ALL Archives - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘ALL’

How to Install and Set Up an NFS Server network Shares on on Linux to easify data transfer across multiple hosts

Monday, April 7th, 2025

How to Configure NFS Server in Redhat,CentOS,RHEL,Debian,Ubuntu and Oracle Linux

Network File System (NFS) is a protocol that allows one system to share directories and files with others over a network. It's commonly used in Linux environments for file sharing between systems. In this guide, we'll walk you through the steps to install and set up an NFS server on a Linux system.

Prerequisites

Before you start, make sure you have:

A Linux system distros (e.g., Ubuntu, CentOS, Debian, etc.)
Root or sudo privileges on the system.
A network connection between the server (NFS server) and clients (machines that will access the shared directories).

1. Install NFS Server Package

On Ubuntu / Debian based Linux systems:

a. First, update the package list

# apt update

b. Install the NFS server package

# apt install nfs-kernel-server

On CentOS/REL-based systems:

2. Install the NFS server package

      # yum install nfs-utils

Once the package is installed, ensure that the necessary services are enabled.

3. Create Shared Directory for file sharing

Decide which directory you want to share over NFS. If the directory doesn't exist, you can create one. For example:

# mkdir -p /nfs_srv_dir/nfs_share

Make sure the directory has the appropriate permissions so that the nfs clients can access it.

# chown nobody:nogroup /nfs_srv_dir/nfs_share
# chmod 755 /nfs_srv_dir/nfs_share

4. Configure NFS Exports ( /etc/exports file)

The NFS exports file (/etc/exports) is perhaps most important file you will have to create and deal with regularly to define the expored shares, this file contains the configuration settings for directories you want to share with other systems.

a. Open the /etc/exports file for editing:

vi /etc/exports

Add an entry for the directory you want to share. For example, if you're sharing /nfs_srv_dir/nfs_share and allowing access to all systems on the network (192.168.1.0/24), add the following line:

/nfs_srv_dir/nfs_share 192.168.1.0/24(rw,sync,no_subtree_check)

Here’s what each option means:

rw: Read and write access.
sync: Ensures that changes are written to disk before responding to the client.

Here is few lines of example of my working /etc/exports on my home running NFS server

/var/www 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/home/jordan 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/mnt/sda1/icons-frescoes/ 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/home/mobfiles 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/mnt/sda1/icons-frescoes/ 192.168.0.200/32(rw,no_root_squash,async,subtree_check)
/home/hipo/public_html 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/home/alex/public_html 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/home/necroleak/public_html 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/bashscripts 192.168.0.209/32(rw,no_root_squash,async,subtree_check)
/backups/Family-Videos 192.168.0.200/32(ro,no_root_squash,async,subtree_check)

5. Export the NFS Shares with exportfs command

Once the export file is configured, you need to inform the NFS server to start sharing the directory:

# exportfs -a

The -a flag will make it export all the sharings.

6. Start and Enable NFS Services

You need to start and enable the NFS server so it will run on system boot.

On Ubuntu / Debian Linux run the following commands:

# systemctl start nfs-kernel-server
# systemctl enable nfs-kernel-server

On CentOS / RHEL Linux:

# systemctl start nfs-server
# systemctl enable nfs-server

7. Allow NFS Traffic Through the Firewall

If your server has a firewall configured / enabled, you will need to allow NFS-related ports through the firewall.
These ports include 2049 TCP protocol Ports (NFS) and 111 (RPCbind) UDP and TCP protocol , and some additional ports.

On Ubuntu/Debian (assuming you are using ufw [UNCOMPLICATED FIREWALL]):

# ufw allow from 192.168.1.0/24 to any port nfs sudo ufw reload

On CentOS / RHEL Linux:

# firewall-cmd –permanent –add-service=nfs sudo firewall-cmd –permanent –add-service=mountd sudo firewall-cmd –permanent –add-service=rpc-bind sudo firewall-cmd –reload

8. Verify NFS Server is Running

To ensure the NFS server is running properly, use the following command:

# systemctl status nfs-kernel-server

# systemctl status nfs-server

You should see output indicating that the service is active and running.

9. Test the NFS Share (Client-Side)

To test the NFS share, you will need to mount it on a client machine. Here's how to mount it:

On the client machine, install the NFS client utilities:

Ubuntu / Debian Linux

# apt install nfs-common

For CentOS / RHEL Linux

# yum install nfs-utils

Create a mount point (Nomatter the distro),:

# mkdir -p /mnt/nfs_share

Mount the NFS share:

# mount -t nfs <nfs_server_ip>:/nfs_srv_dir/nfs_share /mnt/nfs_share

Replace <nfs_server_ip> with the IP address of the NFS server or DNS host alias if you have one defined in /etc/hosts file.

Verify that the share is mounted:

# df -h

You should see the NFS share listed under the mounted file systems.

10. Configure Auto-Mount at Boot (Optional)

To have the NFS share automatically mounted at boot, you can add an entry to the /etc/fstab file on the client machine.

Open /etc/fstab for editing:

# vi /etc/fstab

Add the following line:

<server-ip>:/nfs_srv_dir/nfs_share /mnt/nfs_share nfs defaults 0 0

Save and close the file.

The NFS share will now be automatically mounted whenever the system reboots.

Debug NFS configuration issues (basics)

You can continue to modify the /etc/exports file to share more directories or set specific access restrictions depending on your needs.

If you encounter any issues, checking the server logs or using

# exportfs -v
/var/www     192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/home/var_data     192.168.0.205/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/mnt/sda1/
       192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/mnt/sda2/info
       192.168.0.200/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/home/mobfiles   192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/home/var_data/public_html
       192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/var/public
       192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/neon/data
       192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/scripts     192.168.0.209/32(async,wdelay,hide,sec=sys,rw,secure,no_root_squash,no_all_squash)
/backups/data-limited
       192.168.0.200/32(async,wdelay,hide,sec=sys,ro,secure,no_root_squash,no_all_squash)
/disk/filetransfer
       192.168.0.200/23(async,wdelay,hide,sec=sys,ro,secure,no_root_squash,no_all_squash)
/public_shared/data
       192.168.0.200/23(async,wdelay,hide,sec=sys,ro,secure,no_root_squash,no_all_squash)

Of course there is much more to be said on that you can for example, check /var/log/messages /var/log/syslog and other logs that can give you hints about issues, as well as manually try to mount / unmount a NFS stuck share to know more on what is going on, but for a starter that should be enough.

command can help severely in troubleshooting the NFS configuration.

Sum it up what learned ?

We learned how to set up basic NFS server and mounted its shared directory on a client machine.
This is a great solution for centralized file sharing and collaboration on Linux systems (even though many companies are trying to not use it due to its lack of connection encryption for historical reasons NFS has been widely used over the years and has helped dramatically for the Internet as we know it to become the World Wide Web of today. Thus for a well secured network and perhaps not a critical files infrastructure, still NFS is a key player in file sharing among heterogenous networks for multitudes of Gigabytes or Terra Pentabytes of data you would like to share amoung your Personal Computers / Servers / Phones / Tablets and generally all kind of digital computer equipment devices.

Tags: access, alex, alias, ALL, ALLOW, allows, and, bash, clients, Create Shared Directory, file sharing, installed, list, machines, NFS, ports, Start, sudo, system boot, systemctl
Posted in Everyday Life, Linux, Linux and FreeBSD Desktop, Networking, NFS, System Administration | No Comments »

How to reboot stuck Iphone due to Appstore unable to close Pop-up

Friday, November 22nd, 2024

Recently Sonya Ankova which is the most famous youtuber that shares tons video on Orthodox Christianity and friend of mine has bought a brand new IPhone 13. As she is a complete startup with Iphone, just like i was in the old days, she had no idea how to configure the Phone Basics.
She as as a partially technical person do to the constant use of Computers to Edit and Create Videos captured Videos on her Camera and compile videos on various interesting topics on what is the Orthodox Christian believer approach to thinking and life philosophy, managed to Upgrade the Software of Iphone via WI-Fi connection to the latests shipped updates by Iphone and setup some very basic settings on the new Phone, in her desperate update to Migrate her old Android Phone to the new Iphone, but did not managed to completely succeed.

Thus as I already have some experience on setting up, my personal phone and 2 more friends iPhones I already had some knowledge and started configuring her Phone.

As a first logical step to be able to do anything further on the phone of course i had to configure AppStore and started creating her iCloud user that is as usually necessery for login and use of Apple Appstore Magazine.

First on trying to login to AppStore without still having the iCloud created by automatism the phone got locked up exactly on the screen where i have to fill in user login data and pass credentials and this annoying pop-up stayed on the screen even after trying to unlock and i couldn't remove the annoying thing in any way thus I had to find a way to resolve the issue and be able to reboot the phone and unlock and try to fill in the App store new account just created credentials from icloud.com, but that was not possible.

One approach of course is to wait for the Phone to Discharge on couple of days, but i needed a quick fix to continue with setup the phone so after quick googling I found the work around to such buggy stuff by forcing the Iphone to restart itself forcably.

On Iphone that is easy by:

iphone 12 buttons front copy

1. Quickly press and release the Volume Up button.

2. Quickly press and release the Volume Down button.

3. Press and hold the Side (right) button until the Apple logo appears, then release the Side button.

Not that the side right Phone button has to be kept press for about 15 to 30 secs to force the restart, otherwise just the restart
phone Prompt slider appears and you have to slide left to make the Phone restart (the slider did not work, however as the Pop Up from AppStore was blocking me to do anything on the Iphone screen.

After reboot the Phone booted normal and the PopUp from Appstore was no more and Unlocking the screen was possible with configured FaceID Recognition or PIN code unlock prompt.

I've read online that the Same Force Restart iPhone trick is very useful and very much loved by many people,

if due to Bugs or whatever your iPhone is dead frozen and doesn’t want to turn on.

There is a bug in recent generations of iPhones that you might want to be aware of, especially when traveling and heavily relying on your smartphone.

It might happen that all of a sudden your iPhone doesn't turn back on.

If the iPhone isn't responding and you can't turn it off and on, try forcing it to restart.

If Iphone Biten Apple doesn't rise up, don't hurry to you panic, make sure the iPhone is sufficiently charged by connecting it to a known good charger for at least 15 minutes.

Hope this little article helps someone with IPhone stuck, enjoy !

Tags: about, Account, after, ALL, and, annoying, annoying thing, ANY, apple, around, first, How to, IPhone, life philosophy, login, release, screen, trying, use, Videos
Posted in Linux, Mobile Phone Apps & Games, Various | No Comments »

How to Copy / Backup Windows USB drive from one USB to a second

Friday, October 18th, 2024

Did you know that when you copy all the files from a USB Drive you don’t copy all the data?

Did you know that there may be files that are not even visible?

In this tutorial you will discover how to copy all of your USB Drive sector by sector, that is to say, that you will see how to create a copy identical to your USB drive without missing anything!

This can be useful if you have formatted your USB stick in error and want to use it, you can create an image for the USB Drive on your computer and then you can recover the formatted data in the image afterward!

The software used in this tutorial is called ImageUSB, it is free, portable, and easy to use.

Don’t use this method if you want only to copy some files, use this to clone/backup your USB Drive with all its master boot record, partition tables, and data.

Let’s go!

Clone Your USB Drive with ImageUSB on Windows 10

Start by downloading and extracting ImageUSB from this official URL: https://www.osforensics.com/tools/write-usb-images.html

Double-click on imageUSB.exe .

Select your USB Drive from the list, select “Create image from USB drive“. Choose the location for the binary image file (.bin) that will be created from the USB drive.

Click on “Create“.Click “Yes” to confirm your choices.

imageusb clone usb flash drive backup restore 3 create image

Click “Yes” to overwrite the bin file in case it’s already there.

Wait for a couple of minutes…

After the image is created you should see this message. Click “OK“.

Now if you want to restore an image to your USB Drive, just select your USB Drive and choose “Write image to USB drive“. Choose your bin image and click on “Write“.

imageusb clone usb flash drive backup restore 7 write

This program is not recommended on different sizes USB Drives…
Use it mostly for backup/restore on the same USB Drive for your bootable software.

There you have it, the copy of USB to second USB completed !

Enjoy !

Tags: after, ALL, and, are, bin, binary, boot, called, case, choices, Click, clone, com, Computer, copy, couple, create, second, USB, www
Posted in Backups, System Administration, Windows | No Comments »

Recover lost / forgotten root password for CentOS 7 Linux / Boot CentOS 6 into Single User mode to reset admin pass

Friday, September 27th, 2024

If you have some old CentOS 7 Virtual machine hanging for a long time and you don't remember the root password or you don't remember where you have stored it, but you have something important as data left over, you might need to recover root password for your CentOS 7 Virtual Machine.

I recently had to resolve that issue and here is the few easy steps to take to recover the lost root password.

Assuming you have tried to boot the VM and the VM boots fine and your few attempts to input manually some default passwords of yours failed, next

1. Reboot the Virtual Machine to the GRUB boot menu

The GRUB boot screen should appear and be there for few secs

2. Edit the boot loader kernel options ( add add rd.break enforcing=0 )

How to reset root password on CentOS Linux - Clouvider

Press 'e' to Edit the boot loader and modify the boot commands options passed to the linux kernel.

In GRUB edit mode:

add rd.break enforcing=0

to the end of the line starting with linux at the end of passed parameters list as shown in the picture.

When done editing, press Ctrl-x (Control button x key simultaneously) to boot with changed parameters.

ALTERNATIVE WAY TO BOOT THE SYSTEM INTO ROOT WITHOUT PASSWORD PROMPT:

Alternative options to use instead of add rd.break.enforcing=0 are to substitute the rhgb quiet kernel option with init=/bin/bash

As you might wonder for the meaning of the passed 2 parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Another way is to

3. Boot in CentOS emergency mode and Reset the root password

When done editing, press Ctrl-x to boot with changed parameters.

As you might wonder for the meaning of the passed parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Whence system boots up with the modified kernel options cmd, the switch_root prompt will appear.
As the emerency mode boots the filesystem into read-only mode under /sysroot default directory, in order to be able to
modify the MD5 root password stored hash inside RO mounted /sysroot/etc/shadow you need to remount the Filesystme
in read-write mode.

To Remount the read-only file system /sysroot in write mode:

# mount -o remount,rw /sysroot

As the /sysroot is not the root directory to be able to use a standard passwd command you need to make /sysroot
as the default root folder for the booted linux by chrooting into it.

Generate MD5 password manually (for Hardcore masochistic admins 🙂 )

If you're a hard core linux sysadmin of course, generate your own new md5 password and directly modify /etc/shadow copy pasting the md5 string.

If you want to manually generate the md5 string, you can do it depending on the required encryption algorithm with:

For (md5, sha256, sha512) encrypted pass

# openssl passwd -6 -salt xyz yourpass

For (md5, sha256, sha512) encrypted pwd

# mkpasswd –method=SHA-512 –stdin

For (des, md5, sha256, sha512) encrypted pw

# perl -e 'print crypt("YourPasswd", "salt", "sha512"),"\n"'

Once the string is generated;

# vim /etc/shadow

and exchange the old with new string for MD5

Change password with chroot (the easy common way)

remount read write the filesystem in emergency single user mode CentOS LINUX

# chroot /sysroot

That should drop you into another shell bash-4.x

Reset root user password in CentOS 7

# passwd
Changing password for user root.
New password:
Retype new password:

We need have to sync the entire filesystem we have to use the sync command, for novice sys admins who never heard about this command, below
short description:

The Linux sync command synchronizes cached data to permanent storage.
This data includes modified superblocks, modified inodes, delayed reads and writes, and others. sync uses several system calls:

sync()
syncfs()
fsync()
fdatasync()

For example, the sync command utilizes the sync() system call to write all buffered modifications to file data and metadata to an underlying storage device.

As a Linux systems administrator or developer, understanding the sync command can be crucial for efficient file synchronization. Additionally, sync can be helpful after crashes or when the file system becomes corrupted.

In this tutorial, we’ll explore the various aspects of the sync command. Also, we’ll see how we can use sync in different scenarios.

# sync

# exec /sbin/init

Try out the root password after booting normally into CentOS and the new set administrator pass should work.

Resetting forgotten (lost) root password on CentOS 6

The process is absolutely the same except on the Step 1 (in the modification of GRUB boot menu by pressing e key), add to

rhgb quiet

at the end one 'S'

This S character means 'boot CentOS into Single user mode'

rhgb quiet S

Then, press ENTER key and press b key to boot CentOS 6 into to single user mode.

Tags: about, absolutely, administrator, Admins, after, algorithm, ALL, com, command, default passwords, editing, filesystem, linux kernel, New, password, Reboot, Recover, root password, sync, www
Posted in CentOS, Linux, RedHat, System Administration | No Comments »

All Debian Linux package repository apt sources.list file for Debian versions 6, 7, 8, 9, 10, 11 and 12

Friday, May 31st, 2024

debian-package-management-repositories-for-all-distributions

If you have to administrate legacy Debian servers, that keeps hanging either for historical reasons or just because you didn't have time to upgrade it up to latest versions, machines that are hanging in the hangar or a mid office building Old server room, doing nothing but simply NAT (Network Address Translation), Proxying, serving traffic via Squid / Haproxy / Apache / Varnish or Nginx server but you still want to have the possibility to extend the OS even though it is out of date / End of Life reached and out of support as well as perhaps full of security holes, but due to its unvisibility on the Internet hanging in a Demilitarized network the machine stayed on the Local (DMZ)-ed network and still for example you need to install simple things for administration reasons locally on the machine, for example nmap or netcat or some of the network tools for monitoring such as iftop or iptraf etc. you might find out unfortunately that this is not possible anymore, because the configured /etc/apt/sources.list repository mirror is no longer available at its URL. Thus to restore the functioning of apt and apt-get pkg management tools on Debian you need to correct the broken missing package mirrors due to resructurings on the network with a correct ones, originally provided by Debian or eventually if this doesn't work a possible Debian package archive URL.

In this article, I'll simply provide such URLs you might use to correct your no longer functioning package manager due to package repositoriy unavailibility, below are the URLs (most of which that should be working as of year 2024). To resolve the issues edit and place the correct Debian version you're using.

1. Check the version of the Debian Linux

# cat /etc/debian_version
…

or use the universal way to check the linux OS, that should be working on almost all Linux distributions

# cat /etc/issue
Debian GNU/Linux 9 \n \l

2. Modify /etc/apt/sources.list and place URL according to Debian distro version

# vim /etc/apt/sources.list

3. Repositories URL list Original and Archived for .deb packages according to Debian distro release
Debian 6 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

Old Archived .deb repository for 6 Squeeze

deb http://archive.debian.org/debian squeeze main
deb http://archive.debian.org/debian squeeze-lts main

Debian 7 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

Old Archived .deb repository for Jessie (still working as of 2024) :

deb http://archive.debian.org/debian wheezy main contrib non-free
deb http://archive.debian.org/debian-security wheezy/updates main

( Security updates are not provided anymore.)

NOTE: If you get an error about keyrings, just install it

# apt-get install debian-archive-keyring

Debian 8 (Jessie)
Original .deb package repository with non-free included for Debian 8 "Jessie"

deb http://deb.debian.org/debian/ jessie main contrib non-free
deb http://ftp.debian.org/debian/ jessie-updates main contrib
deb http://security.debian.org/ jessie/updates main contrib non-free

Old Archived .deb repository for 8 Jessie (still working as of 2024):

deb http://archive.debian.org/debian/ jessie main non-free contrib
deb-src http://archive.debian.org/debian/ jessie main non-free contrib
deb http://archive.debian.org/debian-security/ jessie/updates main non-free contrib
deb-src http://archive.debian.org/debian-security/ jessie/updates main non-free contrib

# echo "Acquire::Check-Valid-Until false;" | tee -a /etc/apt/apt.conf.d/10-nocheckvalid

# apt-get update

# apt-get update && apt-get upgrade

If you need backports, first be warned that these are archived and no longer being updated; they may have security bugs or other major issues. They are not supported in any way.

deb http://archive.debian.org/debian/ jessie-backports main

Debian 9 (Stretch)
Original .deb package repository with non-free included for Debian 9 "Stretch":

deb http://deb.debian.org/debian/ stretch main contrib non-free
deb http://deb.debian.org/debian/ stretch-updates main contrib non-free
deb http://security.debian.org/ stretch/updates main contrib non-free

Archived old repository .deb for Stretch :

deb http://archive.debian.org/debian/ stretch main contrib non-free
deb http://archive.debian.org/debian/ stretch-proposed-updates main contrib non-free
deb http://archive.debian.org/debian-security stretch/updates main contrib non-free

Debian 10 (Buster)
Origian repository URL:

deb http://deb.debian.org/debian/ buster main non-free contrib
deb http://deb.debian.org/debian/ buster-updates main non-free contrib
deb http://security.debian.org/ buster/updates main non-free contrib

Fixing unworking backports for Debian 10 Buster

Change the /etc/apt/sources.list URL with this one

deb http://archive.debian.org/debian buster-backports main contrib non-free

If you want to list packages installed via the backports repository only, that needs to be replaced with newer versions (if such available from the repository)

# apt list –installed | grep backports
# dpkg –list | grep bpo
# dpkg –list | grep -E '^ii.*bpo.*'

ii libpopt0:amd64 1.18-2 amd64 lib for parsing cmdline parameters
ii libuutil3linux 2.0.3-9~bpo10+1 amd64 Solaris userland utility library for Linux
ii libzfs4linux 2.0.3-9~bpo10+1 amd64 OpenZFS filesystem library for Linux

Debian 11 (Bullseye)
Origianl repository address:

deb http://deb.debian.org/debian bullseye main contrib non-free
deb http://deb.debian.org/debian bullseye-updates main contrib non-free
deb http://security.debian.org/debian-security bullseye-security main contrib non-free

Debian 12 (Bookworm)
Original Repository :

deb http://deb.debian.org/debian bookworm main contrib non-free-firmware non-free
deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware non-free
deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free

Add Backports to sources.list

deb http://deb.debian.org/debian bookworm-backports main

Thats all, hopefully that would help some sysadmin out there. Enjoy !

Tags: about, administrate, Administration, ALL, amd64, amp, and, ANY, anymore, apache, apt-get, archive, are, article, available, being, Below, broken, bugs, building
Posted in Debian, Linux, Linux Package Management, Migration, OS Update, Remote System Administration, System Administration | No Comments »

Improve haproxy logging with custom log-format for better readiability

Friday, April 12th, 2024

Haproxy logging is a very big topic, worthy of many articles, but unfortunately not enough is written on the topic, perhaps for the reason haproxy is free software and most people who use it doesn't follow the philosophy of free software sharing but want to keep, the acquired knowledge on the topic for their own and if possible in the capitalist world most of us live to use it for a Load Balancer haproxy consultancy, consultancy fee or in their daily job as system administrators (web and middleware) or cloud specialist etc. 🙂

Having a good haproxy logging is very important as you need to debug issues with backend machines or some other devices throwing traffic to the HA Proxy.
Thus it is important to build a haproxy logging in a way that it provides most important information and the information is as simple as possible, so everyone can understand what is in without much effort and same time it contains enough debug information, to help you if you want to use the output logs with Graylog filters or process data with some monitoring advanced tool as Prometheus etc.

In our effort to optimize the way haproxy logs via a configured handler that sends the haproxy output to logging handler configured to log through rsyslog, we have done some experiments with logging arguments and came up with few variants, that we liked. In that article the idea is I share this set of logging parameters with hope to help some other guy that starts with haproxy to build a good logging readable and easy to process with scripts log output from haproxy.

The criterias for a decent haproxy logging used are:

1. Log should be simple but not dumb
2. Should be concrete (and not too much complicated)
3. Should be easy to read for the novice and advanced sysadmin

Before starting, have to say that building the logging format seems tedious task but to make it fit your preference could take a lot of time, especially as logging parameters naming is hard to remember, thus the haproxy logging documentation log-format description table comes really handy:

Haproxy log-format paremeters ASCII table

Please refer to the table for log-format defined variables :

+---+------+-----------------------------------------------+-------------+
| R | var  | field name (8.2.2 and 8.2.3 for description)  | type        |
+---+------+-----------------------------------------------+-------------+
|   | %o   | special variable, apply flags on all next var |             |
+---+------+-----------------------------------------------+-------------+
|   | %B   | bytes_read           (from server to client)  | numeric     |
| H | %CC  | captured_request_cookie                       | string      |
| H | %CS  | captured_response_cookie                      | string      |
|   | %H   | hostname                                      | string      |
| H | %HM  | HTTP method (ex: POST)                        | string      |
| H | %HP  | HTTP request URI without query string (path)  | string      |
| H | %HQ  | HTTP request URI query string (ex: ?bar=baz)  | string      |
| H | %HU  | HTTP request URI (ex: /foo?bar=baz)           | string      |
| H | %HV  | HTTP version (ex: HTTP/1.0)                   | string      |
|   | %ID  | unique-id                                     | string      |
|   | %ST  | status_code                                   | numeric     |
|   | %T   | gmt_date_time                                 | date        |
|   | %Ta  | Active time of the request (from TR to end)   | numeric     |
|   | %Tc  | Tc                                            | numeric     |
|   | %Td  | Td = Tt - (Tq + Tw + Tc + Tr)                 | numeric     |
|   | %Tl  | local_date_time                               | date        |
|   | %Th  | connection handshake time (SSL, PROXY proto)  | numeric     |
| H | %Ti  | idle time before the HTTP request             | numeric     |
| H | %Tq  | Th + Ti + TR                                  | numeric     |
| H | %TR  | time to receive the full request from 1st byte| numeric     |
| H | %Tr  | Tr (response time)                            | numeric     |
|   | %Ts  | timestamp                                     | numeric     |
|   | %Tt  | Tt                                            | numeric     |
|   | %Tw  | Tw                                            | numeric     |
|   | %U   | bytes_uploaded       (from client to server)  | numeric     |
|   | %ac  | actconn                                       | numeric     |
|   | %b   | backend_name                                  | string      |
|   | %bc  | beconn      (backend concurrent connections)  | numeric     |
|   | %bi  | backend_source_ip       (connecting address)  | IP          |
|   | %bp  | backend_source_port     (connecting address)  | numeric     |
|   | %bq  | backend_queue                                 | numeric     |
|   | %ci  | client_ip                 (accepted address)  | IP          |
|   | %cp  | client_port               (accepted address)  | numeric     |
|   | %f   | frontend_name                                 | string      |
|   | %fc  | feconn     (frontend concurrent connections)  | numeric     |
|   | %fi  | frontend_ip              (accepting address)  | IP          |
|   | %fp  | frontend_port            (accepting address)  | numeric     |
|   | %ft  | frontend_name_transport ('~' suffix for SSL)  | string      |
|   | %lc  | frontend_log_counter                          | numeric     |
|   | %hr  | captured_request_headers default style        | string      |
|   | %hrl | captured_request_headers CLF style            | string list |
|   | %hs  | captured_response_headers default style       | string      |
|   | %hsl | captured_response_headers CLF style           | string list |
|   | %ms  | accept date milliseconds (left-padded with 0) | numeric     |
|   | %pid | PID                                           | numeric     |
| H | %r   | http_request                                  | string      |
|   | %rc  | retries                                       | numeric     |
|   | %rt  | request_counter (HTTP req or TCP session)     | numeric     |
|   | %s   | server_name                                   | string      |
|   | %sc  | srv_conn     (server concurrent connections)  | numeric     |
|   | %si  | server_IP                   (target address)  | IP          |
|   | %sp  | server_port                 (target address)  | numeric     |
|   | %sq  | srv_queue                                     | numeric     |
| S | %sslc| ssl_ciphers (ex: AES-SHA)                     | string      |
| S | %sslv| ssl_version (ex: TLSv1)                       | string      |
|   | %t   | date_time      (with millisecond resolution)  | date        |
| H | %tr  | date_time of HTTP request                     | date        |
| H | %trg | gmt_date_time of start of HTTP request        | date        |
| H | %trl | local_date_time of start of HTTP request      | date        |
|   | %ts  | termination_state                             | string      |
| H | %tsc | termination_state with cookie status          | string      |
+---+------+-----------------------------------------------+-------------+
R = Restrictions : H = mode http only ; S = SSL only

Our custom log-format built in order to fulfill our needs is as this:

log-format %ci:%cp\ %H\ [%t]\ [%f\ %fi:%fp]\ [%b/%s\ %si:%sp]\ %Tw/%Tc/%Tt\ %B\ %ts\ %ac/%fc/%bc/%sc/%sq/%bq

Once you place the log-format as a default for all haproxy frontend / backends or for a custom defined ones, the output you will get when tailing the log is:

# tail -f /var/log/haproxy.log

Apr 5 21:47:19 10.42.73.83:23262 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:23.879] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME/bk_appserv3 10.75.226.88:61310] 1/0/55250 55 sD 4/2/1/0/0/0
Apr 5 21:48:14 10.42.73.83:57506 haproxy-fqdn-hostname.com [05/Apr/2024:21:47:18.925] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv1 10.35.242.134:61310] 1/0/55236 55 sD 4/2/1/0/0/0
Apr 5 21:49:09 10.42.73.83:46520 haproxy-fqdn-hostname.com [05/Apr/2024:21:48:13.956] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv2 10.75.226.89:61310] 1/0/55209 55 sD 4/2/1/0/0/0

If you don't care about extra space and logs being filled with more naming, another variant of above log-format, that makes it even more readable even for most novice sys admin or programmer would look like this:

log-format [%t]\ %H\ [IN_IP]\ %ci:%cp\ [FT_NAME]\ %f:%fp\ [FT_IP]\ %fi:%fp\ [BK_NAME]\ [%b/%s:%sp]\ [BK_IP]\ %si:%sp\ [TIME_WAIT]\ {%Tw/%Tc/%Tt}\ [CONN_STATE]\ {%B\ %ts}\ [STATUS]\ [%ac/%fc/%bc/%sc/%sq/%bq]

Once you apply the config test the haproxy.cfg to make sure no syntax errors during copy / paste from this page

haproxy-serv:~# haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid

Next restart graceously haproxy

haproxy-serv:~# /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)

Once you reload haproxy graceously without loosing the established connections in stead of restarting it completely via systemd sysctl restart haproxy:

2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.200.198.195:50714 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:03.012] [FrotnendProd 10.55.0.20:27800] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/1/0/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.189:54290 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:03.056] [FrotnendProd 10.55.0.20:27900] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/4/3/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.190:26778 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:03.134] [FrotnendProd 10.55.0.20:27900] [BackendProd/tsefas02s 10.35.242.134:27900] 1/-1/0 0 CC 4/4/3/0/0/0

Note that in that log localhost haproxy[pid] is written by rsyslog, you can filter it out by modifying rsyslogd configurations

The only problem with this log-format is not everyone wants to have to much repeating information pointer on which field is what, but I personally liked this one as well because using it even though occuping much more space, makes the log much easier to process with perl or python scripting for data visualize and very for programs that does data or even "big data" analysis.

Tags: about, address, admin, AES, ALL, and, another, are, article, better, connections, custom, data, fi, handy, haproxy, HTTP, Improve, logging, string
Posted in Haproxy, Linux, System Administration, Various | No Comments »

A Biography of one big Heart + His Holiness Patriarch Neophyte (Neofit) head of Bulgarian Orthodox Church

Friday, March 22nd, 2024

His-Holiness-Patriarch-Neofitos-with-Dikiri-and-Thrikiri-blessing-the-people

Patriarch Neophyte (Simeon Nikolov Dimitrov) was born on October 15, 1945 in Sofia from a highly pious family. His father was a simple railway man and his mother a maid (cleaner). His Mother was a famous in the Church as a good christian who was singing on the Church choire in some churches and had a great perseverance and love for the Christian faith, she was the one to push further his two boys Simeon and Dimitar to take the spiritual path within the Orthodox Church. One of them the older brother Dimitar Nikolov Dimitrov to later become A Proto-Psalt and Director and Head of Sofia's Saint Alexander Nevsky Cathedral Church choire for many years (the most prestigious place for people who graduated Church music) and the other to become our 7th Patriarch in order from the times of Physical Liberation of Bulgaria From Turkish Slavery and Spiritual liberation from the dictatorship of the Greek Orthodox Church with the restoration of the Bulgarian Church with the Bulgarian Exarchate.

At the age of twenty in 1965, he graduated from the Sofia Theological Seminary "St. Ioan Rilski / Saint John of Rila" (then the seminary moved due to communist party decision) at the Cherepish station nearby the Cherepish monastery, Vrachansko. He served two years of military mandatory service, and in 1971 he graduated from the Theological Academy "St. Kliment Ohridski".

After his specialization at the Moscow Theological Academy in Russia, where he received the title of "Candidate of Theology (COT)" in Church Music (COT equal to our Bulgarian "Phd / doctor") , in 1973 he was appointed a teacher of Choral Church Singing and became the conductor of the student choir at the Theological Academy.

Archimandrite-Gelasij-of-new-York-later-picture-as-metropolitan-of-New-York-America

He began his monastic journey under the Spiritual eldership of Archimandrite Gelasius then abbot of the Troyan Monastery.

His monastic ordination in monkship was performed on August 3, 1975 by the previous Bulgarian Patriarch Maxim on the feast of Assumption of the Virgin Mary, August 15, 1975 , he was ordained to the rank of hierodeacon immediately, on March 25, 1976, Annunciation, he was raised in the Church hierarchy to hieromonk, and on November 21, 1977 ., Presentation of the Theotokos (The Entry of Most Holy Theotokos into the Temple), was raised to the Archimandrite dignity.

He then was assigned the obedience to be Protosyncellus (Protosingel) of the Sofia Metropolia in years 1981 to 1985.

His-All-Holiness-Patriarch-Neophytos-picture-as-young-Bishop-Levkijski-of-Bulgarian-Orthodox-Church

On December 18, 1985, he was ordained as the Bishop of Lefkias (Levkijski) a title earlier held by the all famous Levkijski Bishop Partenius (Partenij) in the Patriarchal Cathedral "Saint Alexander Nevsky" and was appointed as vicar bishop of the Metropolia of Sofia.

In 1989, he became rector of Sofia Theological Academy part of (Sofia University at that time), and in July 1991, when the Theological Academy returned to be the pre-revolutinary Faculty of Theology of the Sofia University "St. Kliment Ohridski", was elected the first dean of the restored Faculty of Theology.

His-Holiness-Neophytos-picture-as-Metropolitan-of-Ruse

Since January 27, 1992, he has been the chief Secretary of Holy Synod (A prestioug position) until March 27, 1994, when Bishop Neophyte was elected Metropolitan of Dorostolo-Cherven.eparchy (which is now separated in two separate aparchies (The Eparchy of Ruse and Eparchy of Dorostol – the ancient Roman area Dorostorum)

By decision of the Fifth Church-People's Council in 2001, with the consent and approval of the Holy Synod Assembly of metropolitans, the diocese was divided into two (the Dorostol diocese was separated with the city of Silistra -the Ancient Istrum (Histria ancient city) and he began to be titled Metropolitan of Ruse.
In the function of metropolitan he has won the respect of both church and authorities.and he was given the respectful medal "Respected citizen of Ruse".

In 2008 metropolitan Neophyte received the very prestigious academic title "doctor honoris causa" of the Sofia University "Saint Kliment Ohridski". More about it here.

His-All-Holiness-Patriarch-Neophytos-Patriarch-of-Bulgaria-and-Metropolitan-of-Sofia

On 22 June 2010 he was given a medal "St. St. Cyril and Methodius" as a respectful act for his big contribution to development of Bulgarian Music and Culture.

On February 24, 2013, a Patriarchal Electoral Church Council was convened in Sofia and the people and all people were mostly troubled on who will be the next Patriarch in this muddy times.

Soon after his arise to patriarchical throne in 2013 he was given another medal he received "Glory and Honour" in 2013 by Russian Orthodox Church.
Every Church member of that time was troubled about the future of the Bulgarian Orthodox Church, and everyone felt a big relief as The Synodal Elders elected Metropolitan Neophyte of Ruse to become the 7th Patriarch of Bulgaria after the restoration of the BPC-BP Bulgarian Church (Bulgarian Patriarchate) after so many years of being under the yoke of Byzantine Church and after liberation of Bulgaria, due to politics delicions and the harsh and anti-bulgarian activities of the Greeks in attempt to own the Church the church suffered its schism and returned its full communion to the family of national members of Holy Eastern Orthodox Church.
After his election His Holiness Patriarch Neofit is titled Metropolitan of Sofia.and Patriarch of Bulgaria.

Patriarch-Neophyte_signature-podpis

His-Holiness-Patriarch-Neophytos-head-of-Bulgarian-Orthodox-Church

Patriarch Neophyte has the fame of being one of the best church singers in Bulgaria and one of the best and most famous Church Hymns has been circulating throughout the public space the Internet / TV and Radio for the last 10+ years as they are invaluable due to the unique voice qualities of the Patriarch. I guess there is no person in Bulgaria and outside of it who did not heard his Paschal (Katavasia and Stychorions) Hymns.

Resurrection of Christ Katavasios and Stychorion Playlist with Patriarch Neophytos (Sung) Famous Eastern Orthodox Hymns Patriarch Neofit passed away on 13 of March 2024 after a months of sickness after being hospitalized on 29 November 2023 in VMA (Army Medical Academy) due to pulmonary disease (later to understand it is a cancer in its latests stages). In his last days in hospital, the Holy Synod summoned all the Churches and people to pray fervently for the quick recovery of the patriarch through a miracle.
Patriarch Neofit passed away silently his clean holy Soul to Christ on 13 of March 2024.
His brother Proto-Psalt (associated professor) Dimitar also passed on on 11 January 2024.

Patriarch Neophytos and his brothre Proto-Psalt Dimitar

Protopsalt Dimitar Dimitrov a brother of the Patriarch passed just 2 days after a famous Metropolitan of Joanichius has passed away to Christ on 9 January 2024 in 82 years of old.

His-Holiness-Mitropolit-Ioanikij-JoanichiusSlivenski
His Holiness Metropolitan Joanichius

Patriarch Neofit and Metropolitan Joanichius

The personality of Patriarch Neophytos was non-conflict, a lover of peace and compromises, anti-war (i would say pacifist in modern terms) and was among the few patriarchs not being in fear or influenced by the overall Church politics of the Russian Church and he publicly condemned the war as a great evil in his Theophany preach.

"The Lord God and the Holy Church bless only that army that does not show aggression, and whose sole purpose is to protect and defend its people and country within its internationally recognized territorial borders," said the patriarch for the feast of Epiphany water sanctification and sprinkling of battle flags.

The patriarch position was to try to reconcile the clergy and try to heal the misunderstandings and human conflicts between his God given flock of Priest, Monks, Bishops and Clergy with true fatherhood love, prayer and a lot of patience that we the people of 21 century miss so badly.
With a lot of sadness we send our beloved Patriarch Neophytos (Neofit) of Bulgaria to the All Mighty God and Pray if he has received a Grace from God to Pray fervently and Always for us his poor pupils and childs!

his-Holiness-Patriarh-Neofit-treti-mart-pic

God Have Mercy on the Soul of Patriarch Neophytos ! Blessed and Eternal to be his Memory ! Amen !

Tags: about, after, age, ALL, amen, and, another, anti, are, bg, Bishop Neophyte, communist party, due, February, Metropolitan, Temple, times, title, two, years
Posted in Christianity, Curious Facts, Educational, Various | 2 Comments »

Windows 10 ovewrites BIOS with Updates,few things on Windows and how to activate legacy Microsoft Office installation from Command Line

Wednesday, February 14th, 2024

Dell-Vostro-3250-i5-8GB-1TB-disk-DVD-Windows-10-Professional-activate-office-2016.

Recently I've had to help a Priest friend to re-install a Computer with Windows 10 that was messed up, because running for few years and I guess got some malware and viruses and was running really sluggish and not booting every time.
Re-installing Windows is part of the things we as system administrators do for ages, and especially start up Computer geeks used to the in the past. But in the past the experience was much better, as things used to work and the cloud was not messing up with our data and the sys admin has been really the supreme Commander of the Operating System and have the absolute rights to manage the OS, which is not the keys anymore as Windows-es connect to their own cloud to do stuff in the background through many of the multiple Windows undocumented closed services (processes) running in the background of the OS, to leak your data to Microsoft.

But anyways, enought rant the specific task i had to is to reinstall, the Windows 10 Professional OS which we was running on old Dell Vostro 3250 i5 intell process desktop PC with 1 Terabyte of SATA and 2 x 4 GB Banks of memory.

Before the update I've picked up a second hand 2 banks of DDR L3 memory each 8 Gygabites and updated memory as well as upgraded the conventional SATA disk to 480 GB Kingston SSD to increase the I/O speed that is one of the main reasons besides being Bloated with malware, why this computer was running so sluggish.
For those who did not hear, since the last 4 years, it is a big problem for any old computer who did not exchanged the old SATA disk drive to Solid State Drive, due to some of the Windows Updates. that I guess included additional spying Software on a Windows service level, the computer, even having a legally bought license, from some of the online stores, starts reading rapidly from the hard drive, generating high loads of traffic on both the disk as well as the network, sending your stuff to Microsoft probably for Approval by Bill Gates 🙂

So to work around but not solve, this issue one option is to just enpower the PC with a faster I/O drive as SSD. I also learned it is preatty interesting that nowadays, Microsoft became so invasive, that with Regular Windows Updates and Optional Ones, they change already configured settings from the BIOS.

!!! AND EVEN WORSE SOME OF THE UPDATES COMPLETELY OVERWRITE THE BIOS or UEFI with an executable CHUNKS, that makes you privacy bloated, as you have no way to stop microsoft to mess up with your computer, which is a complete disaster especially for anyone who has a value for his data privacy !!!
It is insane but it is happening the most used Operating System is snooping on everyone and it seems, noone really cares to stop it !

But anyways as the friend of mine has a small business of running a small Photo Shop (that makes pictures for document ID passports), and he paid the Windows OS license and he and his wife who is the main person using the computer has little knowledge on computer and moving to Windows would be hard, especially because they need Micorosoft Word, Excel and Publisher to be on the PC and does not want to migrate from the already known Winblows interface.
After reinstalling, Windows and activating it with the legal serial key from the old PC on the Hardware upgraded PC, the next step was to install standard software on new Windows PCs, I do install such as browsers, Archiver tools (Winrar, 7-Zip), AdBlock Plus (ads blocker) and the rest of Standard software useful to install on new Windows PCs

And of course Microsoft Office 2016, which was also laying on the old computer, to pick up the Micorosoft Professional Plus 2016 old Serial Key used;
a small but very useful, Open Source freeware tool Lazesoft Windows Key Finder that's purpose is to SHOW YOU ON SCREEN Windows OEM key and Office serials on mostly all Windows Versions, Windows Server 2003 / 2008 / 2012 2016 and Desktop versions XP / Vista / 7 / 8 / 10.

Once getting the microsoft key, the next drama was to find Microsoft Office 2016, it seems nowadays, old desktop (non 365 or non-cloud) versions of Win Office are officially not available anymore on Microsoft official download sources, so I had to download a install version from a Torrent (Zamunda), but those who out of Bulgaria could use something like RuTorrent or any local Torrent (if that is not totally prohibited by legislation).

Then once installed the Office, I did not use the Office crack, that with the Torrent but instead tried to activate, normally via the Microsoft Word menus, to fill in the Activation key, there was not possible, as the prompt said, that I had to login to Micorosft account, and that I'm not the system administrator ?!?!

The exact message as you can see on below screenshot was:

"This product is not licensed. Connect to your corporate network or contact your system administrator fur further assistance."

As i'm a console guy and it turned out to be interesting for me how the activation can be achieved via a command line and after few minutes of googling managed to be able to activate the office via the command line (or at least that was the Windows Administrator cmd line said).

C:\Windows\system32>cd "C:\Program Files\Microsoft Office\Office16"

C:\Program Files\Microsoft Office\Office16>cscript ospp.vbs /inpkey:XPNVK-8JYDB-WJJFW3-YJJ8YR-WFG98
Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.

—Processing————————–
—————————————
ERROR CODE: 0xC004F050
ERROR DESCRIPTION: The Software Licensing Service reported that the product key is invalid.
—————————————
—Exiting—————————–

C:\Program Files\Microsoft Office\Office16>cscript ospp.vbs /inpkey:XQNVK-8JYDB-WJ9W3-YJ8YR-WFG99
Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.

—Processing————————–
—————————————
<Product key installation successful>
—————————————
—Exiting—————————–

Note that this method does not really works, always I tried with another version of Microsoft Office Plus downloaded from a different source, just for the test to see whether this command line Windows Office activator is universal, but it did not work, as on the other Office Plus release for some reason the ospp.vbs script used in above exaple was missing.

Anyways once logged to the Microsoft account to (easify the surveillance for Microsoft and his Monstrous spy cloud corporation), the activation is possible, but anyways you should still move the cloud in short term to keep the service still up and running, if you still want to be able to use your Winblows 🙂

The other option is to move to Linux kernel based OS but still you have to go for a real fully free GNU / Linux such as Trisquel, Dynebolic, PureOS, Ututu S, Guix, Parabola, Hyperbola or Dragora, and look up for a fully compatible hardware with those ones or otherwise use some mainstream distribution such as Ubuntu and have a Linux kernel with millions of corporate shipped code and non-free firmwares (that are most likely full of back doors to enable some kind of spy or access to your PC).

Tadam, seems we're close to George Orwell's 1984 and Aldous Huxley's Brave New World, but most people still don't know it!

I'm writting this kind of rant article just to bring up your focus to Defend your Digital freedom as much as you can and keep off the non-free stuff as much as you can, if you want to stay at least partially free.

Tags: access, Account, Activate, activation, Adblock Plus, admin, administrator, after, Aldous Huxley, ALL, and, another, ANY, anymore, Anyways, are, around, article, available, BACK
Posted in Educational, Various, Windows | No Comments »

Improve MobaXterm Best Windows terminal client with some additional settings tune ups / Install extra Linux Cygwin tools on MobaXterm and various post install configuration goodies

Friday, January 20th, 2023

mobaxterm-logo_400x400-terminal-client-tune-up-howto-for-a-new-install

Earlier I've written a an article MobaXTerm: A good gnome-terminal like tabbed SSH client for Windows / Windows Putty Tabs Alternative in which I've introduced the best in my opinion SSH / Telnet / VNC / RDP / Xserver in one Terminal client emulator for Windows operating systems.

The client has been around for quite some time and it has been improving rapidly over the last 10 years, where it now more looks like a separate Operating System than a single terminal client. It's size is quite compact as well and my opinion and every self respectiving developer, system administrator, IT geek or a hacker would definitely
use the mobaxterm at home or at work place on a daily. I guess some of my readers, who have already migrated SuperPutty / SecureCRT or Putty / XMing or whatever kind of exotic Remote SSH Console terminal is used could validate this 🙂

Therefore as I've set up Mobaxterm on a multiple computers all around, I've found it useful to write a small article with some post-install hints (tune ups) one can do immediately once he has installed the Desktop or Portable Apps version of mobaxterm on desktop PC / notebook.

1. Set up your bashrc server / command aliases

Lets say you need to setup some rules for connectivity via a socks proxy to dig holes over a harsh company firewalls or add
custom options to every ssh client attempt to remote server, or simply alias some of your servers with custom connectivity options and so on simply open vi / vim text editor from mobaxterm local terminal and place inside your rules, for example that could be anything like:

alias ssh='ssh -o stricthostkeychecking=no -o passwordauthentication=yes -o PreferredAuthentications=password -v'
alias sftp='sftp -o stricthostkeychecking=no -o passwordauthentication=yes -o PreferredAuthentications=password'
alias work-server='ssh UserName@work-server -v -o passwordauthentication=yes -o PreferredAuthentications=password'

alias proxy='ssh -D 3128 UserName@proxyIP-host1 -o ConnectTimeout=80'
alias proxy1='ssh -D 3128 UserName@proxy-host2 -p 443 -o ConnectTimeout=60'
alias proxy3='ssh -D 3128 Username@proxy-host3 -p 443 -o ConnectTimeout=60'

Simply open the terminal and setup whatever you require
export ftp_proxy="http://proxy-host:8080"
export https_proxy="https://proxy-host:8080"
export http_proxy="http://proxy-host:8080"
export HTTP_PROXY="http://proxy-host:8080"
export HTTPS_PROXY="http://proxy-host:8080"

2. Set mobaxterm presistent directory / persistent root directory and default text editor

Make sure you have properly defined at least Persistent directory / Persistent directory if you want to keep the files under your /home/mobaxterm and root directory be able to save your data from local mobaxterm terminal work you have done.

To do so o to Configuration -> General

MobaXterm-persistent-home-directory

3. Change default settings for Opening / Closing Terminal tabs just like in gnome-terminal

MobaXterm is really awesome as the developer, followed pretty much the logic of some common GNU / Linux Terminal clients like Gnome-Terminal and KDE's default Konsole terminal.

One of the first things to do once Mobaxterm is installed on the PC is to set up nice key binds as default onces might be heard to learn at the beginning or you might have already the habit to use the certain set of key combinations on your Linux desktop:

Common once are:

1. Open tab / Close tab common once I bind to are (CTRL + T / CTRL + W)
2. Previous tab move / Next tab move keys common one I use are (ALT + LEFT / ALT + RIGHT)
3. Find in terminal (CTRL + F)

4. Make MobaXterm to automatically open a terminal to not Start local terminal every time

By default mobaxterm it is really annoying cause every time you run it after system reboot you have to select
Start local terminal
Once you run the terminal you get this prompt and you have to press on Start local terminal

How to make Mobaxterm automatically open local Terminal Tab on every boot?

To fix this so every time a local terminal is spawn on MobaXterm you have get to:

Settings -> Configuration -> Misc

Open the Following tab at startup by default it will be

<Home (Pinned)>

Change it to:

<Terminal>

That's it on next login your Local Terminal with /bin/bash.exe will auto load !

[hipo.WINDOWS-PC] ➤ env|grep -i SHELL
SHELL=/bin/bash.exe
PATH=/bin:/drives/c/Users/hipo/DOCUME~1
/MobaXterm/slash/bin:/drives/c/Windows:/drives/c/Windows/system32:/drives/c/Windows/system32:/drives/c/Windows:/drives/c/Windows/System32/Wbem:
/drives/c/Windows/System32/WindowsPowerShell/v1.0:/drives/c/Windows/sysnative
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
CMDPATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\sysnative\;
C:\Users\hipo\DOCUME~1\MobaXterm\slash\bin
WINPATH=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\sysnative\

5. Make menu buttons to appear smaller

Go to menu and select
View -> (Small Buttons)

6. Disable auto start of XServer to prevent a port listener on the machine on TCP port

By default mobaxterm opens XServer listener, so you can immediately connect from a remote SSH servers missing Xserver and install software requiring an XServer, for example software such as Oracle Database or some MiddleWare WebLogig or IBM's Web Sphere. This is useful but if you want to have a good security only allow this server on a purpose. Otherwise the XServer will run in parallel with rest of your Moba and just load up your PC and eat up some RAM memory. To disable it go to:

7. Change the mobaxterm Default theme to Dark

This is optional I like to set the Theme to Dark, also as a Theme for Windows as well as for MobaxTerm, the aim of that is simply to not put extra stress on my eye sight. Being on the PC around 8 to 10 hours and spending some 6 to 8 hours on console work is enough. If you want to do as well.

mobaxterm-change-default-theme-to-dark-theme

8. Install additional set of common Linux tools to mobaxterm to use on Windows

Tools such as:

1. Midnight Commander (mc)
2. Wget
3. Curl
4. Vim
5. Screen
6. Rsync
7. Perl
8. W3m
9. dosunix
10. unix2dos
11. gnupg
12. diffutils
13. mysql
14. mpg123
15. whois

If you want to have a set of packages pre-installed that are including above as well as the rest of mine, here is a dump of my installed mobapt manager packages:

For more simply use the experimental Mobaxterm Graphical Package installer

[hipo.WINDOWS-PC] ➤ for i in $(cat Downloads/installed-packages-mobaxterm.txt ); do apt-cyg install $i; done

Found package GeoIP-database

Installing GeoIP-database
Downloading GeoIP-database-20180505-1.tar.xz…
Unpacking GeoIP-database-20180505-1.tar.xz…

Running postinstall scripts
Package GeoIP-database installed.

Rebasing new libraries

Found package adwaita-icon-theme

Installing adwaita-icon-theme
Downloading adwaita-icon-theme-3.26.1-1.tar.xz…

…

You will be prompted for a single Yes for the respository

MobApt Packages Manager

Though it is said it is experimental, I have to say the MobApt Apt Manager works quite good, I never had any issues with it so far.

9. Mobaxterm.ini the settings storage file that can help you move your configurations

If you have to prepeare new MobaXterm on multiple PCs frequently perhaps it is best to just copy the Mobaxterm.ini file.
Here is an example of my mobaxterm.ini for download.

10. Change terminal colors and curor type and enable blinking (customizations)

Settings -> Configuration -> Terminal -> (Default Terminal Color Settings)

11. Use very useful moba Tools

For sysadmins Moba has plenty of other jems such as:

Network Port scanner such as Nmap with GUI
list open network ports (GUI interface to netmap)
SSH tunnel tool
Moba Diff
Wake on Lan
Network Packet capturer (such as tcpdump)
List running processes (such as taskmgr in simple form)
List machine hardware devices (such as Windows Device manager)

12. Remote monitoring of opened ssh session

To enable remote monitoring for a Saved session simply use the "Remote monitoring" button on the down left corner of the terminal.

Or to enable it for a new host, open:

1. "Saved sessions"
2. Click over "User sessions"
3. New Session -> (SSH)
4. Basic SSH Settings (Remote host) -> OK
5. Click over the new created session
6. Click on Remote monitoring for the opened session

13. Play some mobaxterm console games

As you might have pissed off of configuring go on and enjoy some of the great console games, some of which are also present on a normal Linux new distribution installation. 🙂

mobaxterm-list-of-games-screenshot

List of Moba Games

teamwalk-mobaxterm-console-connect-network-routers-game
TeamWalk (Use your mouse or keyboard to connect every server to the central router)

ctris-console-text-game-mobaxterm

Ctris Console tetris from Mobaxterm

solitaire-text-console-game-played-on-mobaxterm-screenshot

Text console Solitaire from Moba

Ninvaders-console-game-mobaxterm

Here is NinVaders (Text Version of Space Invaders Arcade Classic)

Enjoy ! 🙂

Tags: administrator, after, aim, alias, ALL, ALLOW, Alt, alternative, and, annoying, cause, Click, download, goodies, How to, Installing, Linux Cygwin, machine hardware, Opening Closing Terminal, Play, post, system administrator, Tools, various, Windows Device
Posted in Various, Windows | No Comments »

The short historical path of the Holy Relics of Saint Andrew the First-called of the Apostles of Christ

Friday, December 2nd, 2022

Why saint Andrew the Apostle is special for the Bulgarian Orthodox Church
and the Eastern Churches?

According to Church tradition saint Andrew the Apostle the First-called was the apostle from which wide areas of the Eastern lands was christianized, by his fervent preach of the Gospel and the good news of the Resurrection of Christ who suffered on the Cross for the salvation of mankind.
The Ecumenical Patriarchy of Constantinople and the Ancient Eastern Byzantium Church has received its apostleship in practice, exactly from st. Apostle Andrew.
During his apostleship mission saint Andrew has preached the Gospel and gave the faith for a first time in the Ist century according to Church tradition, as he passed by the Black sea borders, today part of which are in Bulgaria, he went through Romania, where he has spent some time living as a hermit in a cave and then up to Kiev and Scythia, where he made a prophecy that the Christian faith will put its Roots and that soon the pagan tribes of Kiev lands will accept the faith and put the Cross high over their lands.

When Bulgaria was later Christianized by saint Boris-Michael, and the Holy Bulgarian church was established on this lands thanks to the missionary works of Saint Kiril and Methodius, Saint Kliment of Ohrid, saint Gorazd, Naum, Sava, Angelarius and whole pleade of saints and teachers, Bulgaria has received, also the gift of priesthood and apostleship (has received its own hierarchy of bishops governing the Bulgarian Orthodox Church), thus by spiritual line the Holy Spirit here in Bulgaria was received from Saint Andrew, later this enlightnements achievement, the Books in Church Slavonic, the services and most importantly the Cyrllic alphabet was transffered from Bulgaria and later Serbia to the endless steppes territories of capital Kiev that was a capital of the Rus at that time and in all Scythia today the territories of Russia. Thus all the Byzantine Eastern Churches and Bulgaria

After the end of the persecution of Christians, in the 4th century AD, Saint Equal-to-the-Apostles Emperor Constantine the Great began to erect numerous Christian temples.

Among them was the temple of the Holy Apostles in the new capital of the empire – Constantinople. After the death of St. Constantine in 337, his son, Constantius, ascended the throne.
The new ruler, fulfilling the will of his father, decided to bring to the capital of the empire the holy relics of the Apostles Andrew, Luke, Timothy and lay them in the church of the Holy Apostles, where the Equal-to-the-Apostles Emperor himself was buried.

Originally, the holy relics of Saint Andrew the First-Called rested at the place of his martyrdom, in Patras, in the Peloponnese, Greece. According to Western tradition, a few days before the relics were transferred to Constantinople, Regulus, who was guarding them, removed the lid of the sarcophagus in which the relics of the Apostle rested, separated from them one shoulder, three fingers of the right hand, part of the knee and a tooth.

Holy right hand of saint Andrew the First-Called

With these relics Regulus left Patras and set out to preach the Gospel among the pagans inhabiting Scotland.
The inhabitants of the country welcomed the enlightener with great honor and together with their King accepted Holy Baptism.
In Scotland, the first Christian church was built in the name of Saint Andrew, in which parts of his holy relics were laid. Which played the role for Scotlands patron saint protector to become Saint Andrew the Apostle.

The deposition of the holy relics of Saint Apostle Andrew the First-Called in Constantinople took place on May 3, 357 in the presence of the Patriarch of Constantinople Macedonius I and Emperor Constantius.
In the 9th – 10th centuries, the Byzantine autocrats usually sent as a donation for the built monasteries and temples parts of the holy relics that rested in Constantinople, including the relics of the holy Apostles.

In the second half of the 9th century, following an urgent request and special intercession before the emperor, the honorable head of St. Apostle Andrew the First-Called was delivered to the St. Andrew's Church in the city of Patras, where it rested until the middle of the 15th century.

In 1460, to the walls of The army of the Ottoman Sultan Mohammed II was approaching the town of Patras. The Governor /Archon/ of the city of Patras, Thomas Paleologus (brother of the Byzantine Emperor Constantine XI, who died during the capture of Constantinople by the Turks in 1453, father of Princess Sofia, the future wife of the Grand Duke John III of Moscow), losing all hope of preserving independence of the city, took the precious and holy treasure of the city from St. Andrew's Church and arrived in Rome with it to collect funds and forces for the liberation of the Orthodox Christian East from the yoke of the infidels.

The holy head of St. Andrew the First-Called Apostle was in Rome until 1964, when, by the decision of Pope Paul VI, this shrine together with parts of the cross of St. Andrew was returned to the Greek Orthodox Church.

Now these relics are located in one of the largest cathedrals in the Balkans, Saint Andrew the First-Called in Patras, Greece, i.e. in this place where the first disciple of Christ preached and ended his martyr's earthly life.

X shaped cross of Saint Andrew according to medieval tradition

The honorable head of the Apostle rests on the throne in a silver coffin, and behind the throne – saint Andrew's cross-relic (according to middle-ages tradition to be X shaped cross) in which are embedded parts of the real cross of Saint Andrew, on which he was crucified.

Mount Athos received the hand of St. Andrew as a gift in the Great Lavra of Athos, founded by Saint Athanasius (the Great) at the request of his friend and companion and patron of the Byzantine emperor Nikephoros Phocas (963-969).
Parts of the holy relics of holy Apostle are also kept in other monasteries on Mount Athos.

foot-of-saint-Andrew-the-first-call-Apostle-holy-relic

Foot Relic of Saint Andrew the Apostle

Likewise, part of the forehead bone is kept in the Saint Andrew's hermitage (scythe), in the scythe of saint Prohet Elijah is preserved the foot of the Apostle.
This walking stick was given in 1806 by Hieromonk Dionysius /in Kyzikon (Kyzicheska) Diocese/, who left the eparchy with these relics from the monastery of Saint Marina, cause the monastery was
looted and sacked by the Turks.

In the Russian monastery of Saint Panteleimon on Holy Mount Athos, the second foot of the First Called Disciple of Christ is preserved.

Part of the relics of Saint Andrew also rest in the nun's monastery dedicated to his name, which is located on the island of Catalonia in the village of Peratata.

Fragments of the honest relics of the Apostle are also found in the monastery of Saint Nicholas on the island of Euboea.

Material written from sources according to information from the Holy Kiev-Pechersk Lavra, on the occasion of the stay from June 27 to 29, 2003 during which the the foot of St. Andrew the First-Called, was given for veneration from the monastery of saint Panteleimon, Mount Athos.

Transferring a part of the relics of Saint Andrew to the church dedicated to Saint Andrew in Sofia, Bulgaria

In 2001, the Metropolitan of Patras, Greece at that time Nicodemus, presented a piece of holy relics from the knee of Saint Andrew and a cross in which pieces of the cross on which St. Andrew the Apostle was crucified were placed.
On November 29, 2001, on the occasion of the feast of St. Andrew the First-Called, the Reliquary was carried in a litany procession from the Bulgarian Church Synodal Palace to the capital church "Свети Андрей Първозвани / (Saint Andrew the First-called)".

A Holy Liturgy was served which was attended by Their Eminences the Metropolitans: Metropolitan Kiril of Varna and Great Preslav, metropolitan Joseph of America and Australia, metr. Gelasius of New York, metr. Grigoriy of Velikoturno, metr. Neophyte of Dorostol and Cherven (currently Patriarch of Bulgaria) , metr. Gavriil (Gabriel) of Lovchan eparchy, His Eminence Bishop Nikolai of Znepol (then) and now metropolitan of Plovdiv, Patriarchal Vicar, Archimandrite Boris, the secretary of Holy Synod, numerous priests, the graduates of the Sofia Theological Seminary "Saint Ivan Rilski" and many laymen.

When the litany reached its destination, the church "Stsaint Andrew the First-Called", the relics were welcomed, received and placed in the church for worship by Patriarch Maxim (Rest In Peace). Immediately after that, Great Vespers with five loaves of bread as the orthodox tradition is, was served by the Most Reverend (then) Bishop of Znepol, Nikolay, together with Archimandrite Boris and the temple clergy. The Most Holy Patriarch Maxim (already in his 90s) and some of the bishops attended the service in prayer. After the service, the relics remained exposed for worship in the House of God, which was also open at night. It should be noted that this was the only Orthodox church in Bulgaria dedicated to saint Ap. Andrei.

Also, the fact that for the first time the relics of St. Apostle Andrew are coming to our country is important. Part of the relics were transferred to the church on the island of Saint Anastasia near Burgas in the diocese of Sliven.
The reason for the transferral of relics to st. Anastasia is that according to tradition, the Apostle Andrew himself passed through this island in his apostleship mission.

Every year on November 30 – Saint. Andrew's Day, in the church the holiday is celebrated with a solemn Holy Liturgy, celebrated by His Holiness the Bulgarian Patriarch and Metropolitan of Sofia (today Neofitos), and in his absence, by a bishop, visiting clergy and the church clergy.

From materials from Church newspaper (official newspaper of the Bulgarian Orthodox Church)

Tags: AD, after, ALL, and, Apostle, Apostles, are, Army, Australia, balkans, Baptism, bishop, bishops, black, bone, books, bread, brother, bulgaria, Bulgarian
Posted in Christianity, Everyday Life | No Comments »

Posts Tagged ‘ALL’

Prerequisites

1. Install NFS Server Package

On Ubuntu / Debian based Linux systems:

On CentOS/REL-based systems:

2. Install the NFS server package

3. Create Shared Directory for file sharing

4. Configure NFS Exports ( /etc/exports file)

5. Export the NFS Shares with exportfs command

6. Start and Enable NFS Services

On Ubuntu / Debian Linux run the following commands:

On CentOS / RHEL Linux:

7. Allow NFS Traffic Through the Firewall

On Ubuntu/Debian (assuming you are using ufw [UNCOMPLICATED FIREWALL]):

8. Verify NFS Server is Running

9. Test the NFS Share (Client-Side)

10. Configure Auto-Mount at Boot (Optional)

Sum it up what learned ?

if due to Bugs or whatever your iPhone is dead frozen and doesn’t want to turn on.

Clone Your USB Drive with ImageUSB on Windows 10

Haproxy log-format paremeters ASCII table

1. Set up your bashrc server / command aliases

2. Set mobaxterm presistent directory / persistent root directory and default text editor

3. Change default settings for Opening / Closing Terminal tabs just like in gnome-terminal

4. Make MobaXterm to automatically open a terminal to not Start local terminal every time

How to make Mobaxterm automatically open local Terminal Tab on every boot?

5. Make menu buttons to appear smaller

6. Disable auto start of XServer to prevent a port listener on the machine on TCP port

7. Change the mobaxterm Default theme to Dark

8. Install additional set of common Linux tools to mobaxterm to use on Windows

9. Mobaxterm.ini the settings storage file that can help you move your configurations

10. Change terminal colors and curor type and enable blinking (customizations)

Settings -> Configuration -> Terminal -> (Default Terminal Color Settings)

11. Use very useful moba Tools

Network Port scanner such as Nmap with GUI

list open network ports (GUI interface to netmap)

SSH tunnel tool

Moba Diff

Wake on Lan

Network Packet capturer (such as tcpdump)

List running processes (such as taskmgr in simple form)

List machine hardware devices (such as Windows Device manager)

12. Remote monitoring of opened ssh session

13. Play some mobaxterm console games

Why saint Andrew the Apostle is special for the Bulgarian Orthodox Church and the Eastern Churches?

Transferring a part of the relics of Saint Andrew to the church dedicated to Saint Andrew in Sofia, Bulgaria

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Tags

Top Post Views

blogtopsites

Why saint Andrew the Apostle is special for the Bulgarian Orthodox Church
and the Eastern Churches?