Posts Tagged ‘Windows’

« Older Entries

Encryption, USB Drive, Ubuntu, Windows, and You!

Thursday, May 24th, 2007

The other day I though I had lost my USB drive, a janky Kingston 1GB stick with no keychain holder that is temporarily replacing my burned out JumpDrive Sport. Deep sets of panic waves overtook me for most of the morning as I wracked my brain and retraced my steps trying to remember where I could have left it or dropped it. The reason that I was panicking was that I carry some quasi-sensitive data on there like the household budget and short stories I’m working on. No bank numbers or SSNs, just stuff that I don’t want people seeing.

Well, I did end up finding the drive wedged in the back seat of Management’s car but I learned an important lesson: if you are going to carry important data with you back it up and encrypt it. I already have the backup part down and have been doing it ever since my first USB drive crapped out on me and I lost piles of data but encryption was something I never got around to until now. The challenge is that I use Ubuntu at home (100% Windows free as of 60 days ago!) and by day I play at being a Windows sysadmin so I need a solution that works cross platform.

My first visit was to the TrueCrypt folks and while they make a fine product that for all intents and purposes worked well on my work box but completely borked the drive for my laptop. So I decided to approach the task from the Linux side looking for native solutions that had counterparts in the Windows world and LUKS plus FreeOTFE did the trick with a minimum of fuss.

On the Ubuntu side:

  • Grab cryptsetup and cryptmount: sudo apt-get install cryptsetup cryptmount
  • Wipe the disk or make some partitions: sudo cfdisk /dev/sdb [NOTE: check your drive's actual path with dmesg as you don't want to be wiping something like your primary drive]
  • Create an encrypted partition: sudo luksformat /dev/sdb [NOTE: pick a passphrase that you can remember because if you forget it kiss your data goodbye]

Now, because I’m plain lazy I rebooted to get the modules running that are related to reading the new encrypted volume but after that when I popped my drive in it asked for my passphrase and then mounted it for me to work on it to my heart’s delight.

On the Windows side:

  • Plug in the USB drive and go to Computer Management >> Disk Management, find the drive, and remove the assigned drive letter, FreeOTFE will assign a free letter to the drive when it mounts it
  • Get a copy of FreeOTFE
  • Unzip it into a directory and start it in Portable Mode
  • File >> Linux Volume >> Mount partition and enter your passphrase
  • Enjoy!

Pretty straight forward.

Gratefully cribbed from carthik’s post at Ubuntu Blog and from FreeOTFE’s solid documentation.

Tags: , , , , ,
Posted in Linux | 19 Comments »

mt-daapd, SSH, iTunes or Winamp, and You!

Wednesday, December 6th, 2006

Today was a bit of a slow day–I still cannot get Media Center 11 to run under Wine–so I thought I might give a shot to get mt-daapd to serve up files to a daap enabled client on Windows. iTunes is the obvious choice for a client but the UI sucks so bad that I want to slam my hands in a drawer and staple my eyes shut but luckily a kind soul has made a plugin for Winamp which makes me happy.
Here’s how it went down:

Server Side:

  • Make sure you are running SSH and if your not ask yourself why.
  • Grab mt-daapd and take care of any dependencies:

    libsqlite0
    libsqlite0-dev
    gawk
    gcc (this will install gcc-4.0)
    libid3tag0-dev
    libgdbm-dev

  • Edit /etc/mt-daapd.conf to your liking such as mp3_dir and servername
  • Grab Avahi and take care of any dependencies:

    avahi-daemon
    avahi-utils
    libnss-mdns

  • Edit /etc/nsswitch.conf to ensure that mdns is on the hosts line:

    hosts: files dns mdns

  • Give dbus a kick: sudo invoke-rc.d dbus restart
  • Get your avahi-daemon running: sudo invoke-rc.d avahi-daemon start
  • Fire up mt-daapd: sudo mt-daapd

Client Side

  • Get yourself a copy of iTunes, only if you are a masochist, or snag Winamp with the DAAP plugin if you love yourself.
  • Install Rendezvous Proxy and configure it (you need this to fool the client into thinking that the mt-daap server is on the same subnet):

    IP Address – 127.0.0.1
    Port – 3689
    Host Label – Your_DAAP_Server_Name_Here
    Service Type – daap

  • Set up a tunnel with Putty for port 3689, which is just like doing it for TightVNC.
  • Fire up iTunes or Winamp and wait for it to stumble onto your DAAP shares.

Well, that’s it in a nutshell.

Cribbed from James Henstridge’s write up about Avahi on Breezy, this thread, and this one.

**Update**

If Avahi seemingly won’t start check /etc/default/avahi-daemon and make sure it reads: AVAHI_DAEMON_START=1

Tags: , , , , , , ,
Posted in Linux, Music | 2 Comments »

Media Jukebox, Wine, Ubuntu, and Me!

Tuesday, December 5th, 2006
Media Jukebox on Ubuntu 6.10

Media Jukebox is a nice start but only if I could figure out how to keep Media Center 11 from endlessly crashing.

Tags: , , ,
Posted in Linux | Comments Off

Considering The SOHO

Tuesday, November 14th, 2006

When not scraping, sanding, painting, and generally following orders from Management, my time is backfilled and my bank account is padded by doing help desk work on the side, usually cleaning up Windows boxes that have been neglected and abused as well as the occasional hardware upgrade for the tech phobic, but the best work are the small offices that I maintain as these are the places where the dollars need to be stretched for the greatest return.

At the moment I have one client with a very small office that when set up was configured like a home network with an emphasis on ease of use over security. The result is two Windows 2000 PCs and one Windows XP laptop joined by a password free Workgroup and connected to a cable modem through an aging Linksys router. The PCs themselves are getting long in the tooth having been purchased some six years ago and to add insult to injury he has been battling virus outbreaks with increasing regularity. I make sure that he stays on top of definitions and patches but the network itself is inherently insecure and added to that both machines are logged into as local admins.

Current Configuration
Plain vanilla SOHO

He has given me a list of things he would like to see implemented when or if he proceeds with upgrading or reconfiguring the existing network including somethings I would file under necessity: automated backup plan, network firewall solution, and centralized and secure file sharing. While 2000 is still a serviceable OS, I’m leaning towards recommending that he purchase two machines to replace those boxes and to go with XP Professional, skipping Vista for now. Surprisingly, I’m not recommending he deploy Ubuntu, SUSE, or Fedora for the simple fact that it might be too much change for him and his employees and XP, when configured properly, is a fairly rock-solid OS.

The first possible configuration maintains the general layout of the network but would allow for remote administrative access as well as centralized file sharing and automated backups by redeploying one box to act as an SSH and file server.

Configuration One
Slightly more complicated…

The purple lines represent an SSH tunnel, the red is vnc, and the blue for file sharing and backups, and you can plainly see what my choice for the server OS. This configuration is most likely the one he will sign off on as the topology closely resembles what he has grown accustomed to but I do have a second configuration in mind to further enhance security.

Configuration Two
Just a little more complicated…

The inclusion of the Smoothwall appliance will go a long way in enhancing security, particularly if I shift tactics and push that they log into their PCs as regular users and reserve the admin account for special cases. The Smoothwall appliance can also be deployed on the remaining 2000 PC to make better use of the hardware with the only cost being replacing the router with a switch.

All things considered, I think that the two options make the best use of his money and could go a long way in enhancing the security of his network as well as functionality. We’ll see what he goes with.

Tags: , , , , , , ,
Posted in Hardware | Comments Off

Welcome PenguinTV Users!

Saturday, August 19th, 2006

PenguinTV graciously gave a shout out to the head-to-head I posted last month between it and Democracy Player. Having fully drank the Kool-Aid on the earlier versions of PenguinTV, nothing has changed my opinion except that 2.0.1 sees the product becoming increasingly polished with every iteration and in the past month it has become my only media RSS reader. Which brings me to my next point: what is keeping me from going back to Windows.

Over at Ubuntu Forums the topic of what keeps people from fully switching to a Linux distro flares up now and then, with some threads staying alive seemingly forever. The most common refrain is applications, with the charge of Windows having the “Best of Breed” often bandied about and occasionally drivers is offered as a fallback. The thing of it is that the same reasons can be offered up for why I won’t switch back. Windows doesn’t have Liferea, PenguinTV, F-Spot, Totem, SSHFS, or Apt and those six applications have so fully entrenched themselves in my computing life that I would find it hard to go back to Windows. Sure, I can hunt around for replacements–RSS Owl comes to mind–but why would I want to when I have an OS that Just Works® with a minimum of fuss?

With my distro of choice, Ubuntu, I can do whatever I want and do it with a high level of ease and convenience. Run a webserver? No problem! Database server? Yup! Secure tunnel to file system? Got it! In my life as a Windows Sysadmin these services are both expensive procure and configure and like most people I don’t have the cash to burn to grab a license of Server 2003 and SQL 2005. Thanks to the FLOSS community I can have enterprise grade services at my fingertips when, where, and how I want and all the while run it on an older PC that would have just sat around for spare parts.

So, thanks to all the folks that make my computing life possible.  Without each and everyone of you it wouldn’t be as enjoyable and productive as it is now. Special thanks to Owen Williams for making PenguinTV to organize my messy and myriad media feeds.

Tags: , , ,
Posted in Linux | Comments Off

Sendmail Relay To Exchange Server

Thursday, July 20th, 2006

Done (thanks to this thread).

#sudo nano /etc/mail/sendmail.cf

search for DS

# “Smart” relay host (may be null)
DSfoo.domain.bar [Note! There is no space between DS and the domain.)

#sudo /etc/init.d/sendmail restart

Now I can spend my time playing with Joomla!

Tags: , , , ,
Posted in Linux | 2 Comments »

« Older Entries