SSH Certificate login to Linux boxes (Rasberry-Pi) from Windows 10 and above

We all know passwords are dead 😀 Everyone should have Certificates to login to the remote system. It was always tricky to do it from window boxes. Putty is amazing tool but hard to do this type of logins

Thanks to MS terminal It’s now very easy. after installing the terminal create the public and private keys on your windows. On your PowerShell type below

ssh-keygen -t ed25519 -b 4096

Once you create the Private and public key

$USER_AT_HOST="your-user-name-on-host@hostname"
$PUBKEYPATH="$HOME\.ssh\id_ed25519.pub"

$pubKey=(Get-Content "$PUBKEYPATH" | Out-String); ssh "$USER_AT_HOST" "mkdir -p ~/.ssh && chmod 700 ~/.ssh && echo '${pubKey}' >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

This will copy your public key to the remote computer.

whenever you type ssh username@remotehost on the MS terminal this will login using the certificate

I got this from this MS doc where they go into details on how to do this very securely. This is just a quick to get it up and running read the doc and do it correctly

How to use Github for sysadmins

It\’s pretty basic stuff. It\’s for someone very new who works in an IT team who uses GitHub to deploy services/servers in azure/GCP/AWS etc. usually, they will have a terraform script we create a pull request, and someone will approve, and the CI tool will take over from there to do what we ask us to do. I will go through how we can set up CI etc. this is just a guide to deploy on an already setup system.

  • If you already not done this please setup your Mac PC or linux to use GitHub over the ssh key
  • On a business envirment you have to do more things ask your company IT team for that
  • Go to the script you want to edit on the web copy the ssh link \"\"/
  • type git clone git@github.com:1dustindavis/gorilla.git
  • go to the folder cd .\\gorilla\\
  • before you start working do a git pull
  • open the folder or the file you need to work with on Visual Studio code and edit the file basically copy the code and edit it to what you planning to do and save the changes
  • Create a branch git checkout -b \"create_a_branch_name\"
  • commit the chnages git commit -am \"I did something\"
  • to push it to remote git push --set-upstream origin create_a_branch_name
  • click on the remote pull link on the termain and create a pull request put all the details and submit
  • From above CI should take over if approved will do the things you requested

Some housekeeping things

  • when you create brunches it will automatically switch to that brunch if you want to request a main file do a git checkout main before you do a git pull
  • git branch wil list all the brunches you have
  • If you have too many brunches and want to remove them only leave the main one on the repo use git branch -D @(git branch | select-string -NotMatch \"main\" | Foreach {$_.Line.Trim()})

azure app proxy certificate setup windows 10

If you like me and need SSL certificate to upload azure apps and don\’t want to use azure internal ssl services

1st you need to create the CSR  if you have ubuntu bash install on your Windows 10 installation

start the ubuntu bash >

cd /mnt/c/users/user.account/Documents

mkdir newdomain_com

cd new domain_com

openssl req -new -newkey rsa:2048 -nodes -keyout newdomain_com.key -out inewdomain_com.csr

fill in the details for UK website please make sure you type GB

one you get your CSR go to any ssl cert provider and upload the csr.  ones they issue a cert copy the cert to the same folder

openssl pkcs12 -export -out newdomain_com.pfx -inkey newdomain_com.key -in newdomain_com.crt

make sure you type the password, on azure you need to upload the pfx file and the password and this will work

arduino/genuino uno vs clones

I have tried all 3 type of arduino/genuino uno clone boards now. so going to write the pro and cons of all this

1st the genuine board from http://www.arduino.cc

\"Arduino

no issue at all very well built and do what says on the tin, only issue is £20 so it\’s bit much to try crazy experiments or even to leave it some where.

2nd one is a clone

\"Elegoo

It\’s exactly like the genuine board but build quality is ok but can\’t compare to the original but this has exact same chip set even for the serial to usb to serial chip is same (atmega16u2) compare to other clone brands I tried this one is better. had no issue. reason to buy this is it\’s only £8 so I use it where there is a chance of chip will fry etc

3rd one is unbranded clone

\"fake

nothing wrong with it same as above but it\’s uses a CH340G serial to usb chip which is require drivers. even on the drivers you have to allow unsigned kernel extensions for this is install this drivers.
If you have a old mac dedicated for this work then fine. if you use your own machine this is risky. windows same (I think)

this board is only £3 pounds with delivery. you can use this for through away projects

my site is now on HTTPS

With all the government monitoring snoopers charters and open wifi access etc. I have SSLed my site using https://letsencrypt.org/

at-least now communication between my site and your browser will be safe. Not that I collect sensitive information. still they can\’t see the what is on the packets. ISP\’s still have to log what websites you visit no way to trick, other than to use a vpn out to some other countries but it is all a hassle.

any way I\’m not forcing the https yet so if you not on secure connection (green padlock icon on the browser) please use this link https://www.din100.net

Littlebits Lego like system for electronics

I do really like enjoy playing them, I have to home smart kit which was a given to me by my Mrs. Who will not enjoy turning a LED at home using the internet 🙂 It has lot of other things you can try,

power adapter doesn\’t work for us here in UK as it was set to the voltage 110v but every thing else works great. I can get converters but that is expensive way of turning on and off a light 🙂

If you guys interested http://littlebits.cc/kits/smart-home-kit UK supplier https://www.pi-supply.com/product/littlebits-smart-home-kit/

IPv6 in adaptation in UK

It\’s embarrassing now we not even on the top 25 countries to ipv6. Sweden on the top of the list we still trying to get the maximum out of ipv4. this is not good as ipv6 is good for every one. I have to fill in IP justification every time I need to get IPv4 addresses.
at home with tunneled ipv6 I can get /64 ip addreses that\’s 18,446,744,073,709,551,616 IPv6 addresses at home.

I cant wait for us to go native on ipv6 no need for NAT etc. it will be more secure as well. all the equipments are ready operating system are ready. because lack of demand isp\’s are don\’t want to do it.

Xbox promising faster speed on ipv6 will be a good sign of thing to come. even streaming services should move over will be good. Google is fully ready for ipv6 even facebook most of the Microsoft sites are but office 365 management on windows server doesn\’t work don\’t know MS fixed that yet.

hope we get rid ipv4 soon and move on a faster newer internet like Sweden

draytek 2860n and port based vlan

I know I wrote a good review of this product. I tried to do a simple port based vlan to share printers between 2 small companies.

it was a nightmare, didn\’t work at all on watchguard it would have been a 30 mins job.

with draytek support ask me to update firmware still no luck then they send me a beta firmware still the same issue.

only way I fixed it with beta firmware and factory reset the device and put all the setting backup on which worked. but took long time

I wouldn\’t recommend this if you thinking to do VLAN etc

Windows 8.1 haswell pc for bedroom under £350

Antec ISK 110 Mini ITX Case
Intel Core i3-4130 S1150 3.40GHz 3MB
Asus H87I-PLUS S1150 Intel H87 DDR3 mITX
Kingston HyperX Plug n Play 8GB (2 x 4GB) 1600MHz DDR3 Non-ECC CL9 DIMM (Kit of 2)
Kingston 120GB SSDNow V300 SATA 6Gb/s 2.5\” 7mm Solid State Drive

it\’s not a gaming pc but for what I was planning this is fine going to mount the pc case back of the monitor so it will save space.

motorola moto g amazing phone for the price

I hate long mobile phone contacts. All of my phone I use now I just buy it outright or got it as a gift ,and go for the monthly contract with a network, which gives me power to negotiate with carrier. every time I see a good deal even with a rubbish network I phone up o2 and ask me to match it more or less they do.Which I can\’t do if I cant do if I\’m on 24 months contract. you are stuck forever.

I know phones are very expensive upfront but you can find a good deal if you search around don\’t buy the phones from phone companies or places like carphonwarehouse phones4u etc etc. they mark up the phone prices so they can lock you in on long contracts.

I would say go for phones like , or even some nokia windows phones are good if you dont want google to know where and what you up to.