Dao's BLOG

VNC communication is insecure by default. So it is better not open VNC ports directly to internet. Here is a way to put the VNC service behind an SSH tunnel.

1. Suppose you have your VNC service started on a server with terminal number 7. If you open port 5907 to the world, you will be able to connect to your.vncserver:7 using your vnc client.

2. Now you can install putty, and create an ssh session to your vncserver. In the Connection->SSH->Tunnels, put in Source port, for example, 5901, and the destination localhost:5907, where 5907 is the port your vnc server listens to. Choose “Local” and “Auto”, click “Add”, you will see a line like “L5901 localhost:5908” appears. Have this profile saved.

3. Now at any time you can load the profile, log in your account on the server using your ssh username and password. Once you logged in, you may bring up your VNCClient, put in localhost:1, where localhost:1 means that the vnc server is listening port 5901 on localhost. However, the SSH Tunnel PuTTY built up for you forwards all traffic to localhost:5901 to port 5908 on your server. Thus you can have your VNC session redirected.

Sometimes a zombie process might prevent “reboot” “shutdown -r now” from working properly since such soft reboot methods will try to close the zombie processes “normally” and stall on permanent waiting. In this case, instead of approaching the computer and press the power button, there is a way to do so remotely if you still have a remote login session alive:
echo b > /proc/sysrq-trigger
Other sysrp-trigger options:
1. You need to enable the feature with e.g.:

echo 1 > /proc/sys/kernel/sysrq

If that file doesn’t exist, the kernel was built without SysRq support
([CONFIG_]MAGIC_SYSRQ).

2. You need to use Alt+PrtSc+, where is one of those listed
in /usr/src/linux/Documentation/sysrq.txt:

‘r’ – Turns off keyboard raw mode and sets it to XLATE.

‘k’ – Secure Access Key (SAK) Kills all programs on the current virtual
console. NOTE: See important comments below in SAK section.

‘b’ – Will immediately reboot the system without syncing or unmounting
your disks.

‘o’ – Will shut your system off (if configured and supported).

‘s’ – Will attempt to sync all mounted filesystems.

‘u’ – Will attempt to remount all mounted filesystems read-only.

‘p’ – Will dump the current registers and flags to your console.

‘t’ – Will dump a list of current tasks and their information to your
console.

‘m’ – Will dump current memory info to your console.

‘v’ – Dumps Voyager SMP processor info to your console.

‘0’-‘9’ – Sets the console log level, controlling which kernel messages
will be printed to your console. (‘0’, for example would make
it so that only emergency messages like PANICs or OOPSes would
make it to your console.)

‘e’ – Send a SIGTERM to all processes, except for init.

‘i’ – Send a SIGKILL to all processes, except for init.

‘l’ – Send a SIGKILL to all processes, INCLUDING init. (Your system
will be non-functional after this.)

‘h’ – Will display help ( actually any other key than those listed
above will display help. but ‘h’ is easy to remember 🙂

Mathematica will crash cygwin/X, if certain fonts were not properly installed.
Wolfram released a font package that could help this issue out.
Here is the download.
$ wget http://support.wolfram.com/technotes/MathematicaV7FontsLinux.tar.gz
Once you get this file, you may
$ tar xvfz MathematicaV7FontsLinux.tar.gz
to extract the font files, then
$ rsync -av Fonts/ /usr/share/fonts/
to install them.
After the installation, you need to restart the cygwin xserver.
Then, Mathematica will work in cygwin x.

network structure:
machine1 >> firewall >>>- Internet -> machine2 nfs_server

Step 1: on nfs_server, add line in /etc/exports:
nfs_dir 127.0.0.1(rw,async,insecur)
Also, add line in /etc/sysconfig/nfs
MOUNTD_PORT <port_number3
The port_number3 is a large number, for example, 32334,
Then do "service nfs restart"
This allows the nfs mount point is accessible from the box itself;

Step 2: on machine2, which can see its intranet node nfs_server, create two ssh tunnel:
$ ssh username@nfs_server -L :localhost:2049 -f sleep m
$ ssh username@nfs_server -L :localhost: -f sleep m

The should be replaced by a number of minutes you’d like the tunnel to open.
For example, 1440m for 24 hours.
The port_number1 and port_number2 are ports for the communication.

Step 3: on machine1, which can ssh machine2, however, machine2 cannot ssh machine1 because of the firewall, do
$ ssh username@machine2 -L :localhost: -f sleep m
$ ssh username@machine2 -L :localhost: -f sleep m

Step 4: on machine1, mount the nfs share:
$ mount -v -t nfs -o port=,mountport=,tcp localhost:/nfs_dir/ /mnt/mount_point/
where /nfs_dir/ is the name of the shared directory on nfs_server, and /mnt/mount_point/ is a local directory
as the mounting point.

Why mount localhost:/nfs_dir/? The reason is that the certain ports on localhost have been tunnelled through ssh
to the remote nfs server.

Note:
For a ssh tunnel that allows reverse ssh back from machine2 to machine1:
$ ssh user@machine2 -R :localhost:22 -f sleep m

From certain number of linux SAMBA and higher, “strict locking =1” is the default. When such SAMBA share is mapped on older versions of windows, the files would be not able to be modified – you can create new file, modify it. However, when you try to save, it will return “The process cannot access the file because another process has locked a portion of the file”. However, you can still save the file under a different name.

To workaround this, you can add
strict locking = 0
in your smb.conf under [global], and restart the smb server. Everything will work again.

The link in /usr/lib64/libGL.so was not updated to the NVidia version. Just remove the broken link and
ln -s /usr/lib64/libGL.so.VER.VER /usr/lib64/libGL.so, where VER.VER is the NVidia driver version.
For other missing libs that targeting a broken link, same strategy can be applied.

yum whatprovides ‘*/’

For some strange reason the flash folder in C:\WINDOWS\system32\Macromed was locked by explorer.exe. Once the Adobe Flash Player is installed in this folder, the locking prevented it from being copied into both Firefox’s plug in folder in C:\Program Files\Mozilla Firefox\plugins and Iexplore’s plugin folder in C:\Program Files\Internet Explorer\PLUGINS, such that from the plugin point of view of Firefox or Iexplore, the Adobe Flash was not installed. So once you browse through a flash content, like Youtube, it constantly asks you to install Flash player. However, reinstall flash or firefox will never have this issue solved. Somebody blame RealPlayer for this. But disable/uninstall Realplayer, disable all other plugins, will not change the locking of this folder. Problem remains.

Workaround:
1. In taskmgr.exe, kill explorer.exe. Explorer will close (with your desktop) and restart itself and bring your desktop back. This will release the lock.
2. Do not do anything but using my computer to navigate to C:\WINDOWS\system32, delete the folder Macromed.
3. Using either Firefox or IE to navigate to www.adobe.com, download and the newest version of Flash Player. Do not run the installed, but open the download folder.
4. Close both Firefox and IE, install Adobe Flash by running the installer in the download folder.

Now Adobe Flash will be running again in both Firefox and IE.

Enjoy.

It is possible that a dll/ocx was not properly registered.
Try this:
regsvr32.exe COMDLG32.OCX
regsvr32.exe YourOCX.OCX
regsvr32.exe Yourdll.dll