Akawa

ETY001的博客

解决 Bad SMB2 (sign_algo_id=0) signature for message 问题
最近线下培训教育机构都停了,孩子报的班都改为了线上授课,教练和老师会把视频发过来,看着学。

由于手机屏幕太小,所以打算把视频放到家里的服务器上,通过 samba 共享让投影可以读取。

但是却遇到不能连接的问题,看了下服务器的日志,发现有报错:

1
2
3
4
5
6
7
[2022/03/23 00:57:09.728871,  0] ../../libcli/smb/smb2_signing.c:722(smb2_signing_check_pdu)
Bad SMB2 (sign_algo_id=0) signature for message
[2022/03/23 00:57:09.729142, 0] ../../lib/util/util.c:570(dump_data)
[0000] 73 34 44 8A 28 41 5E 00 D4 5E 9D 5D 38 39 9B A0 s4D.(A^. .^.]89..
[2022/03/23 00:57:09.729263, 0] ../../lib/util/util.c:570(dump_data)
[0000] 6C 38 C8 B5 93 51 16 95 12 2C 64 92 54 A0 E2 8E l8...Q.. .,d.T...
[2022/03/23 00:57:42.258662, 0] ../../source3/smbd/server.c:1734(main)

搜索了一下,似乎只有一个方案,就是降级协议,在 /etc/samba/smb.conf 文件的 [global] 中增加下面的配置:

1
server min protocol = LANMAN2

重启服务, systemctl restart smb

再次连接,成功!

/etc/mdadm/mdadm.conf 中,找到 MAILADDR 配置,修改为你要接收邮件的地址即可。

修改完,可以执行 mdadm --monitor --scan --test -1 来测试一下是否能够收到测试邮件。

不过我发现一个问题,就是在执行 /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf 这个重新生成 mdadm 配置文件的命令后,MAILADDR 会被重置为 root

于是使用了另外一个方案来配置接收邮箱。

打开 /etc/aliases 文件,增加下面一行

1
root: [email protected], /root/mailbox

保存之后,执行 newaliases 使配置生效。这样发送给 root 用户的邮件,会被转发到你指定的邮箱了。

First run

1
sudo dpkg-reconfigure exim4-config

and use these config options:

  • General type of mail configuration: mail sent by smarthost; received via SMTP or fetchmail
  • System mail name: your hostname
  • IP-address to listen on for incoming SMTP connections: 127.0.0.1
  • Other destinations for which mail is accepted: your hostname
  • Machines to relay mail for: leave this blank
  • IP address or host name of the outgoing smarthost: mail.example.com::587
  • Hide local mail name in outgoing mail?
    • Yes - all outgoing mail will appear to come from your gmail account
    • No - mail sent with a valid sender name header will keep the sender’s name
  • Keep number of DNS-queries minimal (Dial-on-Demand)? No
  • Delivery method for local mail: choose the one you prefer
  • Split configuration file into small files? Yes (you need to edit one of the files next)

Then run sudo vi /etc/exim4/passwd.client and add the following lines for your mail host, and any aliases it has (found through nslookup). Substitute email address and password with the account you want to route mail through):

1
mail.example.com:email address:password

Once you edit the passwd.client file, run sudo update-exim4.conf which will integrate your changes into your Exim4 config.

Run sudo systemctl restart exim4 and make sure that the service stops and starts properly. If the service is unable to restart, something probably went wrong when you edited the passwd.client file.

Now the configure has been finished.

We can use exim -v [email protected] to get in send process to send a test email.

If get in the editor mode, input these charaters:

1
2
3
From: [email protected]
Subject: Foobar
Text Text Text

After inputing, press Ctrl+d to send test email.

这两周一直在折腾新买的这台二手 r730xd。第一次上电的时候,风墙的6个18000转风扇的满速运行的噪音太感人了。让我想起来当年在机房跟同事维护机器的时候,说话完全靠喊的记忆。

既然风扇转速高,就去看看主板bios里有没有设置,结果看了半天,从bios到dell服务器的idrac,就没有找到可以手动设置风扇转速的地方。

我当时也是傻,没有放狗搜索一下,就直接准备干静音风扇了。。。

淘宝和闲鱼搜索了好几圈,都没有服务器用的 606038 风扇的接口。

image.png

最后随机在一家店里买了一个5000转的,准备自己动手改一下。

image.png

最后用杜邦线的塑料胶头改装成功了,上电测试没有问题。赶紧下单买剩下的5个。

第一周就这么过去了。

等待了五天,另外5个风扇到了,花了3个小时完成改装,改装后的风墙这个样子:

image.png

由于放弃了快拆头,只能手动一个个插。上电后,成功识别风扇,噪音小了很多,但是依然是吵。

不死心的我,都要准备换水冷了,这个时候,搜索到可以使用dell的 ipmitool 来给风扇调速,唯一的缺点是,机器断电后重新上电,配置还需要重新设置。

安装很简单

1
pacman -S ipmitool

或者

1
apt-get install -y ipmitool

设置为手动调速

1
ipmitool -I lanplus -U 用户名 -P 密码 -H iDracIP raw 0x30 0x30 0x01 0x00

设置回自动调速

1
ipmitool -I lanplus -U 用户名 -P 密码 -H iDracIP raw 0x30 0x30 0x01 0x01

设置风扇转速,这里我写了个脚本 speed.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
#!/bin/bash
USER=xxxx
PASS=xxxx
IP=192.168.1.11
DEFAULT_SPEED=0xf

if [ "$1" != "" ]; then
fan=`printf "0x%x" $1`
else
fan=$DEFAULT_SPEED
fi
echo $fan
ipmitool -I lanplus -U $USER -P $PASS -H $IP raw 0x30 0x30 0x02 0xff $fan

设置为可执行文件,然后想要设置风扇转速为 30%,则执行

1
./speed.sh 30

风扇成功降速,且cpu温度也能压住,问题解决!

所以为啥我一开始不先搜索一下呢? 哭笑。。。

最近我的 Chromebook 无法访问 websocket 资源,这让人很烦恼。

查来查去,最后发现国外一篇文章提到,如果全局代理中勾选了“对所有协议使用同一代理”,就会出现这个问题。这是由于 websocket 会使用 socks 代理作为通讯方法,

我之前都是分着设置,前几天测试个东西,找省劲,勾选了“对所有协议使用同一代理”,而我的 socks 代理端口和 http 代理端口其实不是同一个,才导致现在访问所有 websocket 资源不成功。

This is one line command to install docker on Debian 10/11.

1
2
3
4
5
6
7
8
9
10
11
apt-get install -y \
ca-certificates \
curl \
gnupg \
lsb-release &&
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg &&
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null &&
apt-get update &&
apt-get install -y docker-ce docker-ce-cli containerd.io

This command line has been verified on Debian 10/11.

This will speed up deploying a fresh vps process. That is why I write all command in one line.

ChromeOS 内置 Debian buster 的 Linux 系统

  1. 修改国内源, /etc/apt/sources.list

    1
    2
    3
    4
    5
    6
    7
    8
    9
    deb http://mirrors.163.com/debian/ buster main non-free contrib
    deb http://mirrors.163.com/debian/ buster-updates main non-free contrib
    deb http://mirrors.163.com/debian/ buster-backports main non-free contrib
    deb http://mirrors.163.com/debian-security/ buster/updates main non-free contrib

    deb-src http://mirrors.163.com/debian/ buster main non-free contrib
    deb-src http://mirrors.163.com/debian/ buster-updates main non-free contrib
    deb-src http://mirrors.163.com/debian/ buster-backports main non-free contrib
    deb-src http://mirrors.163.com/debian-security/ buster/updates main non-free contrib
  2. 安装 Docker

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    sudo apt-get update -y
    sudo apt-get install -y\
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
    curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
    echo \
    "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
    $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    sudo apt-get update -y
    sudo apt-get install docker-ce docker-ce-cli containerd.io -y
    sudo gpasswd -a ety001 docker
  3. 修改 Docker 日志量

1
2
3
4
5
# /etc/docker/daemon.json
{
"log-driver":"json-file",
"log-opts": {"max-size":"5m", "max-file":"3"}
}
1
2
sudo systemctl restart docker
sudo systemctl enable docker
  1. 修改 Linux 容器为固定IP

/etc/network/interfaces 文件

1
2
3
4
5
6
7
8
9
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 100.115.92.202/28
gateway 100.115.92.193

dns-nameservers 8.8.8.8 114.114.114.114

重启网络 sudo systemctl restart networking

  1. 修改 sudo 不需要密码
1
%sudo ALL=(ALL) NOPASSWD: ALL
  1. 设置当前用户密码
1
sudo passwd ety001
  1. 配置 Chrome 各个插件

  2. 配置 ssh

  3. 从 github 下载私有配置,进行自定义设置

  4. 安装 nvm

1
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
  1. 下载 vscode

https://code.visualstudio.com

  1. 安装 Remmina
1
2
3
4
5
6
7
sudo apt install -y remmina \ 
remmina-common \
remmina-plugin-exec \
remmina-plugin-kiosk \
remmina-plugin-rdp \
remmina-plugin-secret \
remmina-plugin-vnc
  1. 安装 Linux 搜狗拼音

https://pinyin.sogou.com/linux/?r=pinyin

安装完,在 /etc/systemd/user/cros-garcon.service.d/cros-garcon-override.conf 中增加下面的配置

1
2
3
Environment="GTK_IM_MODULE=fcitx"
Environment="QT_IM_MODULE=fcitx"
Environment="XMODIFIERS=@im=fcitx"

~/.sommelierrc 中增加

1
/usr/bin/fcitx-autostart

参考: https://faq.fydeos.com/en/recipes/chinese-ime-in-linux-beta/

最新: https://chromium.googlesource.com/chromiumos/docs/+/main/containers_and_vms.md#Can-I-set-environment-variables-for-my-container

  1. 安装 LinuxQQ

https://im.qq.com/linuxqq/download.html

  1. 安装 Linux QQ音乐

https://y.qq.com/download/download.html

  1. 安装 Linux 网易云音乐

https://music.163.com/#/download

  1. 安装 Slack

https://slack.com/intl/zh-cn/downloads/linux

  1. 安装 hack 字体
1
sudo apt-get install -y fonts-hack

This is one line command to install docker on Ubuntu 20.04.

1
2
3
4
5
6
apt update -y && \
apt install -y apt-transport-https ca-certificates curl software-properties-common && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" && \
apt update -y && \
apt install -y docker-ce

This command line has been verified on Ubuntu20.04.

This will speed up deploying a fresh vps process. That is why I write all command in one line.

image.png

In some cases, we need to pull some docker image through our custom proxy server.

But the HTTPS_PROXY and HTTP_PROXY in current login terminal will not be useful for the docker pull command.
The proxychains-ng tool is the same situation.

This is because docker is divided into dockerd and client. The docker pull command is executed by dockerd service. So we need make sure dockerd use proxy server.

The Docker daemon uses the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environmental variables in its start-up environment to configure HTTP or HTTPS proxy behavior. You cannot configure these environment variables using the daemon.json file.

So we can edit the systemd service file.

1.First create a new folder

1
$ sudo mkdir -p /etc/systemd/system/docker.service.d

2.Then create a new file named /etc/systemd/system/docker.service.d/http-proxy.conf

1
2
3
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80"
Environment="HTTPS_PROXY=http://proxy.example.com:80"

3.Reload and restart

1
2
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

4.Verify that the configuration has been loaded and matches the changes you made, for example:

1
$  sudo systemctl show --property=Environment docker

1
2
3
4
5
6
7
8
9
10
11
12
13
function getUtcTimestamp() {
const now = new Date();
const utcTimestamp = Date.UTC(
now.getUTCFullYear(),
now.getUTCMonth(),
now.getUTCDate(),
now.getUTCHours(),
now.getUTCMinutes(),
now.getUTCSeconds(),
now.getUTCMilliseconds()
);
return `${parseInt(utcTimestamp / 1000, 10)}`;
}
0%