From 07c86c7dfade719215496abafc75c94214264ee9 Mon Sep 17 00:00:00 2001 From: Mike Swanson Date: Mon, 1 Jun 2026 19:19:27 -0700 Subject: [PATCH] chore: move Peaceful Spirit recovered log to client dir + cross-link Relocated the recovered RADIUS/VPN log from root session-logs to clients/peaceful-spirit/. It is the primary-source transcript of the crashed 2026-05-10 session that the existing 2026-05-10-session.md reconstructed second-hand; cross-referenced both as a pair. Corrected machine attribution to DESKTOP-0O8A1RL (recovery engine had stamped the current machine GURU-5070). Co-Authored-By: Claude Opus 4.8 (1M context) --- ...up-radius-authentication-for-vpn-access.md | 696 +++++++++--------- .../session-logs/2026-05-10-session.md | 1 + 2 files changed, 350 insertions(+), 347 deletions(-) rename {session-logs => clients/peaceful-spirit/session-logs}/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md (93%) diff --git a/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md b/clients/peaceful-spirit/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md similarity index 93% rename from session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md rename to clients/peaceful-spirit/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md index 4ee4781..55f20d9 100644 --- a/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md +++ b/clients/peaceful-spirit/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md @@ -2,9 +2,11 @@ > **[RECOVERED -- UNVERIFIED]** Auto-reconstructed from transcript 9700a3c6-d857-4833-899c-1597bd05f764 (2026-05-10T17:05:09.411Z .. 2026-05-11T01:05:34.705Z) on 2026-06-01. Prose sections are Ollama-drafted from the transcript and may be imprecise; the Commands/Config/Reference sections are extracted verbatim. Review and correct, then remove this banner. +> **Companion log:** This is the primary-source transcript of the crashed/unlogged session that `2026-05-10-session.md` (the recovery session) reconstructed second-hand. Read them as a pair: this log has the verbatim command trail (UCG tunneling, OpenSSH deploy, RADIUS extraction, vault `server.sops.yaml` creation); the other has the IKEv2 error-812 / NPS credential diagnosis. + ## User - **User:** Mike Swanson (mike) -- **Machine:** GURU-5070 +- **Machine:** DESKTOP-0O8A1RL (work done on Mike's then-primary machine; the recovery engine ran on GURU-5070 and mis-stamped this — corrected manually) - **Role:** admin ## Session Summary @@ -255,9 +257,9 @@ done ``` Output: Exit code 255 === Trying 98.190.129.150 === -ssh: connect to host 98.190.129.150 port 22: Connection timed out +ssh: connect to host 98.190.129.150 port 22: Connection timed out === Trying 192.168.3.1 === -ssh: connect to host 192.168.3.1 port 22: Connection timed out +ssh: connect to host 192.168.3.1 port 22: Connection timed out === Trying 10.255.255.0 === ssh: connect to host 10.255.255.0 port 22: Connection timed out @@ -268,9 +270,9 @@ ssh -i ~/.ssh/pst-cc-ucg \ root@192.168.0.10 "hostname; ip addr show | grep 'inet '" 2>&1 ``` Output: Exit code 255 -Warning: Permanently added '192.168.0.10' (ED25519) to the list of known hosts. -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. +Warning: Permanently added '192.168.0.10' (ED25519) to the list of known hosts. +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. ** The server may need to be upgraded. See https://open ... [truncated] ``` @@ -321,10 +323,10 @@ client.close() EOF ``` Output: Exit code 1 -Traceback (most recent call last): - File "C:\Program Files\Python314\Lib\site-packages\paramiko\transport.py", line 1651, in auth_password - return self.auth_interactive(username, handler) - ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^ +Traceback (most recent call last): + File "C:\Program Files\Python314\Lib\site-packages\paramiko\transport.py", line 1651, in auth_password + return self.auth_interactive(username, handler) + ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^ File "C:\Program Files\Python314\Lib\s ... [truncated] ``` @@ -356,10 +358,10 @@ transport.close() EOF ``` Output: Exit code 1 -Traceback (most recent call last): - File "", line 14, in - File "C:\Program Files\Python314\Lib\site-packages\paramiko\transport.py", line 1756, in auth_interactive - return self.auth_handler.wait_for_response(my_event) +Traceback (most recent call last): + File "", line 14, in + File "C:\Program Files\Python314\Lib\site-packages\paramiko\transport.py", line 1756, in auth_interactive + return self.auth_handler.wait_for_response(my_event) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... [truncated] ``` @@ -370,9 +372,9 @@ ssh -i ~/.ssh/pst-cc-ucg \ root@192.168.0.10 "hostname; cat /root/.ssh/authorized_keys 2>/dev/null | wc -l" 2>&1 ``` Output: Exit code 255 -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html root@192.168.0.10: Permission denied (publickey,keyboard-interac ... [truncated] ``` @@ -404,13 +406,13 @@ if err.strip(): transport.close() EOF ``` -Output: UCG-PST-CC - inet 127.0.0.1/8 scope host lo - inet 98.190.129.150/28 scope global eth4 - inet 192.168.0.10/24 scope global br0 - inet 192.168.4.1/24 scope global tun1 - inet 192.168.2.0/32 scope global wgsts1000 - inet 10.255.255.0 peer 192.168.3.2/32 scope global l2tp0 +Output: UCG-PST-CC + inet 127.0.0.1/8 scope host lo + inet 98.190.129.150/28 scope global eth4 + inet 192.168.0.10/24 scope global br0 + inet 192.168.4.1/24 scope global tun1 + inet 192.168.2.0/32 scope global wgsts1000 + inet 10.255.255.0 peer 192.168.3.2/32 scope global l2tp0 Linux UCG- ... [truncated] ``` @@ -420,9 +422,9 @@ ssh -i ~/.ssh/pst-cc-ucg \ -o PreferredAuthentications=publickey \ root@192.168.0.10 "echo 'key auth OK'; ip neigh show | grep -v FAILED | head -20" 2>&1 ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html key auth OK 192.168.0.178 dev br0 lladdr 00:25:f0:af:d9:37 REACHABLE 192.168.0 ... [truncated] @@ -596,9 +598,9 @@ echo "Tunnel PID exit: $?" # Verify ports are listening locally netstat -an 2>/dev/null | grep "13389\|15985" | grep LISTEN ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html Tunnel PID exit: 0 TCP 127.0.0.1:13389 0.0.0.0:0 LIST ... [truncated] @@ -650,9 +652,9 @@ if r.std_err: EOF ``` Output: Exit code 1 - File "", line 39 - """) - ^^^ + File "", line 39 + """) + ^^^ SyntaxError: (unicode error) 'unicodeescape' codec can't decode bytes in position 231-232: truncated \UXXXXXXXX escape ``` @@ -693,8 +695,8 @@ r = s.run_ps(ps) print(r.std_out.decode()) PYEOF ``` -Output: SSH: -Key added +Output: SSH: +Key added Firewall rule: OK ``` @@ -722,12 +724,12 @@ ssh -i ~/.ssh/pst-cc-ucg -o StrictHostKeyChecking=no \ sleep 1 nc -z -w 3 localhost 10022 2>/dev/null && echo "SSH port reachable via tunnel" || echo "SSH port not responding" ``` -Output: DisplayName Enabled ------------ ------- -OpenSSH SSH Server True - - +Output: DisplayName Enabled +----------- ------- +OpenSSH SSH Server True + + SSH port not responding ``` @@ -772,15 +774,15 @@ if r.std_err: print("ERR:", errs[:500]) PYEOF ``` -Output: Downloading OpenSSH... -Extracting... -Installing service... - [*] C:\OpenSSH\moduli -Inheritance is removed from 'C:\OpenSSH\moduli'. -'BUILTIN\Users' now has Read access to 'C:\OpenSSH\moduli'. - Repaired permissions - -[SC] SetServiceObjectSecurity SUCCESS +Output: Downloading OpenSSH... +Extracting... +Installing service... + [*] C:\OpenSSH\moduli +Inheritance is removed from 'C:\OpenSSH\moduli'. +'BUILTIN\Users' now has Read access to 'C:\OpenSSH\moduli'. + Repaired permissions + +[SC] SetServiceObjectSecurity SUCCESS [SC] ChangeServiceConfig2 SUCC ... [truncated] ``` @@ -824,9 +826,9 @@ PYEOF # Test SSH via tunnel nc -z -w 3 localhost 10022 2>/dev/null && echo "SSH port UP" || echo "SSH port down" ``` -Output: Key already present -Setup complete - +Output: Key already present +Setup complete + SSH port down ``` @@ -847,8 +849,8 @@ ssh -i ~/.ssh/pst-cc-ucg \ Output: Exit code 255 /usr/bin/bash: line 19: nc: command not found Port closed -Warning: Permanently added '[localhost]:10022' (ED25519) to the list of known hosts. -** WARNING: connection is not using a post-quantum key exchange algorithm. +Warning: Permanently added '[localhost]:10022' (ED25519) to the list of known hosts. +** WARNING: connection is not using a post-quantum key exchange algorithm. ** This session may be vulnerable to "store now, decrypt later" at ... [truncated] ``` @@ -883,15 +885,15 @@ if r.std_err: print("ERR:", r.std_err.decode()[:200]) PYEOF ``` -Output: Added to administrators_authorized_keys - -Lines ------ - 1 - - +Output: Added to administrators_authorized_keys -ERR: #< CLIXML +Lines +----- + 1 + + + +ERR: #< CLIXML System.Management.Automation.PSCustomObjectSystem.Object< ``` @@ -901,10 +903,10 @@ ssh -i ~/.ssh/pst-cc-ucg \ -p 10022 sysadmin@localhost "whoami; hostname; ipconfig | findstr IPv4" 2>&1 ``` Output: Exit code 1 -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html -ERROR: Invalid argument/option - ';'. +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html +ERROR: Invalid argument/option - ';'. Type "WHOAMI /?" for usage. ``` @@ -977,10 +979,10 @@ curl -sk -c /tmp/ucookie.txt \ -w "\nHTTP: %{http_code}" 2>/dev/null | head -5 SSHEOF ``` -Output: Pseudo-terminal will not be allocated because stdin is not a terminal. -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: Pseudo-terminal will not be allocated because stdin is not a terminal. +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html Linux ... [truncated] ``` @@ -1730,7 +1732,7 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:8]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. C:\Program Files\Python314\Lib\site-packages\winrm\__init__.py:87: UserWarning: There was a problem converting the Powershell error message: ... [truncated] ``` @@ -1805,7 +1807,7 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. C:\Program Files\Python314\Lib\site-packages\winrm\__init__.py:87: UserWarning: There was a problem converting the Powershell error message: ... [truncated] ``` @@ -1879,7 +1881,7 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. Task create: WARNING: Task may not run because /ST is earlier than current time. SUCCESS: The scheduled task "CertReqSubmit" has successfully ... [truncated] ``` @@ -1938,12 +1940,12 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. -Task started, waiting... -=== Log === -Do you wish to overwrite the following file? - -C:\Temp\vpn2.rsp +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Task started, waiting... +=== Log === +Do you wish to overwrite the following file? + +C:\Temp\vpn2.rsp 1401.2076.0:<2026/5/10, 13:55:13>: 0 ... [truncated] ``` @@ -2042,13 +2044,13 @@ if r2.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. -Cleaned temp files -CSR missing - need to regenerate - OpenSSH - 50mb-files.txt - 50mb-user-files.txt - bluescreens.txt +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Cleaned temp files +CSR missing - need to regenerate + OpenSSH + 50mb-files.txt + 50mb-user-files.txt + bluescreens.txt bluescreenview ... [truncated] ``` @@ -2123,12 +2125,12 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. -Task running... -=== Log === -RequestId: 62 -RequestId: "62" -Certificate retrieved(Issued) Issued +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Task running... +=== Log === +RequestId: 62 +RequestId: "62" +Certificate retrieved(Issued) Issued 1401.16616.0:<2026/5/10, 13:57:36>: 0x800 ... [truncated] ``` @@ -2210,10 +2212,10 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. -STDERR: At line:51 char:28 -+ Write-Host "[WARN] $compName: $($_.Exception.Message)" -+ ~~~~~~~~~~ +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +STDERR: At line:51 char:28 ++ Write-Host "[WARN] $compName: $($_.Exception.Message)" ++ ~~~~~~~~~~ Variab ... [truncated] ``` @@ -2280,9 +2282,9 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. -STDERR: Get-ADGroup : Cannot find an object with identity: 'AOVPN-Users' under: 'DC=PEACEFULSPIRIT,DC=local'. -At line:21 char:15 +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +STDERR: Get-ADGroup : Cannot find an object with identity: 'AOVPN-Users' under: 'DC=PEACEFULSPIRIT,DC=local'. +At line:21 char:15 + if ( ... [truncated] ``` @@ -2448,7 +2450,7 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:5]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. STDERR: The command line is too long. ``` @@ -2564,7 +2566,7 @@ if r.std_err: if lines: print("STDERR:", '\n'.join(lines[:8]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. STDERR: The command line is too long. ``` @@ -2670,7 +2672,7 @@ if r5.std_err: if lines: print("STDERR:", '\n'.join(lines[:3]), file=sys.stderr) PYEOF ``` -Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. +Output: :5: SyntaxWarning: "\s" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\s"? A raw string is also an option. :45: SyntaxWarning: "\S" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\S"? A raw string i ... [truncated] ``` @@ -2714,8 +2716,8 @@ except Exception as e: print("VPN may be disconnected - L2TP may have dropped") PYEOF ``` -Output: SSH KEY AUTH: connected to UCG at 192.168.0.10 -UCG-PST-CC +Output: SSH KEY AUTH: connected to UCG at 192.168.0.10 +UCG-PST-CC SSH_OK ``` @@ -2755,11 +2757,11 @@ print(out2[:2000]) client.close() PYEOF ``` -Output: === Existing Port Forwards === -[] - - -=== VPN Settings === +Output: === Existing Port Forwards === +[] + + +=== VPN Settings === [] ``` @@ -2797,8 +2799,8 @@ print("ace collections:", out3.strip()[:500]) client.close() PYEOF ``` -Output: Databases: [ "ace", "ace_audit", "ace_stat", "admin", "config", "local" ] -ace_controller collections: [] +Output: Databases: [ "ace", "ace_audit", "ace_stat", "admin", "config", "local" ] +ace_controller collections: [] ace collections: ["account","acl_rule","admin","admin_activity_log","alarm","alert","alert_setting","apgroup","api_key","api_key_privilege","appstate_log","av_group","bgp_router","config_meta", ... [truncated] ``` @@ -2883,11 +2885,11 @@ print("L2TP processes:", out4.strip()) client.close() PYEOF ``` -Output: :30: SyntaxWarning: "\|" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\|"? A raw string is also an option. -All settings: - super_identity enabled: [unknown type] -super_mgmt enabled: [unknown type] -connectivity enabled: true +Output: :30: SyntaxWarning: "\|" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\|"? A raw string is also an option. +All settings: + super_identity enabled: [unknown type] +super_mgmt enabled: [unknown type] +connectivity enabled: true element_adopt enable ... [truncated] ``` @@ -2930,19 +2932,19 @@ print("\nNAT PREROUTING:", out4.strip()[:1000]) client.close() PYEOF ``` -Output: Site ID: site_id: 6950649cc6e6480c2978a389 - -IPSec setting: { - "_id": { - "$oid": "69eb44076fb34f483c45b4d6" - }, - "key": "ipsec", - "ikev2_reauthentication_method": "make-before-break", - "site_id": "6950649cc6e6480c2978a389" -} - -xl2tpd.conf: [global] -listen-addr = 98.190.129.150 +Output: Site ID: site_id: 6950649cc6e6480c2978a389 + +IPSec setting: { + "_id": { + "$oid": "69eb44076fb34f483c45b4d6" + }, + "key": "ipsec", + "ikev2_reauthentication_method": "make-before-break", + "site_id": "6950649cc6e6480c2978a389" +} + +xl2tpd.conf: [global] +listen-addr = 98.190.129.150 deb ... [truncated] ``` @@ -2981,12 +2983,12 @@ print("\n/data/udapi-config:", out4.strip()) client.close() PYEOF ``` -Output: Firewall rule sample: null - -UBIOS PREROUTING chain: Chain UBIOS_PREROUTING_JUMP (1 references) -num target prot opt source destination -1 UBIOS_WF_PRE_JUMP all -- 0.0.0.0/0 0.0.0.0/0 - +Output: Firewall rule sample: null + +UBIOS PREROUTING chain: Chain UBIOS_PREROUTING_JUMP (1 references) +num target prot opt source destination +1 UBIOS_WF_PRE_JUMP all -- 0.0.0.0/0 0.0.0.0/0 + Local ports: tcp 0 0 0.0.0.0:80 0.0.0.0:* ... [truncated] ``` @@ -3071,23 +3073,23 @@ print("\nL2TP/VPN in per-device cfg:", out3.strip()[:1500]) client.close() PYEOF ``` -Output: firewall/nat: - [ - { - "id": 1, - "chain": "POSTROUTING", - "target": "MASQUERADE", - "enabled": true, - "log": false, - "source": { - "sets": [ - "!ALL_ADDRv4_eth4" - ] - }, - "outInterface": { - "id": "eth4" - }, - "ipVersion": "v4only", +Output: firewall/nat: + [ + { + "id": 1, + "chain": "POSTROUTING", + "target": "MASQUERADE", + "enabled": true, + "log": false, + "source": { + "sets": [ + "!ALL_ADDRv4_eth4" + ] + }, + "outInterface": { + "id": "eth4" + }, + "ipVersion": "v4only", " ... [truncated] ``` @@ -3175,8 +3177,8 @@ print("\nFiles with l2tpServer:", out2.strip()) client.close() PYEOF ``` -Output: L2TP server config: No l2tpServer key - +Output: L2TP server config: No l2tpServer key + Files with l2tpServer: ``` @@ -3226,15 +3228,15 @@ print("\nVPN/IPSec collections:", out4.strip()[:500]) client.close() PYEOF ``` -Output: L2TP lines in 02ea file: 359: "l2tpServer": { -596: "services/l2tpServer": 3, -950: "name": "l2tp_port", -1076: "id": "l2tp+" -1201: "l2tp_port" -1562: "id": "l2tp+" -1792: "description": "VPN_IN jump (interface: l2tp+) ", -1797: "id": "l2tp+" - +Output: L2TP lines in 02ea file: 359: "l2tpServer": { +596: "services/l2tpServer": 3, +950: "name": "l2tp_port", +1076: "id": "l2tp+" +1201: "l2tp_port" +1562: "id": "l2tp+" +1792: "description": "VPN_IN jump (interface: l2tp+) ", +1797: "id": "l2tp+" + Firewall filter with L2 ... [truncated] ``` @@ -3286,19 +3288,19 @@ print("Main config services:", out3.strip()[:500]) client.close() PYEOF ``` -Output: Lines 350-380: "wifiListener": { - "port": 10101, - "key": "f9fd676f2752812946353a7a49a290fd", - "address": "192.168.0.10" - } - } - } - }, - "l2tpServer": { - "enabled": true, - "localAddress": { - "source": "interface", - "id": "eth4", +Output: Lines 350-380: "wifiListener": { + "port": 10101, + "key": "f9fd676f2752812946353a7a49a290fd", + "address": "192.168.0.10" + } + } + } + }, + "l2tpServer": { + "enabled": true, + "localAddress": { + "source": "interface", + "id": "eth4", "ipVersion": "v4" ... [truncated] ``` @@ -3353,7 +3355,7 @@ print("\nExisting DNAT rules:", out4.strip()[:1000] if out4.strip() else "(none) client.close() PYEOF ``` -Output: MongoDB ports: LISTEN 0 4096 127.0.0.1:27117 0.0.0.0:* users:(("mongod",pid=5084,fd=11)) +Output: MongoDB ports: LISTEN 0 4096 127.0.0.1:27117 0.0.0.0:* users:(("mongod",pid=5084,fd=11)) tcp 0 0 127.0.0.1:27117 0.0.0.0:* ... [truncated] ``` @@ -3374,9 +3376,9 @@ print('=== services.l2tpServer.enabled ===') print(l2tp.get('enabled')) \"" ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === firewall.nat === [] @@ -3399,9 +3401,9 @@ echo '=== ss -ulnp ports 500 4500 ===' ss -ulnp | grep -E '500|4500' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB portforward objects === === iptables PREROUTING nat === @@ -3433,9 +3435,9 @@ print('l2tp.enabled:', l2tp_enabled) \" " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === UBIOS_PREROUTING_JUMP chain === Chain UBIOS_PREROUTING_JUMP (1 references) ... [truncated] @@ -3462,9 +3464,9 @@ echo '=== portforward schema from ubios files ===' find /usr /opt /etc -name '*.json' 2>/dev/null | xargs grep -l 'DNAT' 2>/dev/null | head -5 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB admin users === === backup files with portforward === @@ -3501,9 +3503,9 @@ show_keys(cfg) \" " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB ace admin with x_password === === Check unifi app settings/creden ... [truncated] @@ -3529,9 +3531,9 @@ for k in fw_keys: else: print(f' {k}: {str(val)[:80]}') \"" ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === firewall/nat (correct key) === [ { @@ -3557,9 +3559,9 @@ echo '=== Unifi Network portforward API schema ===' find /usr/lib/unifi -name '*.jar' 2>/dev/null | head -3 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB portforward collection indexes (schema hints) === === MongoDB ace ... [truncated] @@ -3592,9 +3594,9 @@ ls /usr/lib/unifi/data/ 2>/dev/null | head -10 find /data -name 'unifi.db' 2>/dev/null | head -3 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === Try mongo CLI === 0 @@ -3622,9 +3624,9 @@ ls ~/.ssh/pst-cc* 2>/dev/null " ``` Output: Exit code 2 -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB admin collection === {"name":"Mike Swanson","email":"m ... [truncated] @@ -3638,9 +3640,9 @@ echo '=== MongoDB admin keys ===' mongo --port 27117 ace --quiet --eval 'var d = db.admin.findOne({name:\"Mike Swanson\"}); if(d){print(Object.keys(d).join(\",\"))}' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB admin full document === {"_id":{"$oid":"695004f5e256ad4743b789fb"} ... [truncated] @@ -3658,9 +3660,9 @@ echo '=== site collection ===' mongo --port 27117 ace --quiet --eval 'db.site.find({},{_id:1,name:1,desc:1}).forEach(function(d){print(JSON.stringify(d))})' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === MongoDB ace collections === account acl_rule @@ -3682,9 +3684,9 @@ echo '=== nat_rule indexes ===' mongo --port 27117 ace --quiet --eval 'db.nat_rule.getIndexes().forEach(function(i){print(JSON.stringify(i))})' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === nat_rule collection contents === === portforward collection contents === ... [truncated] @@ -3711,9 +3713,9 @@ echo '=== ubios-udapi-server service file ===' systemctl cat ubios-udapi-server 2>/dev/null | head -30 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === startup script locations === config-board config-migrate @@ -3739,9 +3741,9 @@ echo '=== Check a migration script for nat schema ===' cat /data/udapi-config/ubios-udapi-server/config-migrate/45-to-46.sh 2>/dev/null | head -50 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === Migration scripts that mention nat/DNAT === /data/udapi-config/ubios-udapi ... [truncated] @@ -3765,9 +3767,9 @@ echo '=== Migration script 7-to-8 (nat/portforward) ===' cat /data/udapi-config/ubios-udapi-server/config-migrate/7-to-8.sh 2>/dev/null " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === udapi REST API on port 1080 === === ubios-udapi-server.state file (first ... [truncated] @@ -3791,9 +3793,9 @@ curl -s http://localhost:1080/api 2>&1 | head -20 curl -s http://127.0.0.1:1080/ 2>&1 | head -20 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === JQ helper script === #!/bin/sh # include all possible JQ helper scripts @@ -3819,9 +3821,9 @@ echo '=== List all migrate scripts ===' ls /data/udapi-config/ubios-udapi-server/config-migrate/ " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === Migration 23-to-24 === #!/bin/sh . "$(dirname "${0}")"/JQ # include JQ hel ... [truncated] @@ -3842,9 +3844,9 @@ echo '=== Strings from ubios-udapi-server binary (nat/DNAT fields) ===' strings /usr/bin/ubios-udapi-server 2>/dev/null | grep -iE 'DNAT|translation|inInterface|destinat|dstPort|protocol' | sort -u | head -40 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === Migration scripts mentioning destination/port for nat === === /data/udapi- ... [truncated] @@ -3872,9 +3874,9 @@ diff <(python3 -c \"import json; f=open('/data/udapi-config/ubios-udapi-server/u <(python3 -c \"import json; f=open('/data/udapi-config/udapi-net-cfg.json'); d=json.load(f); print(json.dumps(d, sort_keys=True)[:200])\") 2>&1 | head -10 " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === udapi-bridge REST API test === === ubios-udapi-server state file format = ... [truncated] @@ -3917,9 +3919,9 @@ print(\"Schema looks ok: \" + Object.keys(pf).join(\",\")); ' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === What controls charon/xl2tpd === * xl2tpd.service - LSB: layer 2 tunelling ... [truncated] @@ -3937,9 +3939,9 @@ echo '=== All networkconf keys ===' mongo --port 27117 ace --quiet --eval 'db.networkconf.find({},{_id:0,name:1,purpose:1,vpn_type:1,\"l2tp_allow_weak_ciphers\":1}).forEach(function(d){print(JSON.stringify(d))})' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === networkconf (VPN configs) === 2026-05-10T14:50:13.766-0700 E QUERY [thr ... [truncated] @@ -3953,9 +3955,9 @@ echo '=== Using forEach ===' mongo --port 27117 ace --quiet --eval 'db.networkconf.find({name:\"L2TP Server\"}).forEach(function(d){print(JSON.stringify(d))})' " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === Full L2TP networkconf document === 2026-05-10T14:50:28.688-0700 E QUERY ... [truncated] @@ -4000,9 +4002,9 @@ for k in sk & ck: \" " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === ubios-udapi-server recent logs === -- Journal begins at Sun 2026-05-10 03: ... [truncated] @@ -4032,9 +4034,9 @@ echo '=== process-manager files ===' find /run/ubios-udapi-server/process-manager -type f 2>/dev/null | xargs head -c 200 2>/dev/null " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html === State file firewall/nat vs udapi-net-cfg.json firewall/nat === STATE firew ... [truncated] @@ -4119,9 +4121,9 @@ for r in cfg['firewall/nat']: PYEOF " ``` -Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +Output: ** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html [OK] Backed up state file to /data/udapi-config/ubios-udapi-server/ubios-udapi ... [truncated] ``` @@ -4176,9 +4178,9 @@ iptables -t nat -L UBIOS_PREROUTING_JUMP -n | head -20 " ``` Output: Exit code 255 -** WARNING: connection is not using a post-quantum key exchange algorithm. -** This session may be vulnerable to "store now, decrypt later" attacks. -** The server may need to be upgraded. See https://openssh.com/pq.html +** WARNING: connection is not using a post-quantum key exchange algorithm. +** This session may be vulnerable to "store now, decrypt later" attacks. +** The server may need to be upgraded. See https://openssh.com/pq.html [1] Copying modified state file... [OK] State file updated @@ -4341,8 +4343,8 @@ $SSH -o ConnectTimeout=8 -o StrictHostKeyChecking=no -i "$KEY" sysadmin@98.190.1 wait echo "Done" ``` -Output: ssh: connect to host 98.190.129.150 port 22: Connection timed out -ssh: connect to host 98.190.129.150 port 22: Connection timed out +Output: ssh: connect to host 98.190.129.150 port 22: Connection timed out +ssh: connect to host 98.190.129.150 port 22: Connection timed out Done ``` @@ -4518,10 +4520,10 @@ echo "---" # Also try Gitea to confirm 172.16.3.x is reachable from this machine curl -sk --max-time 5 "http://172.16.3.20:3000/api/v1/repos/search?limit=1" 2>&1 | head -30 ``` -Output: Ping statistics for 172.16.3.30: - Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), -Approximate round trip times in milli-seconds: - Minimum = 55ms, Maximum = 57ms, Average = 56ms +Output: Ping statistics for 172.16.3.30: + Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), +Approximate round trip times in milli-seconds: + Minimum = 55ms, Maximum = 57ms, Average = 56ms --- {"ok":true,"data":[{"id":5,"owner":{"id":1,"login":"azcomputerguru","login_name":"","source_id":0,"full_ ... [truncated] @@ -4626,10 +4628,10 @@ for c in clients: " 2>&1 | head -30 ``` Output: Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI0O... -Total clients: 13 - 417420f4-c3f4-482a-acd4-d6f63c8cddde | AZ Computer Guru - da526b38-e832-4159-ab13-a3d94e9897a2 | BirthBiologic - 42e1b0e3-f8b7-4fc5-86bd-06bdbb073b7f | Cascades of Tucson +Total clients: 13 + 417420f4-c3f4-482a-acd4-d6f63c8cddde | AZ Computer Guru + da526b38-e832-4159-ab13-a3d94e9897a2 | BirthBiologic + 42e1b0e3-f8b7-4fc5-86bd-06bdbb073b7f | Cascades of Tucson c9242164-8e66-43ba-b9e8-84520d096562 | Dat ... [truncated] ``` @@ -4729,13 +4731,13 @@ echo "=== /api/download/$SITE_ID ===" curl -sk "$API/api/download/$SITE_ID" -w "\nHTTP %{http_code}" -o /dev/null ``` Output: === with api_key param === - + HTTP 401=== with X-API-Key header === - + HTTP 401=== /downloads/ === - + HTTP 404=== /api/download/7b32983d-982a-4a5c-af07-45a23453f589 === - + HTTP 404 ``` @@ -4762,8 +4764,8 @@ add_rule "Gitea API Allow" "http.host eq \\\"git.azcomputerguru.com\\\" and star ``` Output: Exit code 1 === Adding RMM API bypass === -Traceback (most recent call last): - File "", line 1, in +Traceback (most recent call last): + File "", line 1, in import sys,json; d=json.load(sys.stdin); r=d.get('result',{}); rules=r.get('rules',[]); last=rules[-1] if rules else {}; print('OK' if d['success'] else 'FAIL', last.get('id','') ... [truncated] ``` @@ -4823,7 +4825,7 @@ for rule in rules_to_add: print(f"[FAIL] {rule['description']}: {d.get('errors')}") PYEOF ``` -Output: [FAIL] RMM Dashboard API Allow: [{'code': 20120, 'message': "skip action parameter phase 'http_request_firewall_custom' is not authorized", 'source': {'pointer': '/rules/3/action_parameters/phases'}}] +Output: [FAIL] RMM Dashboard API Allow: [{'code': 20120, 'message': "skip action parameter phase 'http_request_firewall_custom' is not authorized", 'source': {'pointer': '/rules/3/action_parameters/phases'}}] [FAIL] Gitea API Allow: [{'code': 20120, 'message': "skip action parameter phase 'http_request_fir ... [truncated] ``` @@ -4876,10 +4878,10 @@ for rule in rules_to_add: PYEOF ``` Output: Exit code 1 -Traceback (most recent call last): - File "", line 43, in - File "C:\Program Files\Python314\Lib\encodings\cp1252.py", line 19, in encode - return codecs.charmap_encode(input,self.errors,encoding_table)[0] +Traceback (most recent call last): + File "", line 43, in + File "C:\Program Files\Python314\Lib\encodings\cp1252.py", line 19, in encode + return codecs.charmap_encode(input,self.errors,encoding_table)[0] ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ... [truncated] ``` @@ -5008,12 +5010,12 @@ for a in agents: " ``` Output: Exit code 1 -Traceback (most recent call last): - File "", line 3, in - d = json.load(sys.stdin) - File "C:\Program Files\Python314\Lib\json\__init__.py", line 298, in load - return loads(fp.read(), - cls=cls, object_hook=object_hook, +Traceback (most recent call last): + File "", line 3, in + d = json.load(sys.stdin) + File "C:\Program Files\Python314\Lib\json\__init__.py", line 298, in load + return loads(fp.read(), + cls=cls, object_hook=object_hook, parse_float=parse_float, ... [truncated] ``` @@ -5060,10 +5062,10 @@ for a in agents: " ``` Output: Exit code 1 -Traceback (most recent call last): - File "", line 6, in - print(f' {a["hostname"]:<20} site={a.get("site_id","")[:8]} last_seen={a["last_seen"][:19]} status={a["status"]}') - ~~~~~~~~~~~~~~~~~~~^^^^ +Traceback (most recent call last): + File "", line 6, in + print(f' {a["hostname"]:<20} site={a.get("site_id","")[:8]} last_seen={a["last_seen"][:19]} status={a["status"]}') + ~~~~~~~~~~~~~~~~~~~^^^^ TypeError: 'NoneType' ob ... [truncated] ``` @@ -5112,10 +5114,10 @@ echo "$RESULT" | py -c "import sys,json; d=json.loads(sys.stdin.read() or '{}'); Output: Exit code 1 ... -Traceback (most recent call last): - File "", line 1, in - import sys,json; d=json.loads(sys.stdin.read() or '{}'); print('job_id:', d.get('job_id',''), 'output:', str(d.get('output',''))[:200]) - ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^ +Traceback (most recent call last): + File "", line 1, in + import sys,json; d=json.loads(sys.stdin.read() or '{}'); print('job_id:', d.get('job_id',''), 'output:', str(d.get('output',''))[:200]) + ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^ Fil ... [truncated] ``` @@ -5175,20 +5177,20 @@ print(d.get('stdout','')) print('STDERR:', d.get('stderr','')[:200]) " ``` -Output: status: completed -exit_code: 0 -STDOUT: - -Name Status ----- ------ -RemoteAccess Running - - ---- NPS Policies --- - -Network policy configuration: ---------------------------------------------------------- -Name = Connections to other access servers +Output: status: completed +exit_code: 0 +STDOUT: + +Name Status +---- ------ +RemoteAccess Running + + +--- NPS Policies --- + +Network policy configuration: +--------------------------------------------------------- +Name = Connections to other access servers Sta ... [truncated] ``` @@ -5212,19 +5214,19 @@ curl -sk -H "Authorization: Bearer $TOKEN" "$API/api/commands/$CMD_ID" | py -c " import sys,json; d=json.load(sys.stdin); print('status:',d['status']); print(d.get('stdout','')); print('ERR:',d.get('stderr','')[:300])" ``` Output: CMD: a7c6c18f-f136-4d97-9015-01e27f3323f3 -status: completed - -Name Status ----- ------ -IAS Running -PolicyAgent Running -RemoteAccess Running - - -authentication mode = standard - - -Server Configuration State +status: completed + +Name Status +---- ------ +IAS Running +PolicyAgent Running +RemoteAccess Running + + +authentication mode = standard + + +Server Configuration State -------------------------- ... [truncated] ``` @@ -5247,19 +5249,19 @@ sleep 12 curl -sk -H "Authorization: Bearer $TOKEN" "$API/api/commands/$CMD_ID" | py -c " import sys,json; d=json.load(sys.stdin); print('status:',d['status']); print(d.get('stdout','')); print('ERR:',d.get('stderr','')[:400])" ``` -Output: status: completed -Group: -Members: +Output: status: completed +Group: +Members: + +All domain users: -All domain users: - -SamAccountName Enabled --------------- ------- -Administrator False -Guest False -DefaultAccount False -localadmin True -sysadmin True +SamAccountName Enabled +-------------- ------- +Administrator False +Guest False +DefaultAccount False +localadmin True +sysadmin True krbtgt False ... [truncated] ``` @@ -5278,11 +5280,11 @@ sleep 10 curl -sk -H "Authorization: Bearer $TOKEN" "$API/api/commands/$CMD_ID" | py -c " import sys,json; d=json.load(sys.stdin); print('status:',d['status']); print(d.get('stdout',''))" ``` -Output: status: completed - -Name SID ----- --- -Access Control Assistance Operators S-1-5-32-579 +Output: status: completed + +Name SID +---- --- +Access Control Assistance Operators S-1-5-32-579 Account Operators ... [truncated] ``` @@ -5305,11 +5307,11 @@ print(d.get('stdout','')) print('ERR:',d.get('stderr','')[:500])" ``` Output: Exit code 1 -Traceback (most recent call last): - File "", line 1, in - import sys,json; print(json.load(sys.stdin).get('command_id','')) - ~~~~~~~~~^^^^^^^^^^^ - File "C:\Program Files\Python314\Lib\json\__init__.py", line 298, in load +Traceback (most recent call last): + File "", line 1, in + import sys,json; print(json.load(sys.stdin).get('command_id','')) + ~~~~~~~~~^^^^^^^^^^^ + File "C:\Program Files\Python314\Lib\json\__init__.py", line 298, in load return load ... [truncated] ``` @@ -5448,9 +5450,9 @@ else: py -c $script ``` Output: Exit code 1 - File "", line 6 - AGENT_ID = 6b6106a7-8515-4b6b-857d-0dc6ede53f35 - ^ + File "", line 6 + AGENT_ID = 6b6106a7-8515-4b6b-857d-0dc6ede53f35 + ^ SyntaxError: invalid decimal literal ``` @@ -5521,10 +5523,10 @@ $ssh = "C:\Windows\System32\OpenSSH\ssh.exe" & $ssh -i "C:\Users\guru\.ssh\pst-cc-ucg" -o StrictHostKeyChecking=no -o ConnectTimeout=10 -o BatchMode=yes root@98.190.129.150 "echo CONNECTED && ubios-udapi-client get /settings/portsforward 2>/dev/null | head -50" 2>&1 ``` Output: Exit code 255 -ssh.exe : ssh: connect to host 98.190.129.150 port 22: Connection timed out -At line:4 char:1 -+ & $ssh -i "C:\Users\guru\.ssh\pst-cc-ucg" -o StrictHostKeyChecking=no ... -+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +ssh.exe : ssh: connect to host 98.190.129.150 port 22: Connection timed out +At line:4 char:1 ++ & $ssh -i "C:\Users\guru\.ssh\pst-cc-ucg" -o StrictHostKeyChecking=no ... ++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecifie ... [truncated] ``` @@ -5589,7 +5591,7 @@ else: print('Timed out') " ``` -Output: :38: SyntaxWarning: "\W" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\W"? A raw string is also an option. +Output: :38: SyntaxWarning: "\W" is an invalid escape sequence. Such sequences will not work in the future. Did you mean "\\W"? A raw string is also an option. === NPS Security events (last 5 min) === === IAS log last 5 lines === "PST-SERVER","RAS",12/27/2025,04:48:01,3,,"PEACEFULSPIRIT\03Jg",,,,,, ... [truncated] diff --git a/clients/peaceful-spirit/session-logs/2026-05-10-session.md b/clients/peaceful-spirit/session-logs/2026-05-10-session.md index f7fbdd6..af15408 100644 --- a/clients/peaceful-spirit/session-logs/2026-05-10-session.md +++ b/clients/peaceful-spirit/session-logs/2026-05-10-session.md @@ -9,6 +9,7 @@ - **Machine:** DESKTOP-0O8A1RL - **Role:** admin - **Session span:** ~3 hours prior (unlogged, crashed) + recovery session +- **Companion log:** `2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md` — the primary-source transcript of that crashed session, recovered 2026-06-01 (verbatim command trail: UCG tunneling, OpenSSH deploy, RADIUS extraction, vault `server.sops.yaml`). This log diagnosed; that log shows the hands-on work. ---