Windows Vista/2008/7全系列(x86、x64)ISO镜像文件硬盘安装方法

Permalink

本方法适合移动硬盘硬盘U盘USB读卡器等可启动介质安装 Windows VistaWindows 2008Windows 7 全系列(X86、AMD64)系统。本方法和DVD光驱安装没有太大的差别,只是启动和中间会用到grub4dos/ImDisk来虚拟光驱; 还有本文中选用ImDisk作虚拟光驱软件, 是因为自己在别的WinPE里接触过,在别的方面也常用,大家可以选择适合自己的来代替都是可以的, ImDisk是我在x86/x64(2008/win7)上都测试过的。下面以 移动硬盘+win7p64.iso 为例

软件需求:

  • Windows ISO镜像, 此例中为win7p64.iso。 Windows Vista、 Windows 2008、 Windows7 全系列(x86、x64)都可以; 推荐放置在硬盘/移动硬盘上(速度快),此例中放在移动硬盘中:
  • grubinst 用于移动硬盘(或其其它安装盘)引导扇区的写入。
  • grub4dos 需要做成可启动的,可放在 移动硬盘硬盘、U盘、USB读卡器、光盘、pxe服务器上。
    如果ISO文件在USB设备上,grub4dos也应该装在同一个设备(大家可以试一试别的,能找到ISO文件就行)
  • ImDisk 直接下载原版;默认带有x86、x64驱动,所以可以直接用于x86、x64版本安装。
  • Contig 使文件以连续的方式存储。

安装示例:

为了方便抓图,这里在VMware里用第二块硬盘模拟移动硬盘操作,假设该移动硬盘只有一个分区,并且识别成盘符X:

制作移动硬盘:
  • 解压缩下载到的grubinst, 执行里面的grubinst_gui.exe(以管理员模式运行),选择要写入的磁盘(这里是移动硬盘),点击安装
  • 如果有错误 grubinst: Bad partition table, if you're sure that the partition list is ok, please run this program again with --skip-mbr-test option. 此时可以通过以下方法解决:

     ``` Go to disk management. Backup data if you have such on the USB disk. Delete all partitions. Create new ones. Set first one active. Using safely remove hardware icon disconnect the disk. Replug it and try the program again. ```
    
  • 如果无法删除所有分区,那么需要通过以下操作实现删除所有分区:

     ```
     There's no need to install any third-party programs, Windows already includes everything you need. Just open up command prompt and enter the following commands in sequence:
    
     DISKPART
     LIST DISK
     Select the disk that you want to correct. Example: I want to remove all partitions on Disk 1:
    
     SELECT DISK 1
     RECOVER
     If the RECOVER command doesn't work, try CLEAN.
    
     Disk 1 will be recovered as one complete disk.
    
     FORMAT <option>
     Where <options> represent what formatting method you'd prefer. Alternatively, use QUICK.
     ```
    
  • 解压缩下载到的grub4dos, 复制里面的文件到移动硬盘X:根目录下。删除根目录下的menu.lst(让其自动进入命令模式)
  • 解压缩下载到的ImDisk; 如果是可执行文件,照样可以解压缩。复制里面的文件到移动硬盘X:根目录下
  • 复制win7p64.iso到移动硬盘X:根目录
  • 解压缩下载到的Contig,复制Contig.exe到移动硬盘X:根目录, 执行以下命令:

      pushd X: (`移动硬盘X:`根目录)
      Contig.exe win7p64.iso Contig.exe的意义是为了让win7p64.iso连续存储; grub4dos需要调用 `map /win7p64.iso`,而文件win7p64.iso比较大,故这里不准备在grub4dos里把它整个map到内存;因此必须保证它在磁盘上是连续存放的。
    
移动硬盘结构:
X:
│  badgrub.exe
│  bootlace.com
│  ChangeLog_GRUB4DOS.txt
│  config.sys
│  COPYING
│  default
│  Get_Source_of_This_Build.txt
│  gpl.txt
│  grldr
│  grldr.mbr
│  grub.exe
│  grub.pif
│  hmload.com
│  imdisk.inf
│  install.cmd
│  menu.lst
│  msgbox.exe
│  readme.txt
│  README_GRUB4DOS.txt
│  runwait.exe
│  win7p64.iso
│
├─awealloc
│  ├─amd64
│  │      awealloc.sys
│  │
│  ├─i386
│  │      awealloc.sys
│  │
│  └─ia64
│          awealloc.sys
│
├─chinese
│      badgrub.exe
│      grldr
│      grub.exe
│
├─cli
│  ├─amd64
│  │      imdisk.exe
│  │
│  ├─i386
│  │      imdisk.exe
│  │
│  └─ia64
│          imdisk.exe
│
├─cpl
│  ├─amd64
│  │      imdisk.cpl
│  │
│  ├─i386
│  │      imdisk.cpl
│  │
│  └─ia64
│          imdisk.cpl
│
├─svc
│  ├─amd64
│  │      imdsksvc.exe
│  │
│  ├─i386
│  │      imdsksvc.exe
│  │
│  └─ia64
│          imdsksvc.exe
│
└─sys
	├─amd64
	│      imdisk.sys
	│
	├─i386
	│      imdisk.sys
	│
	└─ia64
			imdisk.sys
安装操作系统:
  1. 设置BIOS引导盘为移动硬盘(也可以是U盘或是其它安装盘); 启动电脑;进入到grub4dos界面;如下图所示(图1):
    Grub Init Interface

  2. 在GRUB命令模式下执行以下命令(注:命令要一字不差的全部输入,一行为一条命令,没有注释):

     find --set-root /win7p64.iso
     map /win7p64.iso (0xff)
     map --hook
     chainloader (0xff)
     boot
    

    如果显示的win7p64.iso所在磁盘位置为(hd0,0) 那么重启电脑,执行以下命令:

     map (hd0) (hd1)
     map (hd1) (hd0)
     find --set-root /win7p64.iso
     map /win7p64.iso (0xff)
     map --hook
     chainloader (0xff)
     boot
    

    一般情况下执行情况如下图所示(图2):
    Grub Commands

  3. 下面进入正常的Win7安装,直到下图所示界面(图3): No CD/DVD
  4. 上一步就因为找不到真实的光驱,所以报错,此时点击Shift+F10调出CMD窗口, 通过imdisk挂载win7p64.iso为虚拟光驱;执行以下一系列命令:

     cd /d X:/imdisk (您那里可能是E: F:,即VMware虚拟硬盘所在的盘符,此为注释,或者U盘)
     install.bat
     cd ..
     imdisk -a -f "win7p64.iso" -m #:
    

    执行情况如下图所示:
    Install Virtual DVD

  5. 执行完上一步,关闭cmd窗口,再关闭另外的可看到的那几个窗口,会返回到(图4)
    Start Install OS

  6. 点击”现在安装”,以下就和DVD光盘安装一样了,后面在重新启动机器的时候可以拔掉移动硬盘或USB设备(防止再从安装盘启动)

SFTP Access To Amazon EC2 Using FileZilla

Permalink

After You can setup EC2 Instance on AWS next step is to upload files onto the server.

I have setup Ubunto instance and using Filezilla to connect to it after installation LAMP.

  • Make sure port 22 is open in your instance’s Security Group in Amazon’s AWS site
  • Add .Pem Keys to FileZilla Click on Edit >> setting >> SFTP >> Add Key File
  • Locate your PEM file. At this point FileZilla will ask if you want to convert it to a format it can use. Say Yes and tell it where to put the new .PPK file.
  • Close the Settings window.
  • Enter Host: like: ec2-107-22-137-202.compute-1.amazonaws.com or the IP address, user: ubuntu and port: 22. Then click on Quick connect; It will connect with the following hints:

FileZilla Connection status

User name might vary depending on your instance, by default ububtu instance username is ubuntu

Depending on the original AMI the instance is based on, you may want to double check that the correct user name is being used to authenticate.

Amazon Linux: ec2-user
RHEL: root
Ubuntu: ubuntu

Setting up FTP Server on Ubuntu - Amazon EC2

Permalink

File Transfer Protocol (FTP) is a TCP protocol for uploading and downloading files between computers. FTP works on a client/server model. The server component is called an FTP daemon. It continuously listens for FTP requests from remote clients. When a request is received, it manages the the login and sets up the connection. For the duration of the session it executes any of commands sent by the FTP client.

Access to an FTP server can be managed in two ways:

In the Anonymous mode, remote clients can access the FTP server by using the default user account called ‘anonymous” or “ftp” and sending an email address as the password. In the Authenticated mode a user must have an account and a password. User access to the FTP server directories and files is dependent on the permissions defined for the account used at login. As a general rule, the FTP daemon will hide the root directory of the FTP server and change it to the FTP Home directory. This hides the rest of the file system from remote sessions.

Amazon EC2: Unblock FTP port

FTP works on port 21 by default. This port is blocked by the AWS firewall. You must unblock this port (21) by changing the instance permissions prior to setting up FTP so that you can access FTP remotely. This can be done using the AWS EC2 Elastic Fox client. Please refer to my other post about Unblocking ports on the Amazon EC2 for more details.

vsftpd - FTP Server Installation

vsftpd is an FTP daemon available in Ubuntu. It is easy to install, set up, and maintain. To install vsftpd you can run the following command:
sudo apt-get install vsftpd

vsftpd - FTP Server Configuration

You can edit the vsftpd configuration file, sudo vi /etc/vsftpd.conf, to change the default settings. By default only anonymous FTP is allowed. If you wish to disable this option, you should change the following line:
anonymous_enable=YES
to
anonymous_enable=NO

By default, local system users are not allowed to login to FTP server. To change this setting, you should uncomment the following line:
#local_enable=YES

By default, users are allowed to download files from FTP server. They are not allowed to upload files to FTP server. To change this setting, you should uncomment the following line:
#write_enable=YES

Similarly, by default, the anonymous users are not allowed to upload files to FTP server. To change this setting, you should uncomment the following line:
#anon\_upload\_enable=YES

The configuration file consists of many configuration parameters. The information about each parameter is available in the configuration file. Alternatively, you can refer to the man page, man 5 vsftpd.conf for details of each parameter.

Once you configure vsftpd you can start the daemon. You can run following command to run the vsftpd daemon:

sudo /etc/init.d/vsftpd start

Please note that the defaults in the configuration file are set as they are for security reasons. Each of the above changes makes the system a little less secure, so make them only if you need them.

Show All Running Processes in Linux

Permalink

How do I see all running process in Linux?

You need to use the ps command. It provide information about the currently running processes, including their process identification numbers (PIDs). Both Linux and UNIX support ps command to display information about all running process. ps command gives a snapshot of the current processes. If you want a repetitive update of this status, use top command.

ps command

Type the following ps command to display all running process:
# ps aux | less
Where,

  • -A: select all processes
  • a: select all processes on a terminal, including those of other users
  • x: select processes without controlling ttys

Task: see every process on the system

# ps -A# ps -e

Task: See every process except those running as root

# ps -U root -u root -N

Task: See process run by user vivek

# ps -u vivek

Task: top command

The top program provides a dynamic real-time view of a running system. Type the top at command prompt:
# top
Output:

Fig.01: top command: Display Linux Tasks
Fig.01: top command: Display Linux Tasks

To quit press q, for help press h.

Task: display a tree of processes

pstree shows running processes as a tree. The tree is rooted at either pid or init if pid is omitted. If a user name is specified, all process trees rooted at processes owned by that user are shown.
$ pstree
Sample outputs:

Fig.02: pstree - Display a tree of processes
Fig.02: pstree - Display a tree of processes

Task: Print a process tree using ps

# ps -ejH# ps axjf

Task: Get info about threads

Type the following command:
# ps -eLf# ps axms

Task: Get security info

Type the following command:
# ps -eo euser,ruser,suser,fuser,f,comm,label# ps axZ# ps -eM

Task: Save Process Snapshot to a file

Type the following command:
# top -b -n1 &gt; /tmp/process.log
Or you can email result to yourself:
# top -b -n1 | mail -s 'Process snapshot' you@example.com

Task: Lookup process

Use pgrep command. pgrep looks through the currently running processes and lists the process IDs which matches the selection criteria to screen. For example display firefox process id:
$ pgrep firefox
Sample outputs:

3356

Following command will list the process called sshd which is owned by a user called root:
$ pgrep -u root sshd

Say hello to htop and atop

htop is interactive process viewer just like top, but allows to scroll the list vertically and horizontally to see all processes and their full command lines. Tasks related to processes (killing, renicing) can be done without entering their PIDs. To install htop type command:
# apt-get install htop
or
# yum install htop
Now type the htop command at the shell prompt:
# htop
Sample outputs:
Fig.03: htop - Interactive Linux / UNIX process viewer
Fig.03: htop - Interactive Linux / UNIX process viewer

atop program

The program atop is an interactive monitor to view the load on a Linux system. It shows the occupation of the most critical hardware resources (from a performance point of view) on system level, i.e. cpu, memory, disk and network. It also shows which processes are responsible for the indicated load with respect to cpu- and memory load on process level; disk- and network load is only shown per process if a kernel patch has been installed. Type the following command to start atop:
# atop

Building a SOCKS proxy on EC2

Permalink

At the NXNE Mobile Hackathon, we ran into a small problem. The wifi set up in the room would only allow connections over HTTP and HTTPS, which made it impossible to do many things you might want to do at a hackathon, like:

  1. Push to GitHub over SSH
  2. Connect to MongoDB instances
  3. Connect to… anything… that isn’t on ports 80 or 443… so a lot.

If you can configure your tools correctly, the easiest way to get around this kind of problem is via a SOCKS proxy. Normally, I’d set up an SSH tunnel and run the SOCKS proxy over that… but no SSH. So the next best thing is to get a SOCKS server running on EC2. Let’s go through the steps required to set this up so that if you end up in the same situation, you can help those around you.

Doing this assumes that you temporarily have an internet connection that is unrestricted, like a tethered smartphone or a wired connection. I’m also assuming that you know your way around EC2 a bit.

  1. Connect to your unrestricted internet connection
  2. Login to EC2
  3. Ensure that you have a keypair setup
  4. Create an EC2 Security Group that opens ports 22 and 443 to the world
  5. Fire up an Ubuntu 12.04 LTS instance (micro will usually do) with your keypair and Security Group
  6. SSH into the new machine with the SSH key (default username: ubuntu)
  7. Run the following commands at the prompt or in a shell script:

     sudo apt-get install build-essential
     wget http://www.inet.no/dante/files/dante-1.3.2.tar.gz # or another version
     tar -zxvf dante-1.3.2.tar.gz
     cd dante-1.3.2
     ./configure
     make
     sudo make install
     $ sudo make me a sandwich
    
  8. Put the following config in /etc/sock.conf
    Notice:
    When use internal: 127.0.0.1 port = 7071, then the proxy address is 127.0.0.1:7071.
    When use internal: eth0 port = 7071, and the IP binded to eth0 is 10.210.235.113, then the proxy address is 10.210.235.113:7071, it’s the only proxy address.

     logoutput: /var/log/danted.log
     # But, when use eth0 instead, the the proxy addresss will turn out to be
     # the IP that binded to eth0, support the IP binded to eth0 is ``
     internal: 127.0.0.1 port = 7071
     #internal: eth0 port = 7071
     external: eth0
     method: username none
    	
     #user.privileged: root
     user.notprivileged: nobody
    	
     client pass {
       from: 127.0.0.1/32 port 1-65535 to: 0.0.0.0/0
     }
    	
     client pass {
       from: 127.0.0.0/8 port 1-65535 to: 0.0.0.0/0
     }
    	
     client block {
       from: 0.0.0.0/0 to: 0.0.0.0/0
       log: connect error
     }
    	
     block {
       from: 0.0.0.0/0 to: 127.0.0.0/8
       log: connect error
     }
    	
     pass {
       from: 127.0.0.1/32 to: 0.0.0.0/0
       protocol: tcp udp
     }
    	
     pass {
       from: 127.0.0.0/8 to: 0.0.0.0/0
       protocol: tcp udp
     }
    	
     block {
       from: 0.0.0.0/0 to: 0.0.0.0/0
       log: connect error
     }
    
  9. Run sudo sockd -D

Now that we’ve got the server running, we have to configure our clients to connect to it. Fortunately, this is relatively easy. If you’re on linux, run your programs with tsocks. On Windows or Mac, you can try Proxifier (never tried it myself). Remember that the proxy is on port 443.

If you’re using PuTTY, you can set your proxy under Connection > Proxy.

This set of steps creates an open proxy that anyone can use to proxy to anywhere. Don’t leave it running unless you want really big EC2 bills.

In doing this, I realized that it would be even better to be able to do this via a VPN instead of a SOCKS proxy in order to get better Windows and Mac full capture support. I’m going to play with this idea and post again when I’ve got something.

Converting between different SSH private/public key formats.

PuTTY –> SSH

  • PuTTY private key to SSH public key and private key.
    puttygen supports exporting to an OpenSSH compatible format.
    1. Open PuttyGen
    2. Click Load
    3. Load your private key
    4. Go to Conversions->Export OpenSSH and export your private key
    5. Copy your private key to ~/.ssh/id_dsa (or id_rsa).
    6. Create the RFC 4716 version of the public key using ssh-keygen:
      ssh-keygen -e -f ~/.ssh/id_dsa > ~/.ssh/id_dsa_com.pub
    7. Convert the RFC 4716 version of the public key to the OpenSSH format:
      ssh-keygen -i -f ~/.ssh/id_dsa_com.pub > ~/.ssh/id_dsa.pub
  • PuTTY public key to SSH public key
    If all you have is a public key from a user in PuTTY-style format, you can convert it to standard openssh format like so:
    ssh-keygen -i -f keyfile.pub > newkeyfile.pub

See this and this for more information.