Skip to content

L2TP VPN working on Mavericks finally!

I finally had a few minutes free to explore Jon Stacey’s excellent blog about getting L2TP working on Mavericks…

His documentation is excellent, and can be found here:
How to Setup a L2TP VPN Server on OS X

Repeated here in case his blog goes away – but all credit to him…

Go into Keychain Access and delete the old com.apple.net.raccoon password/shared secret if you have one.

Get a new SHARED-SECRET-PHRASE, Steve Gibson Research has an excellent random string generator at: Perfect Passwords

Insert your 64 byte random hex string into Keepass or some other password authentication vault.

Create a new Shared Secret keychain:

sudo security add-generic-password -a com.apple.ppp.l2tp -s com.apple.net.racoon -T /usr/sbin/racoon -p "SHARED-SECRET-PHRASE" /Library/Keychains/System.keychain
sudo launchctl unload -w /Library/LaunchDaemons/com.apple.ppp.l2tp.plist

Expand the Zip file from Jon’s site.

vi com.apple.RemoteAccessServers.plist com.apple.ppp.l2tp.plist
sudo cp ./com.apple.RemoteAccessServers.plist /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist
sudo cp ./com.apple.ppp.l2tp.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist
sudo chown root:wheel /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist
sudo chmod 644 /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist
sudo launchctl load -w /Library/LaunchDaemons/com.apple.ppp.l2tp.plist 

Put the new shared secret into your iPhone, iPad, and Laptops – and make sure your router forwards VPN traffic to the new server.

I am embarrassed to admit I had this working fine on both Leopard and Snow Leopard, but could not upgrade to Lion, Mountain Lion nor Mavericks the host serving L2TP VPN until now… so I had a Snow Leopard Mac Mini just for this… now it can be Mavericks (or Lion or whatever). Happy dance.

Computer Literacy Bookstore turned Indian Restaurant

I attended Sun Microsystem’s DC area reveal of the brand new Java and dancing Duke mascot at a Computer Literacy bookstore in the late 1990s… I just had lunch in the same spot which is now an Indian restaurant called Bombay Tandoor. Memories are funny things, I could actually still see (in my imagination) the book shelves and tech geeks listening as Sun’s representatives tried to answer security questions about the alleged sandbox around Java executed in a browser, these memory images were superimposed over the modern space with tables, and diners, and Indian buffet.

Hacking AppleTV for easier text entry

I just updated all my 2nd generation AppleTV’s and to save the current firmware blobs and then re-applied the Seas0nPass jail-break for v5.3 to install XBMC again. Each time I do this (roughly each time Apple offers new AppleTV software) I have to re-enter my AppleID and password through the painfully cumbersome TV remote and on-screen keyboard. Once I have iTunes Home sharing enabled (which requires that first AppleID login) I can used the Remote app on my iPad or iPhone to do text entry much faster, so Yahoo, Netflix, HBOGO, and Hulu passwords are much easier to type in, but that first one is a real pain.

Has anyone figured out how to set the iTunes/AppleID account from the command line on a freshly jail-broken AppleTV? I’d love to set that first account, heck all of them, from the command line or even file transfers… If I could back the key files up before the whole iTunes update/restore, then Seas0nPass jail-break process and simply restore after… that would save the painful on screen keyboard text entry portion.

The specific goal: configure Settings/iTunes Store account and password via ssh command line prompt on an AppleTV, or backup them up and restore them via scp commands.

Bonus: configure Netflix, Hulu, YouTube, and HBOGO accounts via ssh or scp…

Typhoon Approaching Okinawa and Kyushu

In the summer of 1987 I was temporarily assigned to Kadena AB, Okinawa from my duty station at Misawa AB, Japan. During that summer a major typhoon hit the island of Okinawa. I will never forget the fury that nature can hurl at a city in the form of a typhoon. The service men and women were locked into dormitory style barracks with lots of food and drink; the planes all flew away to safety elsewhere; those of us off base or in contract quarters had more liberty to move around, but were warned very strictly to take shelter and we did – coming out only during a lull in the storm. The hotel we stayed at lost power, and the owner negotiated with the building across the street to run a long heavy-duty power cable across the street to get some power to the lobby (mostly for the fridge and some fans). The damage was awe-inspiring to review in the days that followed and the people of Kadena and Okinawa recovered and rebuilt. The news that Okinawa is in the path of a much larger storm is sad; and I hope the wonderful people there weather this coming monster storm as well as they did the one I witnessed first hand.

Selenium browser automation makes testing websites easy

Selenium is a Firefox plug-in that lets you record your web activity and save those actions as a script that you can then play back over and over again measuring and timing the results. It is very useful for testing web sites.

Simply install the plugin, start the Selenium IDE (Tools/Selenium), point Firefox at the website you want to test; then press the record button, click through the site as you expect your users to do, then stop recording. You have a Test Case. You can put several Test Cases into a Test Suite. Very handy for making any repetitive web work easy and fast.

Sublime Text 2

Every now and then you run into a new solution or tool that revolutionizes the same work you have been doing for ages. As a UNIX and Linux Systems Administrator I edit a lot of text files, and vim has been my text editor of choice for decades. Well, I still use vim habitually, but there are situations where I am discovering some huge advantages to Sublime Text 2 (available for Mac, Linux and Windows). Sublime keyboarding is new enough to me that I am faster in vim, but Sublime lets me open multiple files in a SID or Norton Commander style file browser and really get organized, and cutting and pasting blocks of text between open files and tabs is delightfully easy.

It has been a real game changer, and I have stopped using MacVim (vim with Mac GUI stuff) entirely, though I still fall back to text only vim for complex regular expression activity. Another bonus is that I finally have a free and easy to use yet powerful text editor for the rare time I get on Windows or Windows Server, and the interface is the same regardless of platform – so Sublime tricks can be shared with Windows or Linux based co-workers.

Highly recommended: Sublime Text

I have created a symbolic link (aka: alias) on my Mac:
/usr/local/bin/sublime -> /Applications/Sublime Text 2.app/Contents/SharedSupport/bin/subl

That allows me to run “sublime .” on the command line and use the amazing file browser to edit several files in the current directory.

Update: I should be clear, Sublime is free to download and try, but it licenses per user at $70, which is an awesome deal to me for something I can use across machines and architectures.

Max OS X Keyboard Tips

Mac OS X Keyboard Tricks:

Use the Command (⌘) key (aka: splat or apple key) like you would a Control key in Windows (⌘c copies, ⌘v pastes, ⌘ Tab to switch between running apps, ⌘~ to switch between App WIndows inside one App)
⌘ Space brings up Spotlight Search with actually works wonderfully, Command-Space-Mai-Return starts the first program that begins with Mai (Mail) – fast task start without leaving keyboard
Control-Shift-Power or Control-Shift-Eject will lock the screen the way Windows-L does on a PC
Four fingers slid from left to right or the other way will swipe between virtual desktops, four finger swipe up will allow you to add more desktops (drag any app window to the top right to create new).
Two finger tap is like a right mouse click (though you can change this if you like)

Clustered SSH can be very useful to sysadmins

This is not new, but it is surprising how stuck we all can get in old habits, and we can miss out on some real time-savers.

One such time-saver for systems administrators or anyone who must frequently run the same commands on several hosts is clustered ssh, some scripts for your desktop/laptop that allow you to open several command line windows into different servers and run the same commands against them all at once.

On my Mac laptop I run bin/csshX host1 host1 host3 user@fqdn4 and Terminal opens up with five windows, one for each server and an additional, colored red, for driving the others. Anything I type into the red window gets run on all the others simultaneously. On a multi-display system, I use bin/csshX -screen 2 host1 host1 where 2 is the number of the screen so the windows don’t show up “hidden.”

Resetting iPod Classic

I keep forgetting how to recover my preferences on my iPod classic after I rarely have to reset it, so I decided to capture them here in hopes it helps me (and others) recover after a reset.

By the way, a reset is to toggle the hold slider on and then off, then press and hold both the Pause/Play button and the Menu button for 6-8 seconds. This reboots/resets your iPod classic.

First things I will try to do after a reset from now on is:
* Settings/Shuffle Off (I like to play several episodes of a podcast in a row)
* Settings/Repeat Off
* Settings/Clicker Off
* Music/Playlists/Select a Playlist/Play
** Press the Center Button Three Times to select Shuffle Mode, I like Songs

That last sets each Playlist you select to Shuffle by Song mode, be careful not to do that with Playlists that are audiobook chapters.

Tricks for surviving the cold

* Stay inside, or at least out of the wind, and layers of clothing
* Open cabinet/cupboard doors under those sinks against exterior walls so warm air gets in and keeps pipes from freezing
* a heating pad can fix a frozen pipe given enough time
* turn on gas fireplaces while there is power to reduce load on electric heat, and so they are already on if power goes out
* did I mention layers of clothing? Seriously – several long-sleeved t-shirts is better than one “polar” fleece, and tights under jeans or long johns under jeans, and two pairs of socks, etc, etc
* plan outside time before going out – take a moment to imagine each step from the door to the car, or car to the office, etc – BEFORE stepping out
* Office Space on DVD never gets old – neither does Princess Bride