BeagleBone Black with Edimax USB Wi-Fi on Ubuntu 14.04


Edimax Wi-Fi DongleI had some of these Edimax wi-fi dongles sitting around from various bundle kits that I use on Raspberry Pi’s, and wanted to use on the BeagleBone Black (BBB). With Ubuntu as the distro of choice for my project, I noticed that the adapter would be recognized and used, but the wi-fi connect would drop after after a short period of time. Read more ›

Tagged with: , , ,

Nest Home Automation Checks for Check_MK


Current Version: 0.91

The Nest Home Automation Check for Check_MK provides checks for the Nest Thermostat. This is fully integrated with the Wato interface and makes use of direct API calls to viathe  Nest Web site.

Nest Home Automation Checks in Use

The checks supported include:

  1. Thermostat – Online status; software version; leaf status
  2. Temperature – Monitor and alert on high and low temperatures, selectable Celsius or Fahrenheit scale
  3. Humidity – Reported relative humidity by the thermostat sensor

Read more ›

Tagged with: , , ,

Installing OpenOTP on CentOS 6.x

Recently, while working with a customer, there was the need to install a multi-factor authentication system for PCI-DSS compliance (8.3 in DSS 2.0 and 8.3a in DSS 3.0). The customer liked WiKID and had used it internally for a number of years. So after some grumbling from our service delivery due to the complexity of the WiKiD install, I researched other multi-factor solutions.

Besides security compliance, any use case where the disclosure of credentials could have a financial, operational, or even personal impact can be a good case for MFA. This could be protecting an online banking site (financial), API or account that provisions cloud resources (operational and financial), or your World of Warcraft account (personal). Companies have created methods for implementing two-factor authentication to address these risks, so we want to create a similar service that can be used for internal and federated services.

Enter OpenOTP from RCDevs. It offers a comprehensive one-time password solution that supports mobile devices, hardware tokens, software tokens, and alternate methods (SMS, Yubikeys, etc.). In other words, pretty damn comprehensive and free for up to 35 users. It’s also a great solution for testing different uses of MFA. Read more ›

Tagged with:

DNS Lookup Command dig under Cygwin

By default, the dig command, used for DNS lookups and troubleshooting, is not installed with the standard cygwin installation. It is part of the bind-utils though, and is easily added.

  1. First download the cygwin installer for 32 or 64 bit, depending upon your local installation
  2. Run the installer and walk through the locations and mirrors to use
  3. At the Select Packages page, enter bind-utils in the search field


  1. Expand the selection and select the checkbox for “binary?”
  2. Select Next and allow it to install

At this point the bind-utils tools, including dig, will be installed. You can launch a command prompt or shell to verify, like below:


After that, have at it.

Edit: Corrected bind-util to bind-utils

Tagged with: , ,

Stupid Samsung BIOS and Boot from USB

Helping out a relative to install Windows 8. Couldn’t for the life of me figure out the Phoenix SecureCore BIOS to get a USB flash drive to be detected. Had to upgrade the BIOS first, then disable the “Fast BIOS Mode”. At that point the Windows 8 media was viewable.

Kudos to this post for the details. Linux users always come through 🙂

Tagged with: , ,

Archiving Gmail to Evernote

There is a lot of talk recently about cloud services and the data they keep. Personally, after starting to use Dropbox years ago over a home-grown Unison install, I’m a big proponent of cloud services. They provide the functionality I need without my need to keep systems and applications running.

Over the past few years I have migrated from a combination of colocation and home network of my own services to using Google Apps for mail; Dropbox and Skydrive for synced storage; Evernote for synced notes and data; Amazon AWS for DNS; Internap for CDN; and vCloud resources. The last because having access to server resources is always a good thing. Okay, you take services from the servers to the cloud, but you can’t the sysadmin from wanting servers.

To keep control over data, and in the event that one service is not available, I like to “spread the wealth” concerning where my data is stored. Although I pay for Google Apps, I would hate to not have access for a significant period of time while Google sorts out an issue. So, I wanted an archive of Gmail, “just in case.”

Read more ›

Tagged with: , ,

Adding Cisco Webex Connect to OS X iChat or Messages

It’s been a while since I’ve added any content. The good news is since I’m at a new employer, Internap, the ability to post is back!

While working at Verizon, I was limited to the productivity tools they provided, namely a bog standard HP laptop and Windows 7 without administrator access. What was interesting was the instant messaging (IM) applications is use. Both Microsoft Office Communicator and IBM Sametime were the IM systems of choice. Of course, 50% of the people I needed to communicate with were on one or the other, so I had to have both open.

Fast forward to Internap. Here BYOD is alive and well. So using my Macbook Pro and Mountain Lion is game on. This way I communicate with my coworkers and personal contacts, all in one location.

Read more ›

Tagged with: ,

Cisco NAC and Slow Windows Startup in Domains

The Problem

A client makes extensive use of the The Cisco Network Access Control (NAC), a.k.a. Clean Access solution for their wi-fi enabled laptops. These systems are Active Directory domain members and prior to an AD upgrade, would boot and have a user logged in within 2-3 minutes.

After the domain controllers were upgrades to Windows 2008 R2, the bootup process went from 2-3 minutes to 10-20 minutes, with the delays showing up on the “applying computer settings” and “applying user settings” notices (Windows XP clients). Event logs would show errors indicating DNS resolution had failed and similar things.

Read more ›

The Cost of SSL – Selecting Affordable Certificates

SSL server certificates are mandatory for finance, e-commerce, and any site that wishes to protect data in transit. Tied to a fully qualified domain name, they also provide a level of non-repudiation. SSL in its more modern incarnation, transport layer security (TLS), is a very effective layer of security.

A quick Google search for “web server certificate” or “ssl certificate” returns companies that sell basic level certificates from USD$50 (GoDaddy) to USD$700 (rest of prices in the article are in USD)  for a standard single domain and single server two year certificate. Granted, these are retail prices, but most systems engineers or security staff only deal with obtaining these certificates once every couple of years.

Read more ›

StartSSL (StartCom) Certificates on the Citrix NetScaler

For a very low cost, it’s easy to use StartSSL (Startcom) certificates on the Citrix NetScaler product line. This is includes the free NetScaler VPX Express edition. A lot of problems I see with others configuring the NetScaler is related to either self-signed certificates or the use of intermediate (e.g., chained) certificates.

Using a Startcom certificate allows for a trusted CA (no certificate errors) and the NetScaler makes it easy to configure intermediate certificates. We’ll go through the entire process of creating a certificate usable on the NetScaler. The process is also the same for any chained certificate.

Read more ›

Tagged with: , , ,