Activate and use wake on LAN in debian linux
Enable Wake-on-LAN: Enable Wake on LAN in BIOS
Add kernel option ‘acpi=on’ (to poweroff properly)
Add module option ‘enable_wol=1′ for module 3c59x in /etc/modutils/options
Add MAC addresses to /etc/ethers
Debian packages
apt-get install etherwake wakeonlan
Usage:
Poweroff machine with ‘poweroff’ or ’shutdown -h now’
Poweron machine with ‘etherwake ‘ or ‘etherwake ‘ as root from remote
Or poweron machine with ‘wakeonlan -i 192.168.1.255 ‘ as normal user from remote
http://support.dell.com/support/edocs/systems/ws340/en/ug/setup.htm#1104340
Tunneling rdesktop via SSH
ssh user@host -L 3389:windows.machine.tld:3389
Then rdesktop -u winuser localhost
This does not require anything to be installed on the remote linux box.
You can do multiple port forwards as well:
ssh user@host -L 3389:windows.machine.tld:3389 -L 9389:another.windows.machine:3389
Linux Remote Desktop to Windows XP/Server 2003
Install rdesktop
# apt-get install rdesktop
Connect to MS Windows 2003 server from Linux, type the following command at a shell prompt (connect to Windows server called ms2k3.mydomain.com)
$ rdesktop ms2k3.mydomain.com
Or connect to windows XP with IP 192.168.0.101:
$ rdesktop 192.168.0.101
Please note that you must first enable remote desktop connection under Windows Server/XP.
- Go to Windows XP Desktop
- Right Click on My Computer
- Select properties
- Select Remote tab
- Enable Remote desktop.
- Save the changes.
Make sure enterprise firewall allows incoming connection on TCP port 3389.
Happy remoting . . .
Establish Linux Remote Desktop to Vista Home Premium
Steps to Add Remote Desktop to Vista Home Premium:
- Download termsvr.zip here
- Extract Termsvr.zip to a temp directory
- Start “Command Prompt” in Administrator mode (Run As Administrator)
- Run the corresponding batch file for your Vista edition
- Allow TCP Port 3389 on Windows Firewall or any other firewall product.
- Done
Secure remote access of a home/private network using Remote Desktop Connection and Open Source SSH package(s)
Secure remote access of a private network
using copSSH, PuTTY and Remote Desktop
Secure Shell (SSH)
What is Secure Shell (SSH) from Wikipedia
Remote Desktop
(from the online version – Windows XP Professional Resource Kit)
Remote Desktop provides access and control functionality from a remote location to a computer running the Microsoft® Windows® XP Professional operating system, giving you the flexibility to work on your Windows XP Professional–based computer from anywhere, anytime.
How-To and other information
Secure Shell (SSH)
-
Install copSSH server software
-
SSH Port forwarding through a firewall or router
Remote Desktop
-
Configure Remote Desktop on the Windows XP Pro host PC
PuTTY and Remote Desktop
-
Addressing the SSH server
-
Connect to the remote PC using Remote Desktop and SSH
-
Remote Desktop Tip: Disable the host desktop wallpaper to speed up the connection
Securing the copSSH Server
Install the copSSH server
The example installation is from an installation on a Windows XP Professional desktop PC
-
Login as an Administrator or as a user with Administrator privileges then download the free copSSH server software to a temporary folder on the host PC.
-
Navigate to the temporary folder and double-click on the copSSH server install package. Install as directed including activating users. Note that in order to log onto the copSSH server PC as a SSH user the account must be local to the copSSH server PC and be activated.
Port forwarding for SSH
Port forwarding of TCP Port 22 through any firewall/NAT/router is required if the user needs to access the SSH server from a remote location. The following example is from a Buffalo WBR-G54 4-Port Broadband Router/Wireless Access Point. The screen shot is current with the Buffalo v2.20 firmware release.
Port forwarding instructions for other routers may be found on the router manufacturers support web pages, in the router Users Guides or on the PortForward.com web site.
NOTE – For Windows XP SP2 Windows Firewall users: If the Windows XP SP2 Windows Firewall is used on a PC connected directly to the public internet, the firewall can be configured to allow SSH by adding a new port description in the Exceptions tab.
The Open Port Check tool
The CanYouSeeMe.org site Open Port Check tool can quickly tell you if port forwarding through local firewall/NAT/router devices is proper configured and working correctly. You can use this site to help troubleshoot SSH firewall/connectivity issues. Note that you should run this test from the SSH server PC.
Configure the Windows XP Professional Remote Desktop host PC
See this Windows XP Professional Resource Kit Enabling Remote Desktop section.
Configure Remote Desktop Users
See the Enabling Users to Connect to the Computer running Windows XP Professional section from the Windows XP Professional Resource Kit. Remote Desktop users should use a strong password as an added security practice.
Remote SSH server addressing
Calling the SSH server PC from a remote location is accomplished using the public IP address, as assigned by the ISP, or fully qualified domain name of the PC or router/NAT/firewall. To find the public IP open Internet Explorer on the PC at the remote location and go to sites like http://checkip.dyndns.org/ or http://www.whatismyip.com/ and note the reported IP address. If the firewall/NAT/router is configured correctly, the call will be successfully passed to the appropriate PC.
If the ISP assigns a dynamic IP then another solution is to setup an account with one of the dynamic naming services that map a fully qualified domain name to the IP. In my case I use a FREE service from No-IP.com. The No-IP.com software runs on a XP Pro box and on a time schedule basis contacts the No-IP.com servers. The No-IP.com servers then know what the public IP is and maps that to a fully qualified domain name. That information is then propagated over the public internet. You then call the SSH server PC using the fully qualified domain name.
Install and configure PuTTY on the remote Client PC
The example installation is from an installation on a Windows XP Professional desktop PC client
Download the PuTTY software file and save to a folder on the client PC. I recommend creating a C:\Program Files\PuTTY folder and saving the downloaded file there.
Navigate to the folder and double-click on the PuTTY.exe file. Click on the Window and Appearance tabs and configure as needed.
To configure port forwarding for the example network click on Tunnels and for Remote Desktop enter a Source port of 3390. Enter a Destination IP or name and port number of 3389 using a colon separator character. An example is for a Remote Desktop session to the PC Ashtabula. Tap the Add button. Repeat for additional Remote Desktop host PCs. Use a different Source port for each additional Remote Desktop host PC.
Click on SSH and configure to Enable compression and use SSH 2 only. Click on Session and enter the public IP address or a fully qualified domain name of the SSH server PC. Enter a unique name in the Saved Sessions window and click on Save. Click on Open and login to the SSH server with the appropriate user and password information.
SSH Tunneling the Remote Desktop session
Establishing a Remote Desktop connection to more than one XP Pro PC through the SSH tunnel is easily accomplished once PuTTY is started and the user has successfully logged onto to the SSH server. On the remote client PC go to Start | All Programs | Accessories | Communications and tap on Remote Desktop Connection. For example use an address of localhost:3390 to connect to Ashtabula and an address of localhost:3391 to connect to Norman…
Various options can be modified by clicking the Options>> button. To initiate the Remote Desktop connection click on the Connect button.
Problems connecting using the localhost address
(from the online version – Microsoft KB Article 884020)
On a computer that is running Microsoft Windows XP with Service Pack 2 (SP2), programs that connect to IP addresses that are in the loopback address range may not work as you expect. For example, you may receive an error message that says that you cannot establish a connection. Windows XP SP2 users can download a patch from Microsoft that corrects this.
Disable the remote host desktop wallpaper
Users can speed up the rendering of the remote PC desktop display, particularly over slow data links, by disabling the display of the remote PC desktop wallpaper on the client PC’s. This can be configured on the Remote Desktop host PC using the Group Policy Editor. Run gpedit.msc and navigate to the Local Computer Policy | Computer Configuration | Administrative Templates | Windows Components | Terminal Services policies. Double click on the Enforce Removal of Remote Desktop Wallpaper policy and select Enable. Click OK to save the new configuration. Click on File | Exit to exit the Group Policy Editor.
reference: http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html
Secure Configuration for Vista Remote Desktop Protocol Host/Client Connections
First thing to do is edit the Group Policy Object: Run gpedit.msc (Figure A)
Figure A
Navigate to Computer Configuration | Administrative Templates | Windows Components | Terminal Services | Security (Figure B)
Figure B
Set the Encryption Level to High Level (Figure C)
Figure C
Set Require Secure RPC Communication to Enabled (Figure D)
Figure D
Set Require Use Of Specific Security Layer For Remote (RDP) Connections to SSL (TLS 1.0) (Figure E)
Figure E
Move to a different GPO section, Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options (Figure F)
Figure F
Enable FIPS mode (Figure G)
Figure G
Enable Remote Desktop from the System Properties Window (Figure H)
Figure H
Do a forced GPUpdate ( Figure I) to refresh the Group Policy
Figure I
Figure J shows a successful update.
Figure J
Secure RDP 6.0 client configuration
Launch the RDP client using the MSTSC command (Figure K).
Note: Windows 2003 and XP users must download and install RDP 6.0 clients, whereas Vista comes with the correct client.
Figure K
Enter the name of the server, noting that this initial process should happen on the LAN first. For this example, we’re going to an RDP host machine called “msi-p965,” (Figure L). This is not a fully qualified name, and it will work only on the same subnet LAN for now. It’s possible to enter a redirect entry into the local host file pointing to an IP or dynamic DNS address so that you can access “msi-p965″ or whatever you call your machine from the public Internet. However, we’ll leave that for a follow-up article. For now, we’re talking about just the immediate LAN.
Figure L
Expand out Options (Figure M)
Figure M
Set the display to your liking using the options (Figure N)
Figure N
Specify whether you want sound, printers, or the Clipboard to work on the Local Resources tab (Figure O)
Figure O
Specify any programs you want to launch upon connection on the Programs tab (Figure P)
Figure P
Specify how you want the remote desktop to look using the settings (Figure Q).
Figure Q
On the Advanced tab (Figure R), set the RDP client to warn you if the RDP server fails to prove its authenticity.
Figure R
Click Settings and configure the options (Figure S).
Figure S
Go back to the General tab and click Save As to save your entire profile. You can save it to the desktop for easy access.
Click Connect and enter username and password (Figure T)
Figure T
The first time you connect, you’ll see the authentication warning (Figure U) telling you that the server’s certificate is not trusted (yet). To force it to be trusted in the future, click the View Certificate button.
Figure U
As you can see in Figure V, this self-signed cert generated by the Vista RDP host machine is valid for the next six months. Click on the Install Certificate button to add it to the CTL (Certificate Trust List).
Figure V
The Certificate Import Wizard will launch (Figure W). Click Next to proceed.
Figure W
Choose Place All Certificates In The Following Store and click the Browse button (Figure X)
Figure X
Select Show Physical Stores and highlight Local Computer (Figure Y)
Figure Y
Back in the Certificate Store screen (Figure Z) click Next.
Figure Z
Click the Finish button (Figure AA)
Figure AA
Click OK.
Figure AB
At this point, you’ll be securely connected to the Vista RDP host, but more important, future connections to the remote machine won’t result in any warning signs or even password prompts. It will simply connect in a secure manner, and any warning signs must be viewed with a critical eye.
What happens when you try to connect to this host via IP address or a dynamic DNS entry from the public Internet? If you try to connect by any name other than the one you used to originally generate the certificate, you will see a warning like the one (Figure AC). You can tell it to connect anyway and choose Don’t Prompt Me Again For Connections To This Computer.
Figure AC
You’ll then get another warning (Figure AD), that tells you there’s a name mismatch and that the server name on the certificate is incorrect. This isn’t a bad thing. You can view the certificate and it will say it’s for your machine and that it’s trusted. You’re just seeing this warning because the RDP client is comparing the name on the certificate with the name of the computer you’re connecting to. For this example, I was trying to connect to “192.168.1.2″ and not the remote machine name, so the computer warned me that they didn’t match. Since I intended to connect to that IP address or some other publicly resolvable DNS name on the public Internet, and since the certificate was valid, I knew I wasn’t being deceived. So I was comfortable clicking Yes to connect anyway.
Figure AD
But what if a hacker poses as your server with a made-up certificate? In that case, you’ll see the warning (Figure AE) telling you that not only does the name not match, the certificate isn’t even from a trusted certifying authority. If you see this kind of error when you’ve already gone through the certificate installation procedure from Figure U to Figure AB, you know someone is trying to dupe you. You should click No and not connect to the server. If you attempt to make the connection anyway, you’ll reveal enough of your credentials for the hacker to quickly run a dictionary attack to find your password.
Figure AE
If this seems like a rather complex process just to get no warning signs for an RDP connection, it is–but it’s the only practical way to establish a secure and trusted connection. Fortunately, you have to do it only once, and all subsequent connections are secure and hassle free. Believe it or not, you’ve essentially created your own PKI certificate on the RDP host and installed a Certificate Authority on the client computer. This level of security using a Public Key Exchange is used to secure e-commerce transactions. On an enterprise level, this entire procedure with GPO settings and digital certificates can actually be automated on both the server and the client side using Active Directory Group Policies, but now you know how it all works.
In a future article, I’ll show you how to set up a free dynamic DNS entry that’s publicly resolvable and that points to your home dynamic IP broadband service. When everything is secure, we’ll trick the client machine into not generating any more warning messages at all.
Reference: http://articles.techrepublic.com.com/5100-10878_11-6166676.html
Allow Vista to access XP USB-Connected printer
Scenario:
My father-in-law purchased a new Vista laptop to be used wirelessly in the house. He had a XP desktop for years connecting to an old HP AIO printer (HP PSC 1210 xi). He wanted to make the printer available to the new laptop. He could print from the XP without problem. However, if he tried to add a printer from the laptop running Vista Home Premium, the search for a network printer revealed the printer perfectly. When, however, he tried to add it, he would receive an access denied message.
Here is the solution:
1) Turn on and configure File and print sharing on the XP desktop machine.
2) Open the the shared location of the printer (Shared Printers Folder) on XP desktop from your Vista laptop
3) Launch the “Add a Printer” wizard on Vista laptop
a) Choose “Add a local printer”
b) Select “Create a new port” radio button
c) Choose “Local Port” from the drop down menu
d) Press Next
e) Enter the Shared Printers Folder path (such as, \\WinXP\PrinterSharedFolder) from step 2 above in the “Enter Port Name:” box
f) Select the Printer driver from the list provided or use the “Have Disk” button to install the correct Vista driver.
g) Press next
h) Enter name for the newly added printer and choose whether to set as the default.
i) Press Next
j) Print a test page to verify, if necessary
k) Press Finish
Now my father-in-law can print from the desktop and the laptop, though the desktop must turn on when printing from the laptop.
What prevents you from migrating from Windows to Linux
I am always wondering other people’s reasons not to migrate from Windows to Linux. What is yours?
Mount, read and write from NTFS partitions on Linux
Want to access to your existing Windows partition in Linux machine, here is a simple procedure:
1. Download NTFS-3G (which will provide safe and fast handling of the Windows XP, Windows Server 2003, Windows 2000 and Windows Vista file systems) fromhttp://www.ntfs-3g.org/
2. Install the file:
# tar -zxvf ntfs-3g-1.5012.tgz
# cd ntfs-3g-1.5012
# ./configure
# make
# make install
3. Download the specific kernel module rpm from linux-ntfs.org
[to check your current Linux kernel version, use uname -rm: if it returns, for instance, 2.6.18-92.1.13.e15 i686, then you should download kernel-module-ntfs-2.6.18-92.1.13.e15....i686.rpm]
4. Install:
# rpm -ivh kernel-module-ntfs-2.6.18-92.1.13.e15….i686.rpm
5. Now you may check the partitions to be mounted:
# fdisk -l | grep NTFS
6. The listed NTFS partitions can be mountable:
# mkdir /mnt/ntfs
# mount -r -o umask=0222 -t ntfs /dev/hda1 /mnt/ntfs
7. To list the files/directories in the NTFS disk:
# cd /mnt/ntfs
# ls -al
8. To automatically mount the drive during start-up:
# vi /etc/fstab
and add the following line at the bottom of the file:
/dev/hda1 /mnt/ntfs ntfs-3g defaults 0 0
9. Reboot the system.
# reboot
