no matching cipher found. Their offer: aes128-cbc,3des-cbc…

When trying to SSH to older devices like a Ubiquiti Bullet2, you may receive an error saying.

no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc

Work around it to manually specify the cipher with the “-c” option. You will also probably need to specify the KexAlgorithm

ssh -c aes128-cbc -oKexAlgorithms=+diffie-hellman-group1-sha1 admin@192.168.1.20

You can see what ciphers ssh supports by running “ssh -Q cipher”

Example output

ssh -Q cipher
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

More information
https://www.openssh.com/legacy.html

Auto Start VM after XenServer reboot

SSH or gain command line access to XenServer

List VM UUID’s

Locate the UUID’s of the VM’s you want to start

# xe vm-list
uuid ( RO)           : 521be58a-3495-ea29-02a0-85ffcda06583
     name-label ( RW): CentOS 7
    power-state ( RO): running

Enable auto start

Change the UUID to the UUID of the vm you want to start automatically on server boot

xe pool-param-set uuid=521be58a-3495-ea29-02a0-85ffcda06583  other-config:auto_poweron=true

Print parameter settings

The following print if the poweron is turned on. Change out the UUID for the UUID of your VM.

xe vm-param-list uuid=521be58a-3495-ea29-02a0-85ffcda06583 | grep -i poweron | cut -d";" -f1

Example output

                      other-config (MRW): auto_poweron: true

https://support.citrix.com/article/CTX133910

Mikrotik RouterOS – “drop all from WAN not DSTNATed”

The default DSTNATed firewall rule keeps traffic from the WAN accessing LAN side IP addresses.

More info here

Printing the rules on a router with the default config should show the following.

;;; defconf: drop all from WAN not DSTNATed
chain=forward action=drop connection-nat-state=!dstnat in-interface=ether1

If you are wanting to add the rule to a router, you can copy and past the following command. Replace in-interface=ether with your in interface.

/ip firewall add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat in-interface=ether1

LibreOffice Calc – Turn page breaks on and off

Turning the Page break option on in LibreOffice Calc will show a dotted line in your Calc spreadsheet to show you if you printed it out where the boundaries would be.

Example showing page breaks in LibeOffice Calc. The dotted lines are the page outline

You can turn this behavior on or off by going to
Tools -> Options -> LibreOffice Calc -> View -> Visual Aids -> Page breaks
And turning the check box on or off

Example of Page breaks being on.

UNMS – Set user as Super Admin from command line

The following commands can be run from a ssh session to your UNMS instance.

Show Current Users

sudo ~unms/app/unms-cli set-superadmin

Should get something like the following

            UNMS Users
 ┌─────────┬───────────┬───────────────────────────┬──────────────┬────────────┐
 │ (index) │ username  │           email           │     role     │ two-factor │
 ├─────────┼───────────┼───────────────────────────┼──────────────┼────────────┤
 │    0    │  'larry'  │  'larry@incredigeek.com'  │   'admin'    │   false    │
 │    1    │   'bob'   │   'bob@incredigeek.com'   │   'admin'    │   false    │
 └─────────┴───────────┴───────────────────────────┴──────────────┴────────────┘

Change User to Super Admin

To change a user to a Super Admin, add “–username username” to the above command.

Example:

sudo ~unms/app/unms-cli set-superadmin --username bob
            UNMS Users
 ┌─────────┬───────────┬───────────────────────────┬──────────────┬────────────┐
 │ (index) │ username  │           email           │     role     │ two-factor │
 ├─────────┼───────────┼───────────────────────────┼──────────────┼────────────┤
 │    0    │  'larry'  │  'larry@incredigeek.com'  │   'admin'    │   false    │
 │    1    │   'bob'   │   'bob@incredigeek.com'   │ 'superadmin' │   false    │
 └─────────┴───────────┴───────────────────────────┴──────────────┴────────────┘

Note that there does not appear to be a way to

UniFi Cameras – configure static IP or DHCP from command line

The UniFi cameras are different then the AirMax line in how the configuration works. There is a “/tmp/system.cfg” file, but it does not contain most of the configuration option. In the default directory there are some files which appear to handle the device configuration.

The network configuration file is “ubnt_networkd.conf”

Edit the file by opening it up in vi or a different text editor.

Static IP config

{
     "cfgver": 2,
     "dhcp": {
         "fallbackIP": "192.168.1.20",
         "fallbackNetmask": "255.255.255.0",
         "status": 0  <-- 0=Static 1=DHCP
     },
     "dns": {
         "ns1": {
             "ip": "8.8.8.8",
             "status": 1
         },
         "ns2": {
             "ip": "4.2.2.2",
             "status": 1
         }
     },
     "routes": {
         "gateway": "192.168.5.1"
     },
     "statik": {
         "ip": "192.168.5.11",
         "netmask": "255.255.255.0"
     }
}

If you want to set the static address, you should be able to edit the settings in this config and leave DHCP status disabled.

DHCP config

To set the Camera to use DHCP, under dhcp change “”status”: 0″ to “”status”: 1″

{
     "cfgver": 2,
     "dhcp": {
         "fallbackIP": "192.168.1.20",
         "fallbackNetmask": "255.255.255.0",
         "status": 1
     },
     "dns": {
         "ns1": {
             "ip": "8.8.8.8",
             "status": 1
         },
         "ns2": {
             "ip": "4.2.2.2",
             "status": 1
         }
     },
     "routes": {
         "gateway": "192.168.5.1"
     },
     "statik": {
         "ip": "192.168.5.11",
         "netmask": "255.255.255.0"
     }
}

After the settings are applied the camera will use use DHCP regardless of the statik ip settings.

Save changes

Use the following command to write the changes to persistent storage

ubnt_cmd_persist.sh

And reboot the camera.

reboot

Camera should pull a DHCP address when it boots up

Ubiquiti set DHCP from command line

Edit the “/tmp/system.cfg”

Change the line that contains “dhcpc.status=disabled” to

dhcpc.status=enabled

add the following lines

dhcpc.1.devname=br0         
dhcpc.1.fallback=192.168.1.20
dhcpc.1.fallback_netmask=255.255.255.0
dhcpc.1.status=enabled

Save and exit and save changes

/usr/etc/rc.d/rc.softrestart save

Log into the GUI and verify everything looks correct. Under the network tab it was still showing that it had a static address, although it pulled a DHCP IP.

Change Channel Width on Ubiquiti AC CPE Over SSH

SSH into CPE

ssh ubnt@192.168.1.20

open up the “/tmp/system.cfg” file

vi /tmp/system.cfg

Find the “radio.1.chanbw=” line and change to the following

radio.1.chanbw=10

Note: it may say “radio.1.chanbw=0” that looks to be the default and works for 20mhz

exit file with

esc + :wq + Return or Enter

Save settings with

/usr/etc/rc.d/rc.softrestart save 

Change AP to 10Mhz and the CPE should reconnect.