gui

How to create a Private GitHub repository and access via SSH with TortiseGIT

July 17, 2021 by Simon

Here is a guide on using the GUI TortoiseGIT, GIT for Windows with GitHub.

Creating a GitHub Account

Make sure you have a GitHub account (free is OK) https://github.com/

I used my defined hardware Security Key

I clicked New Repo

Repo Settings

I set Private
Added a readme
Set .gitignore for Visual Studio files
I had no idea what licence to select (read more on licences here)

I clicked Create repository

Creating RSA Keys

Now I will create an SSH key to protect communications with GitHub.

When logged into GitHub, I clicked the SSH and GPG Keys menu

I clicked New SSH Key button

GitHub wants a public SSH Key

Setup Git Locally

I checked to see if the “git” command was installed on my local machine.

I will install Git from https://gitforwindows.org/

I download Git-2.32.0.2-64-bit.exe and started the installer

Folder C:\Program Files\Git

Set Options (e.g I like Check for Daily updates)

Start Menu Folder

Text Editor: I like Sublime Text from https://www.sublimetext.com/3

Set an Initial Branch name

Set 3rd party software options

Set HTTPS options

Set Line Endings preferences

Set Terminal Emulators preferences

Set Git Pull default preferences

Set Credential Manager preferences

Set Extra Options

Experimental Options

Installing

First Launch

Git is installed

Install Tortoise GIt

Visit https://tortoisegit.org/

Download Gif (64bit)

I started the installer.

Licence Agreement

SSH Type

Components

Install

Installing (Wizard)

Language: English

Shell Extension

I checked for a known git path.

I set my desired git username and email

I set desired SSH settings

Folder for Code Repositories

I create C:\Code\MyTestRepo

Before I can clone a repository I need o set the past to SSH in TortoiseGit.

I right-clicked on C:\Code\MyTestRepo and selected TortiseGit\Settings

I expanded the Network Node and set the following as the SSH Client

“C:\Program Files\TortoiseGit\bin\TortoiseGitPLink.exe”

I saved the Settings.

Clone a GitHub Repository via git and Tortoise GIT

Now I can clone a repositor to C:\Code\MyTestRepo,

I right clicked on C:\Code\MyTestRepo in explorer and clicked Git Clone

I added by GIT URL (Obtained from GitHub), I also set the path for the Private Key I created earlier.

I was informed that the key is in the wrong format

I need to convert the RAS Private Key to a Putty PPK Key

Convert an RSA Key to a Putty PPK with PuuttyGen

I opened the Open Putty Gen

I click Load and select the id_github_test private key I created earlier

I entered my private key password

The private key loaded.

Now I can export the private key to a PPK format

Clone (with a PPK Private Key)

Getting back to cloning a repository I right-clicked on C:\Code\MyTestRepo

I set the PPK private key

I entered the password

I accepted the key

The Repository started cloning.

Creating a Quick Visual Studio Project

I created a quick Visual Studio project and saved it to C:\Code\MyTestRepo\Hello World

Visual Studio files were visible in C:\Code\MyTestRepo

I Commit the new files to the repository (main branch)

I selected desired files to commit

Files were added

I right-clicked on C:\Code\MyTestRepo and selected TortoiseGit\Push

Files are now visible in GitHub

Awesome

Setup on Multiple Machines

I set up Git on multiple machines, cloned, made chances, committed those changes and pushed. I was able to Sync down those changes to each machine.

Good advice on Using Git

Happy Coding

Write your first Java GUI app

March 31, 2018 by Simon

Here is a quick guide that shows how you can create and compile your first Java app with Net Beans.

I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Updating the serves is a pain so I am writing a java app for Windows and OSX to help me manage the server by telnetting in on port 22 and performing routine actions from a button click in Java.

Installing Java and NetBeans IDE

Go to https://netbeans.org/downloads/index.html and click “JDK with NetBeans IDE Java SE bundle”

Download Netbeans and Java SE bundle

Install Netbeans and Java SE bundle

Creating your first GUI Java Application

Create New Project (Java Application) in NetBeans, Click Next

Name the project and set the main class as “main”

Add a new file, a “Swing GUI Form/JFrame form“.

Name the J Frame Form and click Finish.

Adding GUI elements in NetBeans IDE

In the Net Beans IDE, you can simply drag and drop elements. I like to move my properties screen to the bottom centre.

Set the panel at the default startup element

Add the following code to the main.java file

> framemain form = new framemain();
> form.setVisible(true);

Compile the App

The app compiles 🙂

Add an action to a button

You can add button actions (events) in the design mode.

Add Hello World alert box code to the button

Add the following to the Panel code file

> public static void infoBox(String infoMessage, String titleBar)
> {
> JOptionPane.showMessageDialog(null, infoMessage, “InfoBox: ” + titleBar, JOptionPane.INFORMATION_MESSAGE);
> }

Add this to the action (event)

System.out.println(“Hello World”);
> frame1.infoBox(“Hello World”, “Hello World”);

Build

To build right-click on the project and click Clean and Build

The result is an app you can run by double-clicking the jar file.

I hope this helps someone.

Making an OSX APP file from the JAR file

Coming soon

Making a Windows EXE file from the JAR file

Coming soon

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.0 Initial post

Using OWASP ZAP GUI to scan your Applications for security issues

March 17, 2018 by Simon

OWASP is a non-profit that lists the Top Ten Most Critical Web Application Security Risks, they also have a GUI Java tool called OWASP Zap that you can use to check your apps for security issue.

I have a number of guides on moving hosting away form CPanel , Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. It is important that you always update your site and software and test your sites and software for vulnerabilities. Zap is free and completely open source.

Disclaimer, I am not an expert (this Zap post and my past Kali Linux guide will be updated as I learn more).

OWASP Top 10

OWASP has a top 10 list of things to review.

Download the OWASP 10 10 Application security risks PDF here form here.

Using the free OWASP Zap Tool

Snip from https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

“The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It’s also a great tool for experienced pentesters to use for manual security testing.”

Zap Overview

Here is a quick demo of Zap in action.

Do check out the official Zap videos on youtube: https://www.youtube.com/user/OWASPGLOBAL/videos if you want to learn more.

Installing Zap

Download Zap from here.

Download Options

Download contents

Copy to the app to the OSX Application folder

App Installed

Open OSX’s Privacy and Security screen and click Open Anyway

OWASP Zap is now Installed

Ready for a Scan

But before we do let’s check out the Options

OWASP Zap allows you to label reports to ad from anyone you want.

Now let’s update the program and plugins, Click Manage Add-ons

Click Update All to Update addons

I clicked Update All

Installed some plugins

Zap is Ready

Add a site and right click on the site and you can perform an active scan or port scan.

First Scan (https failed)

I enabled unsafe SSL/TLS Renegotiation.

This did not work and this guide said I needed to install the “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files” from here.

The extract files to /Library/Java/JavaVirtualMachines/%your_jdk%/Contents/Home/jre/lib/security

I restarted OWASP Zap and tried to scan my site buy it appears Cloudflare (that I recently set up) was blocking my scans and reported error 403. I decided to scan another site of mine that was not on Cloudflare but had the same Lets Encrypt style SSL cert.

fyi: I own and set up the site I queried below.

OWASP Zap scan performed over 800 requests and tried traversal exploits and many other checks. Do repair any major failures you find.

Generating a Report

To generate a report click Report then the appropriate generation menu of choice.

FYI: The High Priority Alert is a false positive with an HTML item being mistaken for a CC number.

I hope this guide helps someone. Happy software/server hardening and good luck.

More Reading

Check out my Kali Linux guide.

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

V1.3 fixed hasting typo.

v1.2 False Positive

v1.1 updated main features

v1.0 Initial post

Using the free Adminer GUI for MySQL on your website

February 8, 2018 by Simon

Adminer is a free GUI tool that can you can easily install on a PHP web server. Adminer allows you to easily connect to your MySQL instance, create databases/tables/indexes/rows and backup/import databases and much more.

You can read my other posts on Useful Linux Terminal Commands and Useful OSX Terminal Commands.

I used to use phpMyAdmin to manage MySQL databases on AWS, Digital Ocean and Vultr but switched to Adminer due to forgotten issues. You can always manage MySQL via command line but that is quite boring.

The below screenshots were taken on my local Development Mac Laptop (with optional OSX Apache SSL Setup (that reports “Not Secure” (but it is good enough to use locally)). I prefer to code in SSL and warn when SSL is not detected.

Downloading and Installing Adminer

Navigate to https://www.adminer.org/ and click Download.

Click English only (.php file)

Save the Adminder for MySQL (.php) file to your web server and give it a random name and put in a folder also with a random name (I use https://www.grc.com/passwords.htm to generate strong password).

Tip: Uploading this file to a live serve offers hackers and unauthorized people potential access to your MySQL server. I would remove this file from live serves when you are not using it not to be sure.

Tip: Read my guide here on setting up NGINX, MySQL and PHP here. Basically, I did this to setup MySQL on Ubuntu 16.04.

sudo apt-get install mysql-common
sudo apt-get install mysql-server
mysql --version
>mysql Ver 14.14 Distrib 5.7.19, for Linux (x86_64) using EditLine wrapper
sudo mysql_secure_installation
>Y (Valitate plugin)
>2 (Strong passwords)
>N (Don't chnage root password)
>Y (Remove anon accounts)
>Y (No remote root login)
>Y (Remove test DB)
>Y (Reload)
service mysql status
> mysql.service - MySQL Community Server

TIP: Ensure MySQL is secure and has a good root password, also consider setting up Ubuntu Firewalls and Securing Ubuntu. Also, ensure the Server is patched and does not have exploits like Spectre and meltdown.

Now you can access your Admirer php file on your Web Server (hopefully with an obfuscated name).

Click Create databaase

Give the database a name and choose the character coding standard (e.g UTF8 general ci). Different standards have different performance impacts too.

Now that you have a database you can create a table.

Consider adding an auto-incrementing ID and say a Key and Value varchar column.

When the table is created you can add a row to the table.

I created one with a “TestKey” and “TestValue” row.

The row was inserted.

The final thing to do is add a database user that code can connect to the database with. Click Privileges.

Click Create user

Tick All privileges and click Save

Now the user is added to the database

Let’s create a PHP file and talk to the database. Let’s use parameterized queries

<?php

date_default_timezone_set('Australia/Sydney');
echo "Last modified: " . date ("F d Y H:i:s.", getlastmod()) . "<br /><br />";

// Turn on if you need to see errors
// error_reporting(E_ALL);
// ini_set('display_errors', 0);

$dbhost = '127.0.0.1';
$dbname = 'dbtest';
$dbusername = 'dbtestuser';
$dbpassword = '*****************************************'';

$con = mysqli_connect($dbhost, $dbusername, $dbpassword, $dbname);
 
// Turn on debug stuff if you need it
// echo var_dump($con);
// printf(" - Error: %s.n", $stmt->error);
 
if($con->connect_errno > 0){

    printf(" - Error: %s.n", $stmt->error);
    die("Error: Unable to connect to MySQL");

} else {

    echo "Charset set to utf8<br />";
    mysqli_set_charset($con,"utf8");
}
 
if (!$con) {

    echo "Error: Unable to connect to MySQL (E002)" . PHP_EOL;
    echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    exit;

} else {

    echo "Database Connection OK<br />";
 
    echo "&nbsp; Success: A proper connection to MySQL was made! The $dbname database is great." . PHP_EOL . "<br />";
    echo "&nbsp; &nbsp;- Host information: " . mysqli_get_host_info($con) . PHP_EOL . "<br />";
    echo "&nbsp; &nbsp;- Server Info: '" . mysqli_get_server_info($con) . "'<br />";
    echo "&nbsp; &nbsp;- Server Protocol Info : ". mysqli_get_proto_info($con) . "<br />";
    echo "&nbsp; &nbsp;- Server Version: " . mysqli_get_server_version($con) . "<br />";
    //echo " - Server Connection Stats: " . print_r(vmysqli_get_connection_stats($con)) . "<br />";
    echo "&nbsp; &nbsp;- Client Version: " . mysqli_get_client_version($con) . "<br />";
    echo "&nbsp; &nbsp;- Client Info: '" . mysqli_get_client_info() . "'<br />";
 
    echo "Ready to Query the database '$dbname'.<br />";
 
    // Input Var's that are parameterized/bound into the query statement
    $in_key = mysqli_real_escape_string($con, 'TestKey');
 
    // Output Var's that the query fills after querying the database
    // These variables will be filled with data from the current returned row
    $out_id = "";
    $out_key = "";
    $out_value = "";
 
    echo "1. About to query the database: '$dbname'<br />";
    $stmt = mysqli_stmt_init($con);

    $sql = "SELECT testid, testkey, testvalue FROM tbtest WHERE testkey = ?";
    echo "SQL: $sql (In = $in_key)<br /";

    if (mysqli_stmt_prepare($stmt, $sql)) {

            echo "2. Query Returned<br />";
            /*
                Type specification chars
                Character   Description
                i   corresponding variable has type integer
                d   corresponding variable has type double
                s   corresponding variable has type string
                b   corresponding variable is a blob and will be sent in packets
            */
            mysqli_stmt_bind_param($stmt, 's', $in_key);
            mysqli_stmt_execute($stmt);
            mysqli_stmt_bind_result($stmt, $out_id, $out_key, $out_value);
            mysqli_stmt_fetch($stmt);
     
            // Do something with the 1st returned row        
            echo " - Row: ID: $out_id, KEY: $out_key, VAL: $out_value <br />";//

            // Do we have more rows to process
            while($stmt->fetch()) { 
                
                    // Output returned values
                    echo " - Row: ID: $out_id, KEY: $out_key, VAL: $out_value <br />";//
            
            }
            mysqli_stmt_close($stmt);
            
            echo "Done<br />";
        
        } else {
        
            echo "3. Error Querying<br/>";
            printf(" - Error: %s.n", $stmt->error);
        
        }
}    
?>

Result

If you don’t have a server check out my guides on AWS, Digital Ocean and Vultr.

Happy coding and I hope this helps someone.

Donate and make this blog better

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.0 Initial Version

Setup an Ubuntu Desktop GUI on a Vultr VM Remotely

September 26, 2017 by Simon

Lubuntu is a free Ubuntu desktop GUI that you can install on a Vultr or Digital Ocean VM in the cloud, more information on lubuntu here.

Introduction

When you set up a Vultr server (see my guide here on setting up a Vultr VM) you can also install an Ubuntu GUI Desktop if you prefer GUI access to your server (over SSH and the terminal command line).

After you have set up your server (fyi: you can buy a server here on Vultr for as low as $2.5 a month or buy a Digital Ocean server for $5 a month) and secure it (perform an optional security audit). Don’t forget to add a free SSL certificate.

Vultr allows you to log into an admin panel and access your servers web console (text or GUI)

Setup lubuntu

From the command line type

sudo apt-get update

TIP: If you receive failures about “Temporary failure resolving ‘archive.ubuntu.com’” edit the file “/etc/resolv.conf” and add “nameserver 8.8.8.8” Update will then work.

There are two versions of the Ubuntu Desktop

1) Light Desktop

A Light version of lubuntu is available for low memory VMs

To install a light version run

sudo apt-get install lubuntu-core

Note: lubuntu-core should work on a VM with as low as 128MB of RAM. Read more here.

2) Full Desktop

If you have more memory (> 1GB RAM) you can run a richer environment

sudo apt-get install lubuntu-desktop

Note: lubuntu-desktop will take a lot longer to install over the core version.

Install the Firefox browser

apt-get install firefox

Reboot Your Server

sudo shutdown -r now

After your server reboots login to the Vultr admin panel and click the Web Console icon (computer screen icon, 5 in from the right).

Core Version

After you login to the web console, you will receive this screen (for the core version).

You can log in as any existing user instead of a guest if you wish.

You have a limited desktop and environment with the core version.

When you log out you can choose from the options below.

Full Desktop version

As before open the Vultr web console for the server.

If your lubuntu desktop session does not load try running

sudo service lightdm start

You can then log into the Ubuntu desktop (same as the light version above). You will be able to use FireFox, use a Terminal, install packages with the Lubuntu Software Center and browse files. The start menu is per packed with software too,

The full desktop has loads more software pre-installed (and available to install via the software center).

I opened a few apps and my server only used 472MB ram (it was using about 420MB before I installed lubuntu), all CPU cores were mostly idle.

Common Folders:

/usr/share/lubuntu

/usr/share/lubuntu/wallpapers

/usr/share/backgrounds

etc

Lubuntu Sofware Center

Installing MySQL workbench

I Installed MySQL Workbench

More software is available in the lubuntu Software Center

Synaptic Package Manager

The Synaptic package manager is also available if you are familiar with that.

Troubleshooting

You may receive this error on startup.

Review your: /root/.profile file

sudo nano /root/.profile

Erroring line

mesg n || true

It is safe to ignore this error message as the command is just trying to generate a suggests exit result. More on the mesg command here.

Check out the extensive Hardening a Linux Server guide at thecloud.org.uk: https://thecloud.org.uk/wiki/index.php?title=Hardening_a_Linux_Server

Enjoy

Donate and make this blog better

Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.2 added link to hardening linux server.

v1.1 fixed typos (26th Sep 2017)

v1.0 Initial Post (26th Sep 2017)

etc

Installing Webmin Server Management web GUI on Ubuntu

August 10, 2017 by Simon

Setting up Ubuntu in the cloud is great if you are not afraid of using the command line but for those that need it, there are web based server management GUI’s you can install.

Once Ubuntu is installed (I have many guides at www.fearby.com) you can install http://www.webmin.com/ (web based management GUI for Ubuntu). It is similar to https://runcloud.io but it’s free. Read the Webadmin install guide here.

Ubuntu Install Steps

Run this in your root terminal to install Webmin on Ubuntu after you install and configure a web server, MySQL and SSL.

sudo sh -c 'echo "deb http://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list'
wget -qO - http://www.webmin.com/jcameron-key.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install webmin

Allow port 1000 on your firewall (in my case I am limiting this to my public IP).

sudo ufw allow from 555.55.555.555/24 to any port 10000

I opened port 10,000 on my Digital Ocean firewall screen too.

I installed an SSL certificate on my server (my guide here). I am having issues with Google Chrome and my SSL certificate so I switched ot safari.

I navigated to https://mydomain.com:10000 to log in to the Webmin dashboard

I could now log in to Webmin so I reset the password???

/usr/share/webmin/changepass.pl /etc/webmin username password

Now I can login to Webmin

Webmin has a load of options available, I zeroed in on viewing log files.

I think I need to ban a few IP’s in my firewall based on the login attempts above. View my guide on securing Ubuntu in the cloud.

Done

sudo ufw deny from 92.87.236.65
Rule added

sudo ufw deny from 106.14.3.252
Rule added

sudo ufw deny from 101.200.52.128
Rule added

sudo ufw deny from 47.94.22.157
Rule added

Webmin has a great section on Ubuntu Users

View User Details

Securing Webmin Configuration then IP Access Control and whitelist your IP address to ensure no one else can view your server (I went to http://icanhazip.com to get my IP address).

I then used the Webmin backup screen to backup my system.

This is great, it is backing up my system 🙂

pwd
/
ls -al
total 142372
drwxr-xr-x  27 root root      4096 Aug  9 23:27 .
drwxr-xr-x  27 root root      4096 Aug  9 23:27 ..
-rw-r--r--   1 root root 145670144 Aug  9 23:33 backup.tar

I used pydf to see how much storage space I have (I am only using 2.65GB but have 17GB available).

pydf
Filesystem Size  Used Avail Use%                                  Mounted on
/dev/vda1   19G 2658M   17G 13.5 [####..........................] /
/dev/vda15 104M 3425k  101M  3.2 [#.............................] /boot/efi

Gzip is taking a load of time to backup my system.

I did not need to use (htop) to monitor the CPU, Webmin has a CPU monitor built in.

Webmin also allows you to add users

Beware though you need to assign a user to modules or they won’t be able to do/see much when they login.

If you provide your MySQL root password you can create databases in Webmin under Servers then MySQL Database Server

Loads of database options that I would normally use Adminer for 🙂

File Browser

There is a file browser but (I can’t seem to drag and drop).

Official documentation is found here. I’ll add more to this post as I discover it.

Check out my other posts at www.fearby.com.

Donate and make this blog better

Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v1.0 Initial Post

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

View all of my posts.

gui

How to create a Private GitHub repository and access via SSH with TortiseGIT

Creating a GitHub Account

Creating RSA Keys

Setup Git Locally

Install Tortoise GIt

Folder for Code Repositories

Clone a GitHub Repository via git and Tortoise GIT

Convert an RSA Key to a Putty PPK with PuuttyGen

Clone (with a PPK Private Key)

Creating a Quick Visual Studio Project

Setup on Multiple Machines

Write your first Java GUI app

Using OWASP ZAP GUI to scan your Applications for security issues

Using the free Adminer GUI for MySQL on your website

Setup an Ubuntu Desktop GUI on a Vultr VM Remotely

Installing Webmin Server Management web GUI on Ubuntu

Popular

Security

Code

Tech

Wordpress

General

gui

Creating a GitHub Account

Creating RSA Keys

Setup Git Locally

Install Tortoise GIt

Folder for Code Repositories

Clone a GitHub Repository via git and Tortoise GIT

Convert an RSA Key to a Putty PPK with PuuttyGen

Clone (with a PPK Private Key)

Creating a Quick Visual Studio Project

Setup on Multiple Machines

Footer

Popular

Security

Code

Tech

Wordpress

General