GNU/Linux

Create a .tar file with different compression methods

 in Bash / GNU/Linux  tagged bz2 / gz / tar / tgz / xz by

The following commands will create .tar archives  and compress them using the different methods that are available. We provide multiple solutions, each one for a different type of .tar archive depending on the compression method that is desired.

For .tar archives

tar -c -f archive.tar $FILES_TO_ARCHIVE;

For .tar.bz2 archives

tar -c -j -f archive.tar.bz2 $FILES_TO_ARCHIVE;

For .tar.xz archives

tar -c -J -f archive.tar.xz $FILES_TO_ARCHIVE;

For .tar.gz and .tgz archives

tar -c -z -f archive.tar.gz $FILES_TO_ARCHIVE;

tar Parameters Legend

  • -z or --gzip instructs tar to filter the archive through gzip
  • -j or --bzip2 filters the archive through bzip2
  • -J or --xz filters the archive through xz
  • -f or --file=OUTPUT uses the archive file OUTPUT
  • -c or --create a new archive

Bonus Example: Create a tar.xz archive using the current date in the archive name

The following command will create an archive out of the folders Folder1 and Folder2 and then it will compress it to the .tar.xz format.
The filename of the archive will contain the current date in the format YYYY-MM-DD.

tar -c -J  -f archive.`date +%F`.tar.xz Folder1 Folder2;

The above command will result in something similar to:

archive.2017-06-04.tar.xz

How To Install on GNU/Linux CentOS 7 the LAMP stack (Apache, MySQL, PHP) + phpMyAdmin

 in GNU/Linux  tagged apache / CentOS / centos 7 / GNU / lamp / linux / mysql / php / phpmyadmin by

Following you will find the commands to perform the installation of the LAMP stack (Apache, MySQL, PHP) and phpMyAdmin on a GNU/Linux CentOS 7.
In this guide we kept the information to the bare minimum about what is what.

Installation

To perform the installation, please execute the following as a user with administrative rights:


#Update your system
sudo yum update -y;
#Install Apache, MariaDB (MySQL), PHP (with MySQL support and phpMyAdmin which is a free software tool written in PHP, intended to handle the administration of MySQL over the Web)
sudo yum install httpd mariadb-server mariadb php php-mysql phpmyadmin -y;
#Start Apache (PHP will start with Apache as module)
sudo systemctl start httpd;
#Enable Apache to start on boot
sudo systemctl enable httpd;
#Start MariaDB(MySQL)
sudo systemctl start mariadb;
#Enable MariaDB(MySQL) to start on boot
sudo systemctl enable mariadb;

Configuration of MariaDB (MySQL)

By now, your system should have all necessary packages installed and the services up and running.
Now it is best to configure your MariaDB (MySQL) in a way to disable some test data and test accounts and assign a password to your root user.
Execute the following to do so:


sudo mysql_secure_installation;

This tool will ask you for your current database root password. Since you just installed MariaDB (MySQL) you should not have one, so leave the field empty and press enter.
We recommend to answer with Y (Yes) in all of the security questions of this tool and set a strong password for your root user.


sudo mysql_secure_installation;

Following is the output we got from this tool:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
 SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
 password for the root user.  If you've just installed MariaDB, and
 you haven't set the root password yet, the password will be blank,
 so you should just press enter here.

Enter current password for root (enter for none):
 OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
 root user without the proper authorisation.

Set root password? [Y/n] Y
 New password:
 Re-enter new password:
 Password updated successfully!
 Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
 to log into MariaDB without having to have a user account created for
 them.  This is intended only for testing, and to make the installation
 go a bit smoother.  You should remove them before moving into a
 production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
 ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
 access.  This is also intended only for testing, and should be removed
 before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
 will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
 installation should now be secure.

Thanks for using MariaDB!

Configuration of the firewall

Executing the following will enable access to your web-server from the network for http and https.


sudo firewall-cmd --permanent --zone=public --add-service=http;
sudo firewall-cmd --permanent --zone=public --add-service=https;
sudo firewall-cmd --reload;

Location of files / Where to upload your website

In CentOS 7, the directory where the website pages are located is at /var/www/html/.
You can place your html and php code there.

Configuration of phpMyAdmin

phpMyAdmin should be available at http://<IP of the web server>/phpmyadmin
The access to phpMyAdmin is controlled by the Apache Virtual Host File for phpMyAdmin that is found here /etc/httpd/conf.d/phpMyAdmin.conf.
By default, this configuration file only allows access to phpMyAdmin from the localhost (127.0.0.1).
In case you want to access it from another machine, you need to modify this file.
Before doing any changes, make a backup of the original file first:

 sudo cp /etc/httpd/conf.d/phpMyAdmin.conf /etc/httpd/conf.d/phpMyAdmin.conf.original;

To enable access only for a specific IP

Edit the Apache Virtual Host File for phpMyAdmin (/etc/httpd/conf.d/phpMyAdmin.conf) and change every reference of 127.0.0.1 with the IP address of the machine you want to give access to.

There should be four lines that you need to change.
In our installation it was the following lines:

  1. 17Require ip 127.0.0.1
  2. 25Allow from 127.0.0.1
  3. 34Require ip 127.0.0.1
  4. 42Allow from 127.0.0.1

Then restart the Apache service to apply the changes:


sudo systemctl restart httpd;

To enable access to any IP

Delete the existing file and create a new one.


sudo rm /etc/httpd/conf.d/phpMyAdmin.conf;
sudo touch /etc/httpd/conf.d/phpMyAdmin.conf;

Using the editor of your choice add the following content and save it:

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
 AllowOverride None
 Options None
 Allow from All
 Require all granted
</Directory>

Then restart the Apache service to apply the changes:


sudo systemctl restart httpd;

Following is the original content of our Apache Virtual Host File for phpMyAdmin (/etc/httpd/conf.d/phpMyAdmin.conf)

[download id=”3647″]

$ cat /etc/httpd/conf.d/phpMyAdmin.conf
 # phpMyAdmin - Web based MySQL browser written in php
 #
 # Allows only localhost by default
 #
 # But allowing phpMyAdmin to anyone other than localhost should be considered
 # dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
 AddDefaultCharset UTF-8

 <IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAny>
   Require ip 192.168.0.20
   Require ip ::1
  </RequireAny>
 </IfModule>
 <IfModule !mod_authz_core.c>
  # Apache 2.2
  Order Deny,Allow
  Deny from All
  Allow from 192.168.0.20
  Allow from ::1
  </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
 <IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAny>
   Require ip 192.168.0.20
   Require ip ::1
  </RequireAny>
 </IfModule>
 <IfModule !mod_authz_core.c>
  # Apache 2.2
  Order Deny,Allow
  Deny from All
  Allow from 192.168.0.20
  Allow from ::1
 </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
 <Directory /usr/share/phpMyAdmin/libraries/>
  Order Deny,Allow
  Deny from All
  Allow from None
 </Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
  Order Deny,Allow
  Deny from All
  Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
 Order Deny,Allow
 Deny from All
 Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>

[download id=”3647″]

Compiling Wireshark 1.8.8 on Fedora 25 (64bit)

 in GNU/Linux  tagged 1.8.15 / 1.8.8 / 1.8.x / compile / fedora / wireshark by

Recently we received some dissector plugins for Wireshark version 1.8.x, which is not available to install through the repositories.
So, we had to install it ourselves and we decided to use version 1.8.8 that was the latest version of the 1.8.x series available in the following FedoraProject.org page.
The source code is available at https://www.wireshark.org/download/src/all-versions/ and http://pkgs.fedoraproject.org/repo/pkgs/wireshark/.

Download the patched version here: [download id=”3443″]

Synopsis

While configuring we run into a few problems, that we solved by installing the following packages:


sudo dnf install perl-podlators perl-Pod-Html gtk2-devel gtk3-devel libpcap-devel byacc flex -y;

When compiling we run into an error where an a wireshark enum was conflicting with a system one.
To resolve that issue we modified the file: epan/dissectors/packet-gluster.h and at line 357 we removed the next enum:

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    DT_UNKNOWN = 0,
    DT_FIFO = 1,
    DT_CHR = 2,
    DT_DIR = 4,
    DT_BLK = 6,
    DT_REG = 8,
    DT_LNK = 10,
    DT_SOCK = 12,
    DT_WHT = 14
};

It is safe to delete it as it exists in the exact same form and same values in the system header files.
Please note that in version 1.8.15 we found the following enum, which shows that it was decided later on to just change the enum fields.

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    GLUSTER_DT_UNKNOWN = 0,
    GLUSTER_DT_FIFO = 1,
    GLUSTER_DT_CHR = 2,
    GLUSTER_DT_DIR = 4,
    GLUSTER_DT_BLK = 6,
    GLUSTER_DT_REG = 8,
    GLUSTER_DT_LNK = 10,
    GLUSTER_DT_SOCK = 12,
    GLUSTER_DT_WHT = 14
};

Later during compilation we got the error that there was an undefined reference to g_memmove, we copied the definition of g_memmove (see below) from  packaging/macosx/native-gtk/glibconfig.h at line 81 and pasted it on the first line of the files ui/gtk/export_object_smb.c and epan/dissectors/packet-ssl-utils.c.

#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END

Finally during documentation generation we had a problem with two authors that there were Non-ASCII characters in their names so we updated the file AUTHORS and replaced the names Peter Kovář  with Peter Kovar and Роман Донченко with Roman Donchenko which are strings that only contain ASCII characters.

Download the patched version here: [download id=”3443″]

The Problems One by One

checking for pod2man... /usr/bin/pod2man
checking for pod2html... no
configure: error: I couldn't find pod2html; make sure it's installed and in your path

Solution: sudo dnf install perl-podlators perl-Pod-Html;

checking for GTK+ - version >= 2.12.0 and < 3.0... Package gtk+-2.0 was not found in the pkg-config search path.
Perhaps you should add the directory containing `gtk+-2.0.pc'
to the PKG_CONFIG_PATH environment variable
No package 'gtk+-2.0' found
no
*** Could not run GTK+ test program, checking why...
*** The test program failed to compile or link. See the file config.log for the
*** exact error that occured. This usually means GTK+ is incorrectly installed.
configure: error: Neither Qt nor GTK+ 2.12 or later are available, so Wireshark can't be compiled

Solution: sudo dnf install gtk2-devel gtk3-devel;

checking for pcap-config... no
checking for extraneous pcap header directories... not found
checking pcap.h usability... no
checking pcap.h presence... no
checking for pcap.h... no
configure: error: Header file pcap.h not found; if you installed libpcap
from source, did you also do "make install-incl", and if you installed a
binary package of libpcap, is there also a developer's package of libpcap,
and did you also install that package?

Solution: sudo dnf install libpcap-devel;

libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -I./../.. -I./.. -DINET6 -DG_DISABLE_DEPRECATED -DG_DISABLE_SINGLE_INCLUDES -DGSEAL_ENABLE -DGTK_DISABLE_DEPRECATED -DGTK_DISABLE_SINGLE_INCLUDES -D_FORTIFY_SOURCE=2 "-D_U_=__attribute__((unused))" -I/usr/local/include -DPLUGIN_DIR=\"/usr/local/lib/wireshark/plugins/1.8.8\" -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -MT libdissectors_la-packet-gluster_cli.lo -MD -MP -MF .deps/libdissectors_la-packet-gluster_cli.Tpo -c packet-gluster_cli.c  -fPIC -DPIC -o .libs/libdissectors_la-packet-gluster_cli.o
In file included from /usr/include/glib-2.0/glib/gdir.h:32:0,
                 from /usr/include/glib-2.0/glib.h:45,
                 from packet-gluster_cli.c:40:
packet-gluster.h:359:2: error: redeclaration of enumerator 'DT_UNKNOWN'
  DT_UNKNOWN = 0,
  ^
/usr/include/dirent.h:99:5: note: previous definition of 'DT_UNKNOWN' was here
     DT_UNKNOWN = 0,
     ^~~~~~~~~~
packet-gluster.h:360:2: error: redeclaration of enumerator 'DT_FIFO'
  DT_FIFO = 1,
  ^
/usr/include/dirent.h:101:5: note: previous definition of 'DT_FIFO' was here
     DT_FIFO = 1,
     ^~~~~~~
packet-gluster.h:361:2: error: redeclaration of enumerator 'DT_CHR'
  DT_CHR = 2,
  ^
/usr/include/dirent.h:103:5: note: previous definition of 'DT_CHR' was here
     DT_CHR = 2,
     ^~~~~~
packet-gluster.h:362:2: error: redeclaration of enumerator 'DT_DIR'
  DT_DIR = 4,
  ^
/usr/include/dirent.h:105:5: note: previous definition of 'DT_DIR' was here
     DT_DIR = 4,
     ^~~~~~
packet-gluster.h:363:2: error: redeclaration of enumerator 'DT_BLK'
  DT_BLK = 6,
  ^
/usr/include/dirent.h:107:5: note: previous definition of 'DT_BLK' was here
     DT_BLK = 6,
     ^~~~~~
packet-gluster.h:364:2: error: redeclaration of enumerator 'DT_REG'
  DT_REG = 8,
  ^
/usr/include/dirent.h:109:5: note: previous definition of 'DT_REG' was here
     DT_REG = 8,
     ^~~~~~
packet-gluster.h:365:2: error: redeclaration of enumerator 'DT_LNK'
  DT_LNK = 10,
  ^
/usr/include/dirent.h:111:5: note: previous definition of 'DT_LNK' was here
     DT_LNK = 10,
     ^~~~~~
packet-gluster.h:366:2: error: redeclaration of enumerator 'DT_SOCK'
  DT_SOCK = 12,
  ^
/usr/include/dirent.h:113:5: note: previous definition of 'DT_SOCK' was here
     DT_SOCK = 12,
     ^~~~~~~
packet-gluster.h:367:2: error: redeclaration of enumerator 'DT_WHT'
  DT_WHT = 14
  ^
/usr/include/dirent.h:115:5: note: previous definition of 'DT_WHT' was here
     DT_WHT = 14
     ^~~~~~
Makefile:6516: recipe for target 'libdissectors_la-packet-gluster_cli.lo' failed
make[5]: *** [libdissectors_la-packet-gluster_cli.lo] Error 1

Solution: edit epan/dissectors/packet-gluster.h and at line 357 delete this

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    DT_UNKNOWN = 0,
    DT_FIFO = 1,
    DT_CHR = 2,
    DT_DIR = 4,
    DT_BLK = 6,
    DT_REG = 8,
    DT_LNK = 10,
    DT_SOCK = 12,
    DT_WHT = 14
};

libtool: link: gcc -DPYTHON_DIR= -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -Wl,--as-needed -o .libs/wireshark wireshark-capture-pcap-util-unix.o wireshark-capture-pcap-util.o wireshark-cfile.o wireshark-clopts_common.o wireshark-disabled_protos.o wireshark-frame_data_sequence.o wireshark-packet-range.o wireshark-print.o wireshark-ps.o wireshark-sync_pipe_write.o wireshark-timestats.o wireshark-tap-megaco-common.o wireshark-tap-rtp-common.o wireshark-version_info.o wireshark-capture_ifinfo.o wireshark-capture_sync.o wireshark-capture_ui_utils.o wireshark-airpcap_loader.o wireshark-capture.o wireshark-capture_info.o wireshark-capture_opts.o wireshark-color_filters.o wireshark-file.o wireshark-fileset.o wireshark-filters.o wireshark-g711.o wireshark-merge.o wireshark-proto_hier_stats.o wireshark-recent.o wireshark-summary.o wireshark-tempfile.o wireshark-u3.o .libs/wiresharkS.o -pthread -Wl,--export-dynamic -pthread -Wl,--export-dynamic  -L/usr/local/lib ui/gtk/libgtkui.a ui/gtk/libgtkui_dirty.a ui/libui.a codecs/libcodec.a wiretap/.libs/libwiretap.so epan/.libs/libwireshark.so wsutil/.libs/libwsutil.so -lpcap -lkrb5 -lk5crypto -lcom_err -lgtk-x11-2.0 -lgdk-x11-2.0 -lpangocairo-1.0 -latk-1.0 -lcairo -lgdk_pixbuf-2.0 -lgio-2.0 -lpangoft2-1.0 -lpango-1.0 -lgobject-2.0 -lfontconfig -lfreetype -lgthread-2.0 -lgmodule-2.0 -lglib-2.0 -lm -lz -pthread -Wl,-rpath -Wl,/usr/local/lib
ui/gtk/libgtkui.a(libgtkui_a-export_object_smb.o): In function `insert_chunk':
/home/george/Downloads/wireshark-1.8.8/ui/gtk/export_object_smb.c:230: undefined reference to `g_memmove'
collect2: error: ld returned 1 exit status

Solution: Copy the definition of g_memmove (see below) from  packaging/macosx/native-gtk/glibconfig.h at line 81 and paste it on the first line of the files ui/gtk/export_object_smb.c and epan/dissectors/packet-ssl-utils.c.

#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END

Making all in doc
make[2]: Entering directory '/home/george/Downloads/wireshark-1.8.8/doc'
/usr/bin/perl ./perlnoutf.pl ./make-authors-short.pl < ../AUTHORS > AUTHORS-SHORT
cp AUTHORS-SHORT ..
/usr/bin/perl ./perlnoutf.pl ./make-authors-format.pl < AUTHORS-SHORT > AUTHORS-SHORT-FORMAT
cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod
/usr/bin/pod2man                    \
--center="The Wireshark Network Analyzer"    \
--release=1.8.8                \
wireshark.pod  > wireshark.1
Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565.
wireshark.pod around line 3527: Non-ASCII character seen before =encoding in 'KovE<aacute>ř'. Assuming UTF-8
POD document had syntax errors at /usr/bin/pod2man line 71.

and

cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod
/usr/bin/pod2man                    \
--center="The Wireshark Network Analyzer"    \
--release=1.8.8                \
wireshark.pod  > wireshark.1
Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565.
wireshark.pod around line 3618: Non-ASCII character seen before =encoding in 'Роман'. Assuming UTF-8
POD document had syntax errors at /usr/bin/pod2man line 71.

Solution: update the file AUTHORS and replace the names the names Peter Kovář  with Peter Kovar and Роман Донченко with Roman Donchenko which are strings that only contain ASCII characters.

Download the patched version here: [download id=”3443″]

Fedora 25: Program a sysmocom SIM card using HID OMNIKEY 3121

 in GNU/Linux  tagged 3121 / card reader / fedora / HID / OMNIKEY / pySim / pySim-prog / SIM / SJS1 / sysmocom / sysmoUSIM-SJS1 / USIM by

We got our hands on an HID OMNIKEY 3121 card reader that we were going to use to program a sysmocom sysmoUSIM-SJS1 SIM card on a Fedora 25 (64bit).

After attaching the card reader on the host machine, we executed lsusb to verify that we could see the card reader on the host machine.
Among the results we got the following line indicating that the card reader was available.

$ lsusb
...
Bus 003 Device 002: ID 076b:3022 OmniKey AG CardMan 3021
...

Then we added a SIM card to the reader to prepare it for reading and updated our system:

sudo dnf upgrade -y;

To read and program the SIM card we decided to use the pySim-prog utility (http://git.osmocom.org/pysim/about/).
pySim-prog is a small command line utility written in python, which is used for programming various programmable SIM/USIM cards like the sysmoUSIM-SJS1.

To use the utility, we first installed the needed dependencies using the following command:

sudo dnf install ca-certificates python-pip swig python-devel pcsc-lite-devel git pcsc-lite redhat-rpm-config pcsc-tools -y;

Then we started the pcscd service as such:

sudo systemctl start pcscd;

Please note that if you want to automatically start the pcscd service at each boot execute:

sudo systemctl enable pcscd;

Then we used sudo pcsc_scan tool to test that the reader is functioning properly as it regularly scans every PC/SC readers connected to the host.
We got some data similar to this:

$ sudo pcsc_scan 
PC/SC device scanner
V 1.4.25 (c) 2001-2011, Ludovic Rousseau <[email protected]>
Compiled with PC/SC lite version: 1.8.15
Using reader plug'n play mechanism
Scanning present readers...
0: OMNIKEY AG 3121 USB 00 00

Fri May 26 19:22:15 2017
Reader 0: OMNIKEY AG 3121 USB 00 00
  Card state: Card inserted, 
  ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE

ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE
+ TS = 3B --> Direct Convention
+ T0 = 9F, Y(1): 1001, K: 15 (historical bytes)
  TA(1) = 96 --> Fi=512, Di=32, 16 cycles/ETU
    250000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 312500 bits/s
  TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0 
-----
  TD(2) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following 
-----
  TA(3) = C7 --> Clock stop: no preference - Class accepted by the card: (3G) A 5V B 3V C 1.8V 
+ Historical bytes: 00 00 01 80 31 A0 67 43 20 07 18 73 BE 21 13
  Category indicator byte: 80 (compact TLV data object)
    Tag: 3, len: 1 (card service data byte)
      Card service data byte: A0
        - Application selection: by full DF name
        - BER-TLV data objects available in EF.DIR
        - EF.DIR and EF.ATR access services: by GET RECORD(s) command
        - Card with MF
    Tag: 7, len: 3 (card capabilities)
      Selection methods: BE
        - DF selection by full DF name
        - DF selection by path
        - DF selection by file identifier
        - Implicit DF selection
        - Short EF identifier supported
        - Record number supported
      Data coding byte: 21
        - Behaviour of write functions: proprietary
        - Value 'FF' for the first byte of BER-TLV tag fields: invalid
        - Data unit in quartets: 2
      Command chaining, length fields and logical channels: 13
        - Logical channel number assignment: by the card
        - Maximum number of logical channels: 4
    Tag: 6, len: 7 (pre-issuing data)
      Data: 43 20 00 01 07 18 00
+ TCK = A5 (correct checksum)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE
    sysmoUSIM-SJS1 (Telecommunication)
    http://www.sysmocom.de/products/sysmousim-sjs1-sim-usim

We hit Ctrl+C to terminate the application.

After this successful test, we proceeded into getting the software of pysim and installing an additional python dependency called pyscard through pip.

sudo pip install --upgrade pip;
sudo pip install pyscard;

Later, we cloned the pysim repository:

git clone http://git.osmocom.org/pysim/;
cd pysim;

And finally, we started using it.

Read SIM information

To read the information on the SIM card, we executed the following

sudo python2 pySim-read.py --pcsc-device=0;

And got this back:

Reading ...
ICCID: 0000898100110000821
IMSI: 900659000010170
SMSP: fffffffffffffffffffafffafffbffffffffffffffff0581ffffffffffe1ffffffffffffffffff005155f5ffffffffffff000000
ACC: 0200
MSISDN: Not available
Done !

Write SIM information

To write to the SIM new information we executed the following:

sudo python2 pySim-prog.py --pcsc-device=0 --type sysmoUSIM-SJS1 --pin-adm=81297587 --mcc=901 --mnc=71 --imsi=901700106590000 --iccid=8982211003300110000 --opc=3987059FEF153333661279FB1FC74BE0 --ki=1DAA6FA8B2549F20D0F42113E62B9925;

Which resulted in the following successful message:

Insert card now (or CTRL-C to cancel)
Generated card parameters :
 > Name    : Magic
 > SMSP    : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
 > ICCID   : 8982211003300110000
 > MCC/MNC : 901/71
 > IMSI    : 901700106590000
 > Ki      : 1DAA6FA8B2549F20D0F42113E62B9925
 > OPC     : 3987059FEF153333661279FB1FC74BE0
 > ACC     : None

Programming ...
Done !