Excel find/replace with line-break within cells
- Open the find/replace pop-up with CTRL+H
- Set find value to the character to be replaced with line-break
- In the Replace With field, pless CTRL+J
Always Geeky
Knowledge base for various geeky topics
- Author Archives
scott
-
-
Copying Linux encrypted shadow password If you need to copy a Linux user account from one system to another and need to presever the password without knowing it, you can use this process.
First, create the user:
sudo useradd bobSet group membership as required, such as appending the wheel group:
sudo usermod -a -G wheel bobGrab the hashed password from the existing system – you are after everything between the first and second colon (:), which should start with a $6$.
sudo grep bob /etc/shadow
$6$N9ZbvcsuQTabj4NN8AS3G37.SDEtFNh588qydwE3kefAxraCwH2P3ZSBQBkhsyjzyhsNuZjr2DC/
qzNHSQBPTnz.PNRvfhc Use sudo vipw -s to add the above encrypted string to the new shadow file. vipw uses locks to avoid concurrencies issues with this file, so use this instead of manually editing the shadow file.
Done!
-
Using hashdeep to confirm two directories match First, use hashdeep to capture the hash of the first directory:
$ hashdeep -b -r /home/user/one/ > one-results.txt
Then do the same for the second directory:
$ hashdeep -b -r /home/user/one > two-results.txt
Now you need to compare the two resulting files. Their order is likely to be different, so you will need to sort them first.
$ sort one-results.txt > one-results-sorted.txt
$ sort two-results.txt > two-results-sorted.txt
$ diff one-results-sorted.txt two-results-sorted.txt
If the directories match, the only output of the diff command will be the headers showing the two files you are comparing. Like this:
10c10\ ## $ hashdeep -b -r /home/user/one — \ ## $ hashdeep -b -r /home/user/two
You can use the -a command of hashdeep, but that will only if the directors are the same or not, it won’t show you what is different between them.
The -b flag is important – without this, hashdeep will store the full file path in the output files, which will never match between two directories. Using the -b flag ensure that only the filename is saves, not the full path, and this can be checked against different directories.
-
apt-get error:
Ignoring Provides line with Dep Compare Op for package Receiving the following error, includes the message that running “apt-get update” should fix it. It doesn’t, as that command generates the same error.
W: Ignoring Provides line with DepCompareOp for package libjpeg62 8,790 kB/s 0s
W: Ignoring Provides line with DepCompareOp for package php-psr-http-message-implementation
W: Ignoring Provides line with DepCompareOp for package php-psr-log-implementation
W: Ignoring Provides line with DepCompareOp for package php-math-biginteger
W: Ignoring Provides line with DepCompareOp for package pypy-cffi
W: Ignoring Provides line with DepCompareOp for package pypy-cffi-backend-api-max
W: Ignoring Provides line with DepCompareOp for package pypy-cffi-backend-api-min
W: Ignoring Provides line with DepCompareOp for package python-cffi-backend-api-max
W: Ignoring Provides line with DepCompareOp for package python-cffi-backend-api-min
W: Ignoring Provides line with DepCompareOp for package python3-cffi-backend-api-max
W: Ignoring Provides line with DepCompareOp for package python3-cffi-backend-api-min
W: You may want to run apt-get update to correct these problems
To resolve the error, you need to update apt with the following command:
sudo apt-get update apt
-
S S H to slave in H A Fortigate pair If you have a pair of HA Fortigates, sometimes you need to log into the slave device via SSH. Common examples including wanting to run a packet capture.
To do so, log into the primary device as usual, then run this command:
Fortigate1 # config global
Fortigate1 (global)# execute ha manage 0
Fortigate2 $
That’s it, you are now logged onto the slave Fortigate.
-
Manually deleting a Z F S dataset on N A S4 Free If you need to manually delete a dataset, such not being able to do so from the NAS4Free web interface, you can run this command as root, where ‘pool1’ is the name of the ZFS pool, and ‘test-dataset’ is the name of your ZFS dataset.
zfs destroy pool1/test-dataset
You may receive the following error, at which point you need to add the -r flag.
nas4free: / # zfs destroy pool1/test-dataset
cannot destroy ‘pool1/test-dataset’: filesystem has children
use ‘-r’ to destroy the following datasets:
z2pool0/test@test
nas4free: / # zfs destroy -r pool1/test-dataset
nas4free: / #
-
NAS4Free rsync daemon client
Setting up a NAS4Free box to push/pull date to a remote system via rsync running as a daemon, rather than rsync over SSH, can be a little tricky. Here is what’s required.
On the server, ie NOT NAS4Free, but the remote system:
- Install rsync.
- Set rsync daemon to run on startup
- Create and configure /etc/rsync.conf
- Create and configure /etc/rsync.secrets
After all this is completed, you can setup the rsync client on NAS4Free.
1 is usually accomplished with your package manager (yum/apt-get/aptitude/ports), if not already installed.
2 depends on your Linux distro in use. For Debian based Linux systems, edit /etc/default/rsync, and set the following line:
RSYNC_ENABLE=true
3 depends on the folder you are trying to sync, but here is a sample
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid[documents]
path = /home/user/Documents
uid = user
gid = user
read only = yes
list = yes
secrets file = /etc/rsyncd.secrets
hosts allow = 192.168.0.250/255.255.255.255You might see some examples online that tell you to put this line:
auth users = pub
Do NOT add this line, as it won’t work. If you see the error below, make sure you remove ‘auth users’ from your config file.
2015/05/31 12:00:00 [17310] auth failed on module documents from nas4free.local (192.168.0.250) for rsync: password mismatch
4. Create the secrets file, as such:
rsync_user:password123
Obviously, select your own username and password combination.
5. On your NAS4Free box, create a new user under Access->Users and Groups, making sure the username and password you set in rsync.secrets match.
Finally, you are ready to setup your client config in Services->Rsync->Client.
-
Fortigate V P N working except for ping If you find a situation where a site to site IPsec VPN on a Fortigate is apparently up and passing traffic, except ping (ICMP) is not flowing over the VPN, here is a solution.
The cause can be if the VPN flaps momentarily, and an ICMP packet is received in the short space of time while the IPsec tunnel is down, the Fortigate will create a new session via the routed interface. Even when the tunnel is re-established, the incorrect session will persist via the physical interface, as opposed to via the correct tunnel interface.
To clear this erroneous session, run the following commands. Note that the first command (vd 2) is only required if you are using multiple Virtual Domains (VDOMS), and the number should correspond to the number of the impacted VDOM. If you don’t have VDOM’s in use, skip to the ‘proto’ command.
FORTIGATE (vdom) # diagnose system session filter vd 2FORTIGATE (vdom) # diagnose system session filter proto 1
FORTIGATE (vdom) # diagnose system session filter
session filter:
vd: 2
sintf: any
dintf: any
proto: 1-1
proto-state: any
source ip: any
NAT'd source ip: any
dest ip: any
source port: any
NAT'd source port: any
dest port: any
policy id: any
expire: any
duration: anyFORTIGATE (vdom) # diagnose system session clear
FORTIGATE (vdom) #
Once you have cleared the session, you may need to restart the VPN tunnel. The next ICMP packet should bring up the session over the correct IPsec tunnel interface.
-
Using rsync to ensure 2 directories match rsync -nrhc --progress /home/user/source/docs/ /home/user/destination/docs/If you think ‘destination’ includes everything in ‘source’, but want to check, the above command will tell you if this is the case. Here are the options broken down:
-n
This is important, it tells rsync to do a dry-run. Without this option, it will actually copy missing files to the destination.
-r
Recursive. Unless you only want to check files directly below the specified directory, you will likely want to use -r.
-h
Human readable. This means you see the size of the folders in Kb, Mb, Gb, or even Tb, rather than pure bytes.
-c
This one is also very important. Without this option, rsync will use the timestamps on each file to determine if they are identical, which can be misleading. This option forces rsync to use a checksum to ensure that if two files exists, they are actually the same file.
-
How to generate a pre shared key using A P G A common requirement is to generate a random, unique and secure pre-shared key, typically for use in VPN’s. The Linux tool, APG (Automated Password Generator), is a great tool for this job, but you need to specify a few options to get the correct output.
If you just run ‘apg’, you get output that is designed to be read over the phone. This is not what we would consider secure. Here is my suggested command:
apg -a 1 -m 16 -n 1 -c /dev/random
What does each option do?
-a 1
This disables the ‘pronounceable’ password generation option, making password unpronounceable over the phone, and thus more random.-m 16
This sets the length of the output to 16 characters. Feel free to substitute ’16’ with your own minimum requirement, just make sure that you make it larger than the default of 6.-n 1
This produces only 1 password. If you need say 4 passwords, use -n 4. The default is 6.-c /dev/random
By default, APG asks you to enter random data, which it will use as the seed for its PRNG. By using this option, we provide truly random data as the seed. Note that if your OS is low on entropy, using this option may take longer than usual.If you want to avoid using symbols that might cause issues with input validation, try this command instead:
apg -a 1 -m 22 -n 1 -c /dev/random -M NCL
This will force the use of upper case, lower case and numbers, but no symbols. The number of characters has also been increased to 22, due to the lower entropy due the reduced character set.