Notepad++ Editing Linux with SFTP.

Now if you haven’t tried Notepad++ get over to http://notepad-plus-plus.org/ and give it a go. It is once of the best text editors I have come across, not only is is light weight and gives you tabs for you files, it also has syntax highlighting for a good number of programming and scripting languages, can be run from a USB drive with out installing and On top of all that its a free download, so perfect in every respect.

Nopepad++ screen shot

Then there is the standard “compare” functions, ability to write macros, and a whole host tool for editing text.

But just a few days ago I found another function that I had not noticed before. Under the plugins one of the defaults is “Nppftp” clicking on this brings up a side panel that allows you to set up profiles for FTP and SFTP connections to remote servers.

Once you have set one up (SFTP for Linux ) and connected the remote file system will appear in a tree structure in this pane, allow you top open the files in Notepad++ edit and re-save them. And you get all the standard benefits of the application such as highlighting of code and copy paste between multiply files.

One thing to be careful of is the EOL settings, when creating new files, these defaults to windows format that will be miss read by the Linux system (look up EOL in google for more ifo on this). This can be changed either for an individual file under “Edit >> ELO Conversion >> Unix Format” on the menu bar. Or under “Settings >> preferences >> New Documents/….. ” to change the default.

So that’s one bonus point about Notepad++, but honestly even if this is not something you would use, give it a try, it has so many features over the basic notepad that comes with windows that there is something there for every one.

SecureCRT sending commands to multiple sessions.

I came across this in secureCRT and thought I would share it.

When labing things up (and indeed on real networks), there are times when you need to send the same command to multiple devices. you can of course copy and paste between the sessions but what about if you want to past the exact same block of configuration to 20 devices, or just want to do something simple like save the running configuration on your devices in you lab before you close down?

Well SecureCRT has a nice little feature to do this, so before enabled secure CRT looks much like below, as you can see I have several tabs open.

Default SecureCRT Window

However by going in to the view menu up the top there is a option to enable the “chat window”, this will bring up an extra panel at the bottom of the screen. Then by right clicking in this new panel you can enable the “send chat to all tabs” option as shown below.

Chat window enabled

Now any command typed in the chat window will be sent to all devices. Commands typed in the main terminal are still only sent to a single device.

What would be even nicer is if you could highlight multiple tabs and have the commands only sent to those terminal sessions. At the moment it is an all or nothing solution, maybe I will go suggest it to them as an improvement for future versions :)

The more I use CRT the more I like it, written quite a few scripts for it now, if you know any VB script or Java you can pretty much do what ever you like as SecureCRT has a nice simple API in to it.

I am finally moving house this week, so after that should have more time to post on here, and will take some of the script I have and tidy them up and post them for people.

Take care

DevilWAH

OK back for another shout

Well work still busy, and still struggling to find the time to study for my ROUTE exam. But that does not mean I have been doing nothing.

Work sent me on my ITIL Foundation course last week and please to say I passed, so thats one more string to the bow. I was suprised it was a lot more intresting that I thought, and while it still was in my view ‘common sence’. seeing it all togather with all the termonology, does mean I can now look back on some conversations I have had in the past and make some sence of them. For any one looking to get in to the managed service side of things, or wants a foot in the door for such company, it going to be a good cert to have.

The other thing that has been keeping me away from the CCNP is learning scripting and c#. I have already talked about writing some VB scripts to control Secure CRT. but of course to do this you need CRT installed on the PC in the first place. So taking it one step further I started looking at SecureCRT client pack, this is a instulation, that once installed on a PC, you can then call the functions when programing in any .net language, such as VB.net or C#.net This gives much more control over the application and gives the end user a much cleaner interface to use. However you still need to have the client pack installed and this costs money and the hassle of instulation.

So my next stop was Sharp SSH , this is a free SSH libuary with some simmler funcanality to the SecureCRT function pack (for what I want) and allows eaiser distribution of the final aplication.

So after a few steps, and lots of playing around, I now have the core understanding I need to start creating my vision. So as well as working on my CCNP, looking after my Daugher, and atempting to move house. Not forgetting the extra hours that come from managing at work. I am working on creating an application that will allow you to create a libruay of scripts you wish for CISCO IOS/CATOS devices. Including any pre / post checks you require and how to ack on there out comes, Plus allow you to define any varibles that will change between runs. Then allow you to feed in the varibles at run time (either manualy or via a bulk method), and carry out the work completely automated.

Really this is jsut a project for me to learn some more in depth scripting / programing, but as people who carry out mutiply changes, this can often be a repetive job, so I am hoping once complete I will end up with a tool that is very useful for my current postition.

So if you wondered where I was thats about sums it up. Life is great just very busy, and just waiting to get our house sorted, then I will be setting up a nice quiet area to study and getting stuck right back in to CCNP and getting back in to updating and adding to this blog.

night all

DevilWAH

PS. Oh and Miss Lilith is now walking, from bum shuffling to walking has taken less than 10 days, and not only is she walking but climbing to!! she is very proud to show how she can climb on to the couch, and thinks it is very funny to give Mum and Dad heart attacks by almost falling. But its a great time and wonderful watching her grow. being waved good bye to in the mornings, and greated with a huge smile and laughter when I get home, make life very special at the moment. :)

Removing old keys from the SSH known host file

When connecting to a device via SSH using Linux (Unbuntu), you may come across the following error message.

The fingerprint for the RSA key sent by the remote host is
fd:1f:3d:fb:2e:ad:f4:f4:35:2e:03:f4:xx:xx:xx:xx.
Please contact your system administrator.
Add correct host key in /xxxx/xxxx/.ssh/known_hosts to get rid of this message.
Offending key in /xxxx/xxxx/.ssh/known_hosts:15
RSA host key for 192.168.45.82 has changed and you have requested strict checking.
Host key verification failed.
lost connection

This happens when the device you are connecting to has changed it’s SSH keys, but the client you are connecting from has the original key saved. By default Linux does not update these changes (assuming a security exploit) and will just drop the connection .

Stored SSH keys are by default saved in the /home/[user]/.ssh/known_host file. So to connect to the device you need to update this file.

You can achieve this a number of ways, including using the information above and manually editing the file to remove the offending key. However it can be difficult to work out what entry in the file you need to remove.

However I came across this the other day after having use the manual method for ages. In the error message it give the line number of the key you need to change. In the case above it would be 15.

(Offending key in /xxxx/xxxx/.ssh/known_hosts:15)

You can use the following command to delete that line with out having to manually open and edit the file.

sed -i 15d ~/.ssh/known_hosts

or use

ssh-keygen -R 192.168.45.82

Both will delete the line from the known_host file that relate to the error message above. (might need a SUDO, or run as root)

Now the next time you connect to the host device, your system will behave as if it is the first time it has seen the host and ask if you want to add the key in.

It is also possible to disable key checking, however I would not suggest this as it is a security risk.

DevilWAH

SSH port Forwarding (or how to Remote Desktop over SSH)

I found this one out quite recently, but wish I had come across it years ago.

Image you have SSH access to a device inside a remote network, what you really want is a remote desktop to a device inside, but firewalls are blocking RDP and you have no way to change there setting (maybe you need to be on the desktop to configure the firewalls?)

Well as long as you can meet the two basic requirements below then fear not, because another of SSH’s little tricks is to allow you to tunnel traffic over it.

  1. First you must have a SSH client on your local station that can carry out port forwarding. such as Putty or Teraterm.
  2. An SSH remote client that is allowed to send traffic on the RDP ports to the final end station you want to remote desktop to.

All set then lets go..

First you need to set up the local telnet client. Here I will show it with Tera Term, as its the one I have installed, but the settings for putty and others are straight forward to match. What we are doing is mapping a local IP and port for Tera term to catch data sent to, and then relay it across the SSH connection to the remote SSH client where it will be forwarded on to the destination remote desktop client using the IP and Port set up.

First open up Tera Term and chose Setup then SSH forwarding from the menu, once the box pops up chose add. For the local forwarding port you can chose any random valid port, for this example I will use 3390. For the remote IP enter the IP of the machine you want to remote desktop to and the RDP port it is set to listen on, by default this is 3389 so we will use this.  (hint if you want to RDP to multiply remote hosts, simple set up a different local port for each one) Click OK and you should have a screen something like below.

Now click on the OK button.

The final steps are easy, in Tera Term click on file new connection, and connect up an SSH session to the SSH remote host as you normally would. While this connection is active open up the RDP client on the local host and enter the computer to connect to as shown.

Note the use of the Local port we configured above. Clicking on connect, Tera Term will now tunnel the traffic over the SSH connection where it will be forwarded on to the remote desktop host.

Yes you can achieve a more user friendly set up using VPN’s and I would not suggested it for end users. But I have found this very helpful in admin situation. And your remote SSH client can be any thing that supports SSH, Linux box or Cisco device all work just great.

Well hope you have all had a great Saturday and have good things to look forward to tommorrow.

Night from the Devil.