Sep 292016
 

As time goes by and as social sites becomes more and more pervasive in our life, I’ve decided to make fewer posts on my own blogs but keeping them relevant (at least to me).

This new one is about my recent home network improvement:

  • Vodafone Fiber Link (with Vodafone Station Revolution)
  • Firewall replacement from my old glorious Stonesoft hardware+PFSense with a brand new shining Mikrotik RouterBoard RB2011UiAS

I needed to build VPN access from outer space to my own network, mainly using my two preferred tools: iOS device and OS X on my Mac.

It took me a while to find the right combination of configurations, given the constraints of what I was aiming to. Which was this (naturally IP info has been sanitized 😎 ):

what I was after

Continue reading »

Mar 202016
 

python-lockHello World!

It’s been a while since my last post, so I’ve decided to make a magnificent one 🙂

Jokes apart, this setup took me a full sunday hence I thought to recap for future references.

The whole story started with a Python script on my Mac OS X unable to retrieve a JSON response from a specific https site, whereas the exact same script run like a champ in Kali Linux.

And to make things even more complicated, the same URL was working fine using cURL or wget on OS X!

Comparing two network packet captures, I’ve found that the issue was in the Client Hello part of the SSL handshake: the Python script was proposing a TLSv1.0 encrypted communication that the server was not available to accept. The correctly working commands and scripts were all using TLSv1.2.

This led me to discover that OS X El Capitan includes by default an old (and vulnerable) version of OpenSSL: 0.9.8zg, not supporting TLSv1.2 I needed. Consequently, also Python 2.7.10 included in El Capitan was having issues with TLS since the bundled pyOpenSSL module was linked to that OpenSSL version.

To upgrade, I did the following:

  • Upgrade OpenSSL
    Not that easy, since you have first to install latest OpenSSL via http://brew.sh install (this is the easy part, go brew update and brew install openssl).
    But then you need to rename the system openssl (/usr/bin/openssl) into something else and sudo ln -s <your brew openssl executable> /usr/bin/openssl
    Before you can do it, you need to reboot your Mac in recovery mode (CMD+R when you hear the chimes at boot), then select the Terminal from the Utilities menu and type in csrutil disable. With this command you will disable the System Integrity Protection and lowering your system security level until you reverse the change.
    Type also the command reboot to restart your machine, open a Terminal and proceed with the linking described above.
    Reboot again, access to Recovery Mode and restore the System Protection Utility with the commands:
    csrutil enable
    reboot
     
  • Upgrade Python to 2.7.11
    This is trivial… just grab your version here and install from DMG image.
  • Upgrade pyOpenSSL module to one linked with TLSv1.2 support
    It took me a while to find the right command, since you need to issue it with the proper user indication:
    pip install –upgrade pyopenssl==0.15.1 –user python

That should give you an OS X environment fully enable with upgraded OpenSSL (at the time of writing mine is 1.0.2g) and your python environment correctly supporting TLSv1.2

Happy encryption!

Sep 122014
 

This error, or more precisely

NTFS-3G
NTFS-3G could not mount /dev/disk#
at /Volumes/XXXXXXXX because the following problem occurred:

Did not receive a signal within 15.000000 seconds.
Exiting...
                                           [Close]

started to appear when I installed MacFuse and NTFS-3G on a new MacBookPro 2014 running Mavericks.

It is pretty harmful, since the NTFS volume would mount as well… but annoying.

Since I understand quite few people are experiencing this on the Net and I want to remember the solution I adopted, I have decided to report here the fix I’ve found.

Continue reading »

Jul 142014
 

The main reason of almost every post on this blog is the same.

Need to do something, dig the Net, take a while to find stuff so I think to make a note on my… virtual hints book 😉

This time the need was to move a Windows 8.1 virtual machine from VMware Fusion for OS X 10.9.4 to VirtualBox on Linux.

The best option is to export and import the VM in OVA (Open Virtual Appliance) format, but there is no GUI option to export in Fusion. It took me a while to understand that Fusion comes with OVF Tool included, as a command line, and located in the default path “/Applications/VMware Fusion.app/Contents/Library/VMware OVF Tool

A working example of a command line is:

./ovftool --acceptAllEulas /Users/marco/Documents/Virtual\ Machines.localized/Windows\ 8.1\ x64.vmwarevm/Windows\ 8.1\ x64.vmx /Users/marco/Desktop/Win81.ova

The green part of the command above refers to specific names I gave to the VM in Fusion and to the OVA file.

–acceptAllEulas is an option to make the command less interactive.

Enjoy.

Mar 082014
 

Tried endlessly for a day with disk utility and did not succeed.

When my good friend Quasidot helped me to find the way, I’ve promised to write it here. And I do 🙂

sudo hdiutil makehybrid -iso -o <nameoftheimage>.iso <path_where_the_files_you_want_in_the_image_are>

The command above will end with an ISO you can mount on pretty much every decent OS.

Mar 082014
 

apple-bananaQuickly sharing with you all what happened to a good friend of mine, hoping that similar cases will find the solution he applied useful.

It’s out of doubt that OS X has much less issues than its “colleague OSes”, and when it does  the issues are often caused by 3rd party apps…

However there are some considerations which should remain valid, like the one saying that a decent operating system should never allow a 3rd party app to block its basic operations.
And I think and hope that Apple will strengthen OS X over time against these odd situations.

Back to my friend running Mavericks 10.9.2, here’s what he wrote on Facebook:
I rebooted my Mac to clear a small problem. Came up fine. Logged in. It did not go to the expected desktop, but to a *second* login screen. That one won’t accept any password I can think of. Cleared NVRAM, booted to diagnostics, booted to recovery and checked all disk permissions and issues. Everything checks out. Still no love.

Time went by, and some hours later a comforting comment appeared on the post…
It’s all fixed. Seems the latest Dropbox was the culprit. Recovery was pretty straightforward, and I’m right back to my desktop, all settings, data, preferences, etc. intact.

Solution:
1. Boot Mac with Command-Option-P-R to clear NVRAM.

2. Boot Mac with Command-R to enter Recovery mode; run Disk Utility. Repair Permissions/Repair Disk

3. Reboot with D, run hardware diagnostics

4. Reboot with T, connected via Thunderbolt to iMac and make another backup copy of all personal data; and then

5. Reboot with Command-R again and do a Reinstall OS X. (It’s non-destructive.)

One last reboot to clean it all up, login and get back to work. Right where I left off.

I think sharing these bits is useful, do you agree? Please use comments to let me know your opinions and to add precious knowledge and experience to help apples and bananas to stay always on different trees 😉

Jan 092014
 

macsingLots of people claim that the Mac can talk… sure, cool, yeah.

But did you know your Mac can sing?

Yes, and with a very simple process.

First, locate your Terminal app, normally hidden among the utilities or in the Other group in the LaunchPad:

The Other Group

 

Then, in your Terminal, copy and paste the following commands:

say -v Good “da da da da da di du di du di di di du du du di du du di du di du di du di du”

…or if you’re not in a good mood

say -v Bad “da da da da da di du di du di di di du du du di du du di du di du di du di du”

Or, if you’re in your melodic day:

say -v Cellos “da da da da da di du di du di di di du du du di du du di du di du di du di du”

Have fun, with your “sing-a-mac session”.

RoarinPenguin

 

Dec 312013
 

tux-tmIt took me quite a lot and quite long time of experimenting before finding the proper way to do this, especially considering that Mavericks is a bit different from the previous felines… and that I was using Debian Squeeze…

I’ve finally been able to achieve it (and testing with file restore also), hence I’ve decided to document here my configuration hoping it will be of some benefit for others.

To be clear: this is a document to build a backup system “à la Time Machine” for your Mac based on Mavericks OS X 10.9.1 using a file share on Debian Linux and AFP protocol.

First of, some statements about false/deviating info I’ve found on other sites:

  • You cannot use AFP with Mavericks, since it defaults to SMB2 ==> not true. I have a working configuration using AFP
  • You can use whatever Debian/Ubuntu version, at worst you just tune your config ==> not true. At least not for me. It all started working when I moved from the previous Squeeze Debian (6.0) to the latest greatest Wheezy (7.0)
  • It’s hard to configure the stuff, requires programming/scripting. Not true. Sure, you need to modify some configuration files on your Linux box… but if you are not able to vi some files, maybe you should think to have another operating system.

As said, please ensure your Debian Linux is at version 7.0 (Wheezy). If not, you should really consider to upgrade. It’s free, well documented, easy and it will save you tons of days and headaches trying to make bits behave 🙂

Continue reading »

Nov 012013
 

Despite what it might seems at a first look, this is NOT a complicated thing.

The advantages are enormous… especially if you own a developer account: it would allows you to test the evolution of this awesome OS blended with great benefits of virtualization such as snapshotting.

Whatever is the reason why you wanna install Mavericks on your ESXi box, you’ll find here detailed instructions which have been tested and found working by me 😉

First of all, you need an important piece of software… and no, this software is not illegal, nor it could ruin your precious ESXi 5.1 installation. I’m talking about the mighty Unlocker for VMware by Donk, available from InsanelyMac (free registration).

This is a bunch of bytes which will enable your ESXi to boot a valid Mavericks image.

Continue reading »

Oct 302013
 

I’ve been struggling with VirtualBox 3.0 since I’ve upgraded my MacBook Pro to Mavericks one week ago.

The problem was that launching the software and Virtual Machines led to kernel errors like “Kernel Driver not loaded” and “Failed to load VMMR0.r0”

Googling leads to VirtualBox Forums and Apple Support Community posts stating to reinstall VirtualBox on top of existing installation, but this fixes the issue only temporarily since at reboot the issue will be still there.

Likewise, dragdropping VirtualBox to the Trash Bin and reinstalling seems not to help.

Even using the uninstal tool provided with VirtualBox does not seem to help.

Screen+Shot+2013-03-09+at+9.03.45+AM

 

The final trick is to modify the Mavericks security settings (Security & Privacy – General tab) for the time needed for the reinstallation, configuring the parameter “Allow apps downloaded from:” to Anywhere as shown below:

Security-PrivacySettings

Then confirm, proceed to install VirtualBox 3.0 and change back the setting to previous safer configuration.

Once completed, you can enjoy a “reboot-safe, error-free” VirtualBox environment.

RoarinPenguin