Monday, December 9, 2013

CubieTruck - Assembled

I assembled my CubieTruck in its case last night. My first experience was 99% fine, but one of the screws supplied is dodgy and won't work with the board. Lucky for me, I'm a hoarder of such things and have spares lying around.
CubieTruck assembled in its clear case in front of the box it arrived in.
CubieTruck assembled.
I like the way the 2.5" HDD sits inside the case, was not expecting it to be so neat.
CubieTruck with 2.5" HDD under the board
CubieTruck with 2.5" HDD sitting under the board.

Posted by at No comments:
Labels:

Friday, November 8, 2013

Use SSH Keys (public key cryptography) to connect on your LAN

Learning by example: (and borrowing from the Arch wiki)

I want to connect to my desktop from my htpc.
Assuming that openssh is installed and the daemon is running, and that /etc/ssh/sshd_config is configured to your satisfaction.

Issue the following command to create a 521 bit long public/private ECDSA key pair with an extended comment on the HTCP.

htpc $ ssh-keygen -t ecdsa -b 521 -C "$(whoami)@$(hostname)-$(date -I)"

Authorized_keys file

In order to connect from the htpc, the desktop must have a copy of the htpc's public key in its ~/.ssh/authorized_key file. Use whatever method you have available to get a copy of the id_ecdsa.pub to the desktop.

desktop $ scp david@htpc:/home/david/.ssh/id_ecdsa.pub /home/david/tmp

Then import this public key into the ~/.ssh/authorized_keys file.

desktop $ cat ~/tmp/id_ecdsa.pub >> ~/.ssh/authorized_keys
desktop $ rm ~/tmp/id_ecdsa.pub

Known_hosts

Upon your first connection to the desktop, you will see the following

htpc $ ssh david@desktop
The authenticity of host 'desktop (192.168.1.110)' can't be established.
ECDSA key fingerprint is 61:3e:e6:40:29:d7:d8:dc:db:f8:0b:d9:74:c5:d6:6f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'desktop,192.168.1.110' (ECDSA) to the list of known hosts.
Enter passphrase for key '/home/david/.ssh/id_ecdsa':

This creates an entry in /home/david/.ssh/known_hosts which will allow connections to desktop.
Posted by at No comments:
Labels: , , ,

Saturday, October 26, 2013

Shepherd cron job for MythTV

This cron job is run as my regular user, the same one who uses MythFrontend

$ crontab -l
36 * * * * nice ~/.shepherd/shepherd --daily --quiet && nice /usr/bin/mythfilldatabase --update --file --sourceid 1 --xmlfile ~/.shepherd/output.xmltv --quiet 2>&1> /dev/null
Posted by at No comments:
Labels: , , , ,

Monday, September 23, 2013

my .conkyrc file

# Conky, a system monitor, based on torsmo
#
# Any original torsmo code is licensed under the BSD license
#
# All code written since the fork of torsmo is licensed under the GPL
#
# Please see COPYING for details
#
# Copyright (c) 2004, Hannu Saransaari and Lauri Hakkarainen
# Copyright (c) 2005-2010 Brenden Matthews, Philip Kovacs, et. al. (see AUTHORS)
# All rights reserved.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

background yes
use_xft yes
xftfont HandelGotD:size=8
xftalpha 0.2
update_interval 5
total_run_times 0
own_window yes
own_window_transparent yes
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager
own_window_argb_visual true
double_buffer yes
#minimum_size 275 5
#maximum_width 275
minimum_size 320 800
maximum_width 320
draw_shades no
draw_outline no
draw_borders no
draw_graph_borders no
default_color white
default_shade_color black
default_outline_color green
alignment top_right
gap_x 10
gap_y 40
no_buffers yes
uppercase no
cpu_avg_samples 2
net_avg_samples 1
override_utf8_locale yes
use_spacer right

TEXT




${alignc}${time %a, %b %d %Y}
${offset 30}${font Dejavu Serif:size=20}${time %I:%M %p}${font}


CPU:1  ${cpu cpu1}% ${cpubar cpu1}
CPU:2  ${cpu cpu2}% ${cpubar cpu2}


${color white}RAM ${color} $alignr $mem / $memmax
$membar
${color white}SWAP ${color} $alignr $swap / $swapmax
$swapbar


${color white}/ ${color} $alignr ${fs_used /} / ${fs_size /}
${fs_bar /}
${color white}Home ${color} $alignr ${fs_used /home/david} / ${fs_size /home/david}
${fs_bar /home/david}
${color white}Movies ${color} $alignr ${fs_used /home/david/Movies} / ${fs_size /home/david/Movies}
${fs_bar /home/david/Movies}
${color white}Music ${color} $alignr ${fs_used /home/david/Music} / ${fs_size /home/david/Music}
${fs_bar /home/david/Music}
${color white}MythTV ${color} $alignr ${fs_used /MythTV} / ${fs_size /MythTV}
${fs_bar /MythTV}
${color white}TV Series ${color} $alignr ${fs_used /home/david/TVseries} / ${fs_size /home/david/TVseries}
${fs_bar /home/david/TVseries}

${color white}Processes: Total | Running
${color white}Processes:$color $processes  | $running_processes

Top Processes

CPU $alignr CPU%
${top name 1}$alignr${top cpu 1}
${top name 2}$alignr${top cpu 2}
${top name 3}$alignr${top cpu 3}
${top name 4}$alignr${top cpu 4}

MEM $alignr MEM%
${top_mem name 1}$alignr${top_mem mem 1}
${top_mem name 2}$alignr${top_mem mem 2}
${top_mem name 3}$alignr${top_mem mem 3}
${top_mem name 4}$alignr${top_mem mem 4}


IP on eth0 $alignr ${addr eth0}

Down $alignr ${downspeed eth0}/s
${color green}${downspeedgraph eth0}${color}
Up $alignr ${upspeed eth0}/s
#${color green}${upspeedgraph eth0 16,200}${color}
${color green}${upspeedgraph eth0}${color}

# Arch RSS feed
#${rss https://planet.archlinux.org/rss20.xml 1 item_titles 10 }
Posted by at No comments:
Labels:

Tuesday, July 16, 2013

Adding bittorrent ports to my iptables

I accessed my router and did the port forwarding necessary to allow my bittorrent client (transmission) to seed properly, but I also needed to add a rule to my iptables to allow the traffic through.

My setup is

Internet     ->     Hardware Router        ->     Linux Desktop
                    with port forwarding          Client
                    enabled


I began by backing up my current iptables file

$ sudo cp /etc/iptables/iptables.rules /etc/iptables/iptables.rules.20130716


I am using Arch Linux Simple Stateful Firewall along with Transmission bittorrent client. The default port is 51413, so I needed to perform the following commands:

$ sudo iptables -A TCP -p tcp --dport 51413 -j ACCEPT
$ sudo iptables -A TCP -p tcp --sport 51413 -j ACCEPT
$ su -c "iptables-save > /etc/iptables/iptables.rules"
Password:
$ sudo systemctl restart iptables.service

If I want to revert back to my old rules (which block port 51413) I can issue the command

$ sudo iptables-restore < /etc/iptables/iptables.rules.20130716
$ su -c "iptables-save > /etc/iptables/iptables.rules"
Password:
$ sudo systemctl restart iptables.service
Posted by at No comments:
Labels: , , ,

Friday, May 24, 2013

Rip CDs to flac on Linux with Morituri and verify with accuraterip

I want to rip my cd collection accurately, so I use Morituri from the command line. It's a very simple process, which will use MusicBrainz to populate the artist and track information.

Firstly find your drive offset either from this list of drive offsets or use Morituri with a cd in the drive

$ rip offset find

 Once the offset is established (for example +48), rip the cd with the following command

rip cd --device /dev/cdrom rip --offset 48

For a different naming convention, I prefer

$ rip cd rip --offset 48 --track-template="%A/%A - %d/%t - %a - %n" --disc-template="%A/%A - %d/%A - %d"
Posted by at No comments:
Labels: , , , , , ,

Saturday, May 18, 2013

Samba blocked - smbclient returns Error for a configured user

I was getting two errors,

$ smbclient -L hostname -U%
params.c:OpenConfFile() - Unable to open configuration file "/etc/samba/smb.conf":
    No such file or directory
smbclient: Can't load /etc/samba/smb.conf - run testparm to debug it
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.0.5]
tree connect failed: NT_STATUS_ACCESS_DENIED

and

$ smbclient -L hostname --user username
params.c:OpenConfFile() - Unable to open configuration file "/etc/samba/smb.conf":
    No such file or directory
smbclient: Can't load /etc/samba/smb.conf - run testparm to debug it
Connection to hostname failed (Error NT_STATUS_CONNECTION_REFUSED)

The first error was due to samba not being public and therefore i needed to specify a samba username (who must also be a system user, see here) who was granted samba permissions.

The second error I was receiving simply because I had my firewall set using iptables, and had not opened the correct ports for samba!

I performed the following commands and corrected it.
  1. sudo iptables -A TCP -p tcp --dport 139 -j ACCEPT
  2. sudo iptables -A TCP -p tcp --dport 445 -j ACCEPT
  3. sudo iptables -A UDP -p udp --sport 137 -j ACCEPT
  4. sudo iptables -A UDP -p udp --dport 137 -j ACCEPT 
  5. sudo iptables -A UDP -p udp --dport 138 -j ACCEPT 
  6. su -c 'iptables-save > /etc/iptables/iptables.rules'
This opens the samba ports and then saves the rules to the iptables config file. Finally, restart the iptables service. For Arch, this is
  • sudo systemctl restart iptables.service
Done. Now my correctly configured /etc/samba/smb.conf file is enough to grant me access to my shares.
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)