Saturday, February 20, 2016

Proxmox KVM usb passthrough

Proxmox KVM usb passthrough

Open KVM monitor for your KVM machine in Proxmox GUI or in the command line with the following command:
# qm monitor 168
Entering Qemu Monitor for VM 168 - type 'help' for help

Show the usb devices info from your host machine:
qm> info usbhost
  Bus 4, Addr 2, Port 1, Speed 12 Mb/s
    Class 00: USB device 046b:ff10, Virtual Keyboard and Mouse
  Bus 6, Addr 2, Port 2, Speed 1.5 Mb/s
    Class 00: USB device 0624:0294, Dell 03R874
  Bus 2, Addr 3, Port 1, Speed 480 Mb/s
    Class 00: USB device 0930:6533, DataTraveler 2.0
  Auto filters:
    Bus *, Addr *, Port *, ID 0930:6533

According to device “USB device 0930:6533” in the example, add the device to guest machine:
qm> device_add usb-host,id=myusb,vendorid=0x0930,productid=0x6533

Verify that the new usb device is added in your guest:
qm> info usb
  Device 0.1, Port 1, Speed 12 Mb/s, Product QEMU USB Tablet
  Device 0.3, Port 2, Speed 12 Mb/s, Product QEMU USB Hub
  Device 0.4, Port 2.1, Speed 480 Mb/s, Product DataTraveler 2.0

After using it, remove usb device from your guest:
qm> device_del myusb

If you run the command again, you will see the usb device is gone from your guest:
qm> info usb
  Device 0.1, Port 1, Speed 12 Mb/s, Product QEMU USB Tablet
  Device 0.3, Port 2, Speed 12 Mb/s, Product QEMU USB Hub

This has been tested in Proxmox 3.0/957f0862


Saturday, January 16, 2016

FreeRDP - The Free Remote Desktop Client for Linux

RDP stands for Remote Desktop Connection. It is a way to connect to Windows desktop/server. Default port is 3389. If you use Linux, there are 2 client programs: 

1. rdekstop is the old client. Support Windows XP,2000,NT,Windows Server 2012 R2.
2. freerdp resumes the work of rdesktop and support new MS authentication for remote desktop.

To connect to Windows, following is the example: 

xfreerdp -u login -p password

There are many other options. Just run xfreerdp -h to see them.

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer
MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team
mplayer: could not connect to socket
mplayer: No such file or directory
Failed to open LIRC support. You will not be able to use your remote control.
Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main
Config file processing error with skin 'default'

After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus,
cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done

Rerun gmplayer and all should be fine.

Have fun!

Friday, November 27, 2015

New job, new place and new adventure

I have been working in a new place and environment for almost 6 months now. A lot has happened since in my life and i am very excited to begin blogging again.

I gained new knowledge in many areas of Linux, servers and networking. I dealt with 6 hypervisors here, many virtual machines on them, about 20 vlans, many vpns, many pfsenses, NAS, HAS, AD, win 2012 R2 and zimbra collaboration suite.

I need to master all of this and hopefully with my basic knowledge in Linux, AD and postfix, it will be easier to grasp them.

The most important things here are the bosses and colleagues. So far they are very helpful, friendly and supportive.

I will post more about my Linux work here soon. So stay tuned but don't hold your breath. :D


Monday, February 16, 2015

cannot ssh to server

If you got the following error when trying to connect to ssh server:

me@pluto ~]$ ssh -vvv -l you localhost.localdomain  
OpenSSH_6.2p2, OpenSSL 1.0.1k 8 Jan 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 49: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost.localdomain [] port 22.
debug1: Connection established.
debug1: identity file /home/zamri/.ssh/identity type -1
debug1: identity file /home/zamri/.ssh/identity-cert type -1
debug1: identity file /home/zamri/.ssh/id_rsa type -1
debug1: identity file /home/zamri/.ssh/id_rsa-cert type -1
debug1: identity file /home/zamri/.ssh/id_dsa type -1
debug1: identity file /home/zamri/.ssh/id_dsa-cert type -1
debug1: identity file /home/zamri/.ssh/id_ecdsa type -1
debug1: identity file /home/zamri/.ssh/id_ecdsa-cert type -1
ssh_exchange_identification: Connection closed by remote host

Try putting this in /etc/host.allow:


It solved my problem. Your mileage may vary.

Thursday, July 3, 2014

Book review: Implementing SAMBA 4

Samba is a Windows implementation of sharing files and folders in Linux world. It is a favorite way of sharing your files on Linux with Windows users. But its use is much more than that. It can also act as servers of various roles.

Implementing SAMBA 4 is a book worth reading for Linux admins, system engineers or anybody who plan to use and master SAMBA configurations. In this version, a new feature, Active Directory Domain Controller (AD DC) is the most sought after by admins. This will let you configure SAMBA 4 as an AD DC. Using Debian 7 as the OS, I found no problem with it although many admins out there are using Fedora/Red Hat/CentOS as the main distros of choice.

Looking at the table of contents, I can say this book is not for beginners. So you have been warned. :)

Reading the sample chapter provided (Chapter 3), this book is an interesting to read. Steps are shown in pictures and clearly explained. Although I have little knowledge of AD DC, this book will make it easier for you to understand the steps needed by lots of screenshots.

Other topics mentioned that I found important and interesting are:
  • Understand the migration steps from Samba 3 to Samba 4
  • Integrate GNU/Linux operating system authentication into the AD
  • Understand the tasks and attention points when replacing a Microsoft Windows AD
If you are looking for a reading to better understand on how to configure SAMBA 4 for your AD DC, I recommend this kind of book.

Tuesday, June 17, 2014

Using mail command to send email using SMTP AUTH and no SSL

This is the command to send email using mail server with SMTP AUTH.

mail -v -s "Testing SMTP AUTH from mail command" -S smtp-auth=login -S smtp=smtp:// -S -S smtp-auth-user=me -S smtp-auth-password=mypassword

-v = verbose
-s = subject
-S = option

For more options and info, please type man mail or info mail.
The last email address is the recipient address.
You can replace mail with mailx.

This command is useful to test your mailserver setup without login to GUI.

Have fun! :)

Monday, May 19, 2014

Apache redirection

I want to redirect all of my users who go to to I have learned that from my googling, there are 2 popular ways to do it in apache web server. First, by using mod_rewrite and second, I can use redirect. The latter is the simplest. So I chose it. :)
Put this in vhost container.

Redirect 301 /

In Mageia 4, the file is located in /etc/httpd/conf/vhosts.d and the file name is 00_default_vhosts.conf

That's it. Restart or reload apache for the changes to take effect.

Have fun!

Wednesday, May 14, 2014

Mageia 4 and HP Laserjet P1102 can't print

Hi all,

Since upgrading my Mageia 3 to 4, I never test my printer. It worked in Mageia 3. I never knew that it was going to give me a headache LoL. It didn't work!. I tried reinstalling the CUPS, the driver, and even changing the USB cable. It was after 2 weeks of busy schedule, I thought I wanted to try to find a solution.

After googling a bit, I found out from a post which I didnt remember to bookmark it, the culprit was the usblp module. Remove it by rmmod usblp and the printer could print again. I could say the problem is the module conflicts with the HP printer driver. Your mileage may vary.

Have fun!

Saturday, March 29, 2014

Chromium becomes sluggish

For so many months now I find my Chromium becomes sluggish. I thought it is because of scripts that I installed to play games on Facebook but I never tried to search for a solution until recently. A blog post by Kostya Vasilyev here reveals the real culprit. Since I disabled the plugin, my Chromium becomes stable and fast again. Thanks buddy. The steps are the same although the plugin name is not.

Here are the steps:

  1. Type  chrome://plugins in the address bar
  2. Find the plugin named Chromoting Viewer
  3. Disable it
  4. Done.

You may want to restart your browser although it is not necessary.

Tuesday, February 4, 2014

Mageia 4

Mageia 4 has been released on Feb 3rd 2014. For Mageia 3 users, you will get a notification to upgrade. Just click on it and after answer a few questions, you're set to go. I just did that and at the time of this writing, I'm using Mageia 4. 

From my point of view, I didn't notice any major differences in terms of usability beside the usual change of wallpapers, screensavers and a little bit of widgets. I'm sure, overtime I will find more and more. The Welcome dialog (see below) is a very good approach for newcomers and newbies alike to Mageia world. 

For those who are in search of a distro, Mageia is worth to try.


Saturday, January 4, 2014

ralink firmware

In Mageia, not all packages from non-free repo are installed by default. One of them is ralink-firmware. In Mageia 2, various ralink wireless firmwares are separated in many packages like rt61-, rt2860-, rt2870-, rt3090-, rt73-. Now they are bundled in one package.

If you connect external wireless hardware that uses those rt chipsets family, you have to install this package. Please examine your syslog for the error in loading the driver such as this:

Dec 24 18:54:00 localhost kernel: ieee80211 phy1: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin'
Dec 24 18:54:00 localhost kernel: ieee80211 phy1: rt2x00lib_request_firmware: Error - Failed to request Firmware

Install the firmware by issuing :

urpmi ralink-firmware

or you can use rpmdrake GUI for that.


Monday, July 1, 2013

I like this :
Google hopes that Quick UDP Internet Connections (QUIC), recently added to Chrome Canary, will help speed up HTTP traffic on the internet. The goal here is not to compete with SPDY, the protocol introduced four years ago, but to work in tandem with it by replacingTCP (Transmission Control Protocol), the current transport method, with UDP (User Datagram Protocol).
TCP makes sure that no data packets go missing at the protocol level and that they all land at their destination in the correct order. In Google's opinion, that's a disadvantage when combined with SPDY, in which several data streams between a browser and a web server flow over a single TCP socket – just one misplaced packet would block all of the data streams. The TCP stack in this case would also slow down the transmission of all of the streams.
QUIC uses the simpler UDP, which does not guarantee the transmission of individual packets. That means that the new protocol has to take care of this itself, but unlike with TCP, connections not affected by a particular loss don't have to wait for a new transmission. QUIC is designed to ensure fast connections, reduce packet losses with transmission pacing and minimise latency in the case of retransmission of a packet with forward error correction, and like SPDY, it only allows encrypted connections.
An extensive Google Docs document lays out the details and considerations behind QUIC. The Chromium source code includes a sample implementation for the server and the code for the client-side.
The key terms are : transmission pacing and forward error correction. 
Do you know their meanings? :)

Friday, December 21, 2012

Problem setting up HP LaserJet P1102 on Linux

If you have problem setting up driver for HP LaserJet P1102, it most probably because of Smart Install feature of the device. You can see it in dmesg output:

[353279.710023] usb 6-1: new high-speed USB device number 22 using ehci_hcd
[353279.824940] usb 6-1: New USB device found, idVendor=03f0, idProduct=002a
[353279.824944] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[353279.824947] usb 6-1: Product: HP LaserJet Professional P1102
[353279.824950] usb 6-1: Manufacturer: Hewlett-Packard
[353279.824952] usb 6-1: SerialNumber: 000000000Q84CF03SI1c
[353279.826253] scsi16 : usb-storage 6-1:1.0
[353280.838094] scsi 16:0:0:0: CD-ROM            HP       Smart Install    1.0  PQ: 0 ANSI: 2
[353280.868209] sr1: scsi3-mmc drive: 0x/0x caddy
[353280.868365] sr 16:0:0:0: Attached scsi CD-ROM sr1
[353280.868452] sr 16:0:0:0: Attached scsi generic sg2 type 5

it is useful for Windows users as it will create a virtual cdrom drive in order to install the printer's driver. For Linux, this feature will prevent the setup utility to detect it as a USB printer as it sees it as a disk. The solution to this problem is by deactivating the feature using usb_modeswitch utility as below:

usb_modeswitch -m 4 -r 4 -v 0x03f0 -p 0x002a -M 55534243287E778400000000000006D0000000000000000000000000000000 -n

Please login as root before issuing the command.

The output is something like this:

Looking for default devices ...
   found matching product ID
   adding device
 Found device in default mode, class or configuration (1)
Accessing device 023 on bus 006 ...
Getting the current device configuration ...
 OK, got current device configuration (1)
Using first interface: 0x00
Using endpoints 0x04 (out) and 0x04 (in)
Not a storage device, skipping SCSI inquiry

USB description data (for identification)
Manufacturer: Hewlett-Packard
     Product: HP LaserJet Professional P1102
  Serial No.: 000000000Q84CF03SI1c
Looking for active driver ...
 No driver found. Either detached before or never attached
Setting up communication with interface 0
Using endpoint 0x04 for message sending ...
Trying to send message 1 to endpoint 0x04 ...
 Sending the message returned error -5. Trying to continue
Reading the response to message 1 (CSW) ...
 Response reading got error -5
 Device is gone, skipping any further commands
-> Run lsusb to note any changes. Bye.

(This output is after I ran the command once. You may see something like removing/deactivating the disk.) 

Then restart the printer or turn it off and on again. You should now run hp-setup utility to setup the printer and this time it can see the attached USB printer listed and you can select the printer to install the driver.

Hope this helps. Have fun!

Update: Whenever you restart your pc,  it can't connect to the printer. So this is not permanent solution. What you have to do is run the command of usb_modeswitch again and there you go. It will recognize the printer but this time you dont have to reinstall the driver. For permanent solution, from what I have read, I need to use Windows to run the printer's utility software but I never tried it before. if I have tried it, i will post it here.

Sunday, December 9, 2012

Postfix: smtp_address_preference

For mailserver/system  administrator :

If your mailserver has problem to connect to ipv6 address (especially if your mailserver doesn't support it) and throw errors something like this:

Dec 10 00:05:57 localhost postfix/smtp[16925]: connect to[2404:160:0:f:0:2:42c4:7621]:25: Network is unreachable
Dec 10 00:05:57 localhost postfix/smtp[16925]: connect to[2404:160:0:f:0:1:6288:d9ca]:25: Network is unreachable
Dec 10 00:05:57 localhost postfix/smtp[16925]: connect to[2404:160:0:f:0:2:42c4:7624]:25: Network is unreachable
Dec 10 00:05:57 localhost postfix/smtp[16925]: connect to[2404:160:0:f:0:1:43c3:a8e6]:25: Network is unreachable
Dec 10 00:05:57 localhost postfix/smtp[16925]: connect to[2404:160:0:f:0:1:42c4:7622]:25: Network is unreachable

then you may want to check the default smtp_address_preference parameter in Most probably it is defaulted to ipv6 which is true on my postfix installation (Mageia). Change it to ipv4 to instruct postfix to look up MTA with ipv4 address only (which is I think supported by all major players like Yahoo!, Gmail and Hotmail for compatibility reason or they will lose lots of their customers) . So:

smtp_address_preference = ipv4

will save you before you consider to upgrade your infrastructure to ipv6. :-)

Have fun!