USB-Serial adaptor on Mac OS X

I have a USB-Serial adaptor (prolific pl2303 chip) and MBP Mac OS 10.11.4 for connecting to console of switches, routers and firewalls via screen. Since somewhere between Mac OS 10.11.2 and 10.11.3, the setup is broken as screen will hang if I exit the screen session and then try to reconnect to the device via USB-Serial adaptor. I did upgrade to the latest firmware from prolific page for Mac but did not help…So I started posting for help on Internet forums…

janm on Stack Exchange really helped. Here is the workarounds: use cu instead of screen on Mac for the task. The catch though is by default cu needs to be run with sudo. So,

  1. Type in the password everytime you try to connect to console.
  2. Use one of the followings to get rid of the password prompts:

OPTION 1: Create cu configuration file like “/Users/test/cu.conf” with content below and also create the lock folder accordingly. Run the cu command as “cu -I /Users/test/cu.conf -l /dev/cu.usbserial -s 9600 –nostop

lockdir /Users/test/cu_lockdir

OPTION 2(HIGHLY NOT Recommended): Run “sudo visudo” and uncomment the line below and save and exit.

 %wheel ALL=(ALL) NOPASSWD: ALL

BTW, I also opened a bug report with Apple and provided necessary debug but have not heard back yet…I think the screen compiled with Mac OS X changed on handling port open/close.

Advertisements

Mac OS X and Dell Monitor via HDMI

Please refer to here for issue background details. Below is just steps for El Capitan running on Retina MBP with Dell U2410/U2414 monitors.

  1. Download the patch-edid.rb script from Andrew Daugherity’s improved patch-edid.rb script. Put the script on Desktop.
  2. Connect the external monitor.
  3. Type “cd Desktop; chmod +x ruby patch-edid.rb; ./ruby patch-edid.rb” in Terminal.
  4. A new folder will be created on desktop. Move it into the “/System/Library/Displays/Contents/Resources/Overrides/” folder. If prompted if you want to overwrite an existing folder, consider backing it up first.
  5. Restart Mac. The monitor should changed color mode to RGB.
  6. Optionally, Adjust the color profile inside Mac OS and/or monitor presets as needed.

 

Really tried to keep using the Terminal App coming with Mac…

Actually I tried several times by removing iterm2 in last 2-3 months but I always find the feature/function I dislike that provided by Terminal while features I need are not….

1. Why high-light to copy inside Terminal can not sync with CMD-C/CMD-V?

2. Why background colour is included when high-light to copy inside Terminal and paste into Word editor?

3. Why Tabs can not be opened inside one Terminal window? I am too lazy to merge them manually…

4. Why Terminal Tab name can not be automatically set to be just the device name?

5. Where is the logging!!!?

TO BE CONTINUED…

openSUSE as I-CAP Server for Content filter

Components needs to be installed on openSUSE 13.2:

  • Squid
  • ClamAV
  • C-ICAP
  • SquidClamAV

They can all be found by searching on openSUSE Website. I used 1-Click install to add the repository as well.

Once the components are installed, add followings to be started automatically during system boot:

  • squid
  • clamd
  • c-icap

You can restart any of those services by running: rc(service-name) restart, e.g. rcsquid restart

I did not put too much customized configuration into squid and/or c-icap. Here below are the configures I added on top of the default configuration.

For Squid(/etc/squid/squid.conf):

icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all

For C-ICAP(/etc/c-icap/c-icap.conf): Only updated ServerAdmin, ServerName values and added following line.

Service squidclamav squidclamav.so

For ClamAV(/etc/freshclam.conf): Uncomment the line below and Change “XY” to your country code. I am in Canada so I used CA.

DNSDatabaseInfo current.cvd.clamav.net
DatabaseMirror db.ca.clamav.net
DatabaseMirror database.clamav.net

Donot forget to add “TCP/1344” as allowed service on openSUSE Firewall.

NOTE: if file scanning is needed, the maxsize value inside /etc/squidclamav.conf file and StreamMaxLength value in /etc/clamd.conf need to be adjusted accordingly.

Disable Windows Live ID SSO for IE 11

With release of Windows 8/8.1, Windows account, previously called live ID, is required to setup the OS.

When you open IE and access some Microsoft owned/integrated websites, like live.com, your pre-entered windows account will be used by IE automatically. However there are times you just need to use other account to login. Here below is a work around:

There are cookies saved in the registry under
HKCU\Software\Microsoft\AuthCookies\Live. 

Just delete the Live subkey and change the permissions so that your daily account does not have permission to create new subkey.

Names for special characters on keyboard

I am not sure if school teaches the names for special characters/signs on keyboard in English speaking countries, but we did not have these taught in School or at least shown in text book in China.

So if you have no knowledge or limited knowledge of the names for keyboard signs, here you have the list to help you:

‘~’ -> ’tilde dash’

‘`’ -> ‘backquote’

‘!’ -> ‘exclamation mark’

‘@’ -> ‘at sign’

‘#’ -> ‘number sign’ or ‘hash’ or ‘pump sign’

‘$’ -> ‘dollar sign’

‘%’ -> ‘percentage sign’

‘^’ -> ‘caret sign’

‘&’ -> ‘ampersand’

‘*’ -> ‘asterisk’ or ‘star sign’

‘(‘ -> ‘parenleft’ or ‘opening parentheses’

‘)’ -> ‘parenright’ or ‘closing parenteses’

‘-‘ -> ‘minus’

‘_’ -> ‘underscore’

‘+’ -> ‘plus’

‘=’ -> ‘equal’

‘{‘ -> ‘braceleft’

‘[‘ -> ‘bracketleft’

‘}’ -> ‘braceright’

‘]’ -> ‘bracketright’

‘|’ -> ‘bar’

‘\’ -> ‘back slash’

‘:’ -> ‘colon’

‘;’ -> ‘semicolon’

‘”‘ -> ‘double quote’

”’ -> ‘single quote’

‘<‘ -> ‘less than sign’

‘,’ -> ‘comma’

‘>’ -> ‘greater than sign’

‘.’ -> ‘period’

‘?’ -> ‘question mark’

‘/’ -> ‘forward slash’

‘ ‘ -> ‘space’

Recovery Cisco router/switch login password

There might be tons of same topic on Inter-Web, especially on Cisco website, but I still decide to post it, at least I can archive in case I lost computer or notebook…

Cisco Router/Switch Password Recovery:

1. Apply break during the device booting sequence: Mostly the “Ctrl + Break” will work. I use putty 99% of time and putty needs to be configure/accessed via clicking the left mouse button on the icon in the top left corner of PuTTY’s terminal window to see the special command “break”.

2. Set configure register: rommon 1> confreg 0x2142

3. Reset the device: rommon 2> reset

4. Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.

5. Type configure memory OR copy start run

6. Change password(s) when device boots up completely

7. Restore the config register: hostname(config)#config-register 0x2102 <– REMEMBER TO DO IT

8. Type write memory or copy running-config startup-config in order to commit the changes.

9. Reload device.

NOTE, all interfaces are shutdown when doing password recovery. So manual “no shut” is needed for each interface.

For recovering password for Cisco ASA, check here.

See Also: Cisco Reference

Cisco and Trend

Not sure when Cisco decided to work with Trend for content filtering. But I do not think it is working as (at least) I expected. One good thing though is licensing works as 1-Click.

To show and register for the Content Filtering on Cisco 1920 router:

Router#sh ip trm subscription status
Router#trm register