xfreerdp: correcting “remote host identification has changed” error

To access a Windows PC from Linux, some use port forwarding from an OpenSSH or other SSH server running as a service on the Windows PC, with RDP on port 3389 blocked by the Windows Firewall. SSH is used with port forwarding to get to RDP.

Trouble is, when connecting to multiple Windows PCs this way, the current version of xfreerdp will give this error, since you make the xfreerdp connection to localhost:


The host key for localhost has changed
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.

While you must consider the security implications of this option for yourself, you can include the --ignore-certificate option in the xfreerdp command to bypass this error message.

Since your SSH connection should be already checked for man in the middle, it seems that unless your Windows PC is already hacked, the man-in-the-middle check may be somewhat less likely to be needed–but you must make this evaluation yourself.

Here’s what an example script would like look. Assume our windows PC public IPv4 address is 1.2.3.4, and has a Cygwin-based OpenSSH server running on port 22, with port 3389 blocked by the Windows firewall, and windows username “joe”.


#!/bin/sh
ssh -f -p 22 -L 3389:localhost:3389 joe@1.2.3.4 sleep 1;
xfreerdp -t 3389 -u joe --ignore-certificate localhost

Intel AMT / vPro KVM: Port forwarding necessary

NOTE: when setting up your remote PC, consider enabling standard VNC (if you’re behind a hardware firewall) that will remove the need for proprietary RealVNC Viewer Plus–all you will need is one of the many free open VNC programs to have full remote control. See:

http://blogs.bu.edu/mhirsch/?p=622

For those installations behind a firewall, here are the ports you need to forward (say, via SSH) to use Intel AMT KVM:
5900
16992 (HTTP remote web UI)
16994 (KVM traffic)
Tested with Intel AMT version 8

If you use TLS, you may need to forward additional ports, such as
16993 (HTTPS remote web UI)

In any case, before making a major system decision, do your homework.

Reference:

http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/DOCS/Implementation%20and%20Reference%20Guide/default.htm?turl=WordDocuments%2Fmanageabilityports.htm

http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/WordDocuments/manageabilityports.htm

Matlab R2013a Student version in Ubuntu 12.10 64-bit

Thankfully, Matlab R2013a Student version is now 64-bit in Linux. The install is also more straightforward on a 64-bit Linux system, since it appears the special 32-64 bit libraries may not be required anymore.

Just purchase R2013a student version as usual, download the installer saying “I have JRE”, and type:
javaws download_agent

Tell it to create the shortcuts in /usr/local/bin when asked (check the checkbox)

When done, do:
sudo nano /usr/share/applications/matlab2013.desktop
and paste the following:


#!/usr/bin/env xdg-open
[Desktop Entry]
Type=Application
Icon=/usr/share/icons/matlab.png
Name=MATLAB R2013a
Comment= MATLAB - The Language of Technical Computing
Exec=matlab -desktop %U
Categories=Development;

Matlab: Reading specific images and parts of image frames from FITS file with fitsread

In Matlab, it is possible to read specific frame(s) from a FITS file.
That is, you can read frames one at a time from a large multi-frame FITS file in MATLAB.

Here’s an example that reads each frame of a 4096-frame FITS file, with each frame being 256×256 pixels


for i = 1:4096
currFrame = fitsread('myFile.fits','PixelRegion',{[1 256],[1 256],i);
imagesc(currFrame)
pause(0.05)
end