Freeradius had good docs and examples. The Raritan KVMs did the basics well: IP address, shared secret via the web gui. Then create a Group with the perms for your users. The secret ingredient was adding the users group to radius. I did it in sites-available/default adding: update reply {&Filter-Id = "Raritan:G{Techs}"} in the post-auth section. Your needs/usage will vary. #freeradius #raritan

Crude. First Python "App" Ever. Works.
Controls an Asus DUO (loving this Laptop).

 #!/usr/bin/env python3
 import subprocess
 import tkinter as tk
 from tkinter import ttk
 # main window
 root = tk.Tk()
 
 def trackpadon():
     print('Trackpad ON')
     subprocess.run(["xinput","-enable","ASUS Zenbook Duo Keyboard Touchpad"]) 
     subprocess.run(["xinput","-enable","Primax Electronics Ltd. ASUS Zenbook Duo Keyboard Touchpad"])
 
 def trackpadoff():
     print('Trackpad OFF')
     subprocess.run(["xinput","-disable","ASUS Zenbook Duo Keyboard Touchpad"]) 
     subprocess.run(["xinput","-disable","Primax Electronics Ltd. ASUS Zenbook Duo Keyboard Touchpad"])
 
 def screenone():
     print('SCREEN ONE')
     subprocess.run(["xrandr","--output","eDP-1","--auto"])
     subprocess.run(["xrandr","--output", "eDP-2","--off"])
     subprocess.run(["xrandr","--output", "HDMI-1","--off"])
 
 def screentwo():
     print('SCREEN TWO')
     subprocess.run(["xrandr","--output","eDP-2","--auto", "--below", "eDP-1"])
 
 def screenthree():
     print('SCREEN THREE')
     subprocess.run(["xrandr","--output","eDP-1","--auto"])
     subprocess.run(["xrandr","--output","eDP-2","--auto", "--below", "eDP-1"])
     subprocess.run(["xrandr","--output","HDMI-1","--auto", "--above", "eDP-1"])
 
 def screenhdmionly():
     print('HDMI ONly')
     subprocess.run(["xrandr","--output", "eDP-2","--off"])
     subprocess.run(["xrandr","--output", "eDP-1","--off"])
     subprocess.run(["xrandr","--output","HDMI-1","--auto"])
 
 def screenhdmione():
     print('HDMI and Top One')
     subprocess.run(["xrandr","--output", "eDP-2","--off"])
     subprocess.run(["xrandr","--output", "eDP-1","--auto"])
     subprocess.run(["xrandr","--output","HDMI-1","--auto"])
 
 root.geometry('300x500')
 root.resizable(False, False)
 root.title('ASUS Doer')
 
 # exit button
 screen_trackpadon = ttk.Button(
     root,
     text='Trackpad ON',
     command=lambda: trackpadon()
 )
 screen_trackpadoff = ttk.Button(
     root,
     text='Trackpad OFF',
     command=lambda: trackpadoff()
 )
 
 screen_one = ttk.Button(
     root,
     text='ONE screens',
     command=lambda: screenone()
 )
 
 screen_two = ttk.Button(
     root,
     text='TWO screens',
     command=lambda: screentwo()
 )
 
 screen_three = ttk.Button(
     root,
     text='THREE screens',
     command=lambda: screenthree()
 )
 
 screen_hdmionly = ttk.Button(
     root,
     text='HDMI Only',
     command=lambda: screenhdmionly()
 )
 
 screen_hdmione = ttk.Button(
     root,
     text='HDMI and One',
     command=lambda: screenhdmione()
 )
 
 
 # exit button
 exit_button = ttk.Button(
     root,
     text='Exit',
     command=lambda: root.quit()
 )
 
 screen_trackpadon.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 screen_trackpadoff.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 screen_one.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 screen_two.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 screen_three.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 
 screen_hdmione.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 
 screen_hdmionly.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 
 exit_button.pack(
     ipadx=5,
     ipady=5,
     expand=True
 )
 root.mainloop()
 
 

Went nuts trying to get Windows 11 to launch a TightVNC viewer session from a link like vnc://127.0.0.1:5900 Ended up creating a "helper" that makes a file that downloads so you can tell the browsers (Edge/Firefox and Chrome) to "Always open files of this type" which launches TightVNC. It works, but wish I could just add VNC to the "Applications" part of the browser easily. https://geeklabs.com/app.php/blog/5756 #tightvnc #win11

Need to make a Window 11 system understand how to launch VNC for a url like: vnc://[ip]:[port] URL? Pass it to this like: https://geeklabs.com/vnc.php?url=vnc://127.0.0.1:5900

TightVNC from: https://www.tightvnc.com/ is a bit cruder that RemoteRipple. you trigger it to launch from the system with IP address and port as displayed in a web UI.

“VNC Helper” creats a config file that TightVNC can use. Your web browser should ask you if you want to open or download the file when you click that button. Click Open with TightVNC or any other VNC Viewer that will work with that simple file format. Suggested to check the box for “Always open files of this type”.

MS-Edge browser and Chrome: open the download file list and choose to open the file created and downloaded. While viewing that download list: right click on the file that downloaded and choose: “Always open Files of this type” and it will autoload / start TightVNC or other properly associated VNC viewer when you click that button and it downloads.

 
 <?php
 // Minimal VNC url to .vnc parser example
 // Please add your own input detainting and other sanity checks. 
   $url = $_REQUEST['url'] ; 
   $parts = preg_split("/\:/", $url); 
 if($parts[0] == 'vnc') {    
     $ip = $parts[1] ; 
     $port = $parts[2] ; 
     $strip = array('/\//');
     $ip = preg_replace($strip, '', $ip);
 }  else { 
     print "needs: ?url=vnc://ip:port" ; die ;   
 } ; 
 if($port> 1000 or empty($port)) { 
   $port = "5900" ; 
 } ; 
 if(!empty($ip)) {    
     $file = "[connection]\nhost=$ip\nport=$port\n" ; 
     if (strlen($file) < 100 ) { die ; } ; //minimal sanity/safety check
     $ctype = "application/vnc";
     $filename = "$ip.$port.vnc" ; 
     header("Pragma: public");
     header("Expires: 0");
     header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
     header("Cache-Control: private", false);
     header("Content-Type: $ctype");
     header("Content-Disposition: attachment; filename=\"" . $filename . "\";");
     header("Content-Transfer-Encoding: binary");
     header("Content-Length: " . strlen($file));
     print "$file\n" ; 
     exit;
 } ; 
 
 
  

Doing some security audit paperwork with a client. It's not all bad, makes me question things and verify that we are doing what we say we are doing. I don't fluff or sugar coat much. Answering questions in a spreadsheet, stuffing lots of text into table cells, drives me nuts. WTF?!? The urge to create a buzzword and acronym spewing "CyberSecurity" company named "Magic Snake Oil" is strong. #cybersecurity

Needed a little desktop thing, which may be sharable later. Started for Perl and WX Widgets.. Seems that world is fallow. Hadn't played with Python in a long time, it's time to re-explore. Python and tkinter looks like it will work. Need to add some regex (re). And off we go. I miss semicolons already. #python

Created some JavaScript today that I didn't hate (much), Had my thinking about what "languages" I used: just today. JavaScript, PHP, SQL (Mariadb), CSS, HTML, and edited a Bash/Shell script. Light day. No C, Expect scripts, Asterisk configs, Perl....

The people I do work for learn how much of what makes their systems work come from entities like LetsEncrypt.org and to support them. Two of my projects just made largish donations, and is still less than most commercial providers. Automatable wildcard certs via acme.sh and DNS validation also make the process easily repeatable. Those SSL/TLS certs also work for email, VoIP and VPN's, not just websites. Spread the love. #EFF #StartSSL #TLS

I make sure the people I do work for know how much of what makes their systems work come from entities like LetsEncrypt.org and that we need to support them. Two of my projects just made largish donations, and it's still less than most commercial providers would charge. Automatable wildcard certs via acme.sh and DNS validation also make the process easily repeatable. Those SSL/TLS certs also work for email, VoIP and VPN's, not just websites. If your commercial projects leverage LetsEncrypt certs, please spread a little extra love. #EFF #StartSSL #TLS

Poor audio and missing audio driver issues on my new laptop (Asus Duo), searched the net for the solution and found all kinds of convoluted ways to "fix/solve..". They didn't smell right. The Linux way: "apt search cirrus" oh, there it is: "firmware-cirrus". "apt install firmware-cirrus" then reboot. dmesg no longer gives a long list of missing driver firmware and the sound quality got better. Too many newbies givong bad advice. Loudly. #debian #asus

Over the past few years Thanksgiving has become a very personal holiday. We (Nancy and I) have much to be thankful and grateful for. Life is good. It's also a time to reflect on the things we need to work on, not just ourselves, but our community and society in general. And we do. Thankful for our place in life where we we can afford to tweak the status quo with position, time and money. Time for a bigger hammer?

New Asus Duo (Dual Screen). Nicest laptop I've evar had. Ran Win11 for a couple of hours. Installed Linux. The dual screens were kinda funky during install, stretched as one desktop. Put the keyboard on USB, deteched, all was good. Rebooted. Screens woreked right. Setup bluetooth for keyboard and a couple of xrandr scripts to manage screensin different orientations. Everything works, sound, wifi, etc.. #debian13 #asus

Wife brought home her churches office laptop because some websites would not connect. 2011-ish Lenovo T420 with 8b ram. It was still on Linux Mint 19. Made a quick backup. Fresh Linux Mint 22.2 Install. Fresh installs of the apps they use (Zoom, Chrome..) and set web browser default pages. That T420 is a tank and still snappy to use with a great keyboard. #linuxmint

Swapped out a critical mail deliver/relay server that was Debian 12 for Debian 13 this morning. Built fresh system, Installed Postfix and OpenDKIM. Copied Postfix and OpenDKIM configs and swapped IP's with the old one at the data center. All of the SPF and other records stay the same this way. Been watching logs and all is good. The "big guys" are accepting email. Thanks Debian for clean stable system installs and sane configs. #debian13

Can we just stay on "Standard" time? If you life/work revolves around Sunrise and Sunset: just adjust what time you do things. Like a sane person. --Now that I've sanity checked the important things (and they are all good) I'm going back to sleep. Will wake up sometime after dawn, or when the cats decide I need to. #time

Woke up with good coffee, a great groove (Thanks SomaFM) in my headset, fed cats and looked at a nice interface example for a complex scheduling system from the client. Loaded up existing code and database structures into my head and got to work. 3 hours later: Beautiful. Both the UI and the back end. And warm enough now to enjoy going outside. Will tweak some tomorrow and deliver to production early Monday AM. #wfh #programming #mornings

An advantage and disadvantage of my unique and bespoke frameworks and methodologies is AI generated coding examples just don't fit. I was able to munge some recent JavaScript examples into something useful that wasn't the way I'd normally do it, and they work very well. But it's rare. Still, fun to look and I've learned some things, and that's good. #ai #programming #vibecoding

Some humans using updated Win11 behind a VPN server that uses DNSMasq to issue the internal/VPN'd IP's for some servers when they are on the VPN seem to be having issues. Good news: Win11 doesn't like getting DNS responses that don't match the public ones. Bad news: Same. It seems to double check via other methods. I've turned off the local= and addn-hosts= config options to see if that helps. Seems to. So far. Will need to borrow a Win11 system. #DNSMasq #Win11

Woke up with a list of things that needed doing in my head. Deleted an fallow server, checked the backup scripts and their emails flushed a couple of queues of junk I had noticed yesterday. Checked the firewall systems. Now it's 6:30am, feel like it was a good day. :) #SysAdminLife

Rediscovered "fortune" and odd fortune files. All automated system emails now have a fortune at the end. People seem to be reading the emails (I track) more, apparently to read the fortune at the end. Maybe they even read the body more? Most recent: "Your boss climbed the corporate ladder, wrong by wrong." #sysadmin #devops