windows


psftp.exe: The server’s host key is not cached in the registry. You have no guarantee that the server is the computer you think it is.

Recently, we were debugging a scheduled job running on a Microsoft SQL Server Agent. After starting the SQL Server Management Studio, we saw that the specific task was using psftp.exe to upload some data securely to a remote server. When executing the job manually, it would work as expected. On the other hand, when the job would be executed automatically, it would always fail. After review the error logs, we got the following message:

Executed as user: FSRV\SYSTEM. …s\FTP\remote-server.ppk [email protected] -batch -bc -be -b C:\putty\upload.txtThe server's host key is not cached in the registry. You  have no guarantee that the server is the computer you  think it is.  The server's rsa2 key fingerprint is:  ssh-rsa 2048 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf  Connection abandoned.  DTSRun:  Loading…   DTSRun:  Executing…   DTSRun OnStart:  DTSStep_DTSExecuteSQLTask_1   DTSRun OnFinish:  DTSStep_DTSExecuteSQLTask_1   DTSRun OnStart:  DTSStep_DTSExecuteSQLTask_3   DTSRun OnFinish:  DTSStep_DTSExecuteSQLTask_3   DTSRun OnStart:  DTSStep_DTSActiveScriptTask_2   DTSRun OnFinish:  DTSStep_DTSActiveScriptTask_2   DTSRun OnStart:  DTSStep_DTSActiveScriptTask_3   DTSRun OnFinish:  DTSStep_DTSActiveScriptTask_3   DTSRun OnStart:  DTSStep_DTSDataPumpTask_1   DTSRun OnProgress:  DTSStep_DTSDataPumpTask_1; 34 Rows have been transformed or copied.; …  Process Exit Code 1.  The step failed.

The problem was with the account executing the scheduled job, which was different than the one that created the job. The second account, the one that was executing the scheduled jobs did not have any knowledge of the ssh-rsa key of the remote server. Because of this lack of information, psftp.exe could not verify that we were indeed trying to connect to the correct server. To fix this issue, we modified the psftp.exe execution command to match the following one:

C:\putty\psftp.exe -i C:\connections\FTP\remote-server.ppk [email protected] -batch -bc -be -b C:\putty\upload.txt -hostkey 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf

To help any reader that is not familiar with the psftp.exe and powershell (or cmd) we will breakdown the arguments of the above command:

  • C:\putty\psftp.exe : is the exact location of the psftp.exe binary on that server
  • -i C:\connections\FTP\remote-server.ppk : PPK files are PuTTY Private Key Files developed by Putty and they serve as storage for the private keys the program generated. In this case, instead of using a combination of username and password to authenticate, the client was given a private key to use as proof of identity and authenticity.
  • [email protected] : The username and the domain or IP of the remote server.
  • -batch : Disables interactive prompts as no person will be supervising the script.
  • -bc : It displays batch commands in the same way they are run. It is useful for logging and troubleshooting.
  • -be : When running a batch file, this additional option causes psftp.exe to continue processing even if a command fails to complete successfully. An example you might want this to happen is the following: you want to delete a file and don’t care if it is already not present.
  • -b C:\putty\upload.txt : It specifies a file with batch commands. This argument helps users automate tasks by allowing them to set commands in advance.
  • -hostkey 39:e4:84:b2:6f:bc:87:04:1f:21:bf:32:83:79:0b:cf : Here, we copied the rsa-ssh key of the server that was displayed on the error and we explicitly defined it to let psftp.exe that it is trying to connect to the correct server. If you are not sure if the value you get at the errors is indeed the correct value, consult your system administrator.


Stop Windows 10 Updates

Recently, we were working on a Windows 10 machine on a metered connection. Even though we are not fans of blocking updates, this time we had to stop the updates as they were sucking the data package dry. To do so we executed the commands of the block below in a command prompt with administrative rights.

To start a Command Prompt (cmd) with administrative rights we pressed Windows+X that showed the Quick Access menu, from the menu we clicked on Command Prompt (Admin). After that we got prompted by User Account Control window if it was OK to allow this application to make changes, where we clicked Yes.

In the new Command Prompt window we executed the following 3 commands that kill all services immediately related with the updates

net stop wuauserv
net stop bits
net stop dosvc

Explanation

  • net stop wuauserv stops the Windows Update service.
  • net stop bits stops the Background Intelligent Transfer Service service
  • net stop dosvc stops the Delivery Optimization service

Revert action and Start Windows 10 updates

To resume (actually restart them since we stopped them) the Windows 10 updates you can either restart the machine or in a command prompt with administrative rights execute the following:

net start wuauserc
net start bits
net start dosvc

Windows XP: Extend evaluation period (Not a permanent solution)

Recently, an old machine running Windows XP SP3 had its hard disk replaced, since then the OS decided that the license was not valid and considered itself to be in a trial/evaluation 30 days period.
Since the activation/validation services of Windows XP got discontinued we could not reactivate the current setup using the internet.
We tried a few times to activate via phone but it failed as well..

Temporary Solution (mitigating the problem)

To give us some time to think about a solution, whenever Windows XP would say that the evaluation period was expired, we would boot into safe mode and then run this command rundll32.exe syssetup,SetupOobeBnk (in cmd.exe or in the Run option that is in the Start menu) that allows you to reset the evaluation period for up to 4 times (and if used properly will give you 150 days in total to find a solution).

Actual Solution

In the end, we used the installation CD to downgrade the installation using the repair option, then we tried the telephone activation again and it worked!
Although Windows XP was not complaining any more, that caused us some problems with the antivirus, as a shared system library (DLL) that was replaced was not compatible with the antivirus.
To resolve this issue, we booted the machine using a GNU/Linux live CD and replaced the library (DLL) from a backup that was in the old disk.

Warning: Downgrading the system using the installation CD most probably re-enabled old exploits and hacks making the system less secure.
Keep this information in mind as you cannot re-apply the updates to the system not even the security updates any more.


Activate a wireless hotspot on Windows 10 1

Requirements

  • You must be an administrator of the machine to complete this guide.
  • You need to have at least two network devices.
  • One of them needs to have access to the internet and the other one needs to be a WiFi adapter which has Hosted Network support.

To check if your wireless adapter supports the functionality for Hosted Network, open a Command Prompt and type NETSH WLAN show drivers.

To open the Command Prompt, press the buttons Windows+R on your keyboard.
A new run command prompt will appear.
Type in the input box cmd and hit the Enter button.

In the new Command Prompt type NETSH WLAN show drivers, the results should be similar to below.

C:\Users\bytefreaks>NETSH WLAN show drivers
 
Interface name: Wi-Fi
 
    Driver                    : Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter
    Vendor                    : Realtek Semiconductor Corp.
    Provider                  : Realtek Semiconductor Corp.
    Date                      : 3/4/2016
    Version                   : 1027.4.630.2015
    INF file                  : ????
    Type                      : Native Wi-Fi Driver
    Radio types supported     : 802.11n 802.11b 802.11g
    FIPS 140-2 mode supported : Yes
    802.11w Management Frame Protection supported : Yes
    Hosted network supported  : Yes
    Authentication and cipher supported in infrastructure mode:
                                Open            None
                                WPA2-Personal   CCMP
                                Open            WEP-40bit
                                Open            WEP-104bit
                                Open            WEP
                                WPA-Enterprise  TKIP
                                WPA-Personal    TKIP
                                WPA2-Enterprise TKIP
                                WPA2-Personal   TKIP
                                WPA-Enterprise  CCMP
                                WPA-Personal    CCMP
                                WPA2-Enterprise CCMP
                                Vendor defined  TKIP
                                Vendor defined  CCMP
                                Vendor defined  Vendor defined
                                Vendor defined  Vendor defined
                                WPA2-Enterprise Vendor defined
                                WPA2-Enterprise Vendor defined
                                Vendor defined  Vendor defined
                                Vendor defined  Vendor defined
    Authentication and cipher supported in ad-hoc mode:
                                Open            None
                                Open            WEP-40bit
                                Open            WEP-104bit
                                Open            WEP
                                WPA2-Personal   CCMP
    Wireless Display Supported: Yes (Graphics Driver: Yes, Wi-Fi Driver: Yes)

In the results you need to find the line Hosted network supported and verify that the value is set to Yes, if it is not, then you cannot proceed with this wireless network adapter.

In case you got a permission error on the above command, try to open a new Command Prompt with admin rights.

Press the keys Windows+X, in the pop-up menu select Command Prompt (Admin). If your account has enough access rights, a new run command prompt will appear. In the new Command Prompt (Admin) type NETSH WLAN show drivers, the results should be similar to above.

If this failed as well, you cannot proceed with the current account, you either need to sign in with another account or ask your system administrator to perform this task for you.

How to setup the hotspot

In the Command Prompt enter the following command:

NETSH WLAN set hostednetwork mode=allow ssid=BYTEFREAKS key=0123456789

Update ssid=BYTEFREAKS with the name that you want to give your network. e.g. ssid=MY_NETWORK.

Update key=0123456789 with the password that you want to give your network. e.g. ssid=y0m2ZSQ3ng.

The new network will use WPA/WPA2 PSK security policy so your password needs to be at least 8 characters long.

The results will be similar to the following block.

C:\Users\bytefreaks>NETSH WLAN set hostednetwork mode=allow ssid=HIDDEN007 key=0123456789
The hosted network mode has been set to allow.
The SSID of the hosted network has been successfully changed.
The user key passphrase of the hosted network has been successfully changed.

How to activate the hotspot

Once the Hosted Network is created, enter the following command as is to activate it

NETSH WLAN start hostednetwork

C:\Users\bytefreaks>NETSH WLAN start hostednetwork
The hosted network started.

After this step, your network will be visible to connect to but it will not provide its users with internet access.

Please note that due to the lack of commands in the documentation (https://msdn.microsoft.com/en-us/library/windows/desktop/dd815243(v=vs.85).aspx) it is not possible to prevent your hotspot from broadcasting its SSID to everyone. In other words, it is not possible to hide your network from other users, so use a strong password!

hotspot-creation-commands

How to share internet connection with the hotspot

Press on the keyboard Windows+X to open the Power User menu, and select Network Connections.

power-user-menu

You will notice that a there is a new device in this list. The name of this device will be something line Local Area Connection* 12. That device is the new virtual device you created in the previous step to create the hotspot.

network-configuration-before-sharing

Right-click the other network adapter, that has an active internet connection and select Properties.

network-configuration-right-click-device

Click on the Sharing tab.

network-configuration-share-settings

Enable the Allow other network users to connect through this computer's Internet connection option.

From the Home networking connection drop-down menu select the virtual device that we created.

Click OK to close the configuration and apply the changes.

By completing this step, all devices connected to your Hotspot will have access to the internet via the connection of the second network device.