Windows


psftp.exe: The server’s host key is not cached in the registry. You have no guarantee that the server is the computer you think it is.

Recently, we were debugging a scheduled job running on a Microsoft SQL Server Agent. After starting the SQL Server Management Studio, we saw that the specific task was using psftp.exe to upload some data securely to a remote server. When executing the job manually, it would work as expected. On the other hand, when the job would be executed automatically, it would always fail. After review the error logs, we got the following message:

Executed as user: FSRV\SYSTEM. …s\FTP\remote-server.ppk [email protected] -batch -bc -be -b C:\putty\upload.txtThe server's host key is not cached in the registry. You  have no guarantee that the server is the computer you  think it is.  The server's rsa2 key fingerprint is:  ssh-rsa 2048 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf  Connection abandoned.  DTSRun:  Loading…   DTSRun:  Executing…   DTSRun OnStart:  DTSStep_DTSExecuteSQLTask_1   DTSRun OnFinish:  DTSStep_DTSExecuteSQLTask_1   DTSRun OnStart:  DTSStep_DTSExecuteSQLTask_3   DTSRun OnFinish:  DTSStep_DTSExecuteSQLTask_3   DTSRun OnStart:  DTSStep_DTSActiveScriptTask_2   DTSRun OnFinish:  DTSStep_DTSActiveScriptTask_2   DTSRun OnStart:  DTSStep_DTSActiveScriptTask_3   DTSRun OnFinish:  DTSStep_DTSActiveScriptTask_3   DTSRun OnStart:  DTSStep_DTSDataPumpTask_1   DTSRun OnProgress:  DTSStep_DTSDataPumpTask_1; 34 Rows have been transformed or copied.; …  Process Exit Code 1.  The step failed.

The problem was with the account executing the scheduled job, which was different than the one that created the job. The second account, the one that was executing the scheduled jobs did not have any knowledge of the ssh-rsa key of the remote server. Because of this lack of information, psftp.exe could not verify that we were indeed trying to connect to the correct server. To fix this issue, we modified the psftp.exe execution command to match the following one:

C:\putty\psftp.exe -i C:\connections\FTP\remote-server.ppk [email protected] -batch -bc -be -b C:\putty\upload.txt -hostkey 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf

To help any reader that is not familiar with the psftp.exe and powershell (or cmd) we will breakdown the arguments of the above command:

  • C:\putty\psftp.exe : is the exact location of the psftp.exe binary on that server
  • -i C:\connections\FTP\remote-server.ppk : PPK files are PuTTY Private Key Files developed by Putty and they serve as storage for the private keys the program generated. In this case, instead of using a combination of username and password to authenticate, the client was given a private key to use as proof of identity and authenticity.
  • [email protected] : The username and the domain or IP of the remote server.
  • -batch : Disables interactive prompts as no person will be supervising the script.
  • -bc : It displays batch commands in the same way they are run. It is useful for logging and troubleshooting.
  • -be : When running a batch file, this additional option causes psftp.exe to continue processing even if a command fails to complete successfully. An example you might want this to happen is the following: you want to delete a file and don’t care if it is already not present.
  • -b C:\putty\upload.txt : It specifies a file with batch commands. This argument helps users automate tasks by allowing them to set commands in advance.
  • -hostkey 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf : Here, we copied the rsa-ssh key of the server that was displayed on the error and we explicitly defined it to let psftp.exe that it is trying to connect to the correct server. If you are not sure if the value you get at the errors is indeed the correct value, consult your system administrator.


Stop Windows 10 Updates

Recently, we were working on a Windows 10 machine on a metered connection. Even though we are not fans of blocking updates, this time we had to stop the updates as they were sucking the data package dry. To do so we executed the commands of the block below in a command prompt with administrative rights.

To start a Command Prompt (cmd) with administrative rights we pressed Windows+X that showed the Quick Access menu, from the menu we clicked on Command Prompt (Admin). After that we got prompted by User Account Control window if it was OK to allow this application to make changes, where we clicked Yes.

In the new Command Prompt window we executed the following 3 commands that kill all services immediately related with the updates

net stop wuauserv
net stop bits
net stop dosvc

Explanation

  • net stop wuauserv stops the Windows Update service.
  • net stop bits stops the Background Intelligent Transfer Service service
  • net stop dosvc stops the Delivery Optimization service

Revert action and Start Windows 10 updates

To resume (actually restart them since we stopped them) the Windows 10 updates you can either restart the machine or in a command prompt with administrative rights execute the following:

net start wuauserc
net start bits
net start dosvc

Windows XP: Extend evaluation period (Not a permanent solution)

Recently, an old machine running Windows XP SP3 had its hard disk replaced, since then the OS decided that the license was not valid and considered itself to be in a trial/evaluation 30 days period.
Since the activation/validation services of Windows XP got discontinued we could not reactivate the current setup using the internet.
We tried a few times to activate via phone but it failed as well..

Temporary Solution (mitigating the problem)

To give us some time to think about a solution, whenever Windows XP would say that the evaluation period was expired, we would boot into safe mode and then run this command rundll32.exe syssetup,SetupOobeBnk (in cmd.exe or in the Run option that is in the Start menu) that allows you to reset the evaluation period for up to 4 times (and if used properly will give you 150 days in total to find a solution).

Actual Solution

In the end, we used the installation CD to downgrade the installation using the repair option, then we tried the telephone activation again and it worked!
Although Windows XP was not complaining any more, that caused us some problems with the antivirus, as a shared system library (DLL) that was replaced was not compatible with the antivirus.
To resolve this issue, we booted the machine using a GNU/Linux live CD and replaced the library (DLL) from a backup that was in the old disk.

Warning: Downgrading the system using the installation CD most probably re-enabled old exploits and hacks making the system less secure.
Keep this information in mind as you cannot re-apply the updates to the system not even the security updates any more.


ATEN – USB-to-Serial Converter (35cm) UC232A – Windows 10 (64bit) Drivers

Background

Recently we started using the UC232A USB-to-Serial Converter to connect to a board.
The software we used was TeraTerm on a 64bit Windows 10 without installing custom drivers.

Our serial port configuration was the following:

  • Baud rate: 115200
  • Data: 8 bit
  • Parity: none
  • Stop: 1 bit
  • Flow control: none
  • Transmit delay:
    5 msec/char
    5 msec/line

The problem

We noticed that something was wrong with the process as the terminal would not operate consistently.
Some times keystrokes did not appear on screen, in other times results would not appear correctly (they could be truncated or mixed with other data) and in general, the system acted like it was possessed by a ghost.

Troubleshooting

We played around with the configuration parameters, hoping that it was an issue like having the need to add large transmit delay but it did not change anything, the communication with the board was unstable.
Afterwards, we switched to another cable, of a different company, and everything worked as expected. The data on the screen was consistent and the ghost was banished. The UC232A was brand new so we tested that it works on a GNU/Linux machine, which turned out to be OK. Doing so, these two tests led us to the conclusion that since both the cable operates properly on GNU/Linux and the board operates properly using the other cable, that the issue we had was the automatically installed Windows 10 drivers.

Solution

While the cable was unplugged, we installed the official drivers we found here.
To find the drivers on that page, click on Support and Download tab at the bottom and then click on the Software & Drivers panel.
From the new table that will appear, under the category Windows Legacy Software & Driver we used the latest version that was available at the time that this post was written, which was v1.0.082 dated 2016-01-27 uc232a_windows_setup_v1.0.082.zip ( uc232a_windows_setup_v1.0.082.zip (8548 downloads) retrieved on the 23rd of November 2016).
After the download was finished, we restarted the machine, plugged in the cable and gave it another go.
The system was working as expected.

Following, you will find the screenshots from the device manager, after we got the cable working right.

uc232a-device-manager

uc232a-device-properties

uc232a-drive-file-details


Reclaim empty space from VirtualBox VDI disk images by shrinking

Recently, we did some cleanup in certain GNU/Linux virtual machines, where we hoped that VirtualBox would release the disk space that is not used and shrink the size of the VDI files.
Unfortunately, that did not happen even after freeing more than 100GB of space from the guest machine.

We did manage though to reclaim the empty space manually, using the zerofree and VBoxManage utilities.

Following is the guide we followed to do so:

Part 1: Clean-up the guest machine using zerofree

We needed to find the unallocated, blocks with non-zero value content in the ext2, ext3 or ext4 filesystem (e.g. /dev/sda1) and fill them with zeroes.
Since the filesystem has to be unmounted or mounted as read-only for zerofree to work, we decided to use a Live CD to complete this task as it would be the simplest solution to follow.

Step 1: Download SystemRescueCd Live Image

We downloaded the SystemRescueCd Live Image and inserted it to the guest machine as a Live CD.

Step 2: Identify partitions and disks using fdisk -l

We booted the virtual machine from the Live CD, when the terminal appeared, we typed fdisk -l to see all available disks and partitions.

Depending on your configuration you will see the following

If you performed your installation using standard partition

Disk /dev/sda: 200 GiB, 214748364800 bytes, 419430400 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x64af3527

Device     Boot     Start       End   Sectors  Size Id Type
/dev/sda1  *         2048 411043839 411041792  196G 83 Linux
/dev/sda2       411045886 419428351   8382466    4G  5 Extended
/dev/sda5       411045888 419428351   8382464    4G 82 Linux swap / Solaris

or if you performed your installation using LVM

Disk /dev/sda: 214.7 GB, 214748364800 bytes, 419430400 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000523ce

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048     1026047      512000   83  Linux
/dev/sda2         1026048   419430399   209202176   8e  Linux LVM

Disk /dev/mapper/centos-root: 53.7 GB, 53687091200 bytes, 104857600 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/centos-swap: 4160 MB, 4160749568 bytes, 8126464 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/centos-home: 156.3 GB, 156304932864 bytes, 305283072 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

From the above results, we keep the paths to the real partitions and the paths to the LVM partitions, e.g.
/dev/sda1 which is 196GB, /dev/mapper/centos-home and /dev/mapper/centos-root

Step 3: Perform the cleanup

To perform the clean up, execute for each of the above paths the command zerofree, e.g.

zerofree /dev/sda1;
zerofree /dev/mapper/centos-home;
zerofree /dev/mapper/centos-root;

Give it some time to complete the task, the larger the partition, the more the time it will take.

Part 2: Shrink the guest machine disk images using VBoxManage

We used VBoxManage with the parameter --compact, which it is used to compact disk images, i.e. remove blocks that only contains zeroes. It shrinks dynamically allocated images by reducing the physical size of the image without affecting the logical size of the virtual disk. Compaction works both for base images and for diff images created as part of a snapshot. For this operation to be effective, it is required that free space in the guest system first be zeroed out and that is why we had to perform Step 1 using zerofree before.
Please note that compacting is currently only available for VDI images.

To use, just issue the command "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyhd --compact <DISK_PATH> pointing to the disk you just cleaned up using zerofree
Please note that the virtual machine should be stopped before starting this operation.

Press the key combination Win + R to pop up the Run prompt.
Type cmd in the input box and hit the Enter key.

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyhd --compact "F:\Ubuntu\Ubuntu.vdi"
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyhd --compact "C:\Users\bytefreaks\VirtualBox VMs\CentOS\CentOS.vdi"