OpenSSH internal-sftp chroot logging on Ubuntu

I’m putting this here mainly to store it for myself, so these are going to be rough notes until I have time or inclination to review and edit this post.

Note: this solution was formulated on a server running Ubuntu Server 14.04 LTS

To setup sftp chroot directories for sftp-only users, and yet still log all actions & transfers like a “xferlog”, you need to somehow get the chrooted user to be allowed to write log data into the main syslog daemon.

First of all, you need the following in your sshd_config, and make certain to pay attention to the “ForceCommand” line, as I was missing that at first, and therefore, you are not changing the logging for the chroot users, just the non-chroot users:

Subsystem sftp internal-sftp -l VERBOSE -f LOCAL6

# Next section restricts users in sftpusers group to chrootDirectory

Match Group sftpusers
  ChrootDirectory %h
  ForceCommand internal-sftp -u 002 -l VERBOSE -f LOCAL6
  AllowTcpForwarding no
  PermitTunnel no
  X11Forwarding no

Now, you want to have a line like this in your /etc/rsyslog.d/50-default.conf or other /etc/rsyslog.d/*.conf file, in order to direct the sftp verbose logs to a specific file:

local6.*			/var/log/sftp.log

Then, you have a couple of options on how to proceed. The first way I got working was to add another listening socket in the rsyslogd config, with this line:

$AddUnixListenSocket /home/username/dev/log

You could also use this method:

mkdir /home/username/dev
touch /home/username/dev/log
chmod 511 /home/username/dev
chattr +i /home/username/dev
mount --bind /dev/log /home/username/dev/log

Either one should work for you – the question is how you want to handle the situation, especially if you have either a large number of users, or a constantly changing user base; you’ll have to orchestrate either adding the special mount point and then having a lot of extra mounts, or adding a lot of extra listening socket files in rsyslogd. I leave it to you to decide which is better for your situation.

I also saw a method that didn’t work for me, but was for HP-UX, and might work for Solaris, too, over here:

Import Xen VM from .xva file via cmd-line or GUI

Importing a Xen VM from a .xva file

Import/Restore a Xen VM from a backed-up image file, likely a backup taken of a VM prior to the destruction of said VM for any reason.

Import via command line (faster and preferred method)

This method took 2:33 (2 minutes 33 seconds) to import a VM that had an 8GB HDD, of which 6 GB was used

  1. Ensure you have mounted the location with the .xva file. For instance, if it is a remote NFS store, you may want to check the current mount points, or execute:

    mount -t nfs /mnt/backup
  2. Take note of the filename & path that you will use for restoration/import, such as:

  3. If you don’t have shared storage in your Xen Pool, or if you wish to place the VM on a specific server or Storage Repository (SR), execute the command:

    xe sr-list

    which will produce output such as this:

                uuid ( RO): 73a394e5-2a60-a13d-9c42-4987d81c1a77
          name-label ( RW): DVD drives
    name-description ( RW): Physical DVD drives
                host ( RO): XEN-SRV-4
                type ( RO): udev
        content-type ( RO): iso
                uuid ( RO): 3b3346b2-d08a-90a8-bc13-321e0fe988d9
          name-label ( RW): Removable storage
    name-description ( RW): 
                host ( RO): XEN-SRV-4
                type ( RO): udev
        content-type ( RO): disk
                uuid ( RO): 69659292-ca18-3875-8c3b-1c9873db1dc0
          name-label ( RW): Local storage
    name-description ( RW): 
                host ( RO): XEN-SRV-4
                type ( RO): lvm
        content-type ( RO): user

    Take note of the uuid of the “Local Storage” of the host on which you wish to place the VM. In this case, if we want to place the VM on “XEN-SRV-4,” then we will need the uuid “69659292-ca18-3875-8c3b-1c9873db1dc0

  4. Using the uuid & filename from above, you can then execute the vm-import command thus, preferably on the physical host where you are importing the VM, to minimize network traffic and potential slowdowns caused by passing packets from one server to another unnecessarily:

    xe vm-import filename=/mnt/backup/Test-VM-2016-02-17_12-23-01.xva sr-uuid=69659292-ca18-3875-8c3b-1c9873db1dc0

    If you want or need to retain the VIF MAC addresses (such as for a VM that gets its IP Address via DHCP), ensure that you specify the preserve=true option such as:

    xe vm-import filename=/mnt/backup/Test-VM-2016-02-17_12-23-01.xva sr-uuid=69659292-ca18-3875-8c3b-1c9873db1dc0 preserve=true
  5. If you wish to have the VM start automatically when the Hypervisor/Host boots, ensure you re-enable the autostart option, as it does not get restored when importing a VM from a file. For that, you’ll need the uuid of the VM (xe vm-list can help you there) and then you need to execute:

    xe vm-param-set uuid=<UUID-OF-VM> other-config:auto_poweron=true

Import via Windows XenCenter GUI (slower method)

This method took 22:40 (22 minutes 40 seconds) to import a VM that had an 8GB HDD, of which 6 GB was used, an order of magnitude slower than the command-line method above

  1. First, map a drive to the location with the backups (For instance, map X: to \\\xenbackups) which you can optionally do via the GUI, or with command line:

    net use x: \\\xenbackups /user:<USERNAME>
  2. Take note of the filename & path that you will use for restoration/import, such as:

  3. Right-click on the physical host you wish to place the VM onto (such as XEN-SRV-4), then select Import…

  4. Click Browse… to select the file containing the image you wish you import (X:\Test-VM-2016-02-17_12-23-01.xva) then click Next

  5. Select the Home Server for the VM (XEN-SRV-4 in this case), then click Next

  6. Select the storage for the VM HDD(s), which if you don’t have shared storage, will be the Local Storage of the Home Server, then click Import >

  7. Select final networking settings and finalize the import. The VM should start automatically after the import is complete.

  8. If you wish to have the VM start automatically when the Hypervisor/Host boots, you’ll need to ensure you re-enable the autostart option, as it does not get restored when importing a VM from a file. For that, you’ll need the to login to the shell (SSH/terminal) of one of the Xen Hosts, and will need the uuid of the VM (xe vm-list can help you there) and then from the shell, you need to execute:

    xe vm-param-set uuid=<UUID-OF-VM> other-config:auto_poweron=true

Girls, please do <whatever> “Like a Girl”

Doing something “Like a Girl” is not an insult in my mind, and it shouldn’t be one in the public consciousness, either. If someone tells my daughter, Abby, that she does something “like a girl,” I want her to reply with the attitude “Heck yeah, I do!” and show them how a girl can kick butt at whatever it is.

From Elite Daily: These Young Girls Prove That Doing Things ‘Like A Girl’ Isn’t A Bad Thing


Flash plugin crashing in Firefox on Windows 8 with StackHash_fa66 error

As of today, 2014-01-07, I am running Firefox 26.0 on Windows 8 with the Adobe Flash Plugin 11,9,900,170.

For the past few weeks, whenever I attempted to load a site that utilizes the flash plugin, I would receive an application crash error with the following details:

Problem signature:

  Problem Event Name:                        APPCRASH

  Application Name:                             FlashPlayerPlugin_11_9_900_170.exe

  Application Version:                           11.9.900.170

  Application Timestamp:                    529b79bf

  Fault Module Name:                          StackHash_fa66

  Fault Module Version:              

  Fault Module Timestamp:                 00000000

  Exception Code:                                  c00001a5

  Exception Offset:                                PCH_1C_FROM_ntdll+0x0002DC34

  OS Version:                                          6.2.9200.

  Locale ID:                                             1033

  Additional Information 1:                  fa66

  Additional Information 2:                  fa6696398de2b9f98383d7a3bf5c3ea1

  Additional Information 3:                  fa66

  Additional Information 4:                  fa6696398de2b9f98383d7a3bf5c3ea1


Read our privacy statement online:


If the online privacy statement is not available, please read our privacy statement offline:


And I found tips all over the ‘Net for how to resolve it, but most of them advised to reinstall the Flash plugin, which I had done many times to no avail, or to perform an application repair from the Control Panel, which was also not helpful in my case. I finally found the answer, via a mention of mms.cfg in this Mozilla support forum post:, and then the details via this forum page from Adobe:

The fix for me was to simply disable Adobe Flash’s Protected Mode via editing C:\Windows\SYSWOW64\Macromed\Flash\mms.cfg and adding the line:
then saving & closing the file, restarting Firefox, and reloading the Flash plugin (via visiting a site that uses Flash and activating the plugin.)

I don’t believe this to be the “Correct” fix, and this will need to be revisited in the near future, but there is definitely some type of incompatibility with Firefox 26.0, Windows 8, and Flash 11.9 (and according to the first forum post I linked up, Flash 11.8, as well. Users of other operating systems appear to have this problem at times, too, including Windows Vista, Mac OS X (not sure which version), and at least one Linux user (not sure which distro, version, or any other details.) — This informs me (anecdotally) that this may be inherent in some part of the Flash libraries, not the host OS.)

Regardless, that is how I solved it, and it took my considerable time to find the correct fix for me, so I am posting this here to help with Google searches for either the StackHash error code “StackHash_fa66” or “fa6696398de2b9f98383d7a3bf5c3ea1” or for searches on the DLL error code “PCH_1C_FROM_ntdll+0x0002DC34”

Best of luck to you!

AutoMySQLBackup authentication error

Note: If using automysqlbackup to backup all your MySQL databases on a Linux host, and you are getting the error:

ERROR 1045 (28000): Access denied for user ‘automysqlbackup’@’localhost’ (using password: YES)

even though you test it on the command line and can successfully login as the automysqlbackup user (or whichever user you are using for backups), make certain that the password for that user (‘automysqlbackup’ in my case) does not have any shell metacharacters, such as # or $, etc., or find the proper way to quote the password in the configuration file for automysqlbackup. (perhaps it is single quotes, perhaps double quotes…I did not test it, as I was “on the clock”, per se, and just removed the shell metacharacters from my password.)

See these two posts for more information:

Serving static content through the ASP.NET handler on Windows 2003 / IIS 6.0

I recently had the need to process static file types (particularly *.html and *.pdf files) through the .NET processor/Framework on a Windows 2003 / IIS 6.0 server for the purpose of redirecting certain URLs. Having done this in the past, I knew I simply needed to add an application mapping for each file extension to the .NET processor. (Read more about that at Microsoft’s page for How to: Configure an HTTP Handler Extension in IIS – in this case, for the last step, we want to make certain that “Verify that file exists” is NOT checked, because we want to redirect URLs for files that do not exist on the filesystem, therefore, you don’t want to check for the existence of those files.)

And it should Just Work™. (Provided you set up your redirect module properly, etc.)




Well, let me clarify: It worked in the case that I had a redirect setup for a file that did not exist on the filesystem. So, the actual redirect worked great. (yay!) However,


If there was a file on the filesystem with extension .html or .pdf that DID exist and I DID want to serve up to the client, it did NOT work. All I got was the error “The connection was reset”

Upon examination of the problem, IIS just drops/resets the connection without sending any content to the client web browser, which is what causes this error. (Now, this worked just fine in Windows 2000 / IIS 5, so I was perplexed at this behavior.)


On Win2K3, IIS 6, in the master web.config file (usually “C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config“), under the section “<system.web><httpHandlers>” the next to last handler is “<add path="*" verb="GET,HEAD,POST" type="System.Web.DefaultHttpHandler" validate="true" />

That handler is what is supposed to serve up any content that is not handled by some other predefined .NET handler, such as the Page Builder handler for .aspx pages, for instance. IIS should use this “System.Web.DefaultHttpHander” to basically dump the content of the file to the IO Stream feeding your web browser’s connection to the server.

Unfortunately, this does not work properly on my default installs of Windows 2003 Web Edition.


To work around this problem, you need to redefine the http handler for your specific file types, or for the wildcard type. You can do this in a site specific web.config, or you can modify the system web.config to be what I consider to be “correct.”

In your site web.config, use the following:

      <add path="*.html" verb="*" type="System.Web.StaticFileHandler" validate="true" />
      <add path="*.pdf" verb="*" type="System.Web.StaticFileHandler" validate="true" />

Or to cover the wildcard extension (all files, with, or without, extensions):

      <add path="*" verb="*" type="System.Web.StaticFileHandler" validate="true" />

And that will solve the problem for your site.

To solve it for your entire web server, though, AT YOUR OWN RISK (there may be unknown repercussions!!!), just change that “next to last” httpHandler in the system “C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config” to use “System.Web.StaticFileHandler” instead of “System.Web.DefaultHttpHandler”.

Thanks very much to this resource at You receive a “Page cannot be displayed” error message when you use an ASP.NET application to open an .htm file or another static file that is hosted in IIS 6.0

What’s the worst that could happen?

Watch this. Regardless of how you feel about global climate change, this video could help you choose a path of action to the future. Watch it and decide for yourself how you should live.

Greg Craven’s website

For people citing the whole “Climategate” issue where it was thought that data was falsified by scientists, read the Wikipedia article on the whole thing, as there is tons of data there, including the fact that several organizations took a good look at the data and methods used by those scientists and found that there was no misconduct.

Crunchy Peanut Butter Cookies

I made these cookies as travel food for a long car trip we made recently.  They are high in protein, and relatively low in simple carbs, at least compared to many other cookies and car snacks.  They were tasty and provided great energy in the car without causing that dreaded sleepiness that comes from snacking on too many simple carbohydrates.

These cookies had a wonderful peanut butter flavor as well as a great crunch, and they were super easy to make! I didn’t use the optional nuts or chocolate chips; I plan to try using crunchy peanut butter at some point to add some crunch in a quick & easy way.

I found this Crunchy Peanut Butter Cookies Recipe at the Food & Wine Magazine site:

Crunchy Peanut Butter Cookies

SERVINGS: Makes 2 dozen cookies (or so…)


1 cup smooth peanut butter

1 cup sugar

1 teaspoon baking soda

1 extra-large egg, lightly beaten

2 tablespoons finely chopped peanuts (optional)

1/4 cup mini chocolate chips (optional)


  1. Preheat the oven to 350° and position 2 racks in the upper and lower thirds.
  2. In a medium bowl, mix the peanut butter with the sugar, baking soda and egg.
  3. (optional) Stir in the peanuts and/or chocolate chips.
  4. Roll tablespoons of the dough into 24 balls. Set the balls on 2 baking sheets, and using a fork, make a crosshatch pattern on each cookie.
  5. Bake for 15 minutes, shifting the baking sheets from front to back and bottom to top, until the cookies are lightly browned and set.
  6. Let cool on a wire rack.

Almond Biscotti

Original recipe is in normal text, with my adjustments and notes in italics between the curly braces after each line.

2 sticks butter, room temp
1 3/4 cup sugar
6 eggs
2 tsp. vanilla
1 tsp. almond flavoring
1 tsp. baking powder
1 cup sliced almonds
6 cups flour

  • Cream butter and gradually add sugar.  Mix well.
  • Add one egg at a time; cream well until fluffy.
  • Add vanilla and almond flavorings.
  • Add sliced almonds.  {I once forgot to add them at this point, and added them after the flour, just before kneading…it worked pretty well that way, too!}
  • Add baking powder and flour gradually and mix well.
  • Turn dough out onto floured surface.  Knead briefly {I found that I liked them better if I kneaded the dough a bit more than “briefly” – something like ten minutes.} like you would with bread dough, adding flour a little bit at a time until you can form loaves (use as little flour as you can).
  • Shape dough into two loaves (or four if you want smaller biscotti).
  • Put loaves on foil-lined cookie sheets.  Flatten loaves a little bit with your hands.  {Pat the loaves down wide and flat, as the dough will mostly retain the shape you give it here. I also don’t use foil, I just put them directly onto my stainless air-bake cookie sheets.}
  • {I also use a little milk or water (VERY LITTLE) to moisten the top of the loaves and sprinkles some sliced almonds on top for effect.  I like it, anyway.}
  • Bake at 350 degrees for 35 minutes or until golden brown. {Don’t want to overbake at this point, as you’ll toast them more below.}
  • Cut into slices. {Looks nicest if you cut on an angle.}
  • Lay slices flat on cookie sheets and put back in oven at 400 degrees to toast for 5 minutes on each side. {I found that they were more “biscotti-like” if you toasted them for longer, more like 12-15 minutes per side, especially since the loaves were sometimes still pretty moist in the center, but brown enough on the outside that you wouldn’t have wanted to bake them any longer as a whole loaf. Keep an eye on them if you extend the time – you definitely don’t want them to burn!}
  • Let cool, and enjoy!