June 2014 - main - earth.li

[ALUG Announce] Norwich Raspberry Pi User and Developer Group's third meetup
by Steve Pearce 27 Jan '15

27 Jan '15

ALUG Announce Please send announcements to Announce(a)lists.alug.org.uk Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce ----- Greetings ALUG. I'm writing to let you know that we'll be holding the third Norwich Raspberry Pi User and Developer Group meeting next Saturday, 9th March 2013. We'll be meeting at a new venue: The Soup Lab, 5 St. Benedict’s View, Grapes Hill, Norwich, NR2 4HH. See the website norwichrpi.org for more details about the group, and see thesouplab.co.uk for venue info. Hope to see you there. stevepdp ----- Send discussion replies to main(a)lists.alug.org.uk (Reply-To set) Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce

3 3

Fonts and Firefox
by Bev Nicolson 04 Jul '14

04 Jul '14

Not a huge technical challenge for you but something I find a tiny bit tedious. In Firefox, I can see some special characters or graphics but others are just squares with numbers or diamonds with a question mark inside. I've tried using a font with a bigger file (so more characters to pick from) but that hasn't solved it. Is it a unicode problem? Or something else entirely? (Ubuntu 12.04 LTS, Firefox 26.0) Is there something in Synaptic I need to install? etc etc. Bev.

3 9

Good energy usage/performance CPU/mobo combo
by Mark Rogers 01 Jul '14

01 Jul '14

Sparked by Laurie's thread, but different so I don't want to hijack it. My desktop PC (Intel G630 w/ 8GB RAM) is a bit slow these days. It is used for those wonderfully high memory applications we call web browsers, and for running VMs, and runs 24/7. Ubuntu 14.04 as the O/S. I'd like to upgrade the motherboard and processor (and the RAM if necessary) whilst retaining the rest of the box. What would be a good motherboard and CPU combo for the above on a budget of say £150-£200? (I'd want the motherboard to support at least 16GB RAM, 4x SATA and have USB3 but other than that I'm not too fussy. I currently have onboard graphics and continuing that way makes sense for my usage, but happy to look at alternatives.) Energy usage is something I would like to keep an eye on when the system is idle, but I don't want it to be held back when I actually want it to do something. Mark -- Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450 Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG

4 11

LXLE Menu problem
by Chris Walker 26 Jun '14

26 Jun '14

Here's hoping somebody can help me with this. I was having problems making VirtualBox work on a 64bit LXLE machine so I uninstalled the old version, grabbed the latest from Oracle and installed it. But although the old version did, the latest version is not showing up in the menu system. I've tried running the Menu Editor and although I can add it, and save it, it never appears in the menu. So can somebody give me a clue as to where I'm going wrong with this please? -- __ __| |_ __ __ .----------------------------------------------. / _/ _` \ V V / | mailto:alug_cdw@the-walker-household.co.uk | \__\__,_|\_/\_/ |______________________________________________|

2 2

Why do mail programs make moving to a new installation so difficult?!
by Chris Green 23 Jun '14

23 Jun '14

My wife is using Thunderbird on a new[ish] xubuntu 14.04 system. She has now got it fairly well configured and working the way she wants so the next step is to move her old 'local' E-Mail across. No way is this remotely easy, I can sort of see how it might be done but there are so many gotchas that I fear it's going to be a mess. Why can't modern E-Mail program simply use mbox (or maildir, I'm not too fussed) as they were designed rather than having to add all sorts of specially named directories and indexes? In mutt it would be trivial! -- Chris Green

4 5

Low energy use systems
by Laurie Brown 20 Jun '14

20 Jun '14

I'd like to tap into the collective brain here, if I may. For many years we've had a philosophy of using small machines to perform specific roles, say web-server, email-filter, SMB box, that sort of thing. We even have some of the Single-core Athlon boxes with 512Mb memory we bought 10 years ago still running, and working fine. However, of late, energy consumption has become a real issue. These things just consume too much electricity to justify keeping them running despite them have paid their way years ago, and still preforming faultlessly. I've had a look at the local guys at http://www.linitx.com (Needham Market) but the choice is mind-boggling, and I haven't really kept up to speed with this stuff. We already have a miniITX machine here as a firewall, but I might recycle it as a web server and use a Jetway JBC373 Fanless Quad Gigabit LAN Barebones System to replace it. However, what I need very soon is a couple of low-power consumption systems with at least 2Gb of memory, preferably a multi-core CPU (but not essential), at least one LAN port, standard VGA and PS/2 ports, and capable of taking a standard SATA 2.5" or 3.5" drive. We use Gentoo and Ubuntu on our servers. I'm thinking maybe the Jetway JNC9I-525 JC110 Barebone System but, recommendations anyone? Cheers, Laurie. -- --------------------------------------------------------------------- Laurie Brown laurie(a)brownowl.com ---------------------------------------------------------------------

3 4

Storing dropbox folder on a truecrypt volume
by Mark Rogers 16 Jun '14

16 Jun '14

First off: I know all about the potential issues (or otherwise) of using Truecrypt that have surfaced recently. For now I'm taking the view that data on a truecrypt volume is more secure than data that isn't... Anyway, I want to store my Dropbox folder on my truecrypt volume. This is about making sure that files in my dropbox folder are inaccessible to someone who steals my laptop, not about making them inaccessible to Dropbox employees (and US governments). There are loads of discussions out there about creating an encrypted container and storing that in Dropbox, but that is not what I am trying to do here. I want my ~/Dropbox folder to be located inside a truecrypt container. Does anyone have any ideas how to achieve this? At the moment Dropbox starts when my laptop does and complains that the dropbox folder isn't present. I need to delay its start until the Truecrypt container has been mounted. My guess is that I need a wrapper script that runs on startup and checks that the container is mounted before starting dropbox, but I'm unclear about the best way to do that - in particular taking into account that I might not even start Truecrypt, and if so Dropbox should never start. -- Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450 Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG

1 0

Re: [ALUG] my questions recently about securely transferring files from remote system
by Chris Green 16 Jun '14

16 Jun '14

This is just an update about my recent questions regarding how to transfer files reasonably securely (as in system security rather than confidentiality of file content) from a remote unattended system. I have what seems to me to be a satisfactory solution that also makes some other things a bit easier. While hunting around for ideas and solutions for this and other issues I came across an explanation and examples of the use of ProxyCommand in the ssh config file. This has provided me with my solution. Just to recap, the remote system is a Beaglebone Black running Ubuntu which is on our boat in France monitoring temperatures, battery voltages, etc. It's connected to the internet via a WiFi hotspot so is behind a NAT router (presumably) and a firewall which are out of my control. So, to make the BBB accessible it runs an ssh tunnel to an intermediate system (my web hosting provider) where I have an ssh login account. To maintain this connection through power failures and/or other glitches I run ssh on the BBB using autossh:- autossh -N -R ?????:localhost:22 -l isbdnet3 <host on the internet> (port number masked to ??????, there's a real number there of course) To connect from home to the BBB I used to ssh from home to <host on the internet> and then from there, via the tunnel, to the BBB. The reason for the intermediate system is that my home firewall only allows connections from <host on the internet> and a couple of other specific IP addresses. (This is to protect my home system from long term attacks using ssh) Adding a ProxyCommand to my ssh config at home allows me to connect 'directly' from my home system to the BBB, the line is:- Host bbb ProxyCommand ssh <host on the internet> nc -q0 localhost ????? Now I can just 'ssh bbb' and it goes straight to the BBB. Even better and more importantly it means that I can use sshfs to mount a directory from the BBB onto my home system, thus I can:- sshfs bbb:tmp odin ... and the files being stored in ~/tmp on the BBB appear on my home desktop in ~/odin. This means I can manipulate them as required (which means add the values to a database) *and* when this has been done I can delete them safely, ideal! :-) -- Chris Green

2 1

[ALUG Announce] ALUG Norwich Pub Meet Thursday 12th June
by Viperfang 09 Jun '14

09 Jun '14

ALUG Announce Please send announcements to Announce(a)lists.alug.org.uk Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce ----- Hello Norwich Aluggers, Our monthly ALUG Norwich social meeting will be held this Thursday, 12th June at The Coach and Horses (82 Thorpe Road, Norwich, NR1 1BA). The meeting officially starts at 8pm, although some people may arrive earlier. More information on those people can be found on the list and the IRC channel. If you are unsure if you will recognise us then make yourself and your intent to attend known by either posting on list or visiting us on IRC so we can look out for you rather than hiding in the corner. Optionally you could ask at the bar if they know where the geeky computer weirdos are and they'll point you in the right direction (seriously!). Another possibility is look for heaps of electronics on a table that may possibly look like movie props that would used for detonating explosives. Feel free to bring electronics/laptops/gadgets to the meet, you will by no means be alone. Ben Bewick aka Viperfang NB: This mail is automated, please refer to the usual sources for more information. ALUG Contact Details: Website : http://www.alug.org.uk/ IRC : #alug on irc.alug.org.uk List : http://lists.alug.org.uk/mailman/listinfo Twitter : http://twitter.com/anglianlug Identica: TBA Facebook: http://www.facebook.com/group.php?gid=2381613902 ----- Send discussion replies to main(a)lists.alug.org.uk (Reply-To set) Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce

1 0

Security when transferring files - passwordless ssh or rsync daemon?
by Chris Green 04 Jun '14

04 Jun '14

I want to copy files from a BeagleBone Black (running Ubuntu) to my home dmz system. This has got to work unattended as the BBB is sat on our boat moored on the Somme. It's also got to be a 'push' from the BBB as it's connected via WiFi and while I can connect to it through an ssh tunnel copying files via that connection would be decidedly tricky. So, as I see it, I have two obvious options:- 1 - Set up a public key login for the BBB on my dmz that requires no passphrase, so it's effectively passwordless. Then the BBB can run rsync to copy the files. The security hole in this approach is that if someone accessed the BBB then they could login to the dmz without further difficulty. 2 - Run an rsync daemon on the dmz and copy the files by connecting to this from the BBB. The advantage is that someone at the BBB end can't do anything but copy files (and I can limit what can be copied with the rsyncd configuration), the disadvantage is that the connection isn't encrypted at all. There's nothing valuable in the files, they're just temperature and electrical measurements from the boat so I don't care at all about the files being visible to the world. My security concern is to minimise the risk of someone getting into my dmz system. OK, it's a dmz and it's just a Raspberry Pi so is hardly full of valuable data but it would be a nuisance and *might* be a jumping off place for further nefarious deeds. I guess I'm being a bit paranoid really, the BBB on the boat is headless and anyone breaking into the boat is hardly likely to be an accomplished Linux hacker. Option 1 above is certainly the easiest as rsync daemon takes a bit of setting up. Are there any really obvious flaws - is it only really vulnerable to someone who accesses the BBB? There is an option 3 but it's more difficult to set up, I could implement a passphraseless rsync connection from the BBB to the dmz that only allows rsync file copying to a specific directory. I've done this on one other system and it works pretty well (you do it by adding a command= at the front of the authorized_keys file) but like the rsync daemon it takes a bit of setting up and I'm wondering if it's worth the effort. Any comments anyone? Are there more obvious and/or easier ways of copying files without making systems vulnerable to other attacks? -- Chris Green

6 13