I have been using a Microsoft Account to log into my personal workstation for the past few years because it makes working with OneDrive fairly seamless. The account I use for logging in has an @hotmail.com address. Because I have been using a Microsoft Surface as my primary machine for the past few years, I have also been taking advantage of the Windows Hello capable camera to log in with my face most of the time. I’m now in the process of migrating from a Surface 7 to a Surface 9.
There are always reasons to go back to the old machine and look at some particular setting or program. A Remote Desktop connection from my new machine to the old one is much easier than getting up and walking across the room to the other machine and allows copy and paste directly between machines. Both machines are running the Professional version of Windows so I can enable remote desktop.
I looked at who had access, it shows that my hotmail.com address already has access, as well as my local network account. When I tried to access it from the new machine, it prompted for my password, but rejected it. I repeated this process several times thinking I must be typing it incorrectly before searching for what might be happening.
On the old machine I ran the command runas /u:MicrosoftAccount\MyAccount@hotmail.com winver it prompted me for my password, and then it displayed the standard windows version dialog box. I’m not sure why it worked, but I’m happy that I now can sit at my desk with the large monitor and keyboard and have access to both machines.
Updated: I also came across the same answer using cmd.exe instead of winver.exe as the target of runas, but for some reason it was more difficult for me to understand what was going on. I think it was simply due to the way the email address was obscured in the second one that made it more difficult for me to understand, even though it may have had more screen captures in the demonstration. https://nready.net/remote-desktop-on-windows-11-with-microsoft-account-mfa/
I upgraded my workstation for the holidays and needed to get things moved over as easily as possible.
In Visual Studio, under the tools menu, there’s an option to be able to Import and Export Settings… which got me an output file that made my new installation look mostly like my old installation.
What it didn’t transfer was the details of my connections to my Raspberry Pi devices. The following image is after I managed to get a working connection. It didn’t have anything displayed under Default Host Name etc.
I’d already run ssh-keygen on my new machine, creating a default security key on the local machine. I’d already connected via ssh to each of the hosts I regularly work on and imported the public key into the authorized_keys file and verified all appeared working.
After entering all of the details in the dialog box I got a rather unhelpful set of red boxes indicating that something had gone wrong. (192.168.0.66 and 192.168.0.67 are the same host, wired and Wi-Fi, on my local network, and I may use them interchangeably for images and text here)
**********************************************************************
** Visual Studio 2022 Developer Command Prompt v17.4.2
** Copyright (c) 2022 Microsoft Corporation
**********************************************************************
C:\Program Files\Microsoft Visual Studio\2022\Enterprise>ConnectionManager.exe add visualstudio@192.168.0.66 --privatekey C:\Users\Wim\.ssh\id_rsa
Enter password (leave blank for no password):
Verifying connection with remote system.
Failed to add connection: Private key is invalid or is encrypted and no passphrase was given
I knew that the keys were good because I was using them to connect via SSH. I did some digging and realized that the physical file sizes on the new machine are larger than on the old machine. Looking at the length of the public keys themselves, I realized that my old keys were 2048 bits long, and the newly generated ones are 3072. I tried explicitly generating a new 2048 bit key with the command ssh-keygen -f id_rsa_2048 -b 2048 and using it, but I got similar results to what I was getting before. Finally, I copied my public and private key from the old machine and renamed them specifically for this usage on this machine.
C:\Program Files\Microsoft Visual Studio\2022\Enterprise>ConnectionManager.exe add visualstudio@192.168.0.66 --privatekey C:\Users\Wim\.ssh\id_rsa_visualstudio
Enter password (leave blank for no password):
Verifying connection with remote system.
The authenticity of host '192.168.0.66' can't be established.
ecdsa-sha2-nistp256 key fingerprint is SHA256:DGa1mVbMm3voQwVwtg06xHkANgs04zST9RP8CMfSoXY.
Are you sure you want to continue connecting (yes/no)? yes
Successfully added connection '1748855142;192.168.0.66 (username=visualstudio, port=22, authentication=PrivateKey)'.
That created the connection properly in Visual Studio. I went back into the Visual Studio interface, Tools->Options->Cross Platform->Connection Manager->Remote Headers Intellisense Manager and updated the headers and everything appears to be working now.
I don’t know why the keys I generated using the software on my new machine didn’t work, even when I specified the same number of bits.
The upgrade of DD-WRT that I performed this last Saturday brought the version from a 2019 release to a 2022 release. DD-WRT always recommends doing a factory reset of settings before and after flashing a new firmware. As far as I’ve been able to find out, DD-WRT doesn’t provide any way to back up the settings in any form other than a binary download that is not compatible between versions. This shortcoming makes upgrading a router with many customized settings a difficult process.
dd-wrt status screen
I performed the flash upgrade without resetting everything to defaults. It wasn’t until I was going to bed on Saturday night that I realized not all things were working properly. All of the ipv4 services appeared to be working properly. The ipv6 services were not working properly on my internal network clients.
I have a Microsoft Windows Server 2016 Essentials machine running several services including file sharing on my internal network. I also have my Windows 10 desktop, and several Raspberry Pi machines. Some of the Pi machines access the file shares on the server for both reading and writing.
I’ve found that when ipv6 is not allocating global addresses for the windows server and clients, file sharing doesn’t work properly. This is an issue I don’t understand, and don’t want to change the default operation of the windows server or windows client machines, which might create more long term maintenance headaches.
Among the customizations I have set in the router:
Router Name
Domain Name
Local IP (v4) address is 192.168.0.1 instead of 192.168.1.1
close to 35 DHCP reservations for machines that run on my internal network.
IPv6 enabled and configured for DHCPv6 with Prefix Delegation
SSH access to the router with rsa keys entered for allowed machines.
I figured out that the primary settings for DHCP and DNS resolution are run using dnsmasq, and the configuration file can be viewed by looking at /tmp/dnsmasq.conf in the ssh console. All of the dns reservations are listed in the form of:
Copying all of them out of the console as one entry and adding them to the Additional Dnsmasq Options field was much easier than pasting MAC addresses, Hostnames, and IP addresses into separate field for each entry.
After adding them via the web interface here, they look exactly like the entries created in the static leases section of the interface. I was hoping that the system would parse them and display them in the static leases section, but it doesn’t seem to do that.
My SSH terminal program is configured to send a series of commands to the console each time I connect which reminds me of the current setup as well as how to examine it after a long time when I’ve not worked on the device.
date ; uptime
route -A inet
route -A inet6
ip6tables -vnL
cat /tmp/dnsmasq.conf
cat /tmp/dhcp6c.conf
cat /tmp/radvd.conf
ifconfig
I’m currently not dumping the iptables (v4) output simply because there are a large number of rules that don’t get used which takes up a lot of extra space scrolling by.
I’ve compared the ipv4 and ipv6 routes from when ipv6 was not working, and they are identical.
root@Netgear-R7000:~# route -A inet
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default br1-mballard-v1 0.0.0.0 UG 0 0 0 vlan2
24.35.91.128 * 255.255.255.192 U 0 0 0 vlan2
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
192.168.0.0 * 255.255.255.0 U 0 0 0 br0
root@Netgear-R7000:~# route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2604:4080:1304::/64 :: UA 256 0 0 vlan2
2604:4080:1304:8010::/60 :: U 256 0 0 br0
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 vlan1
fe80::/64 :: U 256 0 0 eth1
fe80::/64 :: U 256 0 0 eth2
fe80::/64 :: U 256 1 23 br0
fe80::/64 :: U 256 0 0 vlan2
::/0 fe80::22c:c8ff:fe42:24bf UGDA 1024 2 302 vlan2
::/0 :: U 2048 2 38 vlan2
::/0 :: !n -1 1 372 lo
::1/128 :: Un 0 3 15 lo
2604:4080:1304::/128 :: Un 0 1 0 lo
2604:4080:1304:0:b27f:b9ff:fe83:6590/128 :: Un 0 3 75 lo
2604:4080:1304:8010::/128 :: Un 0 1 0 lo
2604:4080:1304:8010:b27f:b9ff:fe83:6591/128 :: Un 0 3 64 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:658f/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:658f/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:6590/128 :: Un 0 3 61 lo
fe80::b27f:b9ff:fe83:6591/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:6591/128 :: Un 0 3 24 lo
fe80::b27f:b9ff:fe83:659e/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 vlan1
ff00::/8 :: U 256 0 0 eth1
ff00::/8 :: U 256 0 0 eth2
ff00::/8 :: U 256 2 580 br0
ff00::/8 :: U 256 2 12 vlan2
::/0 :: !n -1 1 372 lo
I’ve looked at the ip6tables, and it also appears identical, beyond the counters.
root@Netgear-R7000:~# ip6tables -vnL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
12 2289 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
5 376 ACCEPT icmpv6 * * ::/0 ::/0
0 0 ACCEPT all * * fe80::/64 ::/0
0 0 ACCEPT all br0 * ::/0 ::/0
0 0 ACCEPT all * * ::/0 ::/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
0 0 ACCEPT all * vlan2 ::/0 ::/0
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 128 limit: avg 2/sec burst 5
0 0 ACCEPT all * * ::/0 ::/0
Chain OUTPUT (policy ACCEPT 31 packets, 4287 bytes)
pkts bytes target prot opt in out source destination
I’d tried disabling Radvd on the IPv6 configuration gui and adding “enable-ra” to the Additional Dnsmasq Options, but that didn’t fix my problems. The current configuration has matching radv.conf files to the non working version.
I spent a lot of time reading up on IPv6 and reminding myself of things I’d known in the past and forgotten. https://blog.dorianbolivar.com/2018/09/going-full-ipv6-with-dd-wrt.html?lr=1 is a well written post with links to more sources that I found especially helpful as it was written specifically using DD-WRT and IPv6. My only issue is that it was written nearly four years ago and may not have the same options in the DD-WRT gui as are currently available.
One of the items I added to the Additional Dnsmasq Options was a couple of host entries so that dnsmasq would resolve IPv6 addresses for my windows machines. It seems to speed up the IPv6 name discovery of my windows server while still pointing default DNS resolution at the router.
host-record entries
My conclusion is that I don’t understand what was different in the non-functioning setup I had with holdovers from the older version of DD-WRT, and going through the pain of re-installing from factory fresh configuration after each upgrade is worth the trouble. I’m still not satisfied with the best way of retrieving all of the configuration data into a text file that I can later run a difference test to see what’s changed, or needs to be changed.
I’ve had a Canon CanoScan LiDE 210 for at least 7 years. One of the deciding factors when I bought it was that it used a single USB cable, with no need for a second power cable.
The 210 used a mini-usb cable, which was sometimes difficult to make sure it was inserted in the correct direction. I occasionally had problems with the software driving losing communication during a scan. I switched lengths of cable at various times, with shorter cables seeming to be more consistent, but never truly conclusive.
Recently the scanner stopped moving the scan bar back to the starting location before each scan. First it would leave the scan bar at the finish location, and move to the beginning position when I would start the next scan, but then that functionality stopped and it would only return to the start position when it was first plugged into the USB port. If I tried to scan a second page without unplugging the USB cable, the movement motor would make a nasty grinding sound as it tried to move the scanner further down the page, and would result in a messy black page in the scan results. It was especially frustrating if I was trying to create a multi page PDF.
I read several online reviews, and decided to get another Canon scanner. The reviews recommended saving $20 and getting the less expensive scanner, but from my reading, only the more expensive scanner used the USB C plug, which has the advantage that it can be plugged in either direction.
I found it fascinating how similar the new packaging is to the old packaging. The old box was designed with a carrying handle, while the new box is not. I expect that’s largely due to the predominance of mail order over retail purchase. The dimensions of the new scanner and the box are pretty much the same. The boxes can be stacked 13 high. The temperature range on the old one could go 5° to 35°C while the new one goes from 0° to 40°C. Each scanner lists a maximum 4800 dpi. The 210 reported 10 seconds per page. The 400 reports 8 seconds per page.
The new software is slightly nicer working with the most recent version of windows 10, but still nothing to be too excited about. My biggest issue is that the settings for the Auto button on the scanner will not allow me to specify it will always save a JPG file. I could do that with the old scanner software. Now, to make sure I always get the format I want I much launch the software and initiate the scanning from the PC.
Google Chrome recently added a tab search button to the title bar. When it was first enabled, it was possible to disable by going to chrome://flags and finding Enable Tab Search and changing it to Disabled.
A quick search of google will find multiple examples of how to disable it. Unfortunately in more recent versions of the browser, it no longer seems to be an available flag to disable.
I realized that my big issue with the drop down menu is it’s location, which Google has located on the left near the minimize button. Google has chosen to not have the traditional windows system menu on the left side of the title bar. The left side would be an ideal location for the tab management button.
Last year I described a simple method of automounting a directory from my windows server to my Raspberry Pi. Since then I’ve gone down a couple of paths to simplify rebuilding my Raspberry Pi machines.
The method I used last year required modifying the /etc/hosts file, the /etc/fstab file, pre-creating the mount points, and creating a credentials file to store the windows login credentials.
My new method doesn’t require modification of the /etc/hosts or /etc/fstab files, or pre-creating the mount points. Instead I’m relying on two features, Multicast DNS and systemd.automount unit files.
In the old method, to find the windows server, I added it to the local hosts file on the raspberry pi.
192.168.0.12 Acid
Using Multicast DNS, if I simply recognize that I can reach the server with the name Acid.WimsWorld.local the raspberry pi will find the server on the local network. My first step was to modify my /etc/fstab enty to use the local address and clean up my hosts file.
I’d never been happy with modifying the /etc/fstab file as part of my system configuration because in newer installations it is unique to each machine, specifying the boot partitions by their formatted serial number:
proc /proc proc defaults 0 0
PARTUUID=142ff4e3-01 /boot vfat defaults 0 2
PARTUUID=142ff4e3-02 / ext4 defaults,noatime 0 1
# a swapfile is not a swap partition, no line here
# use dphys-swapfile swap[on|off] for that
In my recent programming projects I’ve been working with systemd unit files to control my service processes and have come to understand how they work for automounting directories as well. I like that each directory has its own unit files meaning that a modification is less likely to cause problems for the system as a whole.
The single line from the /etc/fstab file above is removed and replaced by two unit files, /etc/systemd/system/media-acid-web.mount and /etc/systemd/system/media-acid-web.automount.
[Unit]
Description=Acid Web
[Mount]
What=//acid.wimsworld.local/web
Where=/media/acid/web
Type=cifs
Options=credentials=/etc/wimsworld.smb.credentials,vers=2.1
[Install]
WantedBy=multi-user.target
and
[Unit]
Description=Automount Acid Web
[Automount]
Where=/media/acid/web
TimeoutIdleSec=120
[Install]
WantedBy=multi-user.target
I still had to create the credentials file for this to work, since I wanted the credentials file to be only root readable in a different location. /etc/wimsworld.smb.credentials
After the three files are created, systemd needs to reload its database with the systemctl daemon-reload command, the automount needs to be enabled with the systemctl enable media-acid-web.automount command, and then started with the systemctl start media-acid-web.automount command.
The naming of the mount files is important, and described explicitly in the man pages for each of mount and automount. In my case, /media/acid/web gets named media-acid-web.mount and media-acid-web.automount. I didn’t need to create mount points in the /media directory, as systemd automatically takes care of that.
I was able to create all of the above with a simple paste into my terminal with the following string:
With the standard Raspberry Pi setup, the cat command is not available as a sudo command while the bash shell is. I’m taking advantage of that by running the bash shell as root and then all of the other commands with root privileges.
Last week Microsoft released a new command line tool in the Microsoft Store. It requires running Windows Version 2004.
Last year when I was importing pictures from a camera memory card, the import program crashed. It only managed to import a few of the pictures, but it deleted all of the pictures from the memory card.
Because of my long history understanding how file systems work, I knew that the pictures were likely still on the card, just not in the directory system I couldn’t find a tool at the time to recover the files. I’d put a label on the card and set it aside. As soon as I heard about this program I installed it and tried it out on the memory card.
The funny thing is that it recovered several thousand images, going back several years. I ran it in signature mode, looking for jpeg files. In doing that, It’s just looking at all the data blocks on the drive, looking for jpeg files.
This time I used Adobe Lightroom CC to import the images and group them by the embedded EXIF data. Looking at the details, the photos that got deleted by mistake were likely from 10/28/2018. All of the photos attributed to 06/29/2020 are missing exifdata, and are just recorded as the date they were recovered.
This is a good reminder that you probably don’t want to throw away old digital media, even when you think you’ve gotten rid of all incriminating data.
Sometimes I go to a place I’ve been before and my computer remembers the WiFi password while my brain does not. The following Windows PowerShell commands will display most of the remembered passwords.
netsh wlan show profiles
netsh wlan show profiles name=’ProfileToDisplay’ key=clear
The first command displays all of the networks your computer has remembered. It can be rather long if you’ve had your computer for several years and done a reasonable amount of traveling and using WiFi in strange locations.
The second command takes the profile name that you retrieved with the first command and displays details of the selected profile. The password is displayed as the Key Content section of the Security settings.
My nearly four year old Microsoft Surface Pro 4 recently developed a screen flicker issue. I’m sure it was some driver update that was installed, but I’m not exactly sure when. The observed activity is that a horizontal section at the bottom of the screen about the same size of the mouse cursor flickers with data that is duplicated from the top of the screen. The rest of the screen appears to be bouncing up and down by one scan line, making the text nearly unreadable.
I searched online, and found references to flicker problems with some cases being purely hardware related and requiring replacement by Microsoft. I also found references to the problem only occurring after the screen data had not changed for a few seconds. This static screen problem matched my problem exactly.
I found a workaround by enabling the seconds display in the clock in the task bar. This is done by creating a registry entry. If the following is in a “.reg” file it will set the value to show the seconds on the clock.
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSecondsInSystemClock"=dword:00000001
I read that the seconds are not enabled by default because it saves a bit of processing power, which can be important on battery powered devices. For me the difference is minimal and worth not spending more time researching a probable driver issue that may be taken care of automatically in some future windows update.
I hope that this helps someone else. The screen flicker/jitter was annoying and I wasn’t able to find the root cause.
I recently came across WinFi Lite, and while it claims to be in beta and for professionals only, it’s currently my favorite WiFi analysis program. The fact that it was in the Microsoft store gives me the idea that it will uninstall cleanly if I decide to get rid of it later.
The default view shows details about both 2.4 and 5 GHz networks nearby. The first picture was what it looked like when I ran it in my local Starbucks on my Microsoft Surface 4 Pro. The next picture was what it looked like when I ran it in my apartment. In my apartment I was connected to my network via wired ethernet, so the Surface WiFi adapter wasn’t being used for my active connection. At Starbucks, I was connected to the WiFi.
While I was at Starbucks, the number of networks it could see was 188. That number is visible in the top right of the image. Just to the left of that number are a set of buttons that allow you to look at 2.4GHz, 5GHz, or All available networks.
My apartment showed only 161 networks by comparison, but that number was bouncing around as it rescanned in both locations. I was surprised that the Starbucks had so many visible networks. There are a lot of details available in this tool, and it’s current price makes it an interesting tool to work with. I used to like inSSIDer, but the developers choice to dumb down the free version led me to drift away from it.
WimsWorld 