Verizon LTE

For comparison, I went back and tested my iPhone again, now with a new 4G icon. The last time I did this, just about two years ago, I was about half a mile away from where I’m at now. Two years, and half a mile closer to Seattle, and I get this.

AT&T 4G

This is much better, but I’m in so close to Downtown Seattle that I was looking at Pike Place Market from the window of my office. For those not familiar, this is about as close to the heart of Seattle as you can be.

Now that the iPad has the same connectivity as I do at home, it’s a true take anywhere device. As an IT guy, I’m glad to be able to work anywhere (even though the iPad isn’t officially supported.)  I don’t think AT&T is quite there yet, but I expect my new Verizon LTE iPhone 5 will be.

The authenticity of host 'myfirsthost.work.cainmanor.com (10.256.33.106)' can't be established.
RSA key fingerprint is fc:40:7c:de:b8:ac:a2:f5:d4:11:d0:0e:b2:77:8a:63.
Are you sure you want to continue connecting (yes/no)? yes

To stop this prompt, we need to edit your ~/.ssh/config file. Add these two lines

StrictHostKeyChecking no
UserKnownHostsFile=/dev/null

Setting your UserKnownHostsFile should only be a temporary fix. After you’ve pushed your keys, you should comment out both of those settings.

Your password is the next problem. We can solve that with sshpass. sshpass takes your password and passes it on when ssh ask for it. There are three ways to do it, all of them insecure. Read the man page and decide which of those you want to use. For my purposes I just put it on the command line – I’m on my personal machine with no other users, and only I know the passwords to the box. Don’t do this on a shared server.

Here is an example of how to push your public key one. Try it on a new server to make sure you get the results you expect.

sshpass -p 'MY_PASSWORD' ssh-copy-id gregc@new_host_with_no_keys

Now that we’ve got the prompts turned off, we’ll wrap a script around this. How you get the list of appropriate hostnames or IP’s is your business.

for X in `cat my_host_that_need_keys`
do
sshpass -p 'MY_PASSWORD' ssh-copy-id gregc@${X}
done

Happy Computing!!

Microsoft’s recommendation did not work, but it’s probably worth trying again.

CD %windir%\system32\wbem
For /f %s in ('dir /b /s *.dll') do regsvr32 /s %s
wmiprvse /regserver

I found THIS worked.

cd /d %windir%\system32
regsvr32 /n /I userenv.dll
cd wbem
mofcomp scersop.mof
gpupdate /force
gpresult

ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "your.email.address"

Copy the public key to the remote server

scp id_dsa.pub username@remoteserver.com:~/.ssh/

This whole exercise relies on correct permissions on important files. You should keep your private key very secure, for reasons other than getting this to work correctly.

chmod 600 ~/.ssh/id_dsa

On the remote server, let’s add your public key to the authorized keys file, which lives in your home account

cat id_dsa.pub >> authorized_keys2
chmod 644 authorized_keys2
chmod 700 ~/.ssh

Back on your local machine, you now need to authorize yourself to use the new public key. For OS-X it easy. Just connect to a box that has a shared key. You’ll get
To add identities to your keychain without the popup box (OS-X only)

ssh-add -K

To add the identities previously stored in your keychain (OS-X only)

ssh-add -k

For other unixes you can add the key manually (this works on OS-X too.)

ssh-add

To see what keys you have loaded (again, all Unixes, including OS-X)

ssh-add -l

To delete keys (this will delete from your keychain too)

ssh-add -d

There are a lot of cool things you can do with ssh-add. The man pages are your friend.

nmap -sP 10.1.1.0/24

When I need to find an open IP, this is a decent way to do it. I wish there were a way to find IPs that don’t respond, but this works for now. This won’t work if your network bans ICMP traffic, or your host doesn’t respond, but is alive.

If you want to extract the IPs from your output, you can use this SED statement

sed -n 's/^.*[^0-9]\([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\).*$/\1/p'