rdpsign corrupts RDP file - rdp

We want to programmatically generate RDP files and sign them to try to get rid of any prompts when establishing the RDP connection (the system consuming the RDP files is for automation). When we create a test RDP file, then sign it with rdpsign (passing the hash/thumbprint), we get the standard success message from rdpsign. However, when you execute the signed RDP file, you get an "ERROR: This RDP file is corrupted. The remote connection cannot be started." message.
We are using Windows 7 x64 system (AzureRM VM from the gallery). Thoughts?

I had the same problem and fixed it by removing the following options from the RDP file before signing:
rdgiskdcproxy
kdcproxyname
Source: https://social.technet.microsoft.com/Forums/windowsserver/en-US/4166425a-6f9d-4de5-a776-145b3da72f2c/rdp-files-signed-with-rdpsign-became-corrupted-in-rdp-80

Related

SSH session within SSH session - VS Code

I connect to a server within Visual Studio Code using SSH ("Remote-SSH: Connect to Host..."). When working in the terminal within VS Code, the command code <file> results in opening the file in VS Code of the client (therefore on my screen). Now let's suppose I establish another SSH connection from the current session to a workstation within the network of the server using ssh <some workstation>. When I now try to open a file in VS Code using code <file>, nothing happens.
My questions are:
Since the last code <file> mentioned didn't open anything on my screen, is it possible that VS Code did open on any other screen connected to either the server or the workstation?
Is there any possibility to open the file within my VS Code?
As for your first question:
There's is NO WAY your action could have opened a window on any other screen than yours. For that to happen you'd have to "link" your ssh session to that screen, which would require a bunch of intermediary steps.
Now for the second question:
Yes its possible (and pretty easy). BUT you will have to open another session of VScode that will connect to the "workstation" through the server.
Currently, to connect to the server, you probably had to add these lines to your ssh config file:
Host MyServer
HostName adress.server
User username
To open a session in the workstation, through the server, you should add these lines:
Host MyWorkstation
HostName workstation.adress.within.network.of.the.server
User usernameInWorkstation
ProxyJump server.adress

Cannot ssh into GCP instance

I cannot ssh into Google compute engine instance. Here is scenario.
I tried to ssh into an instance from ubuntu ssh client, so generated a private & public key in my local and added pubkey to metadata.
But got Permission denied (publickey) error message and the instance console was saying No space left on device
I then increased the size of the instance by 100GB more and then restart the instance.
After few mins later, tried to ssh into the instance again and getting the Permission denied (publickey) error again and the console said No usable temporary directory found in ['/tmp', '/var/tmp', '/usr/tmp', '/']
Now I can't connect to the instance by any tool such as browser console, ssh client etc.
Is there any solution to address this problem?
Thanks in advance.
I faced the same problem during these days, and I solved it using winSCP to access the storage and delete a lot of heavy files created by my scripts, also because the the instructions here have been not so useful.
If you do not know how to configure winSCP and GCP, follow my steps or this video.
winSCP - Create Keys
While creating a new site in winSCP
go to advanced --> ssh --> Authentication
click on Tools and open the Putty gen
generate public and private key
save them
copy the public key and open GCP
Setting your GCP instance
Click on your instance to edit its settings
scroll down until you reach ssh keys
paste your key
save
Done, now you can access your instance storage and remove some files; after that, your instance will be able to boot correctly creating the temporary files needed.
As Dan mentioned, you need to connect on serial console to expand the filesystem making use of the additional disk space allocated. You can also attempt to free up some space etc.
A complete tutorial is linked:
https://youtu.be/HSBTnfDsVRs
In this video, I talked about how to SSH into GCP using Windows Terminal. There are three methods to do so:
Access via Chrome
Access via Command Prompt
Access via a custom Windows Terminal tab (best!!)
Process for Chrome:
Open Google Chrome
Type "https://console.cloud.google.com/"
And you can access it!!
Process for Installing Google Cloud SDK:
Install Google Cloud SDK (https://cloud.google.com/sdk/docs/downloads-interactive)
Click "Next"
Click "I Agree"
It's installed!!
Process for Command Prompt (via PuTTy):
Open Windows Terminal
Then, open Command Prompt
Type "gcloud cloud-shell ssh"
And you can access it!!
Process for a custom Windows Terminal tab:
Open Windows Terminal
Go to Settings and click "Open JSON file"
Then add the following:
{
"backgroundImage": "C:/Users/user/Downloads/Pictures/gcp.png",
"backgroundImageOpacity": 0.2,
"commandline": "wsl ~/ssh-gcloud-env.sh [email] [project_id]",
"hidden": false,
"icon": "C:/Users/user/Downloads/Pictures/gcp.png",
"name": "SSH into GCP"
},
Then, open your wsl2 Ubuntu VM, and in your /home/user/ directory make a file named "ssh-gcloud-env.sh". And type in the following commands:
gcloud auth login $1
gcloud config set project $2
gcloud cloud-shell ssh
Save the file and type the following: "chmod +x ssh-gcloud-env.sh"
Finally, go to your Windows Terminal and open the custom tab.
Yay! We did it

Create CoRD Compatible RDP file

I'm trying to generate a Remote Desktop RDP file that is compatible with CoRD verion 5701 or Microsoft Remote Desktop Version 8 for mac. I don't care if the password can't be saved in the file. I realize that has separate challenges.
My question is, has anyone successfully generated an RDP file, copied it into CoRD's servers directory, and successfully opened the file?
Here is the format I'm generating:
connect to console:i:1
redirectdrives:i:0
redirectprinters:i:0
disable wallpaper:i:1
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable font smoothing:i:0
audiomode:i:2
desktopwidth:i:1680
desktopheight:i:1050
session bpp:i:16
cord save password:i:0
cord fullscreen:i:0
cord row index:i:11
cord hotkey:i:-1
cord displayMode:i:0
full address:s:1.2.3.4:10021
username:s:myuser
domain:s:mydomain
cord label:s:myVm
When I open CoRD, it deletes all the values in the file. Alternatively if anyone has successfully done this for Microsoft Remote Desktop for Mac, I'm interested to hear that as well. With MS desktop, I am able to import my RDP file (of course I omit the cord specific fields) but the name of the connection defaults to the "full address" field. I don't see a way to set a connection label in the RDP file like you can with the "cord label" field.
It turns out the format I was generating was correct. What was less obvious was that CoRD expects WINDOWS CRLF's at the end of each line!
I was generating these RDP files in groovy on a mac, and so I had to ensure that I was printing \r\n at the end of each line.

Why is WLST not recognizing the user/password in the key and config file in connect() call?

I'm trying to connect to an admin server in WLST using config and key files. There are no error messages but I am prompted for a username and password. These files were created (by another developer who is long gone[1]) with the storeUserConfig() command. My call to connect looks something like this: connect(userConfigFile=configFile, userKeyFile=keyFile, url='t3://somehost:7031')).
Is there some restriction in using these files, such as it can only be used on the host where created, or it needs access to the domain's boot.properties file?
Note: I'm trying to connect to an admin server on a different host and non-standard port (e.g. not 7001). The server I am running WLST on and the remote host are the same version of Weblogic.
Some of the things I have tried:
verified that these files appear correct, the key file being binary data and the config file having a line for "weblogic.management.username={AES}..." and "weblogic.management.password={AES}...".
verified that there is a server on the specified port by entering a known login and password that is successful
specified the admin server in the connect parameter
turn on debug(true); the only output is <wlst-debug> connect : Will check if userConfig and userKeyFile should be used to connect to the server and another line giving the path to the userConfig file
turn on Python logging in jython with -Dpython.verbose=debug; nothing relevant to decryption operation
Munging the key or the config files generates no error messages and behaviour as above
[1]: These files are still used today by other existing WLST scripts. However, these scripts are so convoluted and deliberately obfuscated that they are very difficult to reverse-engineer how connect() is being called.
You do not need to access to the domain's boot.properties file. You just need to make sure the configFile and keyFile pointing to the right files. FYI, here is one of the commands we are using:connect(userConfigFile='./user.secure',userKeyFile='./key.secure',url='t3://somehost:7001')
Have you check the network connectity that might be having a firewall in between that troubling you, check the traceroute from the script machine to the Remote machine. Recently I have faced simalar issue. once the routing table updated with allow the WL admin server port everything got set.
Hope this could helps you!
I had this problem too. In a script, I exported the Linux variables userConfigFile and userKeyFile. Then I connected by running:
url='t3://localhost:7002'
userConfigFile='$userConfigFile'
userKeyFile='$userKeyFile'
connect(userConfigFile=$userConfigFile, userKeyFile=#userKeyFile, url=url)
That all worked in a script, but would not work interactively. I changed to doing the following:
url='t3://localhost:7002'
userConfigFile='/users/me/weblogic-2014/weblogic-admin-WebLogicConfig.properties'
userKeyFile='/users/me/weblogic-2014/weblogic-admin-WebLogicKey.properties'
connect(userConfigFile=userConfigFile, userKeyFile=userKeyFile, url=url)
And that worked interactively.

Remotely control a graphical vb.net program through a command prompt

I have created a VB.NET program using windows forms. The program runs on a remote PC and displays information on a screen. The computer does not even have a mouse or keyboard connected to it. The program shows the information based on the file that is loaded.
I want to be able to change this file remotely to another file that is already on the remote PC. I can't use a graphical remote desktop client as we have very limited bandwidth.
So, my idea is to change the file using the command prompt (I think I'll need something like SSH). I'm not sure how to do this. Should I use something like this and load DosModule first:
Module DOSModule
Public Sub Main()
Console.Write("First, start with Command Prompt processing ...")
Dim myWinForm As New WinForm
Application.Run(myWinForm)
End Sub
End Module
How would I then read commands that is send to the program? I also only want one instance of the program running.
Thanks
You have 2 options. The first is a custom program that WILL require some network programming, like it or not. I would suggest creating either a Command-Line batch file or else a PowerShell script, then creating a program to transfer the script to the remote computer and execute the script.
The second option and the one better suited for you would be to download an SSH server. An SSH server will essentially open a command window and pipe the input and output over to a telnet client running on your machine. If you are running a version of Windows Server, an SSH server comes with Windows Server. Otherwise, you can download one for free here: http://www.freesshd.com/
Once you install the SSH server, you simply use telnet, from a command prompt, to link up with your remote SSH server