+44 (0) 2036 332 464 info@headwaygroup.co.uk

EdgeMAX dhcp-server configuration

After setup DHCP servers in the network you may discover problem with a slow response from DHCP server. This is very common problem when the network use a segmentation. Usually each of VLAN required own DHCP server. To correct this problem you should enable dhcp-server authoritative:

set service dhcp-server shared-network-name Server-Name-1 authoritative enable
set service dhcp-server shared-network-name Server-Name-2 authoritative enable
set service dhcp-server shared-network-name Server-Name-n authoritative enable

Also when throughput between VLAN’s isn’t pretty high you should enable offload ipv4 option.

set system offload ipv4 vlan enable

UniFi – Install controller software on CentOS

How to install UniFi v3.2.7 on CentOS, a very stable Linux platform used on production servers. To download v3.2.7 (or latest) UniFi software controller version, please visit UBNT downloads section and select “UniFi” for platform.

Prepare CentOS

# yum update -y 
# reboot 

# yum -y install wget unzip php httpd 

# service httpd start 
# chkconfig httpd on


# vi /etc/yum.repos.d/mongodb.repo
name=MongoDB Repository

*****NOTE: mongod has to detect at least 35GB free space in order to function.*****

# yum install -y mongodb-org-2.6.1 mongodb-org-server-2.6.1 mongodb-org-shell-2.6.1 mongodb-org-mongos-2.6.1 mongodb-org-tools-2.6.1

# service mongod start

#chkconfig mongod on


# wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-oraclelicense-cookie"http://download.oracle.com/otn-pub/java/jdk/7u51-b13/jre-7u51-linux-x64.rpm

# rpm -ivh jre-7u51-linux-x64.rpm


# wget http://www.ubnt.com/downloads/unifi/3.2.7/UniFi.unix.zip
# unzip -q UniFi.unix.zip -d /opt
# find / -name mongod
# sudo ln -fs /usr/bin/mongod mongod

# vim /etc/rc.d/init.d/UniFi

# chkconfig: 2345 95 20
# description: UniFi system
# processname: UniFi

java -jar /opt/UniFi/lib/ace.jar start &
java -jar /opt/UniFi/lib/ace.jar stop &

sleep 1

case "$1" in


echo -n "starting UniFi system"
echo " service started"


echo -n "stopping UniFi system"
echo " service stopped"


echo -n "restarting UniFi system"
echo "service restarted"


echo "usage: service UniFi {start|stop|restart}"

exit 0

# chmod +x /etc/init.d/UniFi

# service UniFi start
# chkconfig UniFi on


# vi /etc/sysconfig/iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8081 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8843 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8880 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 27117 -j ACCEPT

# service iptables restart


Unix/Linux command reference

File Commands

ls – directory listing
ls -al – formatted listing with hidden files
cd dir – change directory to dir
cd – change to home
pwd – show current directory
mkdir dir – create a directory dir
rm file – delete file
rm -r dir – delete directory dir
rm -f file – force remove file
rm -rf dir – force remove directory dir *
cp file1 file2 – copy file1 to file2
cp -r dir1 dir2 – copy dir1 to dir2; create dir2 if it doesn’t exist
mv file1 file2 – rename or move file1 to file2 if file2 is an existing directory, moves file1 into directory file2
ln -s file link – create symbolic link link to file
touch file – create or update file
cat > file – places standard input into file
more file – output the contents of file
head file – output the first 10 lines of file
tail file – output the last 10 lines of file
tail -f file – output the contents of file as it grows, starting with the last 10 lines

Process Management

ps – display your currently active processes
top – display all running processes
kill pid – kill process id pid
killall proc – kill all processes named proc *
bg – lists stopped or background jobs; resume a stopped job in the background
fg – brings the most recent job to foreground
fg n – brings job n to the foreground

File Permissions

chmod octal file – change the permissions of file to octal, which can be found separately for user, group, and world by adding:

  • 4 – read (r)
  • 2 – write (w)
  • 1 – execute (x)

chmod 777 – read, write, execute for all
chmod 755 – rwx for owner, rx for group and world
For more options, see man chmod.


ssh user@host – connect to host as user
ssh -p port user@host – connect to host on port
port as user
ssh-copy-id user@host – add your key to host for
user to enable a keyed or passwordless login


grep pattern files – search for pattern in files
grep -r pattern dir – search recursively for
pattern in dir
command | grep pattern – search for pattern in the
output of command
locate file – find all instances of file

System Info

date – show the current date and time
cal – show this month’s calendar
uptime – show current uptime
w – display who is online
whoami – who you are logged in as
finger user – display information about user
uname -a – show kernel information
cat /proc/cpuinfo – cpu information
cat /proc/meminfo – memory information
man command – show the manual for command
df – show disk usage
du – show directory space usage
free – show memory and swap usage
whereis app – show possible locations of app
which app – show which app will be run by default


tar cf file.tar files – create a tar named file.tar containing files
tar xf file.tar – extract the files from file.tar
tar czf file.tar.gz files – create a tar with Gzip compression
tar xzf file.tar.gz – extract a tar using Gzip
tar cjf file.tar.bz2 – create a tar with Bzip2 compression
tar xjf file.tar.bz2 – extract a tar using Bzip2
gzip file – compresses file and renames it to file.gz
gzip -d file.gz – decompresses file.gz back to file


ping host – ping host and output results
whois domain – get whois information for domain
dig domain – get DNS information for domain
dig -x host – reverse lookup host
wget file – download file
wget -c file – continue a stopped download


Install from source:
make install
dpkg -i pkg.deb – install a package (Debian)
rpm -Uvh pkg.rpm – install a package (RPM)


Ctrl+C – halts the current command
Ctrl+Z – stops the current command, resume with
fg in the foreground or bg in the background
Ctrl+D – log out of current session, similar to exit
Ctrl+W – erases one word in the current line
Ctrl+U – erases the whole line
Ctrl+R – type to bring up a recent command
!! – repeats the last command
exit – log out of current session
* use with extreme caution.

Integrated Intel GPUs that you can Mine Crypto Coins On with OpenCL

Integrated Intel GPUs that you can Mine Crypto Coins On with OpenCL

GPU-Z utility designed to give all information about video card and GPUGPU-Z is a lightweight utility designed to give you all information about your video card and GPU.

If you are really willing to squeeze every little bit of performance for mining crypto coins with your available hardware you should be aware of the fact that you can also use the most recent Intel integrated graphics cards for mining too. The latest generation of integrated Intel graphics does support OpenCL 1.2 and thus can give you some extra hashrate that is more than yo can get alone out of the CPU only. Note that the OpenCL 1.2 support is found only on 3rd and 4th Generation Intel Core Processors as well as some other more specific models that you probably will not have available in your mining rigs anyway. Older Intel Integrated Graphics may support OpenCL on the CPU only, so they are no good for mining crypto coins unfortunately. Below you can find a list of the supported integrated Intel graphics processors that can be used for OpenCL mining:

4th Generation Intel Core Processors with:
– Intel HD Graphics 4200/4400/4600/5000
– Intel Iris Graphics 5100
– Intel Iris Pro graphics 5200
3rd Generation Intel Core Processors with:
– Intel HD Graphics 4000/2500
Intel Atom Processor Z3000 Series with:
– Intel HD Graphics
Intel Celeron Processor J1000/N2000 Series and Intel Pentium Processor J2000/N3000 Series with:
– Intel HD Graphics
Intel Xeon Processor E3 Family V2/V3 with:
– Intel HD Graphics P4000
– Intel HD Graphics P4600/P4700

You can quickly and easily check if your integrated Intel GPU does come with OpenCL support or not with the help of the free tool GPU-Z (http://www.techpowerup.com/downloads/2418/techpowerup-gpu-z-v0-8-0/) if you are not sure what kind of processor or integrated graphics you may have in your systems. Be aware that the supported Intel integrated graphics processors will not be as powerful as a dedicated AMD graphics card, but they still do manage to provide a few times higher hashrate than if you are using the CPU for mining and they can add a bit more performance to your overall hashrate. So why not take advantage if you already have the hardware available…

EdgeMAX – L2TP Server

EdgeMAX – L2TP Server

How to configure the EdgeRouter to act as an L2TP (Layer-2 Tunnel Protocol) server for remote access.

Note: These instructions assume that eth0 is your WAN (Internet) connection. Early in the configuration, a specific command should be used in case you receive a DHCP-assigned IP address from your Internet service provider, while a separate command should be used if you receive a static IP address from your Internet service provider.


Access the router’s command line interface. You can do this using the CLI button while inside the Web UI or by using an SSH program such as PuTTY. PuTTY is generally quicker, as it allows easy copying and pasting (copy in Windows, paste using the right mouse button).

Note: Commands that start with a pound (#) are explanatory comments that you do not need to enter.

The steps follow below:

#Enter configuration mode.


#Define the interface ipsec will use for internet connections (eth0 in this example).

set vpn ipsec ipsec-interfaces interface eth0

#Enable NAT traversal (this is mandatory).

set vpn ipsec nat-traversal enable

#Set the allowed subnet (allowing all subnets).

set vpn ipsec nat-networks allowed-network

# Make sure that IPSec offload is enabled.

set system offload ipsec enable

#Show the ipsec configuration.

show vpn ipsec

DHCP ONLY:  If you obtain your IP address from your internet service provider via DHCP, use this

# command:

set vpn l2tp remote-access dhcp-interface eth0

STATIC IP ONLY:  If you have a static IP address and do NOT obtain your IP address from your

# internet service provider via DHCP, then use this command instead of the one above:

set vpn l2tp remote-access outside-address STATICIP

Replace “STATICIP” in the command above with your actual static IP address!

#Set up the pool of IP addresses that remote VPN connections will assume.

# In this case we make 10 addresses available (from.101 to .110) on subnet #

# You can also issue IP addresses used in your subnet, but make sure that

# They do not overlap with IP addresses issued by your DHCP Server or used by

# other devices on your network.

set vpn l2tp remote-access client-ip-pool start
set vpn l2tp remote-access client-ip-pool stop

#Set the IPsec authentication mode to pre-shared secret.

set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret

#Set the pre-shared secret (replace “secret phrase” with your desired passphrase)

set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret "secret phrase"

#Set the L2TP remote access authentication mode to local.

set vpn l2tp remote-access authentication mode local

#Set theL2TP remote access username and password.

#Replace testuser with your desired username and testpassword with your desired password.

#Repeat this line as needed.

set vpn l2tp remote-access authentication local-users username testuser password testpassword

#Set the MTU

set vpn l2tp remote-access mtu 1492

#Set DNS Servers:

set vpn l2tp remote-access dns-servers server-1
set vpn l2tp remote-access dns-servers server-2

#Commit the change.


#Show the l2tp remote access configuration.

show vpn l2tp remote-access

#Save the settings


#Open the required ports using the Web UI.

#Access the Web UI.  Click on the “Security Tab.”  Find the “WAN_LOCAL” rule (or whatever you called the rule that controls access to the router), and click “Actions” to the right of it.  Select “Edit Ruleset” from the pull-down.  Add a new rule somwhere before you drop invalid packets as follows:

Basic Tab:

• Description:  Allow L2TP

• Check Enable.

• Action:  Accept.

• Protocol:  Choose a protocol by name:  udp

Destination Tab:

• Port:  500,1701,4500

#Click Save.

20 Command Line Tools to Monitor Linux Performance

20 Command Line Tools to Monitor Linux Performance

It’s really very tough job for every System or Network administrator to monitor and debug Linux System Performance problems every day. After being a Linux Administrator for 5 years in IT industry, I came to know that how hard is to monitor and keep systems up and running. For this reason, we’ve compiled the list of Top 20 frequently used command line monitoring tools that might be useful for every Linux/Unix System Administrator. These commands are available under all flavors of Linux and can be useful to monitor and find the actual causes of performance problem. This list of commands shown here are very enough for you to pick the one that is suitable for your monitoring scenario.

1. Top – Linux Process Monitoring

Linux Top command is a performance monitoring program which is used frequently by many system administrators to monitor Linux performance and it is available under many Linux/Unix like operating systems. The top command used to dipslay all the running and active real-time processes in ordered list and updates it regularly. It display CPU usage, Memory usage, Swap Memory, Cache Size, Buffer Size, Process PID, User, Commands and much more. It also shows high memory and cpu utilization of a running processess. The top command is much userful for system administrator to monitor and take correct action when required. Let’s see top command in action.

# top

Top Command

2. VmStat – Virtual Memory Statistics

Linux VmStat command used to display statistics of virtual memory, kernerl threads, disks, system processes, I/O blocks, interrupts, CPU activity and much more. By default vmstat command is not available under Linux systems you need to install a package called sysstat that includes a vmstat program. The common usage of command format is.

# vmstat

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu-----
 r  b   swpd   free  inact active   si   so    bi    bo   in   cs us sy id wa st
 1  0      0 810420  97380  70628    0    0   115     4   89   79  1  6 90  3  0

3. Lsof – List Open Files

Lsof command used in many Linux/Unix like system that is used to display list of all the open files and the processes. The open files included are disk files, network sockets, pipes, devices and processes. One of the main reason for using this command is when a disk cannot be unmounted and displays the error that files are being used or opened. With this commmand you can easily identify which files are in use. The most common format for this command is.

# lsof

COMMAND     PID      USER   FD      TYPE     DEVICE     SIZE       NODE NAME
init          1      root  cwd       DIR      104,2     4096          2 /
init          1      root  rtd       DIR      104,2     4096          2 /
init          1      root  txt       REG      104,2    38652   17710339 /sbin/init
init          1      root  mem       REG      104,2   129900     196453 /lib/ld-2.5.so
init          1      root  mem       REG      104,2  1693812     196454 /lib/libc-2.5.so
init          1      root  mem       REG      104,2    20668     196479 /lib/libdl-2.5.so
init          1      root  mem       REG      104,2   245376     196419 /lib/libsepol.so.1
init          1      root  mem       REG      104,2    93508     196431 /lib/libselinux.so.1
init          1      root   10u     FIFO       0,17                 953 /dev/initctl

4. Tcpdump – Network Packet Analyzer

Tcpdump one of the most widely used command-line network packet analyzer orpackets sniffer program that is used capture or filter TCP/IP packets that received or transferred on a specific interface over a network. It also provides a option to save captured packages in a file for later analysis. tcpdump is almost available in all major Linux distributions.

# tcpdump -i eth0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:50:23.989898 IP > cpc69046-oxfd25-2-0-cust83.4-3.cable.virginm.net.35474: Flags [P.], seq 25676042:25676234, ack 3405274661, win 227, options [nop,nop,TS val 1367777 ecr 107612197], length 192
08:50:23.990668 IP6 2001:41d0:1:ab61::1.64931 > f.in-addr-servers.arpa.domain: 16105% [1au] PTR? (54)
08:50:23.997104 ARP, Request who-has ns319827.ip-91-121-116.eu tell rbx1-3a-a9.fr.eu, length 46
08:50:23.998229 IP6 f.in-addr-servers.arpa.domain > 2001:41d0:1:ab61::1.64931: 16105- 0/9/1 (466)
08:50:23.998499 IP srv01.headwaymedia.co.uk.10415 > sec3.apnic.net.domain: 42226% [1au] PTR? (54)
08:50:24.010108 IP cpc69046-oxfd25-2-0-cust83.4-3.cable.virginm.net.35474 > Flags [.], ack 192, win 333, options [nop,nop,TS val 107612226 ecr 1367777], length 0

5. Netstat – Network Statistics

Netstat is a command line tool for monitoring incoming and outgoing networkpackets statistics as well as interface statistics. It is very useful tool for every system administrator to monitor network performance and troubleshoot network related problems.

# netstat -a | more

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 *:mysql                     *:*                         LISTEN
tcp        0      0 *:sunrpc                    *:*                         LISTEN
tcp        0      0 *:realm-rusd                *:*                         LISTEN
tcp        0      0 *:ftp                       *:*                         LISTEN
tcp        0      0 localhost.localdomain:ipp   *:*                         LISTEN
tcp        0      0 localhost.localdomain:smtp  *:*                         LISTEN
tcp        0      0 localhost.localdomain:smtp  localhost.localdomain:42709 TIME_WAIT
tcp        0      0 localhost.localdomain:smtp  localhost.localdomain:42710 TIME_WAIT
tcp        0      0 *:http                      *:*                         LISTEN
tcp        0      0 *:ssh                       *:*                         LISTEN
tcp        0      0 *:https                     *:*                         LISTEN

6. Htop – Linux Process Monitoring

Htop is a much advanced interactive and real time Linux process monitoring tool. This is much similar to Linux top command but it has some rich features like user friendly interface to manage process, shortcut keys, vertical and horizontal view of the processes and much more. Htop is a third party tool and doesn’t included in Linux systems, you need to install it using YUM package manager tool. For more information on installation read our article below.

# htop


7. Iotop – Monitor Linux Disk I/O

Iotop is also much similar to top command and Htop program, but it has accounting function to monitor and display real time Disk I/O and processes. This tool is much useful for finding the exact process and high used disk read/writes of the processes.

# iotop



8. Iostat – Input/Output Statistics

IoStat is simple tool that will collect and show system input and output storage device statistics. This tool is often used to trace storage device performance issues including devices, local disks, remote disks such as NFS.

# iostat

Linux 2.6.18-238.9.1.el5 (tecmint.com)         09/13/2012

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           2.60    3.65    1.04    4.29    0.00   88.42

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
cciss/c0d0       17.79       545.80       256.52  855159769  401914750
cciss/c0d0p1      0.00         0.00         0.00       5459       3518
cciss/c0d0p2     16.45       533.97       245.18  836631746  384153384
cciss/c0d0p3      0.63         5.58         3.97    8737650    6215544
cciss/c0d0p4      0.00         0.00         0.00          8          0
cciss/c0d0p5      0.63         3.79         5.03    5936778    7882528
cciss/c0d0p6      0.08         2.46         2.34    3847771    3659776

9. IPTraf – Real Time IP LAN Monitoring

IPTraf is an open source console-based real time network (IP LAN) monitoring utility for Linux. It collects a variety of information such as IP traffic monitor that passes over the network, including TCP flag information, ICMP details, TCP/UDP traffic breakdowns, TCP connection packet and byne counts. It also gathers information of general and detaled interface statistics of TCP, UDP, IP, ICMP, non-IP, IP checksum errors, interface activity etc.


10. Psacct or Acct – Monitor User Activity

psacct or acct tools are very useful for monitoring each users activity on the system. Both daemons runs in the background and keeps a close watch on the overall activity of each user on the system and also what resources are being consumed by them.

These tools are very useful for system administrators to track each users activity like what they are doing, what commands they issued, how much resources are used by them, how long they are active on the system etc.

11. Monit – Linux Process and Services Monitoring

Monit is a free open source and web based process supervision utility that automatically monitors and managers system processes, programs, files, directories, permissions, checksums and filesystems.

It monitors services like Apache, MySQL, Mail, FTP, ProFTP, Nginx, SSH and so on. The system status can be viewed from the command line or using it own web interface.

12. NetHogs – Monitor Per Process Network Bandwidth

NetHogs is an open source nice small program (similar to Linux top command) that keeps a tab on each process network activity on your system. It also keeps a track of real time network traffic bandwidth used by each program or application.

13. iftop – Network Bandwidth Monitoring

iftop is another terminal-based free open source system monitoring utility that displays a frequently updated list of network bandwidth utilization (source and destination hosts) that passing through the network interface on your system. iftop is considered for network usage, what ‘top‘ does for CPU usage. iftop is a ‘top‘ family tool that monitor a selected interface and displays a current bandwidth usage between two hosts.

14. Monitorix – System and Network Monitoring

Monitorix is a free lightweight utility that is designed to run and monitor system and network resources as many as possible in Linux/Unix servers. It has a built inHTTP web server that regularly collects system and network information and display them in graphs. It Monitors system load average and usage, memory allocation, disk driver health, system services, network ports, mail statistics(Sendmail, Postfix, Dovecot, etc), MySQL statistics and many more. It designed to monitor overall system performance and helps in detecting failures, bottlenecks, abnormal activities etc.

Monitorix Monitoring

15. Arpwatch – Ethernet Activity Monitor

Arpwatch is a kind of program that is designed to monitor Address Resolution (MAC and IP address changes) of Ethernet network traffic on a Linux network. It continuously keeps watch on Ethernet traffic and produces a log of IP and MACaddress pair changes along with a timestamps on a network. It also has a feature to send an email alerts to administrator, when a pairing added or changes. It is very useful in detecting ARP spoofing on a network.

16. Suricata – Network Security Monitoring

Suricata is an high performance open source Network Security and Intrusion Detection and Prevention Monitoring System for Linux, FreeBSD and Windows.It was designed and owned by a non-profit foundation OISF (Open Information Security Foundation).

17. VnStat PHP – Monitoring Network Bandwidth

VnStat PHP a web based frontend application for most popular networking tool called “vnstat“. VnStat PHP monitors a network traffic usage in nicely graphical mode. It displays a total IN and OUT network traffic usage in hourly, daily, monthlyand full summary report.

18. Nagios – Network/Server Monitoring

Nagios is an leading open source powerful monitoring system that enables network/system administrators to identify and resolve server related problems before they affect major business processes. With the Nagios system, administrators can able to monitor remote Linux, Windows, Switches, Routers and Printers on a single window. It shows critical warnings and indicates if something went wrong in your network/server which indirectly helps you to begin remediation processes before they occur.

19. Nmon: Monitor Linux Performance

Nmon (stands for Nigel’s performance Monitor) tool, which is used to monitor all Linux resources such as CPU, Memory, Disk Usage, Network, Top processes, NFS, Kernel and much more. This tool comes in two modes: Online Mode and Capture Mode.

The Online Mode, is used for real-time monitoring and Capture Mode, is used to store the output in CSV format for later processing.

20. Collectl: All-in-One Performance Monitoring Tool

Collectl is a yet another powerful and feature rich command line based utility, that can be used to gather information about Linux system resources such as CPU usage, memory, network, inodes, processes, nfs, tcp, sockets and much more.



We would like to know what kind of monitoring programs you use to monitor performance of your Linux servers? If we’ve missed any important tool that you would like us to include in this list, please inform us via comments and please don’t forget to share it.

Fix IE10 and SBS 2008 RWW error

You just upgraded your workstation to Internet Explorer 10. But when you try to remote into your SBS 2008 server, you get a “VBScript: Remote Desktop Connection” error message, like this:


The detail error message reads: The wizard cannot configure Remote Desktop Connection settings. Make sure that the client version of Remote Desktop Protocol (RDP) 6.0 or later is installed on this computer.



The solution is so easy, you probably will miss it. After clicking OK on the error window, click on the Compatibility switch icon  at the top of your IE10 window.

Your RWW login screen will refresh. Log back in and try connecting to the remote computer, and it should be working as expected.

N.B. It probably is incorrect to call this a “solution”, as it is more of a “workaround”. It’s not a bug with IE10, it’s that the decision was made that it’s acceptable to have a “workaround” rather than to fix IIS to flag compat mode from the server.

Installing and using VirtualBox on CentOS

1. RPMforge for CentOS 6

The default RPMforge repository does not replace any CentOS base packages. In the past it used to, but those packages are now in a separate repository (rpmforge-extras) which is disabled by default.

You can find a complete listing of the RPMforge package packages at http://packages.sw.be/

Download the rpmforge-release package. Choose one of the two links below, selecting to match your host’s architecture. If you are unsure of which one to use you can check your architecture with the command uname -i

The preferred rpmforge-release package to retrieve and to install in order to enable that repository is one of the two listed above.

Install DAG’s GPG key

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

If you get an error message like the following the key has already been imported:

error: http://apt.sw.be/RPM-GPG-KEY.dag.txt: key 1 import failed.

Verify the package you have downloaded

rpm -K rpmforge-release-0.5.2-2.el6.rf.*.rpm

<!> Security warning: The rpmforge-release package imports GPG keys into your RPM database. As long as you have verified the md5sum of the key injection package, and trust Dag, et al., then it should be as safe as your trust of them extends.

Install the package

rpm -i rpmforge-release-0.5.2-2.el6.rf.*.rpm

This will add a yum repository config file and import the appropriate GPG keys.

Then try to install something like this

yum install htop


2. Installing VirtualBox

The (VirtualBox) website has a lot of quality documentation including:

  • End-user documentation
  • Technical documentation
  • Source code repository timeline
  • List of changes (changelog)

This article will briefly cover the installation process. Both i386 and AMD64 (x86_64) versions are available.

You will need to be the root user for the following tasks. Login to a root shell or “su -” in a terminal window.

Download the RHEL repo config.

  • Note: As an alternative, you may choose to download and install individual RPMS rather than configuring the repository. That procedure is documented on the VB web site and will not be covered here.
cd /etc/yum.repos.d
wget http://download.virtualbox.org/virtualbox/rpm/rhel/virtualbox.repo
  • Optionally add a line “enabled=0″ if you do not want the repo enabled by default. This will require adding “–enablerepo virtualbox” to yum commands to access the repo.

The installation of VB will require the building of kernel modules. If DKMS (Dynamic Kernel Module Support) is installed it will be used and will simplify kernel upgrades. Installing DKMS from RPMforge or EPEL repository is recommended before installing VirtualBox. Don’t forget to configure the yum-priorities plugin. Installing DKMS will pull in required development dependencies.


yum --enablerepo rpmforge install dkms
<!> A forum user notes that all but the latest version of DKMS from Dell may be buggy.

If DKMS is not used and the development environment and kernel source are not already installed:

yum groupinstall "Development Tools"
yum install kernel-devel

You may also choose to only install a minimum set of individual development tool packages (at least gcc and make are required) rather than the groupinstall which some may consider overkill. Replace “kernel-devel” with “kernel-PAE-devel” if using a PAE kernel. If you are not using a standard CentOS kernel, you must acquire and install the source for your kernel from wherever you got the kernel. Do not try to use VirtualBox with a Xen kernel, nor to install a Xen kernel in a Guest OS.

  • Note: For CentOS as a Guest OS the same packages are used to build the “Guest Additions” drivers.

Install the RPM:

yum install VirtualBox-4.1

The installer will create the “vboxusers” group and create the necessary kernel modules if the development environment has been correctly configured.

For each “username” that will run VirtualBox:

usermod -a -G vboxusers username

or use the GUI Users and Groups tool.


4. Running VirtualBox

Run VB as a user that is a member of the “vboxusers” group. For VirtualBox-4.0 or 4.1 you may install the optional VirtualBox Extension Pack from a running instance of the GUI interface via the File / Preferences / Extensions menu. The root password will be required for this operation.

  • From a terminal command line enter “VirtualBox &”
  • In GNOME or KDE run under “Applications / System Tools / Oracle VM VirtualBox”

Accept the license, optionally register, and create a new VM. VMware virtual machines should be usable with Virtual box. Google “vmware to virtualbox” for information.

Help is available from the menu or online.


5. Making USB Work in VirtualBox

VirtualBox requires the user have write access to “usbfs” devices for USB access. As root perform the following:

mkdir /vbusbfs
echo "none /vbusbfs usbfs rw,devgid=$(awk -F : '/vboxusers/ {print $3}' /etc/group),devmode=664 0 0" >> /etc/fstab
mount -a


  • If running CentOS as a guest OS in a VM the same development and DKMS packages should be installed in the VM prior to installing VBox Guest Additions.
  • VB users may also be interested in the phpVirtualBox implementation of the VirtualBox user interface written in PHP.