Friday, February 15, 2008

Negate find results

Find files that do not match expression and dostuff on them:
find ./ [expressions] -prune -or [dostuff]
Example:
find ./ -name '.svn' -prune -or -type f -print
finds all non-svn files and prints their paths on stdout

Sunday, February 10, 2008

Zero Config User Initiated Cross Platfrom Remote Desktop Assistance

Use Case
you frequently give remote assistance to users in very heterogeneous environments

Problem

user-side firewalling makes it impossible to just start up e.g. a vnc server.

Solution
let the user initiate a ssh tunnel from his machine to yours, forwarding his local vnc server port.

Rationale

it is way easier for you to allow for incoming traffic once than it is to do the same on every user's machine.

Implementation

Server
enable your sshd and create a dedicated help user with shell /bin/false
Client
use a shell script to start the vnc server and the ssh tunnel. this is only non-trivial for windows, so I shall outline that below.
Extensions
  • use a private/public key pair for ssh authentication
  • use a different server user for each supported user
  • automatically react on incoming ssh sessions
Esp. the last one is interesting: you can tell people to "just click on the support button when you need help" and you will get instant notification with direct access to their desktop.

Appendix: Client on Windows

  1. Download the tightvnc zip distribution, unzip
  2. Download plink (the putty ssh command line client) and save it into the vnc folder
  3. start winvnc.exe
  4. enter a password (you will use this later when using your vnc client to connect to the user's machines), fix the port to 5900, quit the application
  5. startup regedit
  6. add a dword key "AllowLoopback" with value 1 to LOCAL_MACHINE\Software\ORL\WinVNC3
  7. export LOCAL_MACHINE and CURRENT_USER\Software\ORL to vnc.reg and vnc2.reg in your vnc folder
  8. close regedit
  9. create the batch file and zip the whole directory for distribution:
create a file run.bat in your vnc directory that contains the following lines:

reg import vnc.reg
reg import vnc2.reg
taskkill /F /IM winvnc.exe
start winvnc -run -shareall
plink helpaccount@my.dns.org -pw helppassword -N -R 5900:localhost:5900
where helpaccount and helppassword match the local account you created on your server and my.dns.org is your server's hostname.
after running this script, you should be able use a vnc viewer to connect to localhost on your server and see the client's screen. you will want to set -compress 9 -encoding tight explicitly to tune the connection.

Monday, February 4, 2008

top (unix command) with two samples in logging mode - but only the second matters

i wanted to use the unix top command with GeekTools and found that this wasn't as straight forward as i had expected...

anyways, the following bundle does the trick:
top -o cpu -l 2 -u -S | sed -e '2,/^Processes:/ d'