msgbartop
MAC OS X, Linux, Windows and other IT Tips and Tricks
msgbarbottom

22 Feb 15 Creating a Mavericks MAC OS X Install USB Stick

In order to install a OS X Mavericks completely fresh on a new hard disk from scratch, here are the recommended steps:
1 – Get the Install_OS_X_Mavericks.app from Apple in Internet.
2 – Create an OSX Mavericks Install USB stick from this APP
3 – Reformat the destination hard disk in Mac OS Extended (Journalled)
4 – Reboot the computer holding the Option key(alt) and boot from the external stick
5 – Chose Install OS X and follow the instructions.

For the moment I will only explain the step 2:
Create an OS X Mavericks Install USB stick from the Maverick Install APP:
Find out where you downloaded the Maverick_install APP and use it in the Terminal command as follows:
Example:
– Maverick OS X Install App download Path: /Volumes/DATA2/Install_OS_X_Mavericks.app
– USB Stick path: /Volumes/USB20FD

Start the Terminal application and issue the following command:
sudo /Volumes/DATA2/Install_OS_X_Mavericks.app/Contents/Resources/createinstallmedia --volume /Volumes/USB20FD --applicationpath /Volumes/DATA2/Install_OS_X_Mavericks.app --nointeraction

The whole command and results results should look like this:
sudo /Volumes/DATA2/Install_OS_X_Mavericks.app/Contents/Resources/createinstallmedia --volume /Volumes/USB20FD --applicationpath Install_OS_X_Mavericks.app --nointeraction
Password:
Erasing Disk: 0%... 10%... 20%... 30%...100%...
Copying installer files to disk...
Copy complete.
Making disk bootable...
Copying boot files...
Copy complete.
Done.

07 Sep 12 HowTo Flush Linux dns cache

This article is bee extracted from the URL:
http://www.inetdaemon.com/tutorials/internet/dns/servers/caching.shtml
of which many thanks for posting the article.
I extracted what I needed and posted it again here mostly for me as a reminder.

HowTo: Flush nscd dns cache

Nscd caches libc-issued requests to the Name Service. If retrieving NSS data is fairly expensive, nscd is able to speed up consecutive access to the same data dramatically and increase overall system performance. Just restart nscd:
$ sudo /etc/init.d/nscd restartOR
# service nscd restartOR
# service nscd reload
This daemon provides a cache for the most common name service requests. The default configuration file, /etc/nscd.conf, determines the behavior of the cache daemon.

Flush dnsmasq dns cache

dnsmasq is a lightweight DNS, TFTP and DHCP server. It is intended to provide coupled DNS and DHCP service to a LAN. Dnsmasq accepts DNS queries and either answers them from a small, local, cache or forwards them to a real, recursive, DNS server. This software is also installed many cheap routers to cache dns queries. Just restart the dnsmasq service to flush out dns cache:
$ sudo /etc/init.d/dnsmasq restartOR
# service dnsmasq restart
Flush caching BIND server dns cache

A caching BIND server obtains information from another server (a Zone Master) in response to a host query and then saves (caches) the data locally. All you have to do is restart bind to clear its cache:
# /etc/init.d/named restart
You can also use rndc command as follows flush out all cache:
# rndc restartOR
# rndc exec
BIND v9.3.0 and above will support flushing all of the records attached to a particular domain name with rndc flushname command. In this example flush all records releated to cyberciti.biz domain:
# rndc flushname cyberciti.biz
It is also possible to flush out BIND views. For example, lan and wan views can be flushed using the following command:
# rndc flush lan
# rndc flush wan
A note about Mac OS X Unix users

Type the following command as root user:
# dscacheutil -flushcacheOR
$ sudo dscacheutil -flushcache
If you are using OS X 10.5 or earlier try the following command:
lookupd -flushcache

13 Aug 12 Activating TRIM for SSDs on MAC OSX Lion

Did you just buy an SSD for your MAC running Lion and would like to get the best of it?

A short explanation:

In normal hard disks when a file or directory is been erased, in fact the space used by the file or directory is simply put back on the unused space list. Nothing is really been erased at all. That is why sensitive information should always be overwritten by something instead of simply erased… but that is another subject.
So the space that is been made available again will soon or later be used again as we would expect. When it is used again the new data will overwrite the old one. That is where SSDs and rotating hard disks differ. With rotating hard disks, the new data is simply written in the available space without having to erase the old one before. In SSDs the technology demands that the old data be first erased before new data will be written, which slows down the writing time. This means with time the writing speed of SSDs starts to slow down drastically. This is where the TRIM function of a system comes in play. The TRIM function regularly deletes the unused space on SSDs while the CPU/IOs are not too busy. This saves a lot of writing time, therefore keeps the high writing speed of SSDs up to their maximum throughout the life of the SSD.
Well here comes the bad news for MAC Lion owners … and the the good ones afterwards 🙂

The BAD NEWS:

Apple has restricted the TRIM function only to the Apple identified SSDs. Therefore all non-Apple SSDs don’t get the feature. Nasty hunn??

The GOOD NEWS:

Some very talented and generous guys have found a way to modify the kernel module of MAC Lion (till 10.7.4 but not on 10.7.5)in order to enable the TRIM function for all SSDs and not only Apple ones. .. and here is how it is done:

References:

http://bytelude.de/2011/10/13/ssd-trim-support-unter-mac-osx-lion-aktivieren/
http://digitaldj.net/2011/07/21/trim-enabler-for-lion/

INSTRUCTIONS:

Make a copy of the original kernel module:
sudo cp /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage.original

Modify the kernel module:
sudo perl -pi -e 's|(\x52\x6F\x74\x61\x74\x69\x6F\x6E\x61\x6C\x00{1,20})[^\x00]{9}(\x00{1,20}\x51)|$1\x00\x00\x00\x00\x00\x00\x00\x00\x00$2|sg' /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage

Do some system preparation
sudo kextcache -system-prelinked-kernel
sudo kextcache -system-caches

Reboot the system .. and cross your fingers 😉

Check the the activation of the TRIM feature:
– Open up ‘About This Mac’
– Click the “More Info…” button and then the “System Report” button.
– In the list on the left, choose “Serial-ATA”.
– Click on your SSD Drive and in the lower half of the screen you should now see “TRIM Support: Yes” instead of “No”.

If something terribly goes wrong then restore the backup:
sudo cp /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage.original /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage
sudo kextcache -system-prelinked-kernel
sudo kextcache -system-caches
sudo reboot

NOTE 1:

I have installed a 512 GB Samsung Series 830 on my MAC Book Pro i7, followed these instructions and all worked without a glitch. I’m very thankful to the people who have worked to discover this modification and made it available to us.

Note 2 (30.09.2012):

I just updated my OS X from 10.7.4 to 10.7.5, especially because of WiFi instability, and found my TRIM support going from ‘Yes’ to ‘No’.
Well, that was rather expected, but the unexpected thing was that the above method with the terminal commands this time didn’t work.
I found in Internet an application that does the trick though even in 10.7.5. Easy to use and you need to reboot afterwards.
It’s called App Trim Enabler found at: http://www.macupdate.com/app/mac/37852/trim-enabler

Note 3 (20.06.2013:

Just got the news of another TRIM tool called Cameleon SSD Optimizer. I haven’t tried it yet but seems promising. You can get it at:
http://chameleon.alessandroboschini.it/index.php

Happy ‘Trimming’

26 Mar 12 VPN Server and clients HOW-TO

Hi Folks, there are a lot of VPN howtos out there and here I am making one more. Well if the format I’m putting it in helps for some of you to install your VPN, great. That is all I’m wishing for, and besides because I have a very short memory every time I discover something I make a note of it and this Blog is one of those notes as reminder for myself as well.

Note: I will not go into explaining much of what I list here. Sometimes I add comments but it’s the minimum.

Installing OpenVPN

Installing the packages

apt-get update
apt-get upgrade --show-upgraded
apt-get install openvpn udev

For Debian Squeeze/Wheezy
cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn
For Debian Jessie, follow the instructions in the following HowTo:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-debian-8

In order that the service starts properly at boot time:
Edit the file: /etc/init.d/openvpn and change the file headers:
DELETE the lines:
# Should-Start: network-manager
# Should-Stop: network-manager

Adapt the values at the bottom of the FILE:
mcedit /etc/openvpn/easy-rsa/2.0/vars
eg.
export KEY_COUNTRY="DE"
export KEY_PROVINCE="Berlin"
export KEY_CITY="Berlin"
export KEY_ORG="MyORG"
export KEY_EMAIL="myname@myorg.com"

Initialize the Public Key Infrastructure (PKI)
Issue the following commands to create the CA and Public Key infrastructure:
cd /etc/openvpn/easy-rsa/2.0/
. /etc/openvpn/easy-rsa/2.0/vars
. /etc/openvpn/easy-rsa/2.0/clean-all
. /etc/openvpn/easy-rsa/2.0/build-ca

Generate Certificates and Private Keys
. /etc/openvpn/easy-rsa/2.0/build-key-server server
(Answer all question as appropriate)

Generate Diffie Hellman Parameters(for controlling method of key exchange)
. /etc/openvpn/easy-rsa/2.0/build-dh

The keys and certificates for the server need to be relocated to the /etc/openvpn directory so the OpenVPN server process can access them.
The commands are:
cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn/
cp /etc/openvpn/easy-rsa/2.0/keys/ca.key /etc/openvpn/
cp /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem /etc/openvpn/
cp /etc/openvpn/easy-rsa/2.0/keys/server.crt /etc/openvpn/
cp /etc/openvpn/easy-rsa/2.0/keys/server.key /etc/openvpn/

OPTIONAL:
Note: If you need to remove a user’s access to the VPN server, issue the following command sequence.
This will prevent the ‘client1‘ from connecting to your vpn server any further.
. /etc/openvpn/easy-rsa/2.0/vars
. /etc/openvpn/easy-rsa/2.0/revoke-full client1

Configure the Virtual Private Network (using example files as s start)
cd /usr/share/doc/openvpn/examples/sample-config-files
gunzip -d server.conf.gz
cp server.conf /etc/openvpn/
cp client.conf ~/
cd ~/

Edit the config file: /etc/openvpn/server.conf and make sure only the following parameters are active.
(modify the parameters as suited for your environment, eg. ca,cert,key,server)
To verify afterwards just run the command:
egrep -v '^#|^;|^$' /etc/openvpn/server.conf
and you should get the following (except for the environment dependent values)

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key < <............ This file should be kept secret dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt client-to-client <<............. Allows VPN clients to communicate between each other keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3

Start the VPN server
service openvpn restart
Verify that the VPN network interface has been created:
ifconfig tun0
Important Note:
Make sure your firewall doesn’t block the port 1194 for access from Internet.

Creating new Client Certificates:

Note:
The following steps will need to be done for each VPN client machine:

ON VPN SERVER

Using the now generated private key, generate client certificates:
(replace ‘client1‘ be the name of your client..without spaces)
cd /etc/openvpn/easy-rsa/2.0/
source ./vars
. /etc/openvpn/easy-rsa/2.0/build-key client1

Transfer the keys/certificates from the server to the clients machines ) if they are Linux with SSH running:
(Commands done on the server)
Copy ctertificate,ca and key to client machine:
ssh remote_server mkdir -p /etc/openvpn
scp /etc/openvpn/easy-rsa/2.0/keys/ca.crt root@remote_client:/etc/openvpn/
scp /etc/openvpn/easy-rsa/2.0/keys/client1.crt root@remote_client:/etc/openvpn/
scp /etc/openvpn/easy-rsa/2.0/keys/client1.key root@remote_client:/etc/openvpn/

Note: To be able to connect to the server with multiple clients at the same time with the same client certificate, add the following server start argument in:
File: /etc/default/openvpn
OPTARGS=" --duplicate-cn "

ON LINUX VPN CLIENTS:

Client configuration on Ubuntu 11.10

apt-get install openvpn network-manager-openvpn
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/
Edit the file /etc/openvpn/client.conf and make sure only the following parameters are active.
(modify the parameters as suited for your environment, eg. ca,cert,key,remote)
To verify afterwards just run the command:
egrep -v '^#|^;|^$' /etc/openvpn/client.conf
and you should get the following (except for the environment dependent values)
client
dev tun
proto udp
remote www.itmatrix.eu 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/ubuntu1110.crt
key /etc/openvpn/ubuntu1110.key
ns-cert-type server
comp-lzo
verb 3

– Open a terminal/console, we need to create a new Key and certificate for this new VPN client
– Connect to the VPN server and ‘root’ using the ssh command: eg ssh root@host.myvpn.com
– Run the following comands:
cd /etc/openvpn/easy-rsa/2.0/
source ./vars
. /etc/openvpn/easy-rsa/2.0/build-key ubuntu1110

– Answer the questions, Forget the optionnal questions(just press enter)
type yes when asked to sign the certificate.
Now we have created a new certificate for this ubuntu1110 client
– Logoff ssh (‘exit’ command)

– (back into our desktop terminal) run the following commands:
sudo su -
mkdir -p /etc/openvpn/
scp root@host.myvpn.com:/etc/openvpn/easy-rsa/2.0/keys/ubuntu1110.* /etc/openvpn/
scp root@host.myvpn.com:/etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn/

Temporarily making the private key readable be the Ubuntu user for configuration
cd /etc/openvpn/
chmod 644 ubuntu1110.key
chown user:group ubuntu1110.* ca.crt

(user:group = user and group of the graphic interface)
– Now we should have 3 certificate files transferred into the OpenVPN config directory on the client machine

Connecting to the VPN server from client

Using the Linux command line

Start the VPN tunnel:
openvpn --config /etc/openvpn/client.conf & disown %1
Check the interface of the VPN tunnel:
ifconfig tun0

Finding out the IP of the Remote VPN Server (using the normal Internet way):
ssh root@vpnserver.vpn ifconfig tun0 | grep inet | awk '{print $2}' | cut -d: -f2

Connecting to the VPN server via the newly created VPN Tunnel: eg.
ssh root@10.8.0.1

Stopping the VPN on the client
killall openvpn

Using the Ubuntu Network Manager

Client OpenVPN for Ubuntu 11.10

– Start Ubuntu Software Center
– Click on ‘All Software‘ Button (left top)
– Enter the word ‘VPN‘ in the search field (Right top)
– Double Click on ‘Network‘ (Network manager Gnome)
– In ‘Add-ons‘ List Select ‘Open VPN Plugin Gnome GUI‘ and leave the others unselected.
– Click on ‘Apply Changes‘ button (midle right)
– Enter your password to allow the installation
– Once fully installed, close ‘Ubuntu Software Center‘ window.
– Click on ‘Systems Settings‘ Icon (left middle)
– Click on ‘Network‘ Icon
– Click on ‘+‘ (bottom left of window)
– Select ‘VPN‘ and click on ‘Create‘ button
– Select ‘OpenVPN‘ (middle dropdown menu) and click on ‘Create‘ button
– Enter the Connection name (eg. MyVPNServer) in the field ‘Connection Name‘ eg. VPN Server 1
– Select the Option ‘Connect Automatically
– In the ‘Gateway‘ Field enter the address or FQDN of the VPN server
– In Authentication section:
– select ‘Certificates(TLS)‘ in Type Drop down Menu.
– Click in User Certificate field and select the file /etc/openvpn/ubuntu1110.crt
– Click in Ca Certificate field and select the file /etc/openvpn/ca.crt
– Click in Private Key field and select the file /etc/openvpn/ubuntu1110.key
– Enter a password to protect the use of your private key
– Click on Advanced Button (right down of window)
– Select ‘Use UDP connection
and ‘Use LZO Data Compression
– Click on ‘OK‘, then ‘Save‘ and finally ‘Close
– Go back to your terminal and protect your VPN key (stored in /etc/openvpn/) run the command:
chmod 600 /etc/openvpn/ubuntu1110.key

Making the VPN connection
– On upper right Ubuntu system Control Bar, Click on the Icon which has 2 Arrows
(one pointing up and one pointing down)
– Select ‘VPN Connection
– Click on your VPN connection name eg. MyServer
– The connection should start after a few seconds.

– Check the interface of the VPN tunnel from your terminal:
/sbin/ifconfig tun0

– Connect to the VPN server through the VPN tunnel:
Find out the IP of the Remote VPN Server (using the normal Internet way):
ssh root@vpnserver.vpn ifconfig tun0 | grep inet | awk '{print $2}' | cut -d: -f2
eg. Answer: 10.8.0.1
Connect to the VPN server via the Tunnel:
eg.
ssh root@10.8.0.1

Extra Note:

to allow a user to login with ssh without having to type a password, run the following commands logged in as the user (incl. root as well):

On the client machine

Create an RSA key pair for the user
ssh-keygen
(Only press ‘Enter‘ key to all questions)
Send the new Public key of the user’s ssh to the ~/.ssh/authorized_keys on the remote server
ssh-copy-id 10.8.0.1
(type the password)
Now you can login in 10.8.0.1 without password.
ssh 10.8.0.1

OSX OpenVPN Clients

– Install Tunnelblick Application from:
http://code.google.com/p/tunnelblick/wiki/DownloadsEntry?tm=2

– Edit the client file config file (/etc/openvpn/client.conf)
and replace the paramaters appropriately just as above for Linux.

– Start Tunnelblick application
– When asked ‘Do you have any configuration file?‘ select ‘I have configuration files
– When asked for ‘Which type of Configuration do you have?‘ select ‘OpenVPN Configuration(s)
– When asked ‘Which type of configuration do you whish to create?‘ select ‘Open Private Configurations Folder
Tunnelblick will open Finder window where its Open VPN files should be copied,
wait here before anyswering anything and proceed to the next step.

– Copying the configuration file, ca, key and certificate into Tunnelblick config Directory
Open a terminal and issue the command:
sudo cp /etc/openvpn/*.conf /etc/openvpn/*.crt /etc/openvpn/*.key /Users/$USER/Library/Application\ Support/Tunnelblick/Configurations/
sudo chown michelbisson:michelbisson /Users/$USER/Library/Application\ Support/Tunnelblick/Configurations/*

– Click on ‘Done‘ button of Tunnelblick application

Making the VPN connection

– Click the icon of the tunnelblick (on top right of screen)
– Click on ‘Connect Client
– Once you see a light at the end of the tunnel you’re connected.
– To check out your own Tunnel Interface IP:
– Start a bash terminal
– Issue the command:
ifconfig tun0

– Finding out the VPN server’s Tunnel Interface IP:
– Start a bash terminal
– Issue the command:
netstat -nr | grep 'UGSc.*tun0' | awk '{print $1}' | cut -d/ -f1

Open VPN Client on Windows

– Login as root on the VPN server and create new client certificates as done for Linux OpenVPN clients.

– Download the OpenVPN program from the following URL and install it:
http://swupdate.openvpn.org/community/releases/openvpn-2.2.2-install.exe
(Read the following note that will will appear at the end of the installation)

GENERAL QUICKSTART FOR WINDOWS

The OpenVPN Client requires a configuration file and key/certificate files.
You should obtain these and save them to \Program Files\OpenVPN\config.
To start OpenVPN, first run the OpenVPN GUI by double clicking on the desktop icon or start menu icon.
The OpenVPN GUI is a system-tray applet, so an icon for the GUI will appear in the lower-right corner of the screen.
Right click on the system tray icon, and a menu should appear showing the names of your OpenVPN configuration files, and giving you the option to connect.

– Download putty and winSCP (for windows) from the following URL and install it:
http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.62-installer.exe
http://download.winscp.net/download/files/201201251938f0fd4d4756d7bce59a6207776b36c42b/winscp436setup.exe

IN the VPN Server:
– Login as root in the VPN server and issue the following commands:

cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/client.ovpn
cd /etc/openvpn/

– Edit the file /etc/openvpn/client.conf and make sure only the following parameters are active.
(modify the parameters as suited for your environment, eg. ca,cert,key,remote)
To verify afterwards just run the command:
egrep -v '^#|^;|^$' /etc/openvpn/client.conf
and you should get the following (except for the environment dependant values)
client
dev tun
proto udp
remote www.myvpnserver.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/windows.crt
key /etc/openvpn/windows.key
ns-cert-type server
comp-lzo
verb 3

Prepare the transfer to Windows computer by running the following commands:
apt-get install dos2unix
unix2dos client.ovpn
cd /etc/openvpn/easy-rsa/2.0/
. /etc/openvpn/easy-rsa/2.0/build-key windows

– Answer the questions, forget the optional questions(just press enter)
– type ‘yes‘ when asked to sign the certificate.
Now we have created a new certificate for this ubuntu1110 client.

In Windows host
– start WinSCP, login as root in VPN server and copy the following files as indicated:
(VPN Server) (Windows host Directory)
=========================================== ============================================
/etc/openvpn/easy-rsa/2.0/keys/ca.crt ..............Copy to directory.. \Program Files\OpenVPN\config\
/etc/openvpn/easy-rsa/2.0/keys/windows.key .........Copy to directory.. \Program Files\OpenVPN\config\
/etc/openvpn/easy-rsa/2.0/keys/windows.crt .........Copy to directory.. \Program Files\OpenVPN\config\
/etc/openvpn/client.ovpn ...........................Copy to directory.. \Program Files\OpenVPN\config\

– Start the OpenVPN GUI: Start button == All Programs == OpenVPN == OpenVPN GUI
An Icon(2 very tiny red monitors) will appear in the QuickStart Bar (Bottpm Right) of screen

– Right click on the icon and select ‘Connect

– You should get a log screen and if everything goes well you will hear a short ‘blip’ from windows indicating that a new interface is been created.

– Verify the IP of the new interface:
Start ==>> Run Command ==>> Enter: cmd.exe ==>> In DOS window run the command ‘ipconfig

Here is an exampe of the result you should get:
(This was done on a German Windows XP)
Windows-IP-Konfiguration
Ethernetadapter LAN-Verbindung 3:
Verbindungsspezifisches DNS-Suffix: localdomain
IP-Adresse. . . . . . . . . . . . : 192.168.47.129
Subnetzmaske. . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.47.2
Ethernetadapter LAN-Verbindung 4:
Verbindungsspezifisches DNS-Suffix:
IP-Adresse. . . . . . . . . . . . : 10.8.0.18
Subnetzmaske. . . . . . . . . . . : 255.255.255.252
Standardgateway . . . . . . . . . :

Notice the IP: 10.8.0.18 of the second interface.
This is the IP of this machine seen through the VPN.

A ping to the VPN server should also works:
ping 10.8.0.1
Ping wird ausgefuehrt fuer 10.8.0.1 mit 32 Bytes Daten:
Antwort von 10.8.0.1: Bytes=32 Zeit=60ms TTL=64
Antwort von 10.8.0.1: Bytes=32 Zeit=81ms TTL=64
Antwort von 10.8.0.1: Bytes=32 Zeit=195ms TTL=64
Antwort von 10.8.0.1: Bytes=32 Zeit=204ms TTL=64
Ping-Statistik fuer 10.8.0.1:
Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 60ms, Maximum = 204ms, Mittelwert = 135ms

IMPORTANT for Windows 7:

I could not get it to work on Windows 7 yet ….:-(
– Now the client.ovpn file is been configured properly but is not readable so far by the OpenVPN for Windows.

Some extra Note for windows 7:

(Although I could not get it to work on Windows 7 yet)
In Windows 7 the file ‘windows.crt’, because of it’s extention as ‘crt’ (certificate)
doesn’t allow it to be copied to windows via WinSCP. So the trick is to change the extention of the file from .crt to .cert
We will use this new name in windows for OpenVPN.

17 Jul 11 Resetting the default screen resolution in MAC OS X 10.6.x (Snow Leopard)

Just as I thought that Mac was having it perfect in the area of screen resolution and detection, suddenly my MacBook Pro started to display a slightly zoommed-up screeen where I needed to bring the mouse to the edges of the screen to move it a bit and see the rest of the display.
Tried with the regular screen resolution tool in System Preferences but to no avail.
After looking in Internet for a solution I came across this solution which I feel is worth noting here in this blog. Thanks to the author (gingy22) which wrote it for MAC OS X Leopard but is applicable to Snow leopard as well.
Original Link: https://discussions.apple.com/message/8912034#8912034

Here is the extract:

First, try to reboot in safe mode.
– To do that, turn your system off, then restart.
– When you hear the startup tone, hold down the shift key.
– Release the shift key when you see the “spinning gear” on the startup screen.

The file named Library/Preferences/com.apple.windowserver.plist contains the resolution that the System tries to use at startup. Deleting this file helps generally.
If this solves the problem during the reboot, but not in your user account, a similar file named “com.apple.windowserver.XXXXX.plist” exists in your own /Users/<yourname>/Library/Preferences/ByHost folder. You can remove this file to get back the standard resolution in your user account.

If nothing above works, try to press the “reset” or “factory defaults” button in SwitchResX Control for your monitor(Separate proprietary Panel tool). This will delete all changes that you have made for this monitor.

As a last resort, if you can’t even start SwitchResX itself, you’ll have to delete the monitor profile that you modified when you created a new custom resolution.
This file is located in /System/Library/Displays/Overrides/ and is the last modified file, that you can find if you sort by date. You should remove this file. You can access the file system, either by:
1) accessing the file system from an other Mac on the network, from ssh or by mounting a shared folders.
2) OR starting up in single user mode (or safe mode)
3) OR at last resort: reinstalling the OS above the existing install, which will keep your existing profiles, but remove the system modified files.

Happy computing again.

20 May 10 Speeding up Firefox Browser

Google Chrome has now eclipsed Mozilla Firefox in the speed category. However, I still use Firefox as my main web browser because it is still better than Chrome in certain areas.

But just recently, I tried a few tweaks that significantly improved the speed of Firefox making it a little bit snappier than the latest version of Google Chrome when loading web pages.

Here are some of the things that I did that helps make Firefox somewhat faster than Chrome:

1. Type about:config into the Firefox URL/address bar and hit ENTER. You will be warned that you might void your warranty if you change some advanced settings, but just go on and trust me 🙂

2. Inside the Firefox configuration page, scroll down and look for the following entries:

network.http.pipelining
network.http.proxy.pipelining

Set their values to “true” by double-clicking each one of them.

3. Next up, find this entry:

network.http.pipelining.maxrequests

Double-click and set the value to 8.

4. Right-click anywhere inside the config page and select New –> Integer. Name it nglayout.initialpaint.delay and set the value to “0″.

5. Right-click anywhere inside the config page and select New –> Integer. Name it content.notify.interval and set the value to “500000″.

6. Right-click anywhere inside the config page and select New –> Boolean. Name it content.notify.ontimer and set the value to “true″.

7. Right-click anywhere inside the config page and select New –> Integer. Name it content.switch.threshold and set the value to “250000″.

8. Right-click anywhere inside the config page and select New –> Boolean. Name it content.interrupt.parsing and set the value to “false″.

That’s about it. You should be able to notice the speed improvement immediately after applying the above tweaks.

Disabling Firefox addons that you don’t use often, blocking flash content, and using a lightweight theme will also help speed up Firefox.

20 May 10 Solution to aslmanager process high CPU usage

Since the new migration of log files management from syslogd to aslmanager it is possible to encounter some problems regarding the high CPU usage by aslmanager process. One of the solution is to restart the aslmanager indexing by moving the logs in a temporary directory and restarting the syslogd/aslmanager service. Here are the commands:

Stopping the syslogd and aslmanager service:
sudo launchctl stop com.apple.syslogd
sudo launchctl stop com.apple.aslmanager

Moving the logs in a backup directory:
mkdir -p ~/Desktop/temp/
sudo mv /var/log/asl/* ~/Desktop/temp/

Restarting the syslogd service (aslmanager service will be started automatically by syslogd service when needed):
sudo launchctl start com.apple.syslogd

29 Apr 10 How to disable Spotlight in MAC OS X

If you’re like me, sometimes Spotlight has driving my MAC very hot with the process ‘mds’.
To disable Spotlight do the following:
open the Terminal app and run the following command:
sudo mdutil -a -i off
To turn it back on
sudo mdutil -a -i on

20 Feb 10 aslmanager hangs with high cpu load

I’ve been looking for a solution against the periodic problem of having
aslmanager use a high cpu load. As far as I could read in Google, many people
think that it’s due to a curruption of the aslmanager database.
So here is a solution that was suggested in a forum.
Since my aslmanager process was still running,
I had to kill the process before I started the following steps.

sudo launchctl stop com.apple.syslogd
sudo launchctl stop com.apple.aslmanager
sudo rm /var/log/asl/*
sudo launchctl start com.apple.syslogd

And just to make sure things are uptodate run the maintenance scripts:

sudo periodic daily weekly monthly

It might be that after that when the scheduled aslmanager starts again,
that it run for quite a while and again takes high cou load but this should happen
only once to allow the aslmanager to rebuild it database.
After taht the aslmanager should preiodically run but not use so much cpu for so long.
I’ve just did the steps, so time will tell if that method worked.

14 Feb 10 Replacing the missing ‘tac’ command in MAC OS X

After looking into Fink Command and Porticus I could not find the GNU command ‘tac’ for writing bash scripts.
So I found these replacements which works well from the following link (Thanks guys :-))
http://trac.osgeo.org/grass/ticket/181

Normal use of tac: .....| tac |.......

Replacement Nr. 1
.....| awk '{print NR,$0}' | sort -nr | sed 's/^[0-9]* //' | .......
Replacement Nr. 2
tac () {
awk '1 { last = NR; line[last] = $0; } END { for (i = last; i > 0; i--) { print line[i]; } }'
}