The Lone Sysadmin

End Anonymous Conference Feedback

February 15, 2019 by Bob Plankers

There’s a lot of talk lately about the terrible, horrible, sexist, racist, misogynist, and generally unconstructive feedback that presenters get at conferences: This is on top of feedback where an attendee gives a presenter one star because the food wasn’t what they wanted, or they sat next to someone smelly, the room was cold, an “intro” talk wasn’t technical enough, or an “advanced” talk was too technical. Those things are out of the control of the presenter, and by giving the presenter a bad rating the attendee is jeopardizing that presenter ever being able to speak at the conference again. Not that I’m bitter, though it was pretty eye-opening to how juvenile and toxic the Linux community is when you …

Out-of-Office Messages are a Security Risk

February 3, 2019 by Bob Plankers

Every once in a while I get asked why I don’t have an out-of-office message for my email or voice mail. Truth is, I’ll often monitor my email even when I’m out, though I often practice good operations discipline by not responding. Just as intermittent problems with computer systems are hard to deal with, a staff member that’s supposed to be gone but isn’t acting like it is just as confusing. Humans can, and should, drain-stop and remove themselves from clusters for maintenance, too. Sometimes I’m really out of the office, though, crawling around in the backcountry wilderness or on an island somewhere. I’ll do it if I have to, but even then I don’t like setting an automatic response. …

Free, Like a Puppy

January 24, 2019 by Bob Plankers

I’ve found that things that are free of charge are often not a good deal. TANSTAAFL, or “There ain’t no such thing as a free lunch.” You’re always paying in some way. Maybe the piece of hardware is marked up more to cover the development cost of the “free” software that comes with it. Perhaps it’s the drug dealer model, where the first one is free to get you hooked. Sometimes you’re the product, and the “free” thing is spying on you with the hopes of making more money from ads or sales later. Certainly nearly every “free” web service is structured that way. Beyond monetary cost, though, you paying for things with your time. “Free” things often fall into …

Retrieve an SSL Certificate from a Server With OpenSSL

November 26, 2018 by Bob Plankers

I was setting up VMware vRealize Automation’s Active Directory connections the other day and I needed the public SSL certificate for the AD DCs to authenticate correctly. You can use OpenSSL to get that information. I used a Linux shell but this should be do-able from a Mac or with OpenSSL installed on Windows, too. If you wanted to read the SSL certificates off this blog you could issue the following command, all on one line: openssl s_client -showcerts -servername lonesysadmin.net -connect lonesysadmin.net:443 < /dev/null In this case you’ll get a whole bunch of stuff back: CONNECTED(00000003)depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3verify return:1depth=1 C = US, O = Let’s Encrypt, CN = Let’s …

What You Need to Know About Upgrading to an iPhone Xs or Xr

November 21, 2018 by Bob Plankers

I just got a new iPhone Xs Max. I had an iPhone 6s which I liked a lot, but it’s been a few years and with more travel I thought I’d enjoy having a better device with me. There are a few things that bit me in the duff. Some two-factor authentication (2FA) apps like Duo or Google Authenticator store their data in the iPhone Secure Enclave, which isn’t backed up to iCloud or via iTunes. That means that when you switch devices (or if you lose your device) you could lose access to your accounts, or it’ll be a serious pain to regain access (which is the point of 2FA). So don’t trade in your old phone until you’ve …

CODE Keyboard

November 6, 2018 by Bob Plankers

“You spent $150 on a keyboard?” – My wife There are two kinds of people in technology: those with an opinion about their keyboard, and everybody else. I happen to be one of the first. I grew up using the IBM Model F and M keyboards. They have a spring in the key switches that buckles as you press down. That gives you two things: a prominent clicking sound from the keypress, and solid tactile feedback from the key. You definitely know when that key switch actuated. Years ago I had to give up my Model M keyboards. They’re built to last but it was getting harder to find working ones, it was getting inconvenient to adapt them to USB …

Joining VMware

November 2, 2018 by Bob Plankers

“We changed again, and yet again, and it was now too late and too far to go back, and I went on. And the mists had all solemnly risen now, and the world lay spread before me.” – Pip, Great Expectations Growing up the son of a firefighter and homemaker, I was fortunate to have been given the opportunity to go to college so many years ago. So in the autumn of the release of Windows 95 I left my childhood home to go to school at the University of Wisconsin – Madison. At four hours by car the UW was far enough away from my parents that they wouldn’t stop in randomly, but it was close enough that I could go …

Fixing X11 Forwarding Over SSH and with Sudo

July 6, 2018 by Bob Plankers

X11 forwarding over SSH not working? Not setting $DISPLAY correctly in your shell? Having problems with X11 and sudo? Yeah, me too. Total pain in the duff. Here’s what I do to fix it. I’m thinking about Linux when I write stuff like this but a lot of this has worked on AIX and Solaris, too. Make sure your SSH client supports X11 Forwarding and that it’s turned on. I use SecureCRT but I know it works in PuTTY as well. Once you turn it on in your client & save the settings you will need to reconnect, the forwarding is established with the connection. Ensure xauth and xterm are installed. You need xauth for this to work, and xterm …

Fixing Veeam Backup & Replication Proxy Install Errors

July 2, 2018 by Bob Plankers

Every once in a while I struggle a little to add a new Veeam Backup & Replication hot-add proxy. If you’re like me and seeing proxy install errors maybe some of these will fix you up. This is what worked for me on Windows Server 2016 when I was getting error 0x00000057, “Failed to create persistent connection to ADMIN$” and some other unhelpful messages. If you’re using a hardened Windows installation all bets are off, since the goal of hardening is to intentionally disrupt remote access. I’d get it running with as close to a stock Windows installation as possible and then work from there if you need to secure things further. There are also ways to manually install the Veeam …

vSphere 6.7 Will Not Run In My Lab: A Parable

May 24, 2018 by Bob Plankers

“Hey Bob, I tried installing vSphere 6.7 on my lab servers and it doesn’t work right. You tried using it yet? Been beating my head against a wall here.” “Yeah, I really like it. A lot. Like, resisting the urge to be irresponsible and upgrade everything. What are your lab servers?” I knew what he was going to say before he said it. “Dell PowerEdge R610s.” I was actually surprised it was that new, and rack-mountable. “Yeah, you’re out of luck. CPUs before the E3/E5/E7 family didn’t have VT-x extensions in them to make virtualization easy so VMware had to do this thing called binary translation. vSphere 6.5 was the last release that they supported that on because, frankly, it’s slow …

+ More Posts +