One point twenty one jiggawatts! Yesterday (March 8, 2010) the OpenSSH project released version 5.4 and naturally will start hitting the various distributions and platforms soon, and again there are some great things to be interested in:
- Although many distributions of OpenSSH have SSH1 disabled, the project is now shipping with SSH1 disabled by default.
- There is the ability to revoke keys (host and user) in both sshd and ssh.
- Netcat mode connects stdio on the client to a single port forward on the server. For example the following would connect to smtp.server.example.org on port 25, and redirect the output to stdio on my client side. Useful if you need to test connectivity to a mail server, but can't from your direct location, but can from your SSH server (my.ssh.server.example.org).
ssh -W smtp.server.example.org:25 my.ssh.server.example.org That has pretty much bags of possibilities, ranging from simple connection tests to piping a file to a remote server that you can't get to directly. - sftp-server has gained a read only mode!
- Passphrase-protected SSH2 private keys are now protected with AES-128 instead of 3DES. This counts if you reencrypt your key or create a new one.
- Feb 24, 2010 by the_angry_angel
- Geek, Windows, Daily HTF and System Administration
Mark Baggett over at PauldotCom put together an interesting article on running a command on every machine in your domain from the command line. I genuinely hadn't considered tying dsquery and wmi together in this way. The best thing is that with a little tweaking you can easily run the same command against a subset of your domain. For instance, say you had X terminal/web/sql servers that all lived in the same OU - just dsquery against that and you're laughing.
If you're looking after any more than a handful of servers, without something like SMS/MOM/something you've rolled yourself, then this is a real time saver.
- Feb 04, 2010 by the_angry_angel
- Geek, Windows and Work
Licensing is a pain in my arse. There are whole companies full of people who can tell you that you're doing it wrong. Personally I cannot stand licensing, and the only thing that I find more annoying (in this field) than the proliferation of Open Source and Free Software licenses (and figuring out what I'm allowed and not allowed to do and what is an "arms length" exactly - but thats another rant for another time), is the software licensing by Microsoft and other vendors who shall remain nameless for this article.
To try and make things easier at work two and a half years ago I put together a very small document/cheatsheet describing the licensing terms for various Microsoft products and virtualisation. Yesterday Microsoft released an updated document for Windows Server 2008 R2, and interestingly not much has changed for Window Server, with the exception of a few new products. The table below should help out a bit if you're confused .
| Instances |
|---|
| Server Product | License Type | Physical | Virtual |
|---|
| Windows Server Foundation (2008 only) | OEM | 1 | 0 |
| Windows Server Standard | OEM, Retail, VL, SPLA | 1 | 1 |
| Windows Server Enterprise | OEM, Retail, VL, SPLA | 1 | 4 |
| Windows Server Datacenter | OEM, VL | 1 | Unlimited |
| Windows Server Web | OEM, Retail, VL, SPLA | 1 | 0 |
| Windows Server HPC | OEM, Retail, VL, SPLA | 1 | 1 |
I decided to check the licensing for other products, just incase I'd missed any changes. It doesn't look like it, so here the run down (as I understand it).
As a general rule, for anything per processor licensed, if you're running it in a virtual environment it will simply count the number of virtual processors you assign it.
It gets a bit complicated with SQL 2005 and newer. To quote Microsoft:
When licensed per Server or CAL Workgroup and Standard editions allow you to run any number of instances of the server software in one physical or virtual operating system environment on the licensed server at a time. Previously, only the Enterprise edition of the Server license allowed multi-instancing. When licensed per Processor Workgroup, Web, and Standard editions for each server you have assigned the required number of per processor licenses, you may run, at any one time, any number of instances of the server software in physical and virtual operating system environments on the licensed server. However, the total number of physical and virtual processors used by those operating system environments cannot exceed the number of software licenses assigned to that server. For Enterprise if all physical processors in a machine have been licensed, then you may run unlimited instances of SQL server 2008 in one physical and an unlimited number of virtual operating environments on that same machine.
As far as I'm aware anything else licensed per server doesn't currently have any special rules regarding virtualisation; so this includes Exchange, Sharepoint, and so on.
- Jan 05, 2010 by the_angry_angel
- Geek, Windows and Work
Over Christmas we had to do a bunch of VMWare to Hyper-V conversions at work. Once you've sufficiently prepared the VM, there are a whole bunch of ways you can do this, ranging from raw converting the vmdk, to mounting the vmdk and a blank vhd and then copying the contents between. We chose it as an opportunity to play with Disk2VHD from SysInternals.
If you're using SCSI disks in your VMWare VM then you will first need to ensure that you add the IDE controller driver, to hopefully avoid a BSOD when you boot under Hyper-V for the first time. Why don't you just set Hyper-V to use SCSI disks? Sadly because Hyper-V cannot boot from SCSI. Once you've added the driver and rebooted to ensure that it's stuck we simply ran Disk2VHD and pumped the VHD off to a network share.
Interestingly Windows 2003 x64 and 2008 were a lot more resistant to the change in "hardware" than older Windows versions, which needed a Windows repair, however I can't fault Disk2VHD for that as it was something I was expecting anyway.
What worried me most was that the first run we did Disk2VHD produced a mangled VHD which I managed to repair and get working by doing the following;
- Mounted the VHD and declined Windows offer to format the partition it could see.
- Extended the partition so that it filled the VHD (for some reason it had left a whole load of space free - none of the other conversions did this). I chose to use diskpart, but whatever you're comfortable with.
- Ran TestDisk to ensure that all was ok with the partition. In this case it threw up some weird error that I failed to note down and right now I can't 100% remember for sure if TestDisk helped or not. A chkdsk /f was definitely able to, however. After this the VHD was in perfect working order.
Fortunately all other conversions didn't seem to have this issue, and as much as I would've loved to investigate why this happened, I just didn't have the time.
- Dec 22, 2009 by the_angry_angel
- Geek, Unix-like, Windows and Personal
If you've noticed that the next Ubuntu Server version (10.4, Lucid Lynx) has the Hyper-V kernel modules packaged, alebit in drivers/staging, I'd suggest not dist-upgrade'ing even your development servers for the moment. The reason is simply that you need to devote time to ensuring that the kernel modules will continue to work with each kernel version - right now you can't seem to rely on the modules actually loading successfully from the corresponding /lib/modules/2.6.*/kernel/drivers/staging/hv directory. Which isn't a problem, provided that you have the time to deal with it.
The long and short of it is that if you're currently looking to use any flavour of Linux under Hyper-V the "old" rules still apply;
- Use the legacy network adapter
- Set static MAC addresses under the VM settings (unless you want to faff with udev)
- and learn to live with the performance penalty
