Posts Tagged ‘SSH’

Ubuntu, FreeNX, and Thin Pipes

Friday, March 9th, 2007

My mother-in-law has been fighting the battle of thin pipes for as long as she has been paying for Internet access and every year SNET-SBC-AT&T sends her a letter that gets her hopes up that the DSL fairy set up a repeater to light up her neighborhood. Each and every year she learns that there is no DSL fairy. So I’ve been trying to think of every concievable method to get her broadband for a reasonable price. Comcast wants some $70 a month and the municipal wi-fi in Hartford went dark as soon as it went live all of which leaves her living online at the brutal speed of 50.0 kpbs. Yesterday, though, I might have come up with a slightly workable solution that at least gives her the feeling of faster speeds: a terminal server running on my 6MB pipe.

After looking at various implementations, including LTSP, I settled on the stupid simple setup of FreeNX mainly because it was easy and made use of my OpenSSH server. The Ubuntu wiki had fairly solid instructions and the only challenge I had was adding Seveas’ Packages–most of the mirrors were handing out 404’s. For myself, the benefits are that I do not need to run Putty + TightVNC anymore as the FreeNX runs on top of SSH but the downside is that the FreeNX client needs to be installed on the machine in a Windows environment so I’ll need to look at alternatives including QEMU + Puppy Linux.

In testing I found the performance to be astounding if I am on a broadband connection responding with barely any lag and the same is true for my mother-in-law’s connection except when surfing. Surfing, obviously with all the screen refreshes, is only a minimally faster experience, but possibly with some tweaking we can squeeze a little more performance out of it. The goal is to make little things like online banking and shopping a little less painful with pages timing out because her connection is taking to long to pull data down and with our quick test FreeNX does seem to alleviate this problem a smidgen.

If anything, FreeNX gives me a better tool to hit my server and do work GUI style, like tacking my miserably tagged music collection, with a fast connection it is a blissful way to connect and do a little work.

Tags: , , ,
Posted in Linux | Comments Off

mt-daapd, SSH, iTunes or Winamp, and You!

Wednesday, December 6th, 2006

Today was a bit of a slow day–I still cannot get Media Center 11 to run under Wine–so I thought I might give a shot to get mt-daapd to serve up files to a daap enabled client on Windows. iTunes is the obvious choice for a client but the UI sucks so bad that I want to slam my hands in a drawer and staple my eyes shut but luckily a kind soul has made a plugin for Winamp which makes me happy.
Here’s how it went down:

Server Side:

  • Make sure you are running SSH and if your not ask yourself why.
  • Grab mt-daapd and take care of any dependencies:

    libsqlite0
    libsqlite0-dev
    gawk
    gcc (this will install gcc-4.0)
    libid3tag0-dev
    libgdbm-dev

  • Edit /etc/mt-daapd.conf to your liking such as mp3_dir and servername
  • Grab Avahi and take care of any dependencies:

    avahi-daemon
    avahi-utils
    libnss-mdns

  • Edit /etc/nsswitch.conf to ensure that mdns is on the hosts line:

    hosts: files dns mdns

  • Give dbus a kick: sudo invoke-rc.d dbus restart
  • Get your avahi-daemon running: sudo invoke-rc.d avahi-daemon start
  • Fire up mt-daapd: sudo mt-daapd

Client Side

  • Get yourself a copy of iTunes, only if you are a masochist, or snag Winamp with the DAAP plugin if you love yourself.
  • Install Rendezvous Proxy and configure it (you need this to fool the client into thinking that the mt-daap server is on the same subnet):

    IP Address – 127.0.0.1
    Port – 3689
    Host Label – Your_DAAP_Server_Name_Here
    Service Type – daap

  • Set up a tunnel with Putty for port 3689, which is just like doing it for TightVNC.
  • Fire up iTunes or Winamp and wait for it to stumble onto your DAAP shares.

Well, that’s it in a nutshell.

Cribbed from James Henstridge’s write up about Avahi on Breezy, this thread, and this one.

**Update**

If Avahi seemingly won’t start check /etc/default/avahi-daemon and make sure it reads: AVAHI_DAEMON_START=1

Tags: , , , , , , ,
Posted in Linux, Music | 2 Comments »

Backup and Restore In Ubuntu

Friday, November 24th, 2006

So I finally got around to installing 6.10 on Management’s laptop and it was a dream now that I finally took the time to hammer out backup and restore scripts (Ted Ruegsegger has a great write up that I cribbed from to do this). Now, some people might be asking, “Why not just do an in place upgrade?” Good question, and my answer is cruft.

One of the things that I have noticed is that in place upgrades greatly increase the amount of depreciated config files and general cruft with the system and while performing one is pretty damn convenient it takes just about the same amount of time as installing the latest version, particularly since I go through the process of backing up the user directories.

Here’s the backup script I run:

cd /home
rsync -e ssh -av –delete –delete-excluded \
–exclude “tmp” \
–exclude “[cC]ache” \
–exclude “.Trash” \
me me@my.SSH-server.name:/home/me/backups

It would be nice to add this script to my Cron jobs but since this is a laptop I made a menu item so it can be run whenever I remember. Also, I have it run in a terminal and added the verbose switch so I can have the warm and fuzzies of a visual indication that something is happening.

To restore files, it is as simple as running the backup in reverse from /home:

rsync -e ssh -av me@my.SSH-server.name:/home/me/backups/me .

With Management’s laptop, I ran the restore right after I logged in and setup SSH with a pre-shared key. The catch was after the restore was done I needed to log out and back in for all the settings to work (killall gnome-panel just sort of made things wonky). All in all, the upgrade took about 2 hours from start to finish with no hiccups.

Tags: , , , ,
Posted in Linux | Comments Off

Considering The SOHO

Tuesday, November 14th, 2006

When not scraping, sanding, painting, and generally following orders from Management, my time is backfilled and my bank account is padded by doing help desk work on the side, usually cleaning up Windows boxes that have been neglected and abused as well as the occasional hardware upgrade for the tech phobic, but the best work are the small offices that I maintain as these are the places where the dollars need to be stretched for the greatest return.

At the moment I have one client with a very small office that when set up was configured like a home network with an emphasis on ease of use over security. The result is two Windows 2000 PCs and one Windows XP laptop joined by a password free Workgroup and connected to a cable modem through an aging Linksys router. The PCs themselves are getting long in the tooth having been purchased some six years ago and to add insult to injury he has been battling virus outbreaks with increasing regularity. I make sure that he stays on top of definitions and patches but the network itself is inherently insecure and added to that both machines are logged into as local admins.

Current Configuration
Plain vanilla SOHO

He has given me a list of things he would like to see implemented when or if he proceeds with upgrading or reconfiguring the existing network including somethings I would file under necessity: automated backup plan, network firewall solution, and centralized and secure file sharing. While 2000 is still a serviceable OS, I’m leaning towards recommending that he purchase two machines to replace those boxes and to go with XP Professional, skipping Vista for now. Surprisingly, I’m not recommending he deploy Ubuntu, SUSE, or Fedora for the simple fact that it might be too much change for him and his employees and XP, when configured properly, is a fairly rock-solid OS.

The first possible configuration maintains the general layout of the network but would allow for remote administrative access as well as centralized file sharing and automated backups by redeploying one box to act as an SSH and file server.

Configuration One
Slightly more complicated…

The purple lines represent an SSH tunnel, the red is vnc, and the blue for file sharing and backups, and you can plainly see what my choice for the server OS. This configuration is most likely the one he will sign off on as the topology closely resembles what he has grown accustomed to but I do have a second configuration in mind to further enhance security.

Configuration Two
Just a little more complicated…

The inclusion of the Smoothwall appliance will go a long way in enhancing security, particularly if I shift tactics and push that they log into their PCs as regular users and reserve the admin account for special cases. The Smoothwall appliance can also be deployed on the remaining 2000 PC to make better use of the hardware with the only cost being replacing the router with a switch.

All things considered, I think that the two options make the best use of his money and could go a long way in enhancing the security of his network as well as functionality. We’ll see what he goes with.

Tags: , , , , , , ,
Posted in Hardware | Comments Off

SSHFS, Ubuntu, and You!

Wednesday, July 5th, 2006

Late to the part as usual. However, this has to be the coolest thing since sliced bread and it beats Samba in so many ways I can barely contain myself. The last couple of weeks have seen me become a bit of a SSH junkie, I’ve been running OpenSSH for well over a year but never really leveraged it to do more than shell into the server to check system mail and do general maintenance but after my successful PuTTY and TightVNC experiment I figure it was worth checking out what else I can do with it.

Michuk posted an article over at jakilinux.org that outlined some of the basics, like remote applications using X forwarding, but it was the chunk on SSHFS that really tickled my fancy. Samba shares are nice but brutally slow for copying files so most of the time I rely on SCP but that can be tedious, in my limited opinion, if you are looking for patterns or moving large amounts of scattered data. Enter SSHFS which allows you to mount remote folders via SSH and have all the security and speed.

My goal was to have my music available to Beep Media Player, which didn’t recognize Samba shares, and to potentially speed up Rhythmbox’s cataloging which is brutally slow over Samba. Needless to say it is stupid simple. Check it out:

Execute the following commands:

you@yourbox:/$ sudo apt-get install sshfs
you@yourbox:/$ sudo nano /etc/modules

Add fuse to the list, save and close.

Add yourself to the fuse group under System–> Administration–> Users and Groups.

Logout and back in.

Create a mountpoint and take ownership of it:

you@yourbox:/$ sudo mkdir /mnt/my-share-name-here
you@yourbox:/$ sudo chown myname /mnt/my-share-name-here

Here’s the magic:

you@yourbox:/$ sshfs you@remote-pc:/your-remote-share /mnt/my-remote-share-name-here

When you are all done don’t forget to clean up after yourself:

you@yourbox:/$ fusermount -u /mnt/your-remote-share

Super easy, super simple, fast, and secure. Here are a couple of more resources that I used as references when doing this: Ubuntu Forums HOWTO, and Ubuntu.wordpress.com.

Tags: , , ,
Posted in Linux | 4 Comments »

TightVNC, SSH, PuTTY, and You!

Tuesday, June 27th, 2006

So this morning I was in a bind, I’m sitting at work and wanted to listen to my music collection at home but my player was telling my that the share didn’t exist, to fix it I needed to reboot the box. Since the collection is served up by Media Jukebox it is housed on a Windows box which further complicates matters because I have no real command line tools at my disposal, the only way I can interact with the box is through TightVNC. Now, TightVNC is running on all the boxes but when I installed the new router I made the conscious decision not to punch the ports for it so I’m back to square one. Enter PuTTY and SSH.

While at work I use PuTTY to connect to my server at home, it is all command line which is fine for nearly 99.9% of the tasks I perform but when I have to administer that one lone Windows PC I’m out of luck. So to work on that box I’ll either need to punch holes or set up a tunnel using SSH and PuTTY. I opted for the latter which proved to be so easy I was surprised. The University of Stockholm has a well written tutorial on it that I used to get things rolling in under five minutes.

The key point to remember is that the tunnel needs to be configured from the perspective of the host machine so the default TightVNC settings would be localhost:5900.

PuTTY Tunnel

Then all you need to do is setup the session like you normally would, connect, log in, then launch TightVNC and point it towards localhost and viola! Now I just need to think of other applications where tunneling would be handy–secure surfing at Internet cafes come to mind.

Tags: , , , ,
Posted in Linux | 2 Comments »