Adding Static ARP on Windows 7

1. run cmd as administrator

2.

netsh

3. switch to interface/ipv4 subtree

interface ipv4

4. store=persistent will make it load this entry automatically at every boot

add neighbors "InterfaceName" "IP" "MAC" store=persistent


Connect Nokia Phone as USB Modem without PC Suite on Windows

1. install nokia cable drivers from http://nds1.nokia.com/files/support/global/phones/software/Nokia_Connectivity_Cable_Driver_eng.msi then connect your phone

2. Device Manager -> Modems -> Nokia Phone -> Properties -> Advanced -> Extra Initialization Commands -> +CGDCONT=,,"APN"
# APN of chunghwa telecom = internet

3. add a new dailup network, type *99# into dail no. and leave the rest blank

4. you can also uncheck "prompt for name and password" in properties because it is unnecessary

Mouse and Keyboard Sharing between Linux and Windows

synergy lets you share a single mouse and keyboard between multiple computers with different operating systems via network so one of them must be server, others would be clients
synergy+ is a maintenance fork for implementing bug fixes to the original synergy which hasn't any source updates since 2006

1. install synergy-plus on my server side, arch linux

yaourt synergy-plus

2. edit the configuration file on the server side

vi /etc/synergy.conf
--

# declare name of screens
section: screens
server:
client:
end

# specify relative positions
section: links
server:
right = client
client:
left = server
end

section: aliases
end

section: options
relativeMouseMoves = true
end

# windows is my client which be located right to linux.
# in other words, linux is left to windows.
# if set relativeMouseMoves to true then secondary screens move the mouse using relative moves only when the cursor is locked to the screen (by Scroll Lock or a configured hot key). this option makes synergy work better with certain games.

3. autorun synergy server when log in

vi ~/.config/autostart/synergys.desktop
--

[Desktop Entry]
Type=Application
Exec=/usr/bin/synergys


4. download and install synergy+ on the client side, windows

http://synergy-plus.googlecode.com/files/synergy-plus-1.3.4-Windows-x86-r1.exe

5. if the client synergy is on windows vista or 7, you may face UAC conflicts with it. first is unable to use synergy to login windows. second is synergy stop working when a uac prompt appears.
the solution is run synergy+ as administrator and configure it autostart when computer starts and install The Vista Syn to load synergy as a service

Sync File with Rsync between Windows and Arch Linux

1. install rsync on both sides

windows version of rsync is called cwRsync, can be download from http://www.itefix.no/i2/node/10650

2. add each module with the below format to /etc/rsyncd.conf on linux server side

[share]
# comment = Private Share
path = /home/share
# read only = yes
# list = yes
# hosts allow = 192.168.1.0/24
uid = nobody
gid = nobody
# auth users = username
# secrets file = /etc/rsyncd.secrets

3. auth users is read from secrets file

vi /etc/rsyncd.secrets
--

username:password

4. start rsync daemon

/etc/rc.d/rsyncd start

5. test client connection

"C:\Program Files\cwRsync\bin\rsync.exe" username@source_ip::share

6. start synchronizing command from windows client side

"C:\Program Files\cwRsync\bin\rsync.exe" -rt --delete source_ip::share /cygdrive/c/destination

-a, --archive # archive mode; equals -rlptgoD (no -H,-A,-X)
-r, --recursive # recurse into directories
-t, --times # preserve modification times
--delete #delete extraneous files from destination dirs

/cygdrive/c/destination is the destination format for cwrsync

Check The Bandwidth of Network

iperf is a tool for performing network throughput measurements.

1. install iperf on both nodes

arch linux

sudo pacman -S iperf

windows version can be downloaded from http://www.noc.ucf.edu/Tools/Iperf/

2. one node acts as server, the other node would be client
start listening on server side

iperf -s

3. start connecting to server on client side

iperf -c -w 2m server_ip

# -w 2m adjust windows size to 2 mbytes

4. result should appear in a few secs like this

[1924] 0.0-10.0 sec 111 MBytes 92.9 Mbits/sec


Convert Video on Linux for Nokia N97

you can save different configurations as profiles for mencoder use.

1. create configuration file ~/.mplayer/mencoder.conf if there is not.
if in windows, the file should be put in the same folder with config and input.conf

2. edit mencoder.conf

[n97]
profile-desc="MPEG4/AAC"
vf=scale=640:-3,harddup
ovc=lavc=yes
oac=lavc=yes
lavcopts=aglobal=1:vglobal=1:acodec=libfaac:vcodec=mpeg4:abitrate=96:vbitrate=896
af=lavcresample=44100
ofps=25
of=lavf=yes
lavfopts=format=mp4

[profile2]
..
..

the quality of video from the above setting is good enough. but you still can adjust them in the suitable range
abitrate: 96 ~ 192
vbitrate: 896 ~ 4000

3. specify which profile to use

mencoder -profile n97 -o output.mp4 input_file


Mount Windows Partition with Correct Character Setting on Linux


mount -t cifs -o iocharset=utf8,username="username",password="password" //ip/share /mountpoint


New Method of GRUB4DOS to Create a Bootable USB Stick

1. download grub4dos from http://download.gna.org/grub4dos/ and fbinst from
http://download.gna.org/grubutil/

2. if you are using vista, remember to run cmd as administrator

3. display help message

fbinst.exe -h

4. get the device number of usb storage

fbinst.exe -l

5. format the device

fbinst.exe (hd1) format --force --extended 4M

it will create mbr with 8mb primary(default) and 4mb extended area of hidden space, and a normal fat partition
you can format as usb-zip instead by --zip
because mbr and partition have been changed, unplug and plug the device for the following steps

6. extract grldr from grub4dos then copy it to device

fbinst.exe (hd1) add grldr c:\grldr

7. extract ldlinux.bin from http://www.kernel.org/pub/linux/utils/boot/syslinux/ then copy it to device with the parameter, --syslinux because syslinux must be put in extended data area

fbinst.exe (hd1) add --syslinux ldlinux.bin c:\ldlinux.bin

8. copy ntldr, NT boot loader to device

fbinst.exe (hd1) add ntldr c:\ntldr

9. create a text file named fb.txt

default 0
timeout 5
text "F1: GRUB"
menu F1 grldr grldr
text "F2: SYSLINUX"
menu F2 syslinux ldlinux.bin
text "F3: NTLDR"
menu F3 grldr ntldr

10. put it into your device as menu

fbinst (hd1) add-menu fb.cfg c:\fb.txt

11. you can show disk information to check these files

fbinst (hd1) info


MySQL Backup and Recovery with Command-Line

the mysqldump client is a backup program which can be used to dump a database or a collection of databases for backup or transfer to another sql server. the dump typically contains sql statements to create the table, populate it, or both.

backup an entire database

mysqldump -u username -p db_name > backup.sql

-p, --password
-u, --user=username

backup a table

mysqldump db_name table > backup.sql

dump several databases with one command

mysqldump --databse db_name1 db_name2 .. > databases.sql

dump all databases

mysqldump --all-databases > all_databases.sql



you need to create the databases manually if your target mysql server has no database with same name before recovery

mysql> create database db_name;

restore

mysql -u username -p < backup.sql


7-Zip Command Line

the linux version of 7zip is called p7zip
usage of 7za in windows is totally same to 7za in linux
the help message of command line version isn't detailed enough so here is an example

7za a -t7z -m0=lzma -mx=9 -mfb=64 -md=64m filename.7z target

a: add files to archive
e: extract files from archive (without using directory names)
-t: type of archive
-m0 : compression algorithm
-mx : compression level, 0 = no compression, 9 = ultra
-mfb : number of fast bytes for LZMA
-md : dictionary size
-ms=on : solid archive

p7zip is able to extract rar archives, but you have to use the exact command 7z, neither 7za nor 7zr because they are light-weighted commands which don't load plugins

if you use ubuntu, there is a package named p7zip-rar. on arch linux, p7zip package also installs rar plugin to /usr/lib/p7zip/Codecs/Rar29.so

7z e filenamr.rar


Cannot Copy Text in Vim While Using Putty

vim automatically sets visual mode when you click mouse buttons

solution is to stop vim from interpreting the mouse clicks

set mouse=


or add this to ~/.vimrc

Set up MythTV Backend on Arch Linux and Watch TV on Windows Player

1. install the mythtv package

sudo pacman -S mythtv

2. import the database structure of mythtv to mysql

mysql -u root -p < /usr/share/mythtv/mc.sql

3. run setup as root or you'd get the message "Couldn't open /dev/v4l/video0 to probe its inputs."

sudo mythtv-setup

4. first time when you run mythtv-setup, it may ask you if upgrade the database schema, press yes, backup would be /tmp

5. General (the below setting is for taiwan)
TV format: NTSC
Channel frequency table: us-cable

6. Capture card (get these device number from dmesg, lspci, and lsusb)
Card type: Analog V4L capture card
Video device: /dev/videoX
VBI device: /dev/vbi0
Audio device: /dev/dspX
Default input: Television

7. Video sources
Listings grabber: No grabber
Channel frequency table: default

8. Input connections
Scan for channels: Video source must be pick first
Starting channel: remember to type a valid number

9. Storage Directories, at least one recording directory has to be added to the Default Storage Group or it will not be possible to watch/record anything. personally i set /tmp. to remove a storage group from the list, highlight it and press the 'D' key

10. user plans to watch analog tv only doesn't need to run mythfilldatabase?

11. start mythtv backend server

sudo /etc/rc.d/mythbackend start


12. go to mythtv front-end

mythfrontend

Utilities / Setup -> Setup -> TV Settings -> Recording Profiles -> Software Encoders (v4l based) -> LiveTV
change all of codecs from RTjpeg to MPEG-4

13. download MythTV Player which is the only one player for windows that allows you to play recordings and LiveTV directly from a MythTv backend.
http://www.sudu.dk/mythtvplayer/index.php

14. mythtv player accept protocol versions 15-31 originally. if your server speak newer or older than it, edit config.xml just change 0 to 1

<AcceptNewerProtocols>1</AcceptNewerProtocols>
<AcceptOlderProtocols>0</AcceptOlderProtocols>


i got some problems, frequent disconnect at the very first minutes, cannot continue playing after disconnect, suitable setting or bitrate for stream to internet.. to be continued

Make SDL program to have console output instead of stdout.txt and stderr.txt under Windows

SDL_Init() routes stdout and stderr to the respective files. You can revert this by adding the following lines after the call to SDL_Init in your code:

freopen( "CON", "w", stdout );
freopen( "CON", "w", stderr );

* If that doesn't work try adding these 2 lines at the very beginning of your code (SDL_Init wrapper or in top of your main)

int main( int argc, char *argv[] )

Boot a Virtual Machine from command and Control it through Remote Desktop Protocol on Ubuntu

1. we will need VBoxHeadless command to run virtual machine in background, free version of virtualbox in ubuntu repository doesn't have it. so we need to install official version
from http://www.virtualbox.org/wiki/Linux_Downloads

complie VirtualBox Modules

sudo /etc/init.d/vboxdrv setup

2. set up your virtual machine completely through GUI, Applications -> System Tools -> Sun xVM VirtualBox. if you can't find the icon, just relog desktop environment after installed

change Settings -> Remote Display -> Enable VRDP Server
Authentication Method = Null

its unsafe but we will set something for security on windows later

3. command-line usage

start a virtual machine

VBoxHeadless -startvm "name"
or
VBoxHeadless -startvm "uuid"

poweroff a virtual machine

VBoxManage controlvm "name" acpipowerbutton

show info about a running virtual machine

VBoxManage showvminfo "name"

4. your login screen of guest windows has a shutdown button, it means anyone who connect to the right port can shutdown your machine. we have to hide it by changing the registry below

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\shutdownwithoutlogon -> 0

5. the last thing I must remind is remember to logout / switch user then windows will back to login screen. if you are afraid of forgetting to do so, try set screensaver with password protection. nobody can kick you if you are connecting and occupying the port.

VirtualBox Open Source Edition on Ubuntu

1. install open source edition of virtualbox and its module

sudo apt-get install virtualbox-ose virtualbox-ose-modules-generic

2. from console output or /var/log/apt/term.log, you can see there is no matching virtualbox-ose module for kernel 2.6.24-22. virtualbox-ose-modules-generic is linked to kernel 2.6.24-21 so apt-get installs linux-image-2.6.24-21-generic automatically.

in short, we have to change default boot number of grub to kernel 2.6.24-21

sudo vi /boot/grub/menu.lst
--
default n

3. scim conflicts with virtualbox-ose. it results keyboard is locked in both host and guest os when you press key or mouse which is captuered in guest os. below is the solution

sudo apt-get install scim-bridge-client-qt
im-switch -z en_US -s scim-bridge

4. reboot then done

5. before sharing folders between host and guest, you must install Guest Additions. once installed it, go to Devices -> Shared Folders.. to set your sharing folders. if guest os is windows, run

net use x: \\vboxsvr\FolderName


Change boot loader of Ultimate Boot CD to grub on a USB stick

1. use hp formatting tool to format usb flash drive as USB-HDD because the formatting function of window will make it as USB-ZIP

2. repeat step 1 ~ 3 in Change boot loader of Slax to grub on a USB stick if your usb stick is not bootable

3. download iso image of ubcd from http://www.ultimatebootcd.com/download.html and extract it

4. download converted grub menus then
delete syslinux, isolinux folders, menus folder and boot.catalog
copy grldr, grub.exe, memdisk, new downloaded menus folder and menu.lst to the iso root directory

5. rebuild the iso

mkisofs -R -b grldr -no-emul-boot -boot-load-size 4 -allow-lowercase -o ubcd411.iso d:\ubcd411


4. copy the new iso to the usb stick then edit menu.lst and add below

title Ultimate Boot CD
find --set-root /ubcd411.iso
map /ubcd411.iso (hd32)
map --hook
root (hd32)
chainloader (hd32)


Convert video by mencoder

mencoder is cross-platform command line video decoding, encoding and filtering tool. it can convert all the formats that MPlayer understands.

a converting example like below

mencoder in.video -oac mp3lame -lameopts preset=64 -ovc lavc -lavcopts vcodec=mpeg4 -ofps 25 -vf scale=320:240 -ni -o out.video

-oac #encode with the given audio codec (no default set).
-oac help #get a list of available audio codecs.
-<codec>opts #codec specific encoding parameters

preset=<value> #ABR encoding at average given kbps bitrate

-ovc #encode with the given video codec (no default set).
-oac help #get a list of available video codecs.

vcodec=<value> #employ the specified codec (default: mpeg4).
#windows media player comptiable format: msmpeg4, msmpeg4v2, wmv7

-ofps #specify a frames per second (fps) value for the output file
-vf scale=x:y #resize video

-ni #force usage of non-interleaved AVI parser (fixes playback of some bad AVI files).

-o #output filename

Set up OpenVPN between Ubuntu and Windows

1. OpenVPN is a full-featured open source SSL VPN solution so you need to install OpenSSL too.

sudo apt-get install openvpn openssl

2. there is a small RSA key management package that can be found in the easy-rsa subdirectory of the OpenVPN distribution. make a copy in /etc/openvpn

sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa /etc/openvpn

3. change working directory to /etc/openvpn/easy-rsa/2.0 and become superuser

sudo su

4. change below fields in variable file

vi vars
--
export KEY_COUNTRY="TW"
export KEY_PROVINCE="Taiwan"
export KEY_CITY="Taipei"
export KEY_ORG="GAMER"
export KEY_EMAIL="luke@luke-server"

5. initialize the PKI. you must enter something for common name when it prompt.

. ./vars
./clean-all
./build-ca

6. build server key

./build-key-server server_name

6. repeat this step to build keys for each different client

# with password
./build-key client_name
# without password
./build-key-pass client_name

7. Diffie Hellman parameters must be generated for the OpenVPN server.

./build_dh

8. copy sample config file from http://openvpn.net/index.php/documentation/howto.html#server then edit it

vi /etc/openvpn/server.conf
--
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients <-> one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine <-> single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
# #
# Comments are preceded with '#' or ';' #
#################################################

# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d

# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194

# TCP or UDP server?
;proto tcp
proto udp

# "dev tun" will create a routed IP tunnel,
# "dev tap" will create an ethernet tunnel.
# Use "dev tap0" if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use "dev-node" for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel if you
# have more than one. On XP SP2 or higher,
# you may need to selectively disable the
# Windows firewall for the TAP adapter.
# Non-Windows systems usually don't need this.
;dev-node MyTap

# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key). Each client
# and the server must have their own cert and
# key file. The server and all clients will
# use the same ca file.
#
# See the "easy-rsa" directory for a series
# of scripts for generating RSA certificates
# and private keys. Remember to use
# a unique Common Name for the server
# and each of the client certificates.
#
# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see "pkcs12" directive in man page).
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key # This file should be kept secret

# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh1024.pem 1024
# Substitute 2048 for 1024 if you are using
# 2048 bit keys.
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0

# Maintain a record of client <-> virtual IP address
# associations in this file. If OpenVPN goes down or
# is restarted, reconnecting clients can be assigned
# the same virtual IP address from the pool that was
# previously assigned.
ifconfig-pool-persist ipp.txt

# Configure server mode for ethernet bridging.
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"

# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).

# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
# iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious' private subnet to
# access the VPN. This example will only work
# if you are routing, not bridging, i.e. you are
# using "dev tun" and "server" directives.

# EXAMPLE: Suppose you want to give
# Thelonious a fixed VPN IP address of 10.9.0.1.
# First uncomment out these lines:
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# Then add this line to ccd/Thelonious:
# ifconfig-push 10.9.0.1 10.9.0.2

# Suppose that you want to enable different
# firewall access policies for different groups
# of clients. There are two methods:
# (1) Run multiple OpenVPN daemons, one for each
# group, and firewall the TUN/TAP interface
# for each group/daemon appropriately.
# (2) (Advanced) Create a script to dynamically
# modify the firewall in response to access
# from different clients. See man
# page for more info on learn-address script.
;learn-address ./script

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# the TUN/TAP interface to the internet in
# order for this to work properly).
# CAVEAT: May break client's network config if
# client's local DHCP server packets get routed
# through the tunnel. Solution: make sure
# client's local DHCP server is reachable via
# a more specific route than the default route
# of 0.0.0.0/0.0.0.0.
;push "redirect-gateway"

# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
;push "dhcp-option DNS 10.8.0.1"
;push "dhcp-option WINS 10.8.0.1"

# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
;client-to-client

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120

# For extra security beyond that provided
# by SSL/TLS, create an "HMAC firewall"
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
# openvpn --genkey --secret ta.key
#
# The server and each client must have
# a copy of this key.
# The second parameter should be '0'
# on the server and '1' on the clients.
;tls-auth ta.key 0 # This file is secret

# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES

# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo

# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100

# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
;user nobody
;group nobody

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log

# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
log openvpn.log
;log-append openvpn.log

# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20

9. start openvpn server

sudo /etc/init.d/openvpn start

11. download and install windows package of openvpn from http://openvpn.net/index.php/downloads.html
12. copy necessary key and certificate to the client computer. for windows machine, files go to C:\Program Files\OpenVPN\config

ca.crt
client.key
client.crt

13. double click on the client configuration file to edit it, C:\Program Files\OpenVPN\config\client.ovpn

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote IP PORT
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client.crt
key client.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher BF-CBC

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

14. right click on client.ovpn then click Start "OpenVPN on this config file"

Connect through SSH tunnel on Windows

1. Download Plink (a command-line interface to the PuTTY back ends)
2. Execute it with parameters on a windows machine

# -C enable compression
# -N don't start a shell/command (SSH-2 only)
# -v show verbose messages
# -ssh force use of SSH protocol
# -L [listen-IP:]listen-port:host:port
# Forward local port to remote address
plink.exe -C -N -v -ssh -L local_port:remote_ip:remote_port -l ssh_username ssh_server_ip

3. Then you could have localhost:port forwarded to remote server with encryption