If you have machine which is not connected to domain, but has TPM chip you might want to encrypt disks with BitLocker and enable PIN protection at boot-up.

In order to do that you have to make sure TPM is activated and enabled for provisioning in BIOS. Next step will be to allow PIN use, as by default that option is not active especially on machines not connected to Active Directory domain.

So, to enable ability to set PIN follow the steps:

(more…)

Just released small app for Android platform. This app allows to decrypt type 7 password from Cisco devices as well as passwords from Cisco VPN profiles (PCF files).

Password which can be recovered using this app:

• wireless keys fro Cisco access points,
• RADIUS/TACACS shared secrets
• NTP authentication keys
• Enable passwords (NOT enable secrets, which are stored using MD5)
• enc_GroupPwd – VPN group password from PCF file
• enc_UserPassword – VPN user password from PCF file

You can find app in Google Play:

In order to enable SSH access to Cisco Nexus 1000v (if it’s not enabled yet) followign commands have to be issues from Console or Telnet connection:

Nexus 1000v Switch
login: admin
Password:
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2012, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
nexus1000v# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
nexus1000v(config)# ssh key rsa 2048 force
deleting old rsa key.....
generating rsa key(2048 bits).....
.
generated rsa key
nexus1000v(config)# ssh server enable
nexus1000v(config)#

Now you can use SecureCRT or PuTTY to connect to Cisco Nexus vis SSH of course if IP address is configured on the device and it is connected to network 🙂

Little issue with OpenSSL for Windows came out recently when I tried to create certificate request. Just after installation when tried to generate cert request got error message:

WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Unable to load config info from /usr/local/ssl/openssl.cnf

Reason was that by default OpenSSL couldn’t find configuration file (even if it was located in same folder as excutable file).

So, to fix it just set environmental variable with information where openssl.cfg file is located:

set OPENSSL_CONF=c:\OpenSSL-Win32\bin\openssl.cfg

You can consider adding this to system environmental variables.

Recently I decided to use Amazon AWS EC2 platform to host systems in the Cloud. As operating system I needed is Linux I quickly deployed Amazon Linux AMI, which is quick and simple to do.

Once instance was created I downloaded key pair. Now it came down to connecting to my virtual machine in the cloud.My SSH client of choice is SecureCRT. Let’s see how to configure session parameters in SecureCRT in order to connect to Amazon Linux AMI instance hosted on EC2 platform.

I’m using SecureCRT 7.0.1 to connect to server hosted on Amazon EC2 platform.

(more…)

As a part of preparation for monitoring our WIndows Server 2008 R2 using SNMP and Nagios we had to add SNMP Services to few systems which didn’t have it yet. So, based on that fact I thought it might be nice to capture all steps involved in adding SNMP to Windows Server machine. Here you can see steps, screenshots and short description how to achieve that.

(more…)