Bondi Beach in Upscayl

Bondi Beach original

Bondi Beach upscayled

Young Girl in Upscayl

Young Girl original

Young Girl upscayled

References

• Upscayl - AI Image Upscaler, https://www.upscayl.org/

Want to run OpenSSH Server on Windows e.g. Windows 10. From Windows 10, it natively supports OpenSSH.

NOTE: The beta and nightly build of OpenSSH Server for Windows have a lot of runtime issues.

Check OpenSSH installation:

1
2
3
4
5
6
7

PS C:\ProgramData\ssh> Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

Name  : OpenSSH.Client~~~~0.0.1.0
State : Installed

Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

Install the missing OpenSSH Server:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

PS C:\ProgramData\ssh> Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
>>

Path          :
Online        : True
RestartNeeded : False


PS C:\ProgramData\ssh> Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

Name  : OpenSSH.Client~~~~0.0.1.0
State : Installed

Name  : OpenSSH.Server~~~~0.0.1.0
State : Installed

Check OpenSSH for Windows version, check Windows Operating System version:

1
2
3
4
5

PS C:\ProgramData\ssh> ((Get-Item (Get-Command sshd).Source).VersionInfo.FileVersion)
8.1.0.1

PS C:\ProgramData\ssh> ((Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion\" -Name ProductName).ProductName)
Windows 10 Enterprise

Check Windows Domain information:

1
2
3
4
5
6
7
8
9
10
11
12

PS C:\ProgramData\ssh> dsregcmd /status

+----------------------------------------------------------------------+
| Device State                                                         |
+----------------------------------------------------------------------+

             AzureAdJoined : YES
          EnterpriseJoined : NO
              DomainJoined : YES
                DomainName : CORP
               Device Name : WINDOWS.corp.paradise.local
...

Check OpenSSH Server for Windows run as a service:

Make sure OpenSSH SSH Server firewall inbound rule allows ALL profiles:

The default C:\ProgramData\ssh\sshd_config file doesn’t work for Windows Domain users authentication, and does’t support .ssh\authorized_keys public key authentication. Error lookup_principal_name: User principal name lokup failed for user ‘corp\darling’ in OpenSSH Server C:\ProgramData\ssh\logs\ssd log file. A work around solution is to comment out lines:

1
2

#Match Group administrators
#       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

A complete sshd_config example file:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key
#HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
SyslogFacility LOCAL0
LogLevel DEBUG3

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile	.ssh/authorized_keys

#AuthorizedPrincipalsFile none

# For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# GSSAPI options
#GSSAPIAuthentication no

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	sftp-server.exe

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	AllowTcpForwarding no
#	PermitTTY no
#	ForceCommand cvs server

#Match Group administrators
#       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

Now run ssh client and log on SSH Server:

1
2
3
4
5

$ sshpass -f ~/.ssh/windows.passwd ssh -l darling windows.local
Microsoft Windows [Version 10.0.19044.2965]
(c) Microsoft Corporation. All rights reserved.

corp\darling@WINDOWS C:\Users\darling>

References

• The Ultimate Guide to Installing OpenSSH on Windows, https://petri.com/the-ultimate-guide-to-installing-openssh-on-windows
• Installing SFTP/SSH Server on Windows using OpenSSH, https://winscp.net/eng/docs/guide_windows_openssh_server

Host windows.local has VPN connection which is granted with git repository.

• Setup Socks/Socks5 proxy

1
2
3

$ ssh-copy-id -i id_rsa.pub darling@windows.local

$ ssh -D 3128 -q -C -N -f darling@windows.local

• -q: quiet mode, don’t output anything locally
• -C: compress data in the tunnel, save bandwidth
• -N: do not execute remote commands, useful for just forwarding ports
• -f: keep it running in the background

If PasswordAuthentication is enforced, and pubilc key authentication in SSH Server is not supported, try:

1

$ sshpass -f ~/.ssh/windows.passwd ssh -D 3128 -q -C -N -f darling@windows.local

• Configure git with Sock/Socks5 proxy

1
2
3
4
5
6
7
8
9

$ git config http.proxy 'socks5://localhost:3128'

$ cat .git/config
[user]
	name = Terrence Miao
	email = terrence.miao@paradise.net
	signingkey = EBCEB936
[http]
	proxy = socks5://localhost:3128

Then can access git repository via proxy both on command line and in UI client.

NOTE: Some SSH Server doesn’t allow public key authentication. Then sshpass is a friend here for you.

Install sshpass in MacOS:

1

$ brew install esolitos/ipa/sshpass

Test sshpass:

1

$ ssh -oProxyCommand="sshpass -f ~/.ssh/windows.passwd ssh -W %h:%p jumphost" -l darling jumphost-npe.paradise.net

Setup .ssh/config file:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

## Keeping SSH Sessions Alive
Host *
 ServerAliveInterval 15

Host jumphost.mac
    Hostname mac.local
    IdentityFile ~/.ssh/id_rsa
    User darling

Host jumphost.windows
    Hostname windows.local
    IdentityFile ~/.ssh/id_rsa
    User darling

Host jumphost-npe
    Hostname jumphost-npe.paradise.net
    User darling
    IdentityFile ~/.ssh/id_rsa
    ProxyCommand sshpass -f ~/.ssh/windows.passwd ssh -W %h:%p jumphost.windows
    IdentitiesOnly yes
    StrictHostKeyChecking no
    UserKnownHostsFile=/dev/null
    ServerAliveInterval 60
    ServerAliveCountMax 5

## DEVELOPMENT hosts in AWS
Host ip-10-212-*.ap-southeast-2.compute.internal
    ProxyCommand ssh -W %h:%p jumphost-npe
    IdentityFile ~/.ssh/dev-stack.pem

## PTEST hosts in AWS
Host ip-10-213-*.ap-southeast-2.compute.internal
    ProxyCommand ssh -W %h:%p jumphost-npe
    IdentityFile ~/.ssh/test-stack.pem

## STEST hosts in AWS
Host ip-10-214-*.ap-southeast-2.compute.internal
    ProxyCommand ssh -W %h:%p jumphost-npe
    IdentityFile ~/.ssh/test-stack.pem

Host jumphost-prod
    HostName jumphost-prod.paradise.net
    User darling
    IdentityFile ~/.ssh/id_rsa.prod
    ProxyCommand sshpass -f ~/.ssh/windows.passwd ssh -W %h:%p jumphost.windows
    IdentitiesOnly yes
    StrictHostKeyChecking no
    UserKnownHostsFile=/dev/null
    ServerAliveInterval 60
    ServerAliveCountMax 5

## PROD hosts in AWS
Host ip-10-208-*.ap-southeast-2.compute.internal
    ProxyCommand ssh -W %h:%p jumphost-prod
    IdentityFile ~/.ssh/prod-ddc-stack.pem

## SSH over Session Manager
host i-* mi-*
    ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"

Benchmark head to head - Mac vs. iPad. vs. Android

Righ model, right tools - the new way of building and collaborating on frontend apps is the core element of Micro Frontends.

Remove backgrounds 100% automatically in 5 seconds with one click. Thanks to remove.bg https://www.remove.bg/ clever AI.

Geekbench head to head - Mac vs iPad vs Android:

• 10 years old Mac mini Late 2012 (2.6GHz quad-core Intel Core i7 Turbo Boost up to 3.6GHz)
• 4 years old MacBook Pro 15-inch Mid 2018 (2.6GHz 6-core Intel Core i7, Turbo Boost up to 4.3GHz)
• 4 years old iPad Pro 11” 2018 3rd gen (A12X Bionic 7 nm, 4-core Vortex at 2.5GHz , 4-core Tempest at 1.6GHz)
• 1 year old MacBook Pro 16-inch 2021 (Apple Silicon M1 Pro, 10-core CPU at 3.2GHz)
• 没满岁的 Android (Snapdragon 8 Gen1, 1 core Cortex-X2 at 3GHz, 3-core Cortex-A710 at 2.5GHz, and 4-core Cortex-A510 at 1.8GHz)

Conclusion:

1. Intel 已经是江河日下，被时代淘汰
2. Apple Processors 实在太强。 四年前的处理器还可吊打当前最新的 Snapdragon Processors
3. 同是 2018 年产品，iPad Pro 把 Intel CPU based 的 MacBook Pro 按在地上碾压

ARM vs x86 谁是未来，一目了然。

NOTE

The Apple M1 chip is built for Macs, and the A15 for phones. They use completely different architectures. The A15 prioritizes battery over performance. The M1 has more firepower for graphics.

Prerequisites:

• iPhone / iPad / iPod and the Macbook on the same version of Safari
• a genuine Apple lightning or USB cable

Step by step:

• On iPad, iPhone or iPod touch, go to menu Settings > Safari > Advanced and toggle on Web Inspector. Enable JavaScript if it isn’t already on
• On Macbook, launch Safari and go to menu Preferences > Advanced then toggle on “Show Develop menu in menu bar”
• Connect iOS device to Macbook with the lightning or USB cable
• Now on iOS device, open Safari and go to the website you want to debug
• On Macbook, open Safari and go to “Develop” menu. You now see your iOS device that has connected with Macbook (if no page opened on iOS device, you see a message saying “No Inspectable Applications”)


• Click on the website in Safari Develop > iOS device menu, Web Inspector window opened, then you can debug as you used to debug in Safari


Have you tried GitHub Actions?

• GitHub Actions

• GitHub Actions Workflow