Running HTTPS and SSH over the same port with SSLH

Do you need to access your network services from remote locations but are blocked by firewalls or other
access restrictions? You might want to try SSLH, a powerful open-source tool that enables you to run multiple network services over a single port. This allows you to bypass firewalls and access your network services from anywhere. Here will show you how to use SSLH to run both HTTPS and SSH on the same port, but SSLH also supports HTTP and OpenVPN. 

Installing SSLH

SSLH is available in most Linux distributions' package managers, so installation is straightforward. You can install SSLH using the following command:

$ sudo apt-get install sslh

Configuring SSLH

Once SSLH is installed, you need to configure it to run both HTTPS and SSH on the same port. The configuration file for SSLH is usually located at /etc/default/sslh. In the configuration below SSLH listens on all available network interfaces on port 443, and it proxies SSH to port 22 of localhost and HTTPS to port 2443 of localhost. 

DAEMON_OPTS="-u sslh -p 0.0.0.0:443 -s 127.0.0.1:22 -l 127.0.0.1:2443 -P /var/run/sslh.pid"

RUN=yes

Before restarting SSLH, make sure to configure your web server to listen to 2443 instead of 443. Then, restart SSLH with

$ /etc/init.d/sslh start

Testing SSLH

To test SSLH, you can try accessing both the HTTPS and SSH services through the SSLH port. For example, to access HTTPS, open a web browser and navigate to https://<your-server-address>:443. To access SSH, open a terminal and use the ssh command  ssh your-server-address -p 443. 

source: https://memo-linux.com/sslh-https-et-ssh-sur-le-meme-port/, https://github.com/yrutschle/sslh

Reset Windows passwords with chntpw using a Linux Live USB

Have you ever forgotten your Windows login password and been locked out of your own computer?
There is a way to reset your Windows password using a Linux Live USB drive and a tool called chntpw. Here, we will show how.

Step 1: Create a Linux Live USB drive

First, you'll need to create a Linux Live USB drive. You can use any Linux distribution that includes the chntpw package. We will be using Ubuntu:

• Download the Ubuntu ISO file from the official website.
• Burn the ISO file to a USB drive using a tool like Rufus or Etcher.
• Boot your computer from the USB drive.

Step 2: Install chntpw

Once you have booted into the Linux Live USB, you'll need to install the chntpw package. To install chntpw, open a terminal and run the following command:

sudo apt install chntpw

Step 3: Mount the Windows partition

Next, you'll need to mount the Windows partition that contains the password database. In the terminal, navigate to the directory where the Windows partition is mounted. This will typically be the Windows/System32/config/ directory.

cd ~/winmount/Windows/System32/config/

Step 4: List the Windows users

Now, list the Windows users stored in the password database by running the following command:

sudo chntpw -l SAM

This will display a list of Windows users along with their corresponding User IDs (UIDs).

Step 5: Reset the Windows password

Finally, you can reset the password for a specific Windows user by running the interactive command:

sudo chntpw -i SAM

This will launch a menu where you can select the user whose password you want to reset and also unlock accounts. Follow the prompts to reset the password. Then reboot into Windows.

Sources: https://doc.ubuntu-fr.org/tutoriel/chntpw; https://ostechnix.com/reset-windows-password-with-linux-live-cd/

Make a bootable Linux/Ubuntu live USB drive on OS X

We'll see how to create a bootable Linux/Ubuntu USB drive, from an ISO image, on OS X using command line commands.

Step 1: Download the Ubuntu Image

The first step is to download the Ubuntu image from the official website. Live CD images allow to run Ubuntu without installing it. Here, we'll use an old Ubuntu 16 image from https://releases.ubuntu.com/xenial/: ubuntu-16.04.6-desktop-i386.iso

Step 2: Identify the USB Drive

Next you'll need to identify the USB drive that you want to use for the installation. You can do this by opening up a Terminal window and typing:

$ diskutil list

This command will list all of the disks currently connected to your computer. Identify the USB drive that you want to use for the installation and take note of its device identifier (e.g., /dev/disk2).

Step 3: Unmount the USB Drive

Before you can write the Ubuntu image to the USB drive, you need to make sure that it's unmounted. To do this, type the following command into the Terminal:

$ diskutil unmountDisk /dev/disk2

Note: Make sure to replace /dev/disk2 with the device identifier of your USB drive.

Step 4: Write the Ubuntu Image to the USB Drive

Now that your USB drive is unmounted, you can write the Ubuntu image to it using the dd command. Type the following command into the Terminal:

$ sudo dd if=~/Downloads/ubuntu-16.04.6-desktop-i386.iso of=/dev/rdisk2 bs=1048576

Note: Make sure to replace ~/Downloads/ubuntu-16.04.6-desktop-i386.iso with the path to the Ubuntu image on your computer, and /dev/rdisk2 with the device identifier of your USB drive.

The dd command will take some time to complete, so be patient. Once it's finished, you should see a message indicating how many bytes were transferred.

Step 5: Eject the USB Drive

Finally, you need to eject the USB drive to ensure that all of the data has been written correctly. Type the following command into the Terminal:

$ diskutil eject /dev/disk2

Note: Make sure to replace /dev/disk2 with the device identifier of your USB drive.

That's it! You've successfully created a bootable Ubuntu USB drive using command line commands on OS X. You can now use this USB drive to install or run Ubuntu on any computer that supports booting from USB.

Source: https://thornelabs.net/posts/create-a-bootable-ubuntu-usb-drive-in-os-x/

reduce the size of a pdf file compressing its figures

To reduce the size of a PDF file in linux of mac you'll need ghostscript (which in mac can be installed  with: brew install ghostscript). The following command line will generate a smaller file:  

gs -sDEVICE=pdfwrite -dCompatibilityLevel=1.4 -dPDFSETTINGS=/screen \
   -dNOPAUSE -dQUIET -dBATCH -sOutputFile=output.pdf   input.pdf

Different levels of compression can be obtained changing the option -dPDFSETTINGS:

• -dPDFSETTINGS=/screen lower quality, smaller size. (72 dpi)
• -dPDFSETTINGS=/ebook for better quality, but slightly larger pdfs. (150 dpi)
• -dPDFSETTINGS=/prepress output similar to Acrobat Distiller "Prepress Optimized" setting (300 dpi)
• -dPDFSETTINGS=/printer selects output similar to the Acrobat Distiller "Print Optimized" setting (300 dpi)
• -dPDFSETTINGS=/default selects output intended to be useful across a wide variety of uses, possibly at the expense of a larger output file

source: https://askubuntu.com/questions/113544/how-can-i-reduce-the-file-size-of-a-scanned-pdf-file

Docker containers with NVIDIA GPUs using nvidia-docker

These are the installation instructions for Ubuntu:

• Follow the docker-ce installation from (removing docker.io):
  https://docs.docker.com/install/linux/docker-ce/ubuntu
• Install nvidia-docker:
  https://github.com/NVIDIA/nvidia-docker

Test the installation running

$ docker run --runtime=nvidia --rm nvidia/cuda:latest nvidia-smi

 or the equivalent nvidia-docker wrapper call

$ nvidia-docker run --rm nvidia/cuda:latest nvidia-smi

The wrapper allows to easily select which of the host's GPUs are visible from the docker instance, in this example only the first two GPUs

$ NV_GPU=0,1 nvidia-docker run --rm -v /home/foo/data:/data -it nvidia/cuda:latest bash

Hide Matlab Start Bar / Busy Bar / Status Bar

Reclaim precious screen space by disappearing the "Start bar" (in older versions of Matlab) whose main purpose is saying Busy.

com.mathworks.mde.desk.MLDesktop.getInstance.getMainFrame.getStatusBar.getParent.setVisible(0);

Source: http://www.mathworks.com/matlabcentral/newsreader/view_thread/152888

Download/backup BibTeX library from CiteULike, including all the attached PDF

CiteULike is a convenient solution for bibliographic management, but sometimes an off-line replica of the bibliography is also needed. This can be achieved by exporting the CiteULike library in BibTeX format, furthermore BibDesk (and probably other managers too) can be synchronized directly with the CiteULike server.

While it is easy to export a .bib file from CiteULike, downloading all the attached files and having the .bib linking to the downloaded files is a different story.

BibTeX and JSON exports of the CiteULike library can be retrieved from:

  http://www.citeulike.org/json/user/USERNAME

  http://citeulike.org/bibtex/user/USERNAME

The BibTeX export can be read directly into a bibliographic manager, but the JSON export contains more information than the .bib, in particular it contains the location of the attached PDFs. So the idea of the Python script linked below is to do the following: 

1. download the CiteULike library in BibTeX and JSON formats
2. parse the JSON export and download all the attachments
3. modify the .bib file to include links to the downloaded copies of the attachments

the links in the .bib file should work for BibDesk and JabRef.

Before running the script:

• setup CITEULIKE_USERNAME and CITEULIKE_PASSWORD variables in the script
• verify you have wget and pybtex installed

Download the Python script:  citeulike_backup.zip

Resources:

http://www.macresearch.org/how_do_you_organize_digital_article_collections

http://www.andrewberman.org/projects/sync/

http://www.academicproductivity.com/2009/citeulike-bibdesk-sync-your-references-and-live-smarter/ 

http://wiki.citeulike.org/index.php/Importing_and_Exporting#JSON

---

Gory details from http://wiki.citeulike.org/index.php/Importing_and_Exporting#JSON:
# save session cookies

> wget -O /dev/null --keep-session-cookies  --save-cookies cookies.txt --post-data="username=xxxx&password=yyyy&perm=1" http://www.citeulike.org/login.do

# download bibtex with private comments and download an attachment

> wget -O export.bib --load-cookies cookies.txt http://www.citeulike.org/bibtex/user/xxxx
> wget --load-cookies cookies.txt http://www.citeulike.org//pdf/user/xxxx/article/123456/891011/some_99_paper_123456.pdf

Change text inside multiple files (command line)

I always forget these commands, and they are so useful.
The sed command to replace some text in a set of files:
     sed -e 's/old text/new text/g'  -i .trash  *.c 

The regular expression 's/some text/new text/g' is applied to each line of each file *.c.
And the -i flag saves a backup of each file.

The regular expression language is powerful, for instance allows to remember parts of the pattern in the substitution. An example: the following command puts quotation marks around everything that follows the first = sign in each line of script.sh.
  sed -e 's/=\(.*\)/="\1"/' script.sh

The pattern enclosed between \(   and   \) is stored in \1, and then used in the replaced text.

Source: http://www.labnol.org/internet/design/wordpress-unix-replace-text-multiple-files/1128/

otool: shows the shared libraries of a file (like ldd)

In OSX, the command to show the shared libraries that a binary uses is:
   /usr/bin/otool -L  binary_file

In Linux and Solaris the equivalent command is ldd, and I am used to it,
so I have this alias in my ~/.bash_profile  file:
   alias ldd="/usr/bin/otool -L "

Two-finger scrolling in Windows laptops (also Linux)

Two-finger scrolling and two-finger tapping (right click) are the two multi-finger gestures that I use the most in Mac. I'm so habituated to them that when I use a Windows laptop becomes a frustrating experience: always reaching for the right button or the scroll area of the pad.

Turns out that Synaptics TouchPads allow multi-finger gestures, and it is just a matter of drivers to enable them (just to be clear, almost all TouchPads out there are Synaptics).
Even better, without manipulating the driver. Two-Finger-Scroll is a small application that allows to enable two and three finger gestures on the Synaptics TouchPads, and it works just fine.

Source: http://www.howtogeek.com/howto/35065/how-to-enable-macbook-style-two-finger-scrolling-on-windows-laptops/

Update: multi-finger gestures also available for Linux!!  In Ubuntu/Debian just install the gpointing-device-settings package, or anything that says Synaptics.

Fishtank VR project with OpenCV and OpenGL

A toy Fishtank VR application I've made using OpenCV. It uses head tracking to adjusts the view according to the position of the viewer (see related posts).

The OpenGL projection matrix was modified to allow rendering objects in front of the projection plane (the window) so that objects can "pop out" the screen.

TODO:

• Stabilize the head tracking, using templated object search 
• Calibrate the paralax factor, the apparent motion is not very realistic
• Replace bitmap reading routines
• Refactor 

Download the code. 
Builds with Xcode, but requires the OpenCV Framework to be installed. Also compiles with cmake in linux.

Similar projects:
http://www.tuaw.com/2011/04/11/ipad-2-gets-glasses-free-3d-display-using-front-facing-camera-fo/

Ctrl-c signal catching from C program and from MATLAB's mex

In C the signal handling can be done by replacing the signal handle. The function signal(SIGINT,func) places the handler for  SIGINT with your definition of void func(int sig);

#include <signal.h>;
#include <stdio.h>;

/* * Ctrl-C signal catching infrastructure * */
/* This global variable is accessible from all the files using extern*/

short INTERRUPTED;  

/* This function that handles the signal just changes the state of 
   INTERRUPTED. This variable is checked periodically in the main loop*/
void sigproc_ctrlC(int sig)
{
   /* To access the global variable must be defined as extern */
   extern short INTERRUPTED;       
   INTERRUPTED =1;
   printf("Ctrl-C pressed\n");
}

int main() {
   /* * INTERRUPT SIGNAL HANDLING * */
   /* The global variable must be defined as extern */
   extern short INTERRUPTED;   

   /* Initial value for INTERRUPTED*/
   INTERRUPTED=0;

   /* Associate the signal handler to the SIGINT */
   signal(SIGINT, sigproc_ctrlC);  


   printf("Press Ctrl-C to interrupt\n");
   /* Infinite loop*/
   while ( !INTERRUPTED ) {  
      printf("INTERRUPTED=%d\n",INTERRUPTED);

   }
}

---

We cannot apply this to MEX files, because in the MATLAB's enviroment there is already a signal handler in place, and if we replace it for our own, then our handler stays there for the remaining of the MATLAB's execution.

We need to reset the original handler after finishing the execution of our code. 

The following program will do the trick, and also applies to the standard C programs. The sigaction(SIGINT, &act, &oact) function allow to replace the SIGING handler with (act) but also returns a pointer to the original one (oact).

#include <signal.h>;
#include <stdio.h>;
#include <mex.h>;

/* * Ctrl-C signal catching infrastructure * */
/* This global variable is accessible from all the files using extern*/
short INTERRUPTED;  

/* This function that handles the signal just changes the state of 
   INTERRUPTED. This variable is checked periodically in the main loop*/
void sigproc_ctrlC(int sig)
{
   /* To access the global variable must be defined as extern */
   extern short INTERRUPTED;       
   INTERRUPTED =1;
   printf("Ctrl-C pressed\n");
}

/* Global variables for storing the signal handlers */
struct sigaction act, oact;


void mexFunction(int nlhs,mxArray *plhs[],int nrhs,const mxArray *prhs[]){
   /* * INTERRUPT SIGNAL HANDLING * */
   /* The global variable must be defined as extern */
   extern short INTERRUPTED;   

   /* Initial value for INTERRUPTED*/
   INTERRUPTED=0;

   /* Save and over-ride old SIGINT behaviour */
   act.sa_handler = sigproc_ctrlC;
   sigaction(SIGINT, &act, &oact);



   /* Infinite loop */
   while ( !INTERRUPTED ) {
      printf("INTERRUPTED=%d\n",INTERRUPTED);
   }

   /* Reset the original handler */
   printf("Resetting signal handler for SIGINT\n");
   sigaction(SIGINT, &oact, &act);
}

Sources:
http://www.mathworks.cn/matlabcentral/newsreader/view_thread/23450
http://newsgroups.derkeiler.com/Archive/Comp/comp.soft-sys.matlab/2006-06/msg01751.html

Wine (windows emulator) for OSX

The wine emulator permits to run Windows binary on Linux and now OSX:
http://wiki.winehq.org/MacOSX

A packaged .dmg file is also available for download at:
http://winebottler.kronenberg.org/

Building a chroot environment for sftp and sshd (OpenSSH)

This is useful when you don't trust your users, and still must provide sftp service.

http://coffeenix.net/doc/network/chrooted_openssh.html
http://www.c2group.net/howtos/chroot.html

The following script creates a chroot enviroment at the specified path.
It has been adapted to run on OSX. Use it with:

  > ./create_chroot_env_osx /tmp/testdirectory
  > sudo chroot /tmp/testdirectory

#!/bin/bash
#
# Usage: ./create_chroot_env_osx destinationPath
#

# Specify HERE the apps you want into the enviroment
# /usr/lib/dyld is mandatory
APPS="/usr/lib/dyld /bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm"

# Sanity check
if [ "$1" = "" ] ; then
   echo "     Usage: $0 destinationPath"
   exit
fi

# Go to the destination directory
if [ ! -d $1 ]; then mkdir $1; fi
cd $1

# Create Directories no one will do it for you
mkdir etc
mkdir bin
mkdir usr
mkdir usr/bin
mkdir usr/lib
mkdir usr/lib/system

# Add some users to ./etc/paswd
grep /etc/passwd -e "^root" > etc/passwd
grep /etc/group -e "^root" > etc/group

# Copy the apps and the related libs
for prog in $APPS;  do
   cp $prog ./$prog

   # obtain a list of related libraryes
   ldd $prog > /dev/null
   if [ "$?" = 0 ] ; then
      LIBS=`ldd $prog | grep version | awk '{ print $1 }'`
      for l in $LIBS; do
         cp $l ./$l
         # second level of dependent libraryes
         LLIBS=`ldd $l | grep version | awk '{ print $1 }'`
         for ll in $LLIBS; do
            cp $ll ./$ll
         done
      done
   fi
done

Installing CUDA 3.1 on Ubuntu 10.04

To install the CUDA driver on Ubuntu 10.04 follow the following instructions.

1. Download the proper driver from nvidia's site
2. Change gcc 4.4 to 4.3
3. Remove any nvidia driver. > sudo apt-get purge nvidia-*
4. Make the file in following location - "/etc/modprobe.d/nvidia-graphics-drivers.conf" with the following matters:
   
   
   blacklist vga16fb
   blacklist nouveau
   blacklist lbm-nouveau
   blacklist nvidia-173
   blacklist nvidia-96
   blacklist nvidia-current
   blacklist nvidiafb
5. Kill  X
6. Launch the driver's installation
7. Reboot

Source: 

Pablo's experience and 

http://forums.techarena.in/operating-systems/1336959.htm 

Convert ps to pdf without compressing the images

This script converts a ps file to pdf

#/bin/sh
ps2pdf -sPAPERSIZE=a4 \
-dMaxSubsetPct=100 -dCompatibilityLevel=1.3 \
-dSubsetFonts=true -dEmbedAllFonts=true \
-dAutoFilterColorImages=false \
-dAutoFilterGrayImages=false \
-dColorImageFilter=/FlateEncode \
-dGrayImageFilter=/FlateEncode \
-dMonoImageFilter=/FlateEncode \
"$1" "$1.pdf"

Source : http://techdir.rutgers.edu/pdf.html, http://blog.konradvoelkel.de/2010/01/how-to-manage-the-papers-metadata/. The author of the last blog also have a nice post about how to OCR documents in Linux. 

Draw vector fields with gnuplot.

To plot a data file that contains motion vectors formated as

x1 y1 u1 v1

x2 y2 u2 v2
...
xN yN uN vN
where for each row (x,y) is the position of the vector and (u,v) is its magnitude, use the command

plot "motion_vectors.data" using 1:2:3:4  with vec

this plots small vectors at each position (x,y). 

If we want to plot only some of the points (because the field is dense) we use  the every 4:4 option, and scale the vectors by 4 

plot "motion_vectors.data" every 4:4 u 1:2:($3*4):($4*4) w vec

To overprint the vectors on an image (with gnuplot 4.2). The image must be stored as a binary file image.bin and the size of the image must be known 300x400.


plot "image.bin" binary array=300x400 flipy with image, "motion_vectors.data" every 12:12 u 1:2:($3*8):($4*8) w vec

Sometimes other adjustements are necesarry to the plots, just manipulate: ($1):($2):($3*8):($4*8)



References:
http://t16web.lanl.gov/Kawano/gnuplot/datafile2-e.html#7.6
http://www2.yukawa.kyoto-u.ac.jp/~ohnishi/Lib/gnuplot.html
http://gnuplot.sourceforge.net/demo/image.html

Setup of a Linux TimeMachine backup server, accessible from OS X

I've found a couple of sites that describe a procedure for defining a networked TimeMachine Volume using Ubuntu Linux.

http://chriscarey.com/wordpress/?p=51

http://adamcohenrose.blogspot.com/2008/03/time-machine-wireless-backup-continued.html

http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/

The last one is very clear and complete. This is a summary of the commands I used for configuring Ubuntu 9.04.

Update: seems that this procedure also work for Ubuntu 10.04. After upgradind the server I could not mount the shares and received the messages:

Jul  5 09:04:35 machine afpd[18138]: cnid_open: dbenv->open of /home/user/TimeMachine/.AppleDB failed: DB_VERSION_MISMATCH: Database environment version mismatch
Jul  5 09:04:35 machine afpd[18138]: Cannot open CNID db at [/home/user/TimeMachine].
Jul  5 09:04:35 machine afpd[18138]: Fatal error: cannot open CNID or invalid CNID backend for /home/facciolo/TimeMachine: cdb

The database contained in the .AppleDB directories has changed format. The solution is to remove it (See: http://www.gentoo-wiki.info/HOWTO_Share_Directories_via_AFP#Troubleshooting).

1) Install and configure packages in Ubuntu 9.04

apt-get install netatalk

apt-get install avahi-daemon

apt-get install libnss-mdns

Edit: /etc/default/netatalk

ATALKD_RUN=no

PAPD_RUN=no

CNID_METAD_RUN=yes

AFPD_RUN=yes

TIMELORD_RUN=no

A2BOOT_RUN=no

Append to: /etc/netatalk/afpd.conf

- -transall -uamlist uams_randnum.so,uams_dhx2.so -nosavepassword -advertise_ssh

Edit: /etc/netatalk/AppleVolumes.default

~/ "$u" allow:username1,username2 cnidscheme:cdb

/home/username/TimeMachine TimeMachine allow:username1,username2 cnidscheme:cdb options:usedots,upriv

Do not forget to create the backup directory:

mkdir /home/username/TimeMachine

2) Configure avahi and start services (Ubuntu)

Edit: /etc/nsswitch.conf

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns

Edit: /etc/avahi/services/afpd.service

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_afpovertcp._tcp</type>
<port>548</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=Xserve</txt-record>
</service>
</service-group>

Start the services:

/etc/init.d/netatalk restart

/etc/init.d/avahi-daemon restart

By now the network drives (home and TimeMachine) should be visible from OSX Finder.

4) Enable networked TimeMachine Volumes in OS X
In a terminal run:

defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1

5) Create a disk image for the first use of TimeMachine
5.1) Obtain the MAC address (ifconfig -a) here marked as XXXXXXXXXXXX:

en0: flags=8863.....

ether XX:XX:XX:XX:XX:XX

....

5.2) Obtain the computer name (hostname -s) : mycomputer

5.3) Create the image with Disk Utility

1. New Image
2. Set the image name to : mycomputer_XXXXXXXXXXXX.sparsebundle
3. Set Image Format to: sparse bundle disk image
4. Set Volume Size to: Custom
5. Create and save the image on the LOCAL drive (not the networked one)
6. Copy the image to the networked drive and erase the local one

6) Choose the TimeMachine network drive and backup.

You may also want to change the backup interval (3600 sec by default):

Edit the file /System/Library/LaunchDaemons/com.apple.backupd-auto

Mount OS X NFS share from Linux

The nfs server that comes with OS X is picky.

------------ IN THE SERVER OSX ------------

->/etc/exports

/Users/ 192.168.114.128

/Users/ localhost

->/etc/nfs.conf

nfs.server.require_resv_port = 0

nfs.server.mount.require_resv_port = 0

> sudo nfsd enable

> sudo showmount -e

---------FROM LINUX ---------

sudo mount 192.168.114.2:/Users /mnt/OSXUSERS

The user in the linux system MUST have the same UID as in the OSX, the mapall option doesn't work.