vncdotool 0.3.0 released

Posted by marcs on December 22, 2012 0 comments

vncdotool is a command line VNC client. It an easy way automate interactions with virtual machines, KVMs, GUIs or other hardware devices. This release contains a couple new features and various compatibility and bug fixes.

The major feature is the ability to record and playback captured VNC sessions. This differs from other VNC recorders as it records a users’ actions allowing them to be replayed against other servers, other tools create a movie for playback. To capture a session, start vncdotool in one of three record modes, connect to it using a standard VNC GUI client, do some work on the remote computer and then disconnect. Then use vncdo to repeat your session against any VNC server. Along, with this change the command line was changed in a backwards incompatible way, namely -d has been replaced by -s host:display|host::port and vncdotool should be called as vncdo.

Overall compatibility with VNC servers has improved thanks to bug reports and debugging from Jerry Kwan, Matias Suarez and Anthony DeRosa.

Full changes can be seen at https://github.com/sibson/vncdotool/blob/0.3.0/HISTORY.txt

Documentation for all features can be found at pypi.
Bugs can be filed at Github.
Debian packages are available at Launchpad PPA

HOWTO: Juniper Networks VPN 64bit 12.04 LTS with Host Checker

Posted by marcs on October 10, 2012 0 comments

The Juniper VPN only officially supports Redhat and can be difficult to get working on Ubuntu. There are a number of great articles that cover how to work around it. Unfortunatly, none of them address using the Host Checker. This post will outline a setup that works with the Host checker while also reducing the time spent logging in and creating a VPN connection.

Got Java?

First off, you’ll need Java. You’ll either need to use OpenJDK xor Sun Java, depending on which version of Ubuntu you are running. With either method you can point Firefox to Java Plugin Test to verify Java is working.

12.04 LTS Precise

With Precise and newer Juniper VPN the OpenJDK and icedtea works fine

sudo apt-get install icedtea6-plugin default-jdk

Older Versions

For other older versions Ubuntu or Juniper VPN you will need the sun-java packages, don’t install both OpenJDK and Sun Java. Due to licensing changes Sun Java is longer available in the Ubuntu repositories, so you will need to add them from elsewhere.

sudo add-apt-repository ppa:sun-java-community-team/sun-java6

Then edit /etc/apt/sources.list.d/sun-java-community-team-sun-java6-oneiric.list to point at maverick rather than your actual distribution. This allows you to pickup the older packages that are still available and works for oneric and hopefully natty. Now you can install with

sudo apt-get update
sudo apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts sun-java6-jdk

Host Checker

You should now be able to go to https://yourvpn.example.com and log in. If you get a you are not authorized error then you need to setup Host Checker. Depending on you IT department they may want root access to your machine in order to create some files that Host Checker will use to verify your system. Unless you can shout them down you’ll have to let them take the machine away and do their black magic. Once they return your machine and you can successfully login you can unravel their secrets by grok the ~/.juniper_network/dsHostChecker_linux.log file to figure out which files they created.
In future you can just copy these files onto a new machine rather than having to contact support again. Be sure to make a backup of them and their locations.

VPN Tool

After logging in you should have a start Network Connect button, click it and it will create a xterm asking for either the root or sudo password, just close the window, as it has already downloaded the jar files you need. For the next step you will need some build tools. You can install them with

sudo apt-get install python-dev build-essential gcc-multilib lib32z-dev

Then you will extract files from ncLinuxAll.jar which should be in ~/.juniper_networks/network_connect/. Some versions leave it in ~/.juniper_networks so you may need to create the network_connect directory and copy the jar file into it.


cd ~/.juniper_networks/network_connect
jar xf ~/.juniper_networks/ncLinuxApp.jar

Next up, create an executable you can run from the command line, it also means you don’t have an extra window hanging around your desktop.


gcc -m32 -Wl,-rpath,`pwd` -o ncui libncui.so

Now fix the ownership and permissions on various files, so they can mess with resolv.conf. If they can’t access /etc/resolv.conf they don’t work, so if it doesn’t exist you will need to create it.


sudo chown root:root ncsvc ncui
sudo chmod 06711 ncsvc
sudo chmod 4775 ncui
sudo touch /etc/resolv.conf

Finally, get your VPN systems’ SSL certificate

echo | openssl s_client -connect router.evertz.com:443 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -outform der > ssl.crt

At this point you have everything you need to connect to the VPN but we’re going to add a little extra gravy to make it easier to use.

Usability Tweaks

Create a new Toolbar bookmark in Firefox and set the location to javascript:alert(document.cookie). I usually name it DSID but don’t let that limit your imagination. You can also assign a keyword to allow launch from the location bar. Now add the following snippet to your .bashrc and source it or launch a new terminal.


vpn()
{
HOST=router.evertz.com
CERT=~/.juniper_networks/network_connect/ssl.crt
DSID=$1
~/.juniper_networks/network_connect/ncui -h $HOST -f $CERT -p "" -c DSID=$DSID
}

With all that in place to create a VPN connection you

  1. Log in to http://yourvpn.example.com
  2. Click the DSID bookmark
  3. Copy the number following DSID=
  4. Run “vpn DSID”, by pasting the DSID

References

A huge thanks to Paul D. Smith for providing the initial setup instructions,mad-scientist.net, and support on the Ubuntu Forums. Juniper is finally starting to support Ubuntu but without his work we would have been without hope. If you don’t have Host Checker, you should try using his script. It makes things even easier.

Scott at makefile.com deserves a lot of credit for teasing the ncui command out for the jar files shipped by Juniper.

Finally, Joseph Henrich already pulled together much of this information in a post at ctctlabs. Hopefully, I’ve just filled in a few blanks for Host Checker.

Now you can get back to work.

vncdotool 0.2.0 released

Posted by marcs on August 7, 2012 0 comments

vncdotool is a command line VNC client. A handy way to automate interactions with virtual machines or hardware devices. This release contains various bugfixes and 4 new commands.

1) pause, wait before sending the next command, sometimes you just can’t avoid sleeping
2) mouseup and mousedown, allow you to press and hold the mouse button
3) drag, move the mouse to a new coordinate by steps rather than jumping to the final destination

More information can be found at pypi. Bugs can be filed at Github.

Quick and Dirty Package Backports

Posted by marcs on April 25, 2012 0 comments

Need a newer version of a Debian/Ubuntu/Mint package than what is available in the repositories for your distribution? It always happens that production machines are stuck on old versions but you need some great new feature only available in newer distributions packages. Frustration level high, but there is good news because you can backport the package.

If you are lucky then an official backport will already be available at http://packages.ubuntu.com/distro-backports or http://backports.debian.org. If not then its time to start hunting through https://launchpad.net/ubuntu/+ppas. The quality of PPAs varies greatly, so use some judgement before installing software from unknown sources. If your still rolling snake eyes, then you can search for a newer version on http://packages.ubuntu.org/packagename or http://packages.debian.org/packagename. If you still haven’t found a newer version then you’ll need to update the package, which is a whole other beast and not covered here, sorry.

After you have found a source package, you are ready to rebuild it for your distribution. You could setup a PPA, use prevu or some other method but you’re looking for a quick fix and don’t want to deal with getting them configured. For this method all you need is a machine running the target distribution, preferably not the production machine. A freshly minted VM would be perfect.

Once you have your machine you will need to install the build tools

sudo apt-get install build-essential devscripts

You will also need to grab the source package files which consist of package.dsc, package-orig.tar.gz, package-diff.tar.gz and perhaps a patches.tar.gz. Now you can run the following commands to extract and build the backport

dpkg-source -x package.dsc
cd package-version
dch -l mybp1 -D lucid "backport 1 of package for lucid"
dpkg-buildpackage -uc -b

The dch command will update the Debian changelog and thus the built deb will have mybp1 contained in its version identification. Once the package is built you can copy it to your machine and install it. If the new package needs updated dependencies you will need to repeat the above steps for each of them.

vncdotool 0.1.0

Posted by marcs on March 5, 2011 0 comments

vncdotool is a command line VNC client. It comes in handy when automating interactions with virtual machines or some hardware devices that are otherwise difficult to control.

More information can be found at pypi or github.