Crunchbang Statler Alpha 2 Release – User input implimented

One of the things that drew me to Crunchbang was the fact that it has a pretty tight community as well as frequent participation by the head developer Phillip Newborough. Even his wife Becky is a regular participant. The new Crunchbang Statler Alpha2 is a testimony to team work.

http://crunchbanglinux.org/blog/2010/06/25/development-release-crunchbang-10-statler-alpha-2/

Devs, Staff and Users working together

Many distros suffer with a lack of communication between the community and developers, frequently resulting in bugs not being fixed, requests being ignored. Not so with Crunchbang. The Crunchbang community is included in decision making, bug crunching and feature suggestions, and although there is only one “official” developer, you actually get a sense of being a part of the team.

Check out the latest changes for Alpha2 on the Crunchbang wiki and then consult the forums, and you will noticed that practically all the changes originated from user/staff input: http://crunchbanglinux.org/wiki/release-notes/10-alpha-02

International Languages and Keyboards

While testing the first Alpha on my laptop which has a Spanish keyboard, I had a few configuration problems, so I went through a bit of trial and error and posted my fix. The same day, more international users jumped on the thread and started adding a whole load of information regarding keyboard configuration and language support. I edited my original “basic” post, and added the other suggestions. That’s what the Crunchbang community is like: http://crunchbanglinux.org/forums/topic/6926/howto-international-keyboards-keybindingsaltgrkeymapsoptions/

Crunchbang is Debian minus the politics

My laptops have Broadcom wireless and I have two desktops with Atheros which used to require Madwifi drivers before the ath5k and ath9k were updated and now work. As such, I need non-free firmware from the get-go. This is also something I advocated on Dreamlinux when I was part of the team, and hence Dreamlinux also comes with all wireless out of the box.

One of my first posts on the Crunchbang forums was to ask about the inclusion of Madwifi, and if there was any political policy regarding  non-free firmware. Here was the reply which put Crunchbang on all my computers:

http://crunchbanglinux.org/forums/post/7379/#p7379

The latest release notes for the Alpha2 also include this line which cheered me up:

Additional firmware for improved support of Broadcom wireless network cards.

I’m not the only Broadcom user, and a few of us provided input to hep other users to get their cards working:

http://crunchbanglinux.org/forums/topic/6872/howto-broadcom-on-statler-alpha1/

So all in all Crunchbang and its community are ticking along nicely, and I am pretty sure that Crucnhbang is certainly going to be one of the regular Top 10 distros on Distrowatch in the near future.

http://distrowatch.com/table.php?distribution=crunchbang

Posted by a very happy  Crunchbanger 😉

Advertisements

PGP/GPG Cheat Sheet

**NOTE** (for those who are confused by GPG vs PGP)

GPG (GNU Privacy Guard, GnuPG) is a free software alternative to the PGP suite of cryptographic software. GPG is a part of the Free Software Foundation’s GNU software project, and has received major funding from the German government. It is released under the terms of version 3 of the GNU General Public License.

PGP (Pretty Good Privacy) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting e-mails to increase the security of e-mail communications. It was created by Philip Zimmermann in 1991.

This a personal backup of an original cheat sheet here:
http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/gpg-cs.html

to create a key:
gpg –gen-key
generally you can select the defaults.

to export a public key into file public.key:
gpg –export -a “User Name” > public.key
This will create a file called public.key with the ascii representation of the public key for User Name. This is a variation on:
gpg –export
which by itself is basically going to print out a bunch of crap to your screen. I recommend against doing this.
gpg –export -a “User Name”
prints out the public key for User Name to the command line, which is only semi-useful

to export a private key:
gpg –export-secret-key -a “User Name” > private.key
This will create a file called private.key with the ascii representation of the private key for User Name.
It’s pretty much like exporting a public key, but you have to override some default protections. There’s a note (*) at the bottom explaining why you may want to do this.

to import a public key:
gpg –import public.key
This adds the public key in the file “public.key” to your public key ring.

to import a private key:
gpg –allow-secret-key-import –import private.key
This adds the private key in the file “private.key” to your private key ring. There’s a note (*) at the bottom explaining why you may want to do this.

to delete a public key (from your public key ring):
gpg –delete-key “User Name”
This removes the public key from your public key ring.
NOTE! If there is a private key on your private key ring associated with this public key, you will get an error! You must delete your private key for this key pair from your private key ring first.

to delete an private key (a key on your private key ring):
gpg –delete-secret-key “User Name”
This deletes the secret key from your secret key ring.

To list the keys in your public key ring:
gpg –list-keys

To list the keys in your secret key ring:
gpg –list-secret-keys

To generate a short list of numbers that you can use via an alternative method to verify a public key, use:
gpg –fingerprint > fingerprint
This creates the file fingerprint with your fingerprint info.

To encrypt data, use:
gpg -e -u “Sender User Name” -r “Receiver User Name” somefile
There are some useful options here, such as -u to specify the secret key to be used, and -r to specify the public key of the recipient.
As an example: gpg -e -u “Charles Lockhart” -r “A Friend” mydata.tar
This should create a file called “mydata.tar.gpg” that contains the encrypted data. I think you specify the senders username so that the recipient can verify that the contents are from that person (using the fingerprint?).
NOTE!: mydata.tar is not removed, you end up with two files, so if you want to have only the encrypted file in existance, you probably have to delete mydata.tar yourself.
An interesting side note, I encrypted the preemptive kernel patch, a file of 55,247 bytes, and ended up with an encrypted file of 15,276 bytes.

To decrypt data, use:
gpg -d mydata.tar.gpg
If you have multiple secret keys, it’ll choose the correct one, or output an error if the correct one doesn’t exist. You’ll be prompted to enter your passphrase. Afterwards there will exist the file “mydata.tar”, and the encrypted “original,” mydata.tar.gpg.

Ok, so what if you’re a paranoid bastard and want to encrypt some of your own files, so nobody can break into your computer and get them? Simply encrypt them using yourself as the recipient.

I haven’t used the commands:
gpg –edit-key
gpg –gen-revoke

* –gen-revoke creates a revocation certificate, which when distributed to people and keyservers tells them that your key is no longer valid, see http://www.gnupg.org/gph/en/manual/r721.html
* –edit-key allows you do do an assortment of key tasks, see http://www.gnupg.org/gph/en/manual/r899.html

How to fix Ubuntu 10.04 Panel Volume Control and other annoyances

I installed Ubuntu 10.04 Lucid Lynx on our main home computer (wife and kids use it), and Lucid Lynx s LTS which means it should (in theory) be updateable for a long period of time without those nasty 6-monthly dist-upgrade surprises.

Little annoyances
Apart from having window maximize/minimize/close buttons on the left, having to add user permissions for network/wireless/sound….. well, everything basically, I also found that there was no Volume control on the panel.

Here’s the fix:
sudo apt-get install indicator-sound

Now right click on your “envelope” on the panel and choose “Remove From Panel” (Don’t panic, we’ll get it back in a minute)

Next right click on your panel and choose “Add To Panel…

Now select the “Indicator Applet” (that ‘s the envelope you just removed). Now it will come back, but this time with a Volume Control applet by its side 🙂

Ubuntu seems to get more stupid every release. I chose this for the family computer as once Ubuntu is setup “properly”, it’s low maintenance and has practically everything out of the box. But they really should get back to basics and have the base fixed before adding all this extra fluff and prettiness.

Slow System
To speed up the system I went to “Startup Applications” and shut it all down apart from Network and Sound. Compiz also got switched off. Those effects were cool back in the days of Beryl, but they offer nothing other than a little Bling to show off to Windows/Mac using buddies. Otherwise, just a useless system hog.

Sound – Pulse Audio
I don’t like this Pulse audio much, and will probably return to Alsa, which in my opinion is a very good sound architecture. Why people keep reinventing the wheel i’ll never know.

Canonical/Ubuntu services – 2Gb Storage and Music Store
Nope. That’s it, just nope. My personal data on an Ubuntu server? nuh uh!. Using a credit card online to buy music with an Ubuntu service? nuh uh! X2. Call me paranoid, but i’d currently only risk my cash and privacy on Debian and FreeBSD. You’ve just got to trust the big boys who are security conscious.
I still don’t see Canonical or Ubuntu as competent enough to deal with serious issues such as encryption and security when they can’t even decide which side to put buttons on a GUI. Whatsmore, the community is usually ignored regarding these simple decisions, who would have the last word with security issues?

Anyhoo. System all setup, looks nice and pretty. Runs faster now I removed and shut down all the bloat as well.

Fingers crossed for when it’s time to update and upgrade ^^

Howto Extra Swap without having to repartition

This is a great little trick if for some reason you need a little extra Swap. You may face a situation where your RAM and Swap are being eaten up by a hungry app. Well, no problem, all though not as fast or efficient as extra RAM or a bigger Swap partition, it is still handy in some situations.

How to add more Linux Swap with Swap File

Assuming you want to put it in “/”, Create an empty 500MB file
$ sudo dd if=/dev/zero of=/swap.img bs=1024k count=512

Format it as a swap file
$ sudo mkswap /swap.img

Add it to your running Linux system
$ sudo swapon /swap.img

Optionally you can add /swap.img to fstab for automatic swap activation.

$ sudo nano /etc/fstab

Add this line at the end of the file
/swap.img none swap sw 0 0

Then Ctrl+X, Y to save and Enter to close Nano

Run “free -m” command to verify that you’ve added the newly created swap to your Linux based operating system.

Howto Easy PGP Key Creation

HOWTO: Quick & Easy GPG Key


This HOWTO will take you through a quick & basic PGP Key creation and submission to MIT key servers

First you need to install gnupg and gnupg-agent. In order to create a key, you will also need a real email address.

1. Open a terminal.
2. type in the following code:

gpg --gen-key

3. Then enter a “1” – to create a standard DSA/ElGamal key. Press Enter.
4. Type in 1024. Press Enter.
5. Type in 0. Press Enter.
6. Enter a y. Press Enter.
7. Type in your Real Name. Press Enter.
8. Type in your REAL email address. Press Enter.
9. Type in Your First Name, followed by “‘s PGP Key”. Press Enter. IE Joe Blogg’s PGP key (without the “”)
10. Type O. Press Enter. It will now create your Key.
11. You will have to give it a “Pass Phrase”. Try to use a password with a mixture of upper and lower case letters as well as numbers to make it secure.

When it’s finished creating your Key, follow these steps:
1. Open a terminal.
2. Type in the following code:

gpg --export -a "User Name" > public.key

3. Open a nautilus window.
4. Find the file “public.key” in your home directory.
5. Right click on the file, left click on open in text editor.
6. Press CTRL+A, then CTRL+C (Select All, Copy)
7. Open http://pgp.mit.edu in a browser window.
8. In the box under the label, “Submit a key” – right click in the box and then left click on paste.
9. Click on “Submit this key to the keyserver!”
10. Go back to http://pgp.mit.edu
11. Type in your name in the Search String box.
12. Highlight and Copy the section of the result page under “User ID” (It should be your name, comment, and email address.)

Common Ssh Commands

This isn’t my work, I copied it to my blog for safe keeping. The original is here:

http://kb.mediatemple.net/questions/247/Common+SSH+Commands

Common SSH Commands

  • Applies to: All Service Types
  • Difficulty: Easy
  • Time needed: 5 minutes
  • Tools needed: ssh

DETAILS:

Not all of these commands will run on all Hosting Products.

This is a list of Common commands that can be run from root / SSH access.

I. Basic Commands

A. Retrieve Plesk Admin Password

cat /etc/psa/.psa.shadow

B. Change Directory (cd)

cd /path/to/directory/

C. Listing Files/SubFolders (ls)

ls -alh

(files and subfolders listed with perms in human-readable sizes)

D. Checking Processes

ps -a top -c

(process viewer – Ctrl+C to exit)

ps -auxf

(process list)

E. Start/Stop Services

/etc/init.d/ start|stop|restart|status

(“/etc/init.d/httpd stop” stops apache)

F. Check Bean Counters (hard and soft limits, failcounts, etc.)

cat /proc/user_beancounters

II. File System Commands (df & du are (dv)-only commands)

A. Check Total Disk Usage

df

(gives physical disk usage report with % used)

B. List Files/Folders +Sizes (du)

du

(lists all filesizes. This will take some time.)

du -sh

(lists all the subfolders/sizes in a dir)

C. Remove/Delete Files (rm /path/to/filename.htm) -DANGER- always verify

rm -vf

(force-deletes file. Dont run unless you know EXACTLY what you’re doing)

rm -vrf

(force deletes folder and all subfolders and files)

To Remove a Directory you can use the following command:

 rmdir  

D. Copy Files (cp)

cp filename.abc /new/path/filename.abc.123

E. Move Files (mv)

mv filename.abc /new/path/filename.abc.123

F. Create Empty File (touch)

touch filename.123

III. File Permissions and Ownership

A. Change Permissions of files (chmod)

chmod 000 filename.abc

(defaults are usually 755 for folders, 644 for files)

TIP:

1st digit=Owner; 2nd=Group; 3rd=Other
(-rwxrwxwrx = 777, -rwxr-xr-x = 755, -rw-r–r– = 644, etc.)
7 = Read + Write + Execute
6 = Read + Write
5 = Read + Execute
4 = Read
3 = Write + Execute
2 = Write
1 = Execute
0 = All access denied

B. Change Ownership of files (chmown)

chown user:group filename.abc

(you can see user and group w/ ls -alh)

TIP:

Anytime a user creates a file, the Ownership of the file matches that user. In Plesk, every domain that has hosting has a different user. So if you are copying files from one domain to another, you must remember to change ownership.

IV. Checking Log Files (dv)

Log files can tell you a lot about whats going on on a (dv). You can use the command:
‘tail -n 100’ before the logfile name to list the last 100 entries of the logfile.

Here are some of the most common:

A. Main Error Log

/var/log/messages

B. Apache Error Log

/var/log/httpd/error_log

(main)

/home/httpd/vhosts/mt-example.com/statistics/logs/error_log

(per-domain) (May also be: /var/www/vhosts on newer dvs)

C. MySQL Logs

/var/log/MySQLd.log

D. Mail Logs

/usr/local/psa/var/log/maillog

NOTE:

Common issues to look out for in log files

  • The main error log will not always give you all the information you want for a svc.
  • You may see alot of failed SSH and FTP connections, that is generally normal.
  • Keep an eye out for MaxClients errors in the Apache logs if a customer is complaining of Apache dying alot. You can check the KB for raising MaxClients settings.
  • If a customer does not set up Log Rotation for a domain under Plesk, then Log Files will build up and may take up alot of unneeded space. You can usually delete old log files in Plesk, and change the Log Rotation to Daily instead of by size.
  • MailLogs can show you if a customer is spamming, or if mail is coming in or out.
  • MySQL Logs should be able to show you general MySQL errors such as bad connections, or corrupted tables. Check the Int. KB for the ‘myisamchk -r’ repair table command.

V. Advanced Commands

A. Find. You can do alot with find. for now lets find all files over 10MB.

cd /
find / -type f -size +10000k -exec ls -lh {} \; | awk '{ print $5 ": " $9 }' |sort -n

B. Grep. Another handy tool to get specific information

cat file | grep blah

(only lists the information where the word blah is found)

C. Less/More

less filename.abc 

(displays the content of a file. arrows to scroll, ‘q’ to quit.)

more == same thing basically. You can use the ‘| more’ command to scroll through something page or line at a time.

tail -n 1000 /var/log/httpd/error_log | more

VI. Vi is a basic text editor.

Careful what keys you hit while in vi.

vi /path/to/filename.abc

TIP:

You can learn more about using the VI/VIM text editor by reading the following guide:

Understanding basic vi (visual editor)

Reset Vodafone Router Admin Password

If you live in Spain and use Vodafone as your host provider, you may have seen that they remotely change the “Admin” password which stops you getting access to extra features such as opening specific ports for servers.

The “vodafone” user only has a basic mix of user-end tools for the router.

So, how do you get access to the admin account again, with your own password so they can’t change it?

  1. Disconnect the telephone line
  2. Clear the cache, cookies and saved vodafone router password from your browser (otherwise it will just automatically log you in with the user  “vodafone” not “admin”
  3. Press the reset button for between 15-20 seconds and release.
  4. Switch the router off then on again.
  5. Connect to the router from IE, FireFox, Chrome, etc, using this IP address: 192.168.0.1
  6. Log in as admin with the password VF-EShg553 and change the passwords for: vodafone, admin and support.