]# mount /dev/mapper/vg00-vmprivate /vmprivate

To view what is the situation with Logical Volumes and  VG group names:

[root@redhat ~]# vgdisplay -v|grep -i vmprivate -A7 -B7
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  – currently set to     8192
  Block device           253:0

 

  — Logical volume —
  LV Path                /dev/vg00/vmprivate
  LV Name                vmprivate
  VG Name                vg00
  LV UUID                VVUgsf-FXq2-TsMJ-QPLw-7lGb-Dq5m-3J9XJJ
  LV Write Access        read/write
  LV Creation host, time main.hostname.com, 2021-01-20 17:26:11 +0100
  LV Status              available
  # open                 1
  LV Size                150.00 GiB


Note that you'll need to have the size physically available on a SAS / SSD Hard Drive physically connected to Hypervisor Host.

To make the changes Virtual Machines storage location directory permanently mounted add to /etc/fstab

/dev/mapper/vg00-vmprivate  /vmprivate              ext4    defaults,nodev,nosuid 1 2

[root@redhat ~]# echo '/dev/mapper/vg00-vmprivate  /vmprivate              ext4    defaults,nodev,nosuid 1 2' >> /etc/fstab

 

2. Second we need to install the following set of RPM packages on the Hypervisor Hardware host

[root@redhat ~]# yum install qemu-kvm qemu-img libvirt virt-install libvirt-client virt-manager libguestfs-tools virt-install virt-top -y

3. Enable libvirtd on the host

[root@redhat ~]#  lsmod | grep -i kvm
[root@redhat ~]#  systemctl enable libvirtd

4. Configure network bridging br0 interface on Hypervisor


In /etc/sysconfig/network-scripts/ifcfg-eth0 you need to include:

NM_CONTROLED=NO

Next use nmcli redhat configurator to create the bridge (you can use ip command instead) but since the tool is the redhat way to do it lets do it their way ..

[root@redhat ~]# nmcli connection delete eno3
[root@redhat ~]# nmcli connection add type bridge autoconnect yes con-name br0 ifname br0
[root@redhat ~]# nmcli connection modify br0 ipv4.addresses 10.80.51.16/26 ipv4.method manual
[root@redhat ~]# nmcli connection modify br0 ipv4.gateway 10.80.51.1
[root@redhat ~]# nmcli connection modify br0 ipv4.dns 172.20.88.2
[root@redhat ~]# nmcli connection add type bridge-slave autoconnect yes con-name eno3 ifname eno3 master br0
[root@redhat ~]# nmcli connection up br0

5. Prepare a working kickstart.cfg file for VM


Below is a sample kickstart file I've used to build a working fully functional Virtual Machine with Red Hat Enterprise Linux 8.3 (Ootpa) .

#version=RHEL8
#install
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=vda
# Use network installation
#url --url=http://hostname.com/rhel/8/BaseOS
##url --url=http://171.23.8.65/rhel/8/os/BaseOS
# Use text mode install
text
#graphical
# System language
#lang en_US.UTF-8
keyboard --vckeymap=us --xlayouts='us'
# Keyboard layouts
##keyboard us
lang en_US.UTF-8
# Root password
rootpw $6$gTiUCif4$YdKxeewgwYCLS4uRc/XOeKSitvDJNHFycxWVHi.RYGkgKctTMCAiY2TErua5Yh7flw2lUijooOClQQhlbstZ81 --iscrypted
# network-stuff
# place ip=your_VM_IP, netmask, gateway, nameserver hostname 
network --bootproto=static --ip=10.80.21.19 --netmask=255.255.255.192 --gateway=10.80.21.1 --nameserver=172.30.85.2 --device=eth0 --noipv6 --hostname=FQDN.VMhost.com --onboot=yes
# if you need just localhost initially configured uncomment and comment above
##network В --device=lo --hostname=localhost.localdomain
# System authorization information
authconfig --enableshadow --passalgo=sha512 --enablefingerprint
# skipx
skipx
# Firewall configuration
firewall --disabled
# System timezone
timezone Europe/Berlin
# Clear the Master Boot Record
##zerombr
# Repositories
## Add RPM repositories from KS file if necessery
#repo --name=appstream --baseurl=http://hostname.com/rhel/8/AppStream
#repo --name=baseos --baseurl=http://hostname.com/rhel/8/BaseOS
#repo --name=inst.stage2 --baseurl=http://hostname.com ff=/dev/vg0/vmprivate
##repo --name=rhsm-baseos В  В --baseurl=http://172.54.8.65/rhel/8/rhsm/x86_64/BaseOS/
##repo --name=rhsm-appstream --baseurl=http://172.54.8.65/rhel/8/rhsm/x86_64/AppStream/
##repo --name=os-baseos В  В  В --baseurl=http://172.54.9.65/rhel/8/os/BaseOS/
##repo --name=os-appstream В  --baseurl=http://172.54.8.65/rhel/8/os/AppStream/
#repo --name=inst.stage2 --baseurl=http://172.54.8.65/rhel/8/BaseOS
# Disk partitioning information set proper disk sizing
##bootloader --location=mbr --boot-drive=vda
bootloader --append=" crashkernel=auto tsc=reliable divider=10 plymouth.enable=0 console=ttyS0 " --location=mbr --boot-drive=vda
# partition plan
zerombr
clearpart --all --drives=vda --initlabel
part /boot --size=1024 --fstype=ext4 --asprimary
part swap --size=1024
part pv.01 --size=30000 --grow --ondisk=vda
##part pv.0 --size=80000 --fstype=lvmpv
#part pv.0 --size=61440 --fstype=lvmpv
volgroup s pv.01
logvol / --vgname=s --size=15360 --name=root --fstype=ext4
logvol /var/cache/ --vgname=s --size=5120 --name=cache --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /var/log --vgname=s --size=7680 --name=log --fstype=ext4 --fsoptions="defaults,nodev,noexec,nosuid"
logvol /tmp --vgname=s --size=5120 --name=tmp --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /home --vgname=s --size=5120 --name=home --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /opt --vgname=s --size=2048 --name=opt --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /var/log/audit --vgname=s --size=3072 --name=audit --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /var/spool --vgname=s --size=2048 --name=spool --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
logvol /var --vgname=s --size=7680 --name=var --fstype=ext4 --fsoptions="defaults,nodev,nosuid"
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=debug
# reboot automatically
reboot
###
%packages
@standard
python3
pam_ssh_agent_auth
-nmap-ncat
#-plymouth
#-bpftool
-cockpit
#-cryptsetup
-usbutils
#-kmod-kvdo
#-ledmon
#-libstoragemgmt
#-lvm2
#-mdadm
-rsync
#-smartmontools
-sos
-subscription-manager-cockpit
# Tune Linux vm.dirty_background_bytes (IMAGE-439)
# The following tuning causes dirty data to begin to be background flushed at
# 100 Mbytes, so that it writes earlier and more often to avoid a large build
# up and improving overall throughput.
echo "vm.dirty_background_bytes=100000000" >> /etc/sysctl.conf
# Disable kdump
systemctl disable kdump.service
%end

Important note to make here is the MD5 set root password string in (rootpw) line this string can be generated with openssl or mkpasswd commands :

Method 1: use openssl cmd to generate (md5, sha256, sha512) encrypted pass string

[root@redhat ~]# openssl passwd -6 -salt xyz test
$6$xyz$rjarwc/BNZWcH6B31aAXWo1942.i7rCX5AT/oxALL5gCznYVGKh6nycQVZiHDVbnbu0BsQyPfBgqYveKcCgOE0

Note: passing -1 will generate an MD5 password, -5 a SHA256 encryption and -6 SHA512 encrypted string (logically recommended for better security)

Method 2: (md5, sha256, sha512)

[root@redhat ~]# mkpasswd –method=SHA-512 –stdin

The option –method accepts md5, sha-256 and sha-512
Theoretically there is also a kickstart file generator web interface on Redhat's site here however I never used it myself but instead use above kickstart.cfg
 

6. Install the new VM with virt-install cmd


Roll the new preconfigured VM based on above ks template file use some kind of one liner command line  like below:
 

[root@redhat ~]# virt-install -n RHEL8_3-VirtualMachine –description "CentOS 8.3 Virtual Machine" –os-type=Linux –os-variant=rhel8.3 –ram=8192 –vcpus=8 –location=/vmprivate/rhel-server-8.3-x86_64-dvd.iso –disk path=/vmprivate/RHEL8_3-VirtualMachine.img,bus=virtio,size=70 –graphics none –initrd-inject=/root/kickstart.cfg –extra-args "console=ttyS0 ks=file:/kickstart.cfg"

7. Use a tiny shell script to automate VM creation


For some clarity and better automation in case you plan to repeat VM creation you can prepare a tiny bash shell script:
 

#!/bin/sh
KS_FILE='kickstart.cfg';
VM_NAME='RHEL8_3-VirtualMachine';
VM_DESCR='CentOS 8.3 Virtual Machine';
RAM='8192';
CPUS='8';
# size is in Gigabytes
VM_IMG_SIZE='140';
ISO_LOCATION='/vmprivate/rhel-server-8.3-x86_64-dvd.iso';
VM_IMG_FILE_LOC='/vmprivate/RHEL8_3-VirtualMachine.img';

virt-install -n "$VMNAME" –description "$VM_DESCR" –os-type=Linux –os-variant=rhel8.3 –ram=8192 –vcpus=8 –location="$ISO_LOCATION" –disk path=$VM_IMG_FILE,bus=virtio,size=$IMG_VM_SIZE –graphics none –initrd-inject=/root/$KS_FILE –extra-args "console=ttyS0 ks=file:/$KS_FILE"


A copy of virt-install.sh script can be downloaded here

Wait for the installation to finish it should be visualized and if all installation is smooth you should get a login prompt use the password generated with openssl tool and test to login, then disconnect from the machine by pressing CTRL + ] and try to login via TTY with

[root@redhat ~]# virst list –all
 Id   Name        State
—————————
 2    
RHEL8_3-VirtualMachine   running

[root@redhat ~]#  virsh console RHEL8_3-VirtualMachine


redhat8-login-prompt

One last thing I recommend you check the official documentation on Kickstart2 from CentOS official website

In case if you later need to destroy the VM and the respective created Image file you can do it with:
 

[root@redhat ~]#  virsh destroy RHEL8_3-VirtualMachine
[root@redhat ~]#  virsh undefine RHEL8_3-VirtualMachine

Don't forget to celebreate the success and give this nice article a credit by sharing this nice tutorial with a friend or by placing a link to it from your blog 🙂

 

 

Enjoy !

How to Create New Windows 10 NTFS Drive partition from new empty ( Unallocated ) space with Windows Disk Management or diskpart command

Thursday, November 18th, 2021

Windows-10-paritioning-with-disk-management-diskmgmt.msc

As mentioned in previous article, I've been setting up a new PC that is a bit old a 11 years old Lenovo ThinkCentre model M90P with 8 GB of Memory, Intel(R) Core(TM) i5 CPU         650  @ 3.20GHz   3.19 GHz, Intel Q57 Express Chipset.

After the installation was successful on the new Desktop PC attached SSD, I was curious to see how Windows detects the 521 GB Solid State Drive Samsung  Disk, as well as to assign all the SSD Disk space, so I don't have unused parts of the drive hanging around.

To get the exact type of SSD installed on the Lenovo ThinkCentre, it comes to a simple PowerShell command (note that the PowerShell command has to be executed as Administrator).

 

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\Windows\system32> Get-PhysicalDisk

Number FriendlyName               SerialNumber   MediaType CanPool OperationalStatus HealthStatus Usage            Size
—— ————               ————   ——— ——- —————– ———— —–            —-
0      SAMSUNG MZ7LN512HAJQ-00000 S3TVNX0MC04330 SSD       True    OK                Healthy      Auto-Select 476.94 GB


PS C:\Windows\system32>
 

 

PowerShell-Get-PhysicalDisk-command-print-exact-SSD-type-attached-to-a-Windows-computer 

During the Windows installation, I did installed Windows on a 110GB partition that was left behind from my attempt to copy another 120GB ssd drive as, I've described in my previous article.
Cause of that big part of the SAMSUNG MZ7LN512HAJQ-00000 SSD was left unpartitioned ( unallocated ) and respectively the space did not show in Windows, hence to work around this I was supposed to 
create new Windows Drive and format it either in VFAT (FAT32) or NTFS. Through the years when I had to do such an operations I often either booted from some bootCD and did the desired partitioning or if
partitioning had to be done on a LivePC without reboot, I've used Windows Partitioning Software, such as:

  • The Industry Standard Partition Manager ( Acronis Disk Director ) 
     
  • EaseUS Partition Manager


Using a Good partition manager is a great thing if some complicated partitioning operations needs to be done,  however for such a trivial stuff such as mine in that case – Creating a new NTFS filesystem from unallocated space is a bit of nonsense, thus this time I've decided to use the Windows Standard tool for Partitioinng
 

  • Disk Management

To run the tool you need to run Computer Management tool first either by just looking it up in the Search bar near Start menu (Windows 10 flag icon) or by invoking command line start window, by pressing together

Windows Button + R and runnining command:

C:\Users\Emilian> compmgmt.msc

 

From there on navigate to

Storage -> Disk Management

windows-computer-management-screenshot

Go over box Unallocated (365.15 GB) and Press Right Mouse Button and select

-> New Simple Volume

new-simple-volume-screenshot

Next steps are quite self explanatory, had to just follow the New Simple Volme Wizard steps

windows-computer-management-screenshot

windows-computer-management-screenshot-3

windows-computer-management-screenshot-4

I Prefer to use NTFS because it is quicker and kinda of a standard since Windows 8+ onwards, besides that this computer will be used as a simple web browsing station and there is no plans the disk will ever have to be attached to a different OS like UNIX / LInux..However always keep in mind for compitability reasons VFAT Filesystem is usually not a bad idea. 

windows-computer-management-screenshot-5

https://www.pc-freak.net/images/new-ntfs-volume-F-drive-windows-10-screenshot

As you can see the drive is prepared and now accessible from Windows Explorer under Drive F:\. If you wonder why the drive is not D:\, it seems to create the D:\ the unallocated space is supposed to be be on a separate Disk which waas not the case with this PC setup.

After installing the SSD drive and setting the proper partitions another good practice is to use Disk Defragmenter Win tool to optimize the Drives for speed. Another useful feature of disk degragmenter is you can use it to check what kind of hard drive you have installed e.g. SATA or SSD, as well as check if the installed SSD is NVME (Non-Volatile-Memory-Express), e.g. of a faster type.

To run Disk Degrafmenter do  Win key + R
 


C:\Users\Emilian> dfrgui

 

dfrgui-command-screenshot-windows-1

Below is what dfrgui reports on the ThinkCentre after running Disk Optimize for each Drive – (Optimize All) option.

dfrgui-partitions-on-lenovo-thinkcentre-windows-screeshot

Just to show you what you can see with dfrgui, here is the dfrgui screenshot from another PC that has attached both SATA disk and NVME SSD Drive.

dfrgui-command-screenshot-windows-2

 

How to do partitioning from Windows console with diskpart command (useful for scripting)

 

If you're coming from Linux world and you're pretty used to fdisk / cfdisk etc. to do partitioning daily, then you'll be most happy to hear about existence of the diskpart command in Windows, which is a kinda of an equivalent tool.
The tool is perfect for domain administrators which need to do some dynamic partitioning operations on multiple computers at once.

 To use diskpart you need Administrator command prompt, there is much you can do with diskpart, below is how to create another NTFS partition on a secondary

C:\Windows\System32> diskpart

diskpart-win-screenshot-1

DISKPART> list disk

diskpart-win-screenshot-2

DISKPART> select disk 2

diskpart-win-screenshot-3

To clean all the content (e.g. delete everything on hard drive) e.g. all files and directories

!!! BEWARE NOT TO DELETE BY MISTAKE YOUR DATA DON'T BLAME ME IF YOU JUST COPY PASTE IRRESPONSIBLY WITHOUT THINKING.
AFTER ALL IT IS YOUR COMPUTER !!!

DISKPART> clean

 

diskpart-win-screenshot-4

Next lets, create a partition, in below screenshot you can see how to use help and what are the supported partition types in Windows 10 as of year 2021.


/diskpart-help-create-partition-type-screenshot
 

DISKPART> create partition primary

diskpart-win-screenshot-6

To format new assigned primary partition as NTFS

DISKPART> format fs=ntfs

diskpart-win-screenshot-7

Once formatted to assign Drive letter that is the next available free one in order

DISKPART> assign

 

diskpart-win-screenshot-8

If instead of auto assigning a letter to new formatted partition, you would want to assign a specific Drive letter, lets say F:\> as it was in our case with the Graphical Windows Disk Management tool earlier in article.

DISKPART> assign letter=F


Using diskpart it is pretty easy to do much stuff from command line such as formatting a new attached empty unallocated drive, or formatting and setting a desired filesysteem of external attached Hard Drive. Note that the disk list arguments will list any externally attached Supported Storage and you can use disklist similarly to do quick format / repartition / wipe out data or whatever.

Further on just for fun I've run CPUID which is a great Windows freeware tool to report System Information, pretty much like the good old Everest such as exact CPU type, MainBoard, Graphics Card and Mainboard type of the certain hardware you have on running.

cpuid-screenshot-windows-10
 
That's all folks Hope this article, helped you learn something new.

Cheers 😉