Friday, November 20, 2009

Poor Man's Ubuntu Lojack

So, I got to thinking, "What if my laptop were stolen? I don't keep anything 'private' on it, but it would be nice to get it back, if possible..." So, how do you track down a laptop that has been stolen? Lojack provides an option that works even if the system has been reformatted, but it only works with Windows and costs $$$. So, what are the OSS alternatives? There is one called Adeona, but they're having issues getting a service up and running to store your computer's location and other info when stolen. I also doubt that it works if the systems has been reformatted.

So then I got to thinking, "What about DDNS?" Dynamic DNS (or DynDNS, or DDNS) tracks your computer's current IP address and updates a service (such as DynDNS.org) every time your IP changes. This is useful if you know your computer has been stolen and you're wondering where it is.

It turns out I'm not the first person who's asked this question and configuring the service is unbelievably easy!

Here's the secure way to do it (grabbed from this website):

Step 1

First, you need to create an account with DynDNS to do so follow this howto: https://www.dyndns.com/services/dns/dyndns/howto.html.

Step 2

First we’ll install ssh and ssh-socket so we can send our DynDNS user and password encrypted instead clear text:

$ sudo apt-get install ssh libio-socket-ssl-perl

Step 3

Install ddclient:

$ sudo apt-get install ddclient

Step 4

The installation will prompt you some questions. For the first one it ask for your dynamic DNS provider, select www.dyndns.com:

ddclient01.png

Then, put your fully qualified domain name(s):

ddclient02.png

Now, your DynDNS requistered username and password:

dcclient03.png

ddclient04.png

And finally, type “web” as the DynDNS interface to use:

ddclient05.png

Ok, so long we’ve finished installing ddclient but there’s still more work to do in order to get it working properly.

Step 5

We, need to change the ddclient configuration file (/etc/ddclient.conf) in order to use ssh to send the username and password, and to properly check the IP adrress. From the command line open ddclient configuration:

$ sudo vim /etc/ddclient.conf

In the generated configuration file you’ll probably see something like the following (The parts in italics will be different, the bold parts are going to change so special attention on this):

# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
pid=/var/run/ddclient.pid
protocol=dyndns2
use=if, if=web
server=members.dyndns.org
login=your-dyndns-username
password='your-dyndns-password'
your-host-name.homelinux.net

Step 6
We need to change the configuration so ddclient get our public IP address properly, and to send our username and password over ssh.

DynDNS has a web interface to get your public IP address, this is equivalent to manually invoking http://checkip.dyndns.com/. But we need to properly configure this interface, so change the line use=if, if=web for the following:

use=web, web=checkip.dyndns.com/, web-skip='IP Address'

Second, add to your configuration file just below the initial comments the following:

ssl=yes
daemon=300

The above two lines tells ddclient to use ssl for its connection and to update your public IP address every 5 minutes (specified in secconds).

Step 7

Now, we must make sure that ddclient is set to run as a deamon. Edit /etc/default/ddclient:

$ sudo vim /etc/default/ddclient

And make sure that:

# Configuration for ddclient scripts
# generated from debconf on Tue Jan 29 20:23:32 CST 2008
#
# /etc/default/ddclient
# Set to "true" if ddclient should be run every time a
# new ppp connection is established. This might be useful,
# if you are using dial-on-demand
run_ipup="false"
# Set to "true" if ddclient should run in daemon mode
run_daemon="true"
# Set the time interval between the updates of the dynamic DNS name in seconds.
# This option only takes effect if the ddclient runs in daemon mode.
daemon_interval="300"

Step 8

Finally, restart your ddclient and if no error is printed you’re good to go:

sudo /etc/init.d/ddclient restart
 
Note that even though the password is stored in plain text on your system, you HAVE to be root or have root privs to access it. Also, this service should start running when the computer boots. I'll have to test this, but I'm pretty sure that is the case.

In addition to this, I recommend setting up a "Guest" account on your system that automatically logs in after 30 seconds at the login window. Give it Internet access but NO other access (restricted user account). This will give a thief a sense of being able to do something with the computer, even if they cannot.

If your laptop gets stolen, just jump into DynDNS.org and wait for the IP to change. When it does, run a traceroute and notify the police of any information you've collected.

Encrypting Files in 9.04 and 9.10

Directory and file-level encryption is a beautiful thing in Ubuntu. No additional applications to install. Or, at least on 9.04 (Jaunty). On 9.10 (Karmic), they removed this useful feature as a default option in the install for some reason. But, not to worry, it can be readded:

In Jaunty, just right-click a file or folder in Nautilus and select encrypt. Assuming you've created a GPG encryption key for files and e-mail, it'll allow you to apply that encryption to it.

In Karmic, this feature is removed. To re-add it, the open Synaptic Package Manager, find, then install the seahorse-plugin.

Reboot. "encrypt" and "sign" will then be options in Nautilus.

Launchpad is tracking this as the following bugs:
#390744 #393645

Friday, November 13, 2009

Adding Second VMDK to Ubuntu Server VM

If you've added an additional virtual hard drive to an Ubuntu VM, you'll need to do the following to be able to use it effectively for a web server:

  1. Partition the drive (MBR)
  2. Create a sub-partition (EXT3 or EXT4, depending on need)
  3. Modify fstab to be able to mount the drive on boot
On the other hand, if you're mounting a network storage location, it's better to use Autofs (or AutoMount, as it's called) because it'll be less drain on your network and improve access times when shared.

Adding LAMP Server Setup to Desktop (Ubuntu 9.10)

Here's instructions on adding LAMP (Linux, Apache, MySQL, PHP) + Python + virtual web hosting to an Ubuntu 9.10 Desktop.

Just thought I'd post this in case anyone is interested in doing this. Normally, I recommend just installing the Ubuntu Server distro which has the option of configuring most of this for you through the install process. But hey, what fun would that be? :)

Uncomplicated Firewall

For information on setting up a nice, easy to configure firewall in Ubuntu, see this help page. I'm using this for my Ubuntu servers, but I think it would be just as useful for a desktop system.

Thursday, November 12, 2009

Linux Desktop: Gaining Market Share

Cool blog post on ComputerWorld about the advancing of Ubuntu Desktop. Go Tux!

Favorite quote from the article:

This will put Windows in an interesting spot. Mac already owns the high end, and Linux will end up with the low end. At the same time, more and more of our work will be done with online services, with Google Docs and the like, almost all of which are based on Linux.

Historically, being in the middle of a market isn't a comfortable place to be. People who want the best will turn to Macs; people who want a bargain will go to Linux. The usual argument is that everyone already uses Windows and they need their applications. Fair enough. But what happens when you don't need Windows for the programs you use every day?

Ubuntu 9.10: First Impressions

Ok, I've been using 9.10 for all of 12 hours now. I must say, overall, the experience is improved, which was one of the main goals. Most of my papercuts are gone (yay Bluetooth audio integration!) but I have managed to find a few new ones...

Canonical, what the #*$%& were you thinking with your new Software Center!? Removing the ratings was the worst possible route you could take. Oh, and now I no longer need to see exactly *why* an install failed for a particular app? You just stall at 77% and give me no data? What's with that?

Oh, and don't get me started on wanting to replace Synaptic. Unless you plan on keeping all the features in, don't bet on me wanting to give it up right away. In fact, if removed, I can almost guarantee it'll become one of my defacto post-install requirements (Add Synaptic back in. Check).

Now, to give them the benefit, it does make sense to consolidate these programs, but for me, I always use the Add/Remove Programs app to do the big-level stuff and REQUIRE Synaptic when dealing with things like drivers and what nots. Essential maintenance, if you ask me.

I'll look for the idea storm on this one and watch it closely. I'd hate to see it get WAY off the tracks before users start bringing it back to earth.

Wednesday, November 11, 2009

Upgrading Ubuntu Server 6.04.2 to 8.04.3

I just successfully upgraded my Ubuntu 6.04 LAMP Server to 8.04 using the following instuctions from UbuntuForums:

I copied this list to my sources.list:
Code:
deb http://archive.ubuntu.com/ubuntu dapper main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu dapper-updates main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu dapper-security main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu dapper-proposed main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu dapper-backports main restricted universe multiverse
Don't ask me why my old locations didn't work, they just didn't.

I verified that my current install was completely up to date:
Code:
sudo aptitude update
sudo aptitude upgrade
sudo aptitude dist-upgrade
Install the server-based update utility (This is the core of update-manager and the release upgrade utility):

Code:
sudo aptitude install update-manager
worked for me (after mounting the 6.04 ISO to '/cdrom/').
start the upgrade using:
Code:
sudo do-release-upgrade
My results:

/etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION=”Ubuntu 8.04″

Steps for New Ubuntu 9.10 Users

Found this excellent blog posting to help new users to Ubuntu 9.10 get up and running with full multimedia support including DVD and Windows video formats.

Tuesday, November 3, 2009

Alarm Clock/Scheduler with GUI Interface

Those Ubuntu guys have thought of everything (should - "they" includes just about every user out there! :) )

To install this handy alarm clock application, go to the terminal and type:
sudo apt-get install alarm-clock

That's it. Configure it in Applications > Alarm Clock.

Monday, November 2, 2009

Formatting USB Drive to NTFS

First off, NTFS is only recommended if you're copying large (>2GB files to/from Windows machines on a regular basis. Here's how I found to do it (YMMV):

1. Install Gnome Partition Editor (gparted)
2. Install 'ntfsprogs'
3. Open Partition Editor and select your desired drive to format.
4. (Optional) Remove any unnecessary partitions, create a new one.
5. Right click and select the format you'd like to apply. (NTFS should be available)
6. Apply changes.

That's it.

I got this info from here.

Adding MP3 Info to Nautilus Columns

Found this tasty tidbit on the Ubuntu Forums. It lets you add MP3 info to the visible columns of Nautilus. Of course, this might be obsolete with Ubuntu 10.04. We'll see...

Here's the deb I used for Ubuntu 9.04.