Category Archives: Hardware

sudo with Touch ID on macOS

Apple Touch ID with sudo in macOS

If you like to integrate Touch ID in sudo, you can do this easily in macOS and use the fingerprint.

Integration in sudo

Just edit the /private/etc/pam.d/sudo file and put a line inside.

sudo -e /private/etc/pam.d/sudo

Put the following information inside:

auth       sufficient     pam_tid.so

The file should look like:

# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Testing

To test the integration, just echo with sudo.

sudo echo "test"
sudo with Touch ID
sudo with Touch ID

Macbook delete fingerprint information

Apple fingerprint information clear

If you want to return, repair or sell your Apple device. Then you should make sure that all data is deleted. This way the fingerprint information should also be deleted.

Clear Touch Bar information

To delete the fingerprint information, the Apple device must be set to Recorvery mode and open the Terminal.

  1. Restart
  2. Hold down Command-R
  3. Utilities -> Terminal
xartutil –erase-all

You get the question if you are sure, you have to confirm this with “yes” and press Return.

Checking

After rebooting, you can easily check the settings to see if it worked.

no fingerprint

Raspberry Pi ntp server gps

raspberry pi ntp server gps

RASPBERRY PI NTP SERVER GPS
RASPBERRY PI NTP SERVER GPS

You need:

stty -F /dev/ttyAMA0 raw 9600 cs8 clocal -cstopb

test gps

cat /dev/ttyAMA0

gpsmon

gpsmon
gpsmon

(eg, remove console=ttyAMA0,115200 and if there, kgdboc=ttyAMA0,115200) /boot/cmdline.txt

dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait

Install ntp package

apt-get install ntp gpsd

/etc/default/gpsd

# Default settings for the gpsd init script and the hotplug wrapper.

# Start the gpsd daemon automatically at boot time
START_DAEMON="true"

# Use USB hotplugging to add new USB devices automatically to the daemon
USBAUTO="false"

# Devices gpsd should collect to at boot time.
# They need to be read/writeable, either by user gpsd or the group dialout.
DEVICES="/dev/ttyAMA0"

# Other options you want to pass to gpsd
GPSD_OPTIONS="-b -n"

/lib/systemd/system/gpsd.service

#ExecStart=/usr/sbin/gpsd -N $GPSD_OPTIONS $DEVICES
ExecStart=/usr/sbin/gpsd -N -b -n /dev/ttyAMA0

/usr/local/bin/leap-seconds.sh

#!/bin/sh
cd /etc/ntp
wget https://www.ietf.org/timezones/data/leap-seconds.list &> /dev/null
service ntp restart &> /dev/null

/etc/cron.d/ntp

0 0 31 6,12 * root /usr/local/bin/leap-seconds.sh
mkdir /etc/ntp

download the leap-seconds.list the first time

/usr/local/bin/leap-seconds.sh

/etc/ntp.conf

driftfile /var/lib/ntp/ntp.drift
leapfile /etc/ntp/leap-seconds.list

# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# pool
server 0.ch.pool.ntp.org iburst
server 1.ch.pool.ntp.org iburst
server 2.ch.pool.ntp.org iburst
server 3.ch.pool.ntp.org iburst


# HW GPS
server 127.127.28.0 iburst
fudge 127.127.28.0 flag1 1 flag2 0 time2 0.600 refid GPS

# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page 
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict 172.23.0.0 mask 255.255.0.0 notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

Tricks:

query and synchronize against a pool

ntpdate -q 0.ch.pool.ntp.org 1.ch.pool.ntp.org

/etc/udev/rules.d/99-com.rules
KERNEL==”ttyAMA0″, SYMLINK+=”gps0″
KERNEL==”pps0″, SYMLINK+=”gpspps0″

The NTP status codes that ntpq is showing you are on this list, yours is showing an “*” which means you aren’t using the PPS, just the serial output of the GPS chip. You might want to look into that as the PPS is probably going to give you better time accuracy.

o = pps peer
* = sys peer
# = too distant
+ = selected
x = false ticker
– = discarded

[![MIT license](http://img.shields.io/badge/license-MIT-brightgreen.svg)](http://opensource.org/licenses/MIT)

HP iLO Reset via SSH

HP iLO Reset via SSH

iLO
iLO

Login with ssh to iLO IP.

cd /map1
reset

ssh adminuser@172.23.23.23
The authenticity of host '172.23.23.23 (172.23.23.23)' can't be established.
RSA key fingerprint is 8d:cb:23:ab:7a:ea:97:d2:23:6e:1a:1a:08:77:18:39.
+---[RSA 1024]----+
|                 |
|   .             |
|  E              |
|   +     o       |
|. o .   S .      |
| o o   o +       |
|  . ....+        |
|    .o*oo        |
|   .=*o*.        |
+-----------------+
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.23.23.23' (RSA) to the list of known hosts.
adminuser@172.23.23.23's password: 
User:tech logged-in to ILOCZ2323E3HD.(172.23.23.23 / FE80::2358:D0FF:FE3C:23EC)
iLO 4 Advanced 2.02 at  Sep 05 2014
Server Name: servername
Server Power: Off

Based on customer feedback, we will be enhancing the SSH command line
interface in a future release of the iLO 4 firmware.  Our future CLI will
focus on increased usability and improved functionality.  This message is
to provide advance notice of the coming change.  Please see the iLO 4 
Release Notes on www.hp.com/go/iLO for additional information.

hpiLO-> cd /map1

status=0
status_tag=COMMAND COMPLETED
Thu Oct 15 06:11:49 2015

/map1

hpiLO-> reset

status=0
status_tag=COMMAND COMPLETED
Thu Oct 15 06:11:53 2015

Resetting iLO.


CLI session stopped
Received disconnect from 172.23.23.23: 11:  Client Disconnect

Raspberry Pi – reading system values

Raspberry Pi – reading system values

Raspberry Pi
Raspberry Pi

To read the system values and status, you can use the tool vcgencmd.

To list the version

vcgencmd version

Oct 11 2015 16:16:21 
Copyright (c) 2012 Broadcom
version cdea693c2a4280e4855643dc7840392d915f19b8 (clean) (release)

To list all parameters

vcgencmd commands

commands="vcos, ap_output_control, ap_output_post_processing, vchi_test_init, vchi_test_exit, pm_set_policy, pm_get_status, pm_show_stats, pm_start_logging, pm_stop_logging, version, commands, set_vll_dir, led_control, set_backlight, set_logging, get_lcd_info, set_bus_arbiter_mode, cache_flush, otp_dump, test_result, codec_enabled, get_camera, get_mem, measure_clock, measure_volts, scaling_kernel, scaling_sharpness, get_hvs_asserts, measure_temp, get_config, hdmi_ntsc_freqs, hdmi_adjust_clock, hdmi_status_show, hvs_update_fields, pwm_speedup, force_audio, hdmi_stream_channels, hdmi_channel_map, display_power, read_ring_osc, memtest, dispmanx_list, get_rsts, schmoo, render_bar, disk_notify, inuse_notify, sus_suspend, sus_status, sus_is_enabled, sus_stop_test_thread, egl_platform_switch, mem_validate, mem_oom, mem_reloc_stats, file, vctest_memmap, vctest_start, vctest_stop, vctest_set, vctest_get"

To get the running config

vcgencmd get_config int

arm_freq=900
config_hdmi_boost=5
disable_commandline_tags=2
disable_l2cache=1
emmc_pll_core=1
force_eeprom_read=1
force_pwm_open=1
framebuffer_ignore_alpha=1
framebuffer_swap=1
hdmi_force_cec_address=65535
over_voltage_avs=0x1b774
pause_burst_frames=1
program_serial_random=1
sdram_freq=450
temp_limit=85

To get the memory for the system

vcgencmd get_mem arm

arm=944M

To get the memory for the gpu

vcgencmd get_mem gpu

gpu=64M

List processor temperature

vcgencmd measure_temp

temp=34.7'C

To get the volt

vcgencmd measure_volts

volt=1.2000V

To get the cpu clock in Hz

vcgencmd measure_clock arm

frequency(45)=600000000

HP Proliant PXE boot multible NICs

HP Proliant PXE boot multible NICs. If you have a server with more than one NIC and you like to boot not only from the first interface. Then you must turn this on in the Bios and in the NIC firmware.

Press F9 during POST to get into the system BIOS menu (ROM-Based Setup Utility).

XrKyJ

Follow the menus from System Options > Embedded NICs > NIC X Boot Options.
Select the NIC you wish to boot from and flip the Network Boot flag.

xwlFJ

Now you must enable PXE Boot also in the interface firmware. Wait for the message and press strg + s.

Screenshot - 01282015 - 04:07:20 PM

Now you are in the firmware setting menu. Enable PXE on the interface you like.

Screenshot - 01282015 - 04:18:02 PM