Win10

• Windows 10 Configuration
  • Windows Update Fails
  • NumLock on Startup
  • Explorer Quick Access
  • Chocolatey
  • Vim Installation and Update
  • Windows Subsystem for Linux
    • Share Environment Vars between WSL and Windows
    • WSL Configuration
    • Access WSL Files from Windows
    • Configure SSH in each WSL Distro
    • Windows Firewall Rules for SSH
      • Add Unix socket access to Windows OpenSSH for KeeAgent
      • Automatically Start WSL sshd
    • WSL X11 Setup
    • Git Credentials
    • Git lfs
    • Whitewater Foundry Fedora Remix
    • Whitewater Foundry Pengwin
    • WSL Troubleshooting
      • Server execution failed
  • Windows Terminal
  • Console Colorscheme
  • Google Chrome
  • Symlinks
  • HP Envy BIOS Settings

• Windows 10 Insider Preview 10.0.17738.1000 (RS5_RELEASE) Install Error-SOLVED
  • Open cmd.exe as Administrator

    Sfc.exe /Scannow
    Dism.exe /online /Cleanup-Image /StartComponentCleanup
    Dism.exe /online /Cleanup-Image /restorehealth
    

  • restart the computer
• Microsoft Answers recommends repairing the Windows Update database, which may need to be run several times until no errors are found:
• Open Windows powershell (Admin):

  cd $env:windir\diagnostics\system\windowsupdate\
  Get-TroubleshootingPack  .  |  Invoke-TroubleshootingPack  -Result  $env:TEMP
  

• Open cmd.exe with admin. rights:

  net stop wuauserv
  del /f /s /q C:\Windows\SoftwareDistribution\DataStore\*.*
  del /f /s /q C:\Windows\SoftwareDistribution\Download\*.*
  net start wuauserv
  wuauclt /detectnow /reportnow
  

• If Windows Update becomes stuck in a re-boot and install loop, upgrade to a later ISO from Windows Insider Preview Downloads.

1. On the Logon/Lock screen, press the NumLock key on the keyboard to turn it on.
2. The Login screen contains a power button in the bottom right corner. Use it to reboot Windows.
3. If that does not work:
   1. Win-R regedit
   2. HKEY_USERS\.DEFAULT\Control Panel\Keyboard
   3. Default InitialKeyboardIndicators should be 2147483658 (0x8000000A).
   4. Set InitialKeyboardIndicators to 2147483650 i.e., 0x80000002 if Windows does not save NumLock status after reboot.
   5. HKEY_CURRENT_USER\Control Panel\Keyboard does the following:

      InitialKeyboardIndicators value	Purpose
      0	Turn all indicators off (NumLock, CapsLock, ScrollLock)
      1	Turn CapsLock on
      2	Turn NumLock on
      3	Turn CapsLock and NumLock on
      4	Turn ScrollLock on
      5	Turn CapsLock and ScrollLock on
      6	Turn NumLock and ScrollLock on
      7	Turn all indicators on (NumLock, CapsLock, ScrollLock)

There are situations where nothing would work and invalid pinned shortcut in Quick access get stuck and not removable. According to winhelponline, deleting the following file will reset the Quick Access menu to its default pinned folders.

cmd.exe /c del "%AppData%\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms"

choco

Chocolatey can serve as a package manager for Windows. The package choco-package-list-backup creates the packages.config file after configuring where to save the backup by editing variables in choco-package-list-backup.bat to select a backup location. If any --params were passed to choco install, these need to be manually added (note the script overwrites the file without prompting, so save to a different location). https://github.com/chocolatey/choco/wiki/CommandsInstall describes the packageParameters key that would need to be added to packages.config to replicate the previous installation.

choco powershell

• Improving choco list with options to show dependencies and sort by date (and more) #1276

  $packages = Get-ChildItem C:\ProgramData\chocolatey\lib\ -Recurse  *.nuspec | select fullname,name
  foreach($p in $packages){
          [XML]$xml=get-content $p.fullname
          $dependencies = $xml.package.metadata.dependencies.dependency
          foreach($d in $dependencies){
  	        $obj = New-Object -TypeName psobject
  	        $obj | Add-Member -MemberType NoteProperty -name package  -Value $xml.package.metadata.id
  	        $obj | Add-Member -MemberType NoteProperty -name packageversion  -Value $xml.package.metadata.version
  	        $obj | Add-Member -MemberType NoteProperty -name dependency  -Value  $d.id
  	        $obj | Add-Member -MemberType NoteProperty -name dependencyversion  -Value  $d.version
  	        $obj
          }
  }
  

vim install

Depending on access to an elevated shell, perform the following.

• Vim Win32 Installer includes 64 bit vim with python3_dynamic.
  • Move the old version to, e.g., $env:USERPROFILE\vim\vim82.old.
  • Unzip to $env:USERPROFILE\vim.
  • Delete the old version if the new one works.
• From an elevated shell install with Choclatey, which should register gvimext.dll. choco install vim /RestartExplorer
• Personal and work vim 8 configuration with submodules provides instructions for registering gvimext.dll manually.
• The default batch files do not activate a compatible python38 environment. Personal and work vim 8 configuration with submodules provides a conda environment.yml to create the python38 environment.
• It also provides :call condaactivate#AddConda2Vim() to activate python38 by updating $env:LOCALAPPDATA\Microsoft\WindowsApps\*vim*.bat Copy the files from C:\Tools\vim\vim82\*vim*.bat if they don't already exist. Choclatey overwrites the existing batch files with every update.

WSL Ubuntu WSL2

1. Microsoft Documents provides Installation Instructions for WSL 2. For information on key differences with WSL 2 refer to Microsoft Documentation for WSL 2.
2. Create/update /etc/wsl.conf per WSL Configuration.
3. Set root password.
4. Setup $WSLENV per Share Environment Vars between WSL and Windows.
5. Install rc file (dotfile) management and clone/update ~/.dotfiles per https://github.com/jfishe/dotfiles
6. Configure sshd_config per Configure SSH in each WSL Distro:
   1. Open private network access with Windows Firewall Rules for SSH.
   2. Add Unix socket access to Windows OpenSSH for KeeAgent.
   3. Automatically Start WSL sshd.

Share Environment Vars between WSL and Windows The following is useful to link vim, git and other settings files on the Windows side.

WT_SESSION:USERPROFILE/p:APPDATA/p:LOCALAPPDATA/p:TMP/p:WT_PROFILE_ID

Automatically Configuring WSL provides guidance on /etc/wsl.conf. Changes to wsl.conf do not take affect until reboot or Restart-Service -Name "LxssManager".

Umask may be set in ~/.profile to reasonable values for user created files.

UID and GID should be set per the user, so that files are not owned by root.

fmask should be abbreviated form to avoid a bug in some WSL versions that convert 0011 into 0111. Case should be off so that Windows programs can be executed from WSL.

[automount]
enabled = true
# root = /mnt/
options = "metadata,uid=1000,gid=1000,umask=22,fmask=11,case=off"
mountFsTab = false

#Let's enable DNS – even though these are turned on by default, we'll specify her
[network]
generateHosts = true
generateResolvConf = true

Linux files for a running WSL distro are located at \\wsl$\<distro_name>.

ssh

The file -- /etc/ssh/sshd_config -- will need to be edited to add/change the following:

• Change - PermitRootLogin no
• Add - AllowUsers yourusername
• Change - PasswordAuthentication yes # setup ssh keys and change to no
• Change - ListenAddress 0.0.0.0
• Add - UsePrivilegeSeparation no # can be left at yes
• Add -
  • Port 2200 # for Ubuntu
  • Port 2201 # for Pengwin
  • Port 2202 # for fedoraremix

    sudo service ssh --full-restart
    

Enable Port 22 in Windows Firewall provides the steps. Other directions from the website maybe dated for more recent versions of WSL.

1. Open Windows Firewall Advance Settings.
2. Click on New Rule… under Inbound Rules to create a new firewall rule.
3. Under Rule Type select Port.
4. Click Next to Continue.
5. Under Protocol and Ports select Specific local Ports and enter 2200,2201,2202, depending on the WSL distros installed. Do not include Port 22; the rule `OpenSSH SSH Server (sshd)` manages Port 22 on Windows.
6. Click Next to Continue.
7. Under Action select Allow the connection
8. Under Profile make sure to only select Domain and Private.
9. Click Next to Continue.
10. Under Name:
    1. Name: WSL SSH
    2. Description: Open SSH ports for Windows and WSL
    3. Click Finish

ssh powershell

OpenSSH uses the same command on PowerShell and Linux.

Open KeePass and enter the following to list available private ssh keys. It should work in WSL if socat and npiperelay are working.

ssh-add -l

ssh

At the moment WSL cannot access Windows named pipes, so Philipp Scheit proposed using socat and John Starks created npiperelay with the following build instructions, modified for my use. ~/.dotfiles/install.sh automates, removing the dependency on the symlink to %USERPROFILE%, but requiring %WSLENV% to include USERPROFILE/p.

# Perform once to create npiperelay.exe in %USERPROFILE%\go\bin.
GOOS=windows go get -d github.com/jstarks/npiperelay
GOOS=windows go build -o $HOME/userprofile/go/bin/npiperelay.exe \
  github.com/jstarks/npiperelay

# Perform once on each WSL distro.
sudo ln -s $HOME/userprofile/go/bin/npiperelay.exe \
  /usr/local/bin/npiperelay.exe

# Add to ~/.profile
if [ ! -f /tmp/ssh-agent-pipe ]; then
  socat UNIX-LISTEN:/tmp/ssh-agent-pipe,fork,group=fishe,umask=007 \
    EXEC:"npiperelay.exe -ep -s //./pipe/openssh-ssh-agent",nofork &
  export SSH_AUTH_SOCK=/tmp/ssh-agent-pipe
fi

ssh

WSL does not support systemd, so sshd does not start automatically on boot. WhitewaterFoundry / Pengwin provides a solution by starting sshd in the login scripts. This requires no password sudo for sshd to avoid entering a password every time the login scripts run.

1. Create /usr/bin/start-ssh with the following content.

   #!/bin/bash
   
   sshd_status=$(service ssh status)
   if [[ ${sshd_status} = *"is not running"* ]]; then
    service ssh --full-restart > /dev/null 2>&1
   fi
   

2. Create /etc/profile.d/start-ssh with the following content.

   sudo /usr/bin/start-ssh
   

3. Allow users to start sshd without sudo password, by creating /etc/sudoers.d/start-ssh with the following content.

   sudo /usr/bin/start-ssh
   

4. Set permissions and owner.

   sudo chmod 700 /usr/bin/start-ssh
   sudo chmod 644 /etc/profile.d/start-ssh.sh
   sudo chmod 0440 /etc/sudoers.d/start-ssh
   sudo chown root.root /usr/bin/start-ssh
   sudo chown root.root /etc/profile.d/start-ssh.sh
   sudo chown root.root /etc/sudoers.d/start-ssh
   

Note clipboard may not share immediately with Windows. Workaround: copy something into clipboard from X11; then sharing should work.

From graphical programs on windows subsystem on linux aspx do the following to get X11 on WSL:

From WSL Ubuntu:

sudo apt-get remove  openssh-server
sudo apt-get install  openssh-server

Install X410 from Microsoft Store or Xming.

For Xming, from Windows PowerShell (Admin):

choco install Xming -y

From Windows Start-Menu, start Xming. When Windows Defender prompts, grant access to private networks.

To start on login, Win-R shell:startup opens the startup folder and drag the Xming/X410 icon to the startup folder. Link should appear in the icon when it is over the startup folder.

From WSL Ubuntu:

sudo apt-get install x11-apps

if [[ ! -z "$WSL_INTEROP" ]] ; then
  # For WSL2, determine the IP address of the Hyper-V VM.
  export DISPLAY=$(cat /etc/resolv.conf | grep nameserver | awk '{print $2; exit;}'):0.0
else
  # Otherwise localhost works.
  export DISPLAY=:0
fi

xeyes # to test

The git-credential configuration for Linux requires support servers which don't seem to run on WSL. However Stack Overflow provides the following solution.

git config --global credential.helper "/mnt/c/Program\ Files/Git/mingw64/libexec/git-core/git-credential-wincred.exe"

Default Ubuntu doesn't support git-lfs. It can be installed from git lfs Installation.

sudo apt-get install software-properties-common to install add-apt-repository (or sudo apt-get install python-software-properties if you are on Ubuntu <= 12.04)
sudo add-apt-repository ppa:git-core/ppa
sudo apt-get update
curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | sudo bash
sudo apt-get install git-lfs
git lfs install

Fedora

If the gpg keys do not work with dnf:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

Debian Pengwin

If the gpg keys do not work with apt-get:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <PUBKEY>

troubleshooting

Error "Server execution failed" when trying to run bash command:

Press Windows key + R
Type: optionalfeatures.exe
Hit Enter

Scroll to the bottom

Uncheck Windows Subsystem for Linux
Click OK

Restart if prompted

Press Windows key + R
Type: optionalfeatures.exe
Hit Enter

Scroll to the bottom

Check Windows Subsystem for Linux
Click OK

Restart if prompted

Check if it now works.

• Microsoft Console ColorTool contains the source for ColorTool. Visual Studio is needed to compile.
• iTerm2 Color Schemes contains the itermcolors files used below.
• Set PSReadlineOption for Number and Member ForegroundColor to Black. The default is white on white.
• ColorTool doesn't change Default colors. Set manually.
• Put ColorTool.exe and Solarized Dark Higher Contrast.itermcolors and Solarized Light.itermcolors in Documents\Windowspowershell.

To prevent Chrome from auto-launching on login, open Settings-System-Continue running background apps when Google Chrome is closed. The no startup window switch doesn't appear to work.

copy
REG QUERY HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v GoogleChromeAutoLaunch*
Alt-R
regedit
Delete Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_*

$RegPath = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Run"
$RegProperty = "GoogleChromeAutoLaunch*"
Get-ItemProperty -Path $RegPath -Name $RegProperty
Remove-ItemProperty -Path $RegPath -Name $RegProperty -Confirm

• Get-Help Registry
• https://www.wikihow.com/Block-an-Application-or-.EXE-from-Running-in-Windows
• https://www.howtogeek.com/241752/how-to-stop-windows-10-apps-from-running-in-the-background/

mklink SeCreateSymbolicLinkPrivilege symlinkevaluation

Windows reserves certain file extensions, like .COM, .PRN, etc. This can create problems with symlinks being misunderstood from cmd.exe and Explorer. Solve by ending the link name with . when using mklink. The . does not show up in the actual link name so bash, etc. are not impacted.

mklink /D remodel_richland.droppages.com. C:\Users\fishe\Dropbox\Apps\My.DropPages\remodel_richland.droppages.com

mklink may respond You do not have sufficient privilege to perform this operation. /J or /H usually are less restrictive but won't work with WSL symbolic links or OneDrive. Microsoft provides additional detail regarding SeCreateSymbolicLinkPrivilege

• Run gpedit.msc
• Navigate to Computer configuration → Windows Settings → Security Settings → Local Policies → User Rights Assignment → Create symbolic links
• Here you can set which users can create symbolic links.
• You may need to change symlinkevaluation for OneDrive or corporate network locations. The defaults work in most cases.

  fsutil behavior query symlinkevaluation
  

  Local-to-local symbolic link evaluation is: ENABLED
  Local-to-remote symbolic link evaluation is: ENABLED
  Remote-to-local symbolic link evaluation is: DISABLED
  Remote-to-remote symbolic link evaluation is: DISABLED
  

BIOS HP

Press F10 repeatedly during boot.