I use many of these commands quite often. They’re immensely helpful when one wants to do a lot of remote work on a computer, or simply access resources on a remote machine (Linux or otherwise). (FYI: OpenSSH may be installed on Windows machines if anyone does not have a home Linux box to receive SSH sessions, and may use PUTTY to SSH from a Windows machine).

1. Using a Hauppauge HVR-1950 on one of my home machines, I often watch TV on my computer. If I ever want to watch remotely, I set VLC to stream the feed from the capture device (addressing it as a PVR on /dev/video0) using an OGG codec to the local IP address on a specific port number, then SSH to the same box from the outside with the following command:

ssh MyPublicIPAddress -p 12345 -L 6500:192.168.0.10:2503 -o TCPKeepAlive=yes -o ServerAliveInterval=30

This command will SSH to my home public IP on my alternate SSH port and listen locally (client side) on port 6500 and forward the traffic requests (encrypted via the SSH tunnel) to my local server on 192.168.0.10 on port 2503 (the port I configured VLC to stream on from the server with the Hauppauge device). When I launch VLC on my client and engage a network connection on 127.0.0.1 on port 6500 (using VLC menu option ctrl-N) — poof — TV appears on my remote PC.

2. Local port redirects: Using this example:

ssh MyPublicIPAddress -p 12345 -L 7000:192.168.0.12:5900 -D 15000 -L 6000:192.168.0.25:3389 -o TCPKeepAlive=yes -o ServerAliveInterval=30

This is really an extension of concepts explained in item #1. With SSH you can forward any local port to any remote port on the other side, and funnel encrypted traffic to any computer running any OS on the SSH server side. So to VNC to a home machine from a remote location, simply SSH to your home machine (may require port forwarding and/or port knocking) and divert local port traffic to a remote server of your choice.

Note the -D 15000, allows for a SOCKS PROXY, which routes any application’s traffic using SOCKS out of your SSH’ed connection. For example, you can engage a SOCKS proxy on Firefox and then check your public IP address (by going to whatismyip.com) and you’ll see that while your real public IP may be one address, all your browser traffic is routed through your home connection.

There’s a lot to say on this subject (for example DNS translations are not routed by default through the tunnel) and other nuances. Google “SOCKS PROXY SSH DNS” for more info. This link may offer some further assistance.

There are other complications, in that it’s not easy to route operating system DNS requests (outside of the Firefox browser) through SSH, primarily because DNS runs on UDP port 53. I do not believe SSH will natively handle UDP port rerouting, though I’ve seen some creative solutions with netcat and mkfifo.

Also I have read (in the man pages) that Chrome supports SOCKS, I have read running Chrome with –proxy-server=<host>:<port>. For example when running the browser, google-chrome –proxy-server=”socks://foobar:1080″(with quotation marks), assuming that foobar is 127.0.0.1 (assuming you used a -D option for dynamic port forwarding) and port 1080 was the destination port at the end of your -L port:host:port command switch. Check the google-chrome man page for more details.

In the same example used above (copied below for convenience), once I connect to my home SSH box via MyPublicIPAddress, I simply have to engage a VNC viewing session to my own client (localhost) on port 7000, and it’ll route to the IP address of my choice inside my home network, in this case 192.168.0.12. VNC defaults to answering on port 5900. Multiple -L’s may be added to route many protocols (RDP, VNC, VLC, NFS, Web (80), even e-mail ports) to various machines on the local network.

In the example below I’ve added a second -L option routing traffic from my local client on local port 6000 to another machine (192.168.0.25) in my home network on port 3389 (the Windows RDP port). In that scenario, running (in Windows) mstsc /v:localhost:6000 would allow me to RDP to my home machine, 192.168.0.25. In Linux, I would run rdesktop localhost:6000.

ssh MyPublicIPAddress -p 12345 -L 7000:192.168.0.12:5900 -D 15000 -L 6000:192.168.0.25:3389 -o TCPKeepAlive=yes -o ServerAliveInterval=30

2a. An extension of the port redirect function of SSH in #2, I’ve written a post on dynamically adding port redirects without having to kill an SSH session to add the new redirects, instead add them on the fly: Click here for the post.

3. SSHFS. Not much to say about it here, simply check my full writeup on the subject.

There are many others that you can find on commandlinefu.com, including one using port knocking.

Share!

• 

40 years ago today at about 9pm on October 29, 1969 , two programmers sat 400 miles apart and sent information between their two computers. The first word, “LOGIN” was sent at that time. Well, actually only “LO” was sent, before the Stanford Research Institute computer crashed. They worked on the problem and about 90 minutes later at around 10:30pm, the full word LOGIN was sent to the other computer: and the precursor to what we now know as the Internet was born.

SRI, then known as the Stanford Research Institute, hosted one of the original four network nodes, along with the University of California, Los Angeles (UCLA), the University of California, Santa Barbara (UCSB), and the University of Utah. The very first transmission on the ARPANET, on October 29, 1969, was from UCLA to SRI.

ARPAnet evolved into what soon became the Internet that we all know, love and depend on for information and freedom of expression.

Enjoy some links on the subject.

Computer History Museum

The History of ARPAnet

The first schematic of the original ARPAnet

An article on the 40th anniversary including a map which overlays the schematic from the link above.

Wikipedia article on the subject.

Share!

• 

When you want the current weather conditions without having to visit a graphically busy weather website, or without the benefit of a GUI (say working a shell), a great app will give you the weather conditions in no time, just by typing weather at the command prompt.

Simply sudo apt-get install weather-util, and set up the .weatherrc file, and you’ll have instant local weather, plus you can set up presets for weather at [work], [home] or [elsewhere], so you can get the weather for any city.

Google “weather-util” for more links on the subject. The application’s home page is here.

Here’s some sample output:

$ weather
Current conditions at Raleigh-Durham International Airport (KRDU)
Last updated Jun 04, 2008 - 01:51 AM EDT / 2008.06.04 0551 UTC
   Wind: from the S (180 degrees) at 10 MPH (9 KT)
   Sky conditions: mostly cloudy
   Temperature: 72.0 F (22.2 C)
   Relative Humidity: 73%
City Forecast for Raleigh Durham, NC
Issued Wednesday morning - Jun 4, 2008
   Wednesday... Partly cloudy, high 67, 20% chance of precipitation.
   Wednesday night... Low 96, 20% chance of precipitation.
   Thursday... Partly cloudy, high 71, 10% chance of precipitation.
   Thursday night... Low 97.
   Friday... High 72.

Share!

• 

For those that prefer detachable Screen sessions with multiple windows in shell and want to run instant message chat sessions in CLI without the hassle of Xwindows … CenterIM is for you.

CenterIM is a pretty robust instant messaging client that runs entirely out of your command prompt. Simply sudo apt-get install centerim and you’re ready to go. It takes a little getting used to, but all the files you need are held in your home directory under ~/.centerim . Every contact gets their own folder under .centerim and gets contact-specific chat history logs. The master config files are held in .centerim as well. The first time you run the application, it will show an options window allowing you to configure your preferences. If you delete config file, it will rerun the preferences dialog when you next run the application, however you can access and modify the options by hitting ‘g’ from the main chat window.

CenterIM supports ICQ, Yahoo!, AIM, MSN, IRC, Jabber, LiveJournal, and the Gadu-Gadu IM protocol as well. Anyone familiar with pico, nano or irssi will be right at home with CenterIM.

Share!

• 

With modern filesystems securely deleting files isn’t always easy, but one approach which stands a good chance of working is to write random patterns over all unused areas of a disk – thus erasing the contents of files you’ve previously deleted.

We all know that when you simply delete a file, it’s possible to recover it later. Sometimes this is useful, if you accidentally delete something important, but usually this is a problem, and you really want that file gone forever. I will explain here how to delete a file in linux securely and permanently, so it can never be recovered. In addition, I will show how to completely wipe previously-used (available) space which will often have complete files or file-remnants which can otherwise be recovered. This applies to hard drives, external USB drives, thumb drives, etc.

To wipe your available (free) disk space, you’ll want to install the secure-delete application. Not only will this application suite offer applications that will wipe files and free space, but it will also wipe your SWAP partition and your system memory (RAM). Wiping RAM is important for privacy as well, since many files are stored in RAM and can be retrieved even after the computer is shut down, right off the chip!

First, install the secure-delete suite of applications:

sudo apt-get install secure-delete

Then, to wipe your /home partition’s free space, for example:

sudo sfill /home

The sfill the program will fill up all free space on the designated mount point by creating a huge single file. The the contents of this file are written in a number of special steps – ensuring that all areas of the disk which were previously free have had their contents erased. Once completed, the large file is removed, restoring your free space. You can sfill any mount point. Type man sfill for more info and options.

The command to erase existing files is “srm”, short for “secure rm”. Simply type

srm filename

Where filename is the name of the file you want to securely wipe/delete. You can also use wildcards (e.g. srm filenam*)

To wipe your system’s memory (RAM) use this command:

sdmem

SDmem is short for secure delete memory. You can run the command by itself, or with options. Type man sdmem for more info.

Similarly, sswap will securely wipe your swap partition. You must unmount your swap partition before using this command otherwise your system will likely crash. Once the wipe is completed, you can remount your swap partition. Type man sswap for more info. To wipe your swap space simply type:

sswap /dev/sda8

/dev/sda8 is an example. To find your specific swap device, simply type sudo fdisk -l, or cat /proc/swaps which will list your partitions and their device labels. Also to unmount your swap space, simply type sudo swapoff /dev/sda8 and to remount it type, sudo swapon /dev/sda8.

Share!

• 

Ext2Read is an explorer like utility to explore ext2/ext3/ext4 partitions. It also supports Linux LVM2. It can be used to view and copy files and folders. It can recursively copy entire folders. It can also be used to view and copy disk and file system images. It also supports external USB drives. Works on all recent versions of Windows.

Download it here.

Share!

• 

CPULimit is an application for Linux that can limit the CPU usage of a process. It is useful if you want to restrict a particular application from taking up too much CPU resources and thereby crashing the system. This can also be useful when you need to run several intensive programs simultaneously.

This application runs on any distribution, but I’ll discuss its installation on Ubuntu:

sudo apt-get install cpulimit

Once installed, type this to restrict any already-running application’s CPU utilization:

sudo cpulimit -p PID -l CPU%

Where PID = the process ID and CPU% is the maximum percentage of the CPU allowed for use. For example:

sudo cpulimit -p 8992 -l 35

This will restrict process ID 8992 to no more than 35% of CPU’s availability.

(To see a list of your running processes you can just run the command TOP which will list your processes in order of CPU utilization).

Share!

• 

I found this thoroughly hilarious: Reason #43 why I use Linux. From Cup(Of T).

Look, it’s really not that hard.

Programs are still in the same place, in %ProgramFiles%, unless you need the 32 bit version, which is in %ProgramFiles(x86)%, except on a 32 bit machine, where it’s still %ProgramFiles%.

All those dll’s are still in %SystemRoot%\System32, just now they’re 64 bit. The 32 bit ones, they’re in %SystemRoot%\SysWOW64. You’re with me so far, right? Oh, and the 16 bit ones are still in %SystemRoot%\System – moving them would just be weird.

Registry settings are in HKLM\Software, unless you mean the settings for the 32 bit programs, in which case they’re in HKLM\Software\Wow6432Node.

So the rule is easy: stick to the 64 bit versions of apps, and you’ll be fine. Apps without a 64 bit version are pretty obscure anyway, Office and Visual Studio for example[1]. Oh, and stick to the 32 bit version of Internet Explorer (which is the default) if you want any of your add-ins to work. The ‘default’ shortcut for everything else is the 64 bit version. Having two shortcuts to everything can be a bit confusing, so sometimes (cmd.exe) there’s only the one (64 bit) and you’ll have to find the other yourself (back in SysWOW64, of course). And don’t forget to ‘Set-ExecutionPolicy RemoteSigned’ in both your 64 bit and 32 bit PowerShell environments.

Always install 64 bit versions of drivers and stuff, unless there isn’t one (MSDORA, JET), or you need both the 32 bit and 64 bit versions (eg to use SMO / SqlCmd from a 32 bit process like MSBuild). Just don’t do this if the 64 bit installer already installs the 32 bit version for you (like Sql Native Client).

Anything with a ‘32’ is for 64 bit. Anything with a ‘64’ is for 32 bit. Except %ProgramW6432% which is the 64 bit ProgramFiles folder in all cases (well, except on a 32 bit machine). Oh and the .net framework didn’t actually move either, but now it has a Framework64 sibling.

I really don’t understand how people get so worked up over it all.

[1] Ok, so there is a 64 bit version of Office 2010, but given the installer pretty much tells you not to install it, it doesn’t count.

Via Cup(Of T).

Share!

• 

Many administrators must work in multiple operating systems, such as Windows, Linux, Solaris, Unix, etc, one of the most common among them being Windows.

As I’ve often stated I prefer Linux, using Windows only when I must. However, from an administrative perspective it’s really helpful if while using Linux for various administrative tasks, one can streamline their work environment and engage in some common tasks such as starting or stopping Windows services at will from Linux.

To get a list of all available services on a Windows PC or Server, type the following from your Linux command line:

net rpc service list -I IPADDRESS -U USERNAME%PASSWORD

If you have a complicated password that uses symbols (such as ! # @, etc) you will find that entering the password (even in “quotation marks”) will not work, you will have to leave the @PASSWORD blank, and just enter the USERNAME, you’ll then be prompted to enter the password manually. Also note, some services may have spaces in their name. If so, simply “enclose the service name in quotes” to start or stop that service.

If on a domain . . .

net rpc service list -I IPADDRESS -U "domainname\username"

You will then be prompted for the password. Once you’ve authenticated, the list of services will scroll on your screen.

To stop any service:

net rpc service stop SERVICENAME -I IPADDRESS -U USERNAME%PASSWORD

or if on a domain

net rpc service stop SERVICENAME -I IPADDRESS -U "domainname\username"

To start any service:

net rpc service start SERVICENAME -I IPADDRESS -U USERNAME%PASSWORD

or if on a domain

net rpc service start SERVICENAME -I IPADDRESS -U "domainname\username"

You can do more than stop or start services. This functionality stems from SAMBA on Linux. You can add and remove users remotely, change user passwords, kill print jobs, show all users for a specified group, list all groups, shutdown the server or PC, shutdown-and-restart the server or PC and much much more: just type “man net” for more information, however, here are a few gems . . .

To list all the shares on a PC or Server (example):

net rap share -I 192.168.0.5 -U "mydomain\john"

To list the Print Queue on a PC or Server (example):

net rap printq -I 192.168.0.5 -U "mydomain\john"

To get the name of the server you’re accessing (example):

net rap server name -I 192.168.0.5 -U "mydomain\john"

To list ALL the open SMB/CIFS sessions on the target computer (example):

net rap session -I 192.168.0.5 -U "mydomain\john"

To reboot the server or PC and force all apps to shutdown gracefully:

net rpc shutdown -r -f -I 192.168.0.5 -U "mydomain\john"

These commands can easily be scripted with or without variables (for the IP addresses) to speed up the process.

Share!

• 

An extremely easy to use application, BleachBit will scan your Linux system for thumbs.db files, system and various application cache directories, old log files and will also wipe empty space if you so choose to ensure privacy. It is aware of many applications and knows exactly where their cache files are located. I found it not only reclaimed a good chunk of disk space from hundreds of .DS_Store files, and Thumbs.db files, but many cache files from programs I had since removed many months ago. (It also runs on Windows).

From their home page:

BleachBit quickly frees disk space, removes hidden junk, and easily guards your privacy. Erase cache, delete cookies, clear Internet history, remove unused localizations, shred logs, and delete temporary files. Designed for Linux and Windows systems, it wipes clean 70 applications including Firefox, Internet Explorer, Flash, Google Chrome, Opera, Safari, Adobe Reader, APT, and more.

It is available for most Linux distributions. Here is a great write-up on it from Linux Magazine.

Share!

• 

I came across an interesting service for educators and students: Flatworld Knowledge. Creative Commons licensed textbooks for students, allowing professors to edit and adopt textbooks to their own needs and requirements. Also a lot cheaper than classic textbooks, these are available for reading online, or for low priced printing in hardbound editions, or printable via PDF. The texts also include teacher supplements such as instructor manuals, lecture slides and tests.

Once a professor has chosen to customize a textbook, it gets a unique URL allowing students of the class in question to download or publish on-demand the customized textbook. I found the subject catalog a bit limiting right now, but I would expect that to grow over time. This site is still worth examining if one is an educator or student looking for community driven, affordable teaching/learning materials. Some authors also put out podcasts on their books, accessible from the site. I’m also sure Flatworld Knowledge would enjoy hearing from some who are interested in writing a textbook of their own for peer review and publication by them.

I noticed there aren’t any textbooks about computer science: perhaps some out there is willing to change that!

Share!

• 

When a PC or server is running Linux, you often want to know exactly what sort of hardware is actually running inside the box and more importantly whether it is supported by the kernel. Here is a list of commands which should help you to learn about your system and some of its specifications. In some cases, these commands may not work as listed below if you’re running a Red Hat or Fedora based distribution. In those instances simply specify the path to the command which will be /sbin/command.

If any of the output runs off your screen, just add |more to the end of any of these commands to see the output one screen at a time and hit the spacebar to go to the next screen, or Q to quit.

Processor type:
$ cat /proc/cpuinfo

Is the processor using 32 or 64 bit instruction set:
$ cat /proc/cpuinfo | grep flags | grep lm
If you get some output you have a 64 bit CPU. If you receive no output, then you’re using a 32 or even 16 bit CPU. The reason this is the case is that the CPU yields many flags that tell Linux what sort of processor it is, and the lm flag informs Linux that the CPU is a 64 bit processor. Grep as a command filters output. Feel free to run this command without the grep suffixes (cat /proc/cpuinfo) to see the full output of your CPU details.

What hardware (audio, video, disk controllers, etc) is in my Linux box:
$ lspci -tv
(The -t switch groups similar devices together for easy reading and -v offers more verbosity.)

To easily filter out the above command to just show graphic card information:
$ lspci | grep VGA

What USB devices are plugged in:
$ lsusb

Check the size of the hard drive and what hard drives are available in the system.
This command will also list USB drives and sticks. You need a root permissions to execute the fdisk command:
$ sudo fdisk -l | grep GB

Show info about a particular hard disk including firmware revision (replace sda with the appropriate drive as listed from the above command):
Note: This will only work on internal disks, NOT USB drives.
$ sudo hdparm -i /dev/sda

Check what partitions and file system is in use on my hard drives (same as the above command, but essentially more verbose):
$ sudo fdisk -l

Locate CD/DVD-ROM device file which offers a CD/DVD-ROM’s make and model info:
$ wodim –devices
or
$ wodim –scanbus
The above command will scan your entire system bus for attached devices (this won’t include USB Devices as they are not direct-bus-attached devices).

What modules are currently loaded:
$ lsmod

get a information about any particular module:
$ modinfo module_name

remove modules:
$ modprobe –remove module_name

load a modules to the kernel:
$ modprobe module_name

What hardware is using which module.
The -v switch is for vebosity, where -vvv is EXTRA verbosity.
$ lspci -v
or
$ lspci -vvv

Check for PCMCIA cards:
$ lspcmcia

How much RAM is installed in my Linux and how much of it is in use (megabytes).
It will also include swap memory:
$ free -m
There is a gigabyte switch, but it *rounds* it down, so it isn’t very accurate for RAM info:
$ free -g

Check sound card settings. This command will reveal whether your sound card is installed and what modules are in use:
$ cat /dev/sndstat

Available wireless cards:
$ iwconfig

What speed is set to FANs:
$ cat /proc/acpi/ibm/fan
If this command doesn’t work, then feel free to peruse the /proc/acpi directory on your system. You will find info available on your CPU, AC Adapter, Battery, etc. Some info is available here, and your mileage may vary for viewing any of the files in /proc/acpi.

Get a battery information on your laptop (assuming it’s been installed):
$ powersave -b

To find out what Linux Kernel you’r running:
$ uname -a

To find out what distribution of Linux you’re running:
Run any of these commands, as depending on your distribution some may or may not work.
$ cat /etc/issue
$ cat /proc/version
$ dmesg | head -1

Get a recent history of system reboots:
$ last reboot

To open any file from command line using the default application (will launch the correct graphical application for the file, as though you had doubled-clicked the file graphically):
$ xdg-open ./filename

To monitor all active network connections, and update live every second:
$ watch -n.1 ‘netstat -tup’

To passively list all connections, active or inactive:
$ ‘netstat -tupl

Share!

• 

Web based, easy to save videos from sites like Youtube, Dailymotion, Metacafe, Veoh, Flickr, Google, Blip.tv.

http://savevideo.me/

Saves the movie as a .FLV (Flash Video) file.

Share!

• 

Many people don’t know that there are hard drives in many photocopy machines today, especially in any office style photocopier made within the last 5 to 7 years. These hard drives often retain scans of old documents. This matters when an office disposes of an old copier, as it’s been a treasure trove for identity thieves and other busybodies. Whether at the office or at a commercial copy storefront like Kinko’s or Staples, copies of your private documents stored on public machines for an indefinite period has some obvious drawbacks. Here’s an article posted 3 years ago on the topic, and one posted about a week ago — not much has changed.

Current photocopiers can produce copies very rapidly because they scan the page only once and store it digitally on its internal hard disk. It uses that image file to then print copies using similar technology found in laser printers. Indeed, many copiers today can function as a direct printer for your PC (or even e-mail your document directly from the copier) which requires a network connection; this means many units can be addressed remotely and is therefore vulnerable to remote perusal.

For personal and private documents, a personal scanner & printer (at home) might be the wiser choice.

Share!

• 

As part of my continuing Command Line Magic series and many of the other Command Line oriented posts I’ve made (click here for category-summary of Command Line oriented posts, or just click the Command Line tag in the tag cloud to the right), I’m happy to post another set of highly useful commands. As always, the context of these commands are within the Bash shell in Linux. A moderate understanding of Bash shell commands is required to fully appreciate this post.

Here are some very useful commands, that any power user would find helpful:

1. Start a simple webserver to serve up any directory as browsable from anywhere (for file transfers):

$ python -m SimpleHTTPServer

I’ve mentioned this in past posts. This is a simple command, that when run from any directory will launch a simple python web server that will serve up the local directory as a browsable directory using a browser such as Firefox or Chrome. Any subdirectories underneath the local directory from which this command is run will also be browsable. You can right-click and save any file or left-click it to attempt to view it on the fly. This works very well over SSH sessions, when you want to transfer a file, but don’t want to engage SSHFS or SCP. You can background the process with a ctrl-z, bg, then pkill python to stop the web server from running, or just leave it running in command prompt and ctrl-c to end it.

2. Record your desktop and pipe the output to an mpeg file.

$ ffmpeg -f x11grab -s wsxga -r 25 -i :0.0 -sameq /home/john/desktop.mpg

• -f allows ffmpeg to grab the data properly from the x11 framebuffer
• -s sets the size of the screen to actually record, starting from the upper left of the screen. Here wsxga denotes a specific preset resolution (in wsxga’s case that would be 1600 x 1024). You can however type any resolution you like in manually (e.g. -s 1024×768). You will need to know the resolution of your desktop to set this correctly.
• -r sets the framerate. This could be left out as 25 is the default.
• -i sets which framebuffer to take, since XWindows can run in multiple sessions, generally you’ll want to leave this setting alone.
• -sameq forces the same quality was what is being fed in by the source (in this case the x11 framebuffer). This is helpful to have a max-quality video, though you may want to try other settings to degrade the quality to keep the file size down. If you’d prefer to reduce the quality on the fly, replace -sameq with -qscale x where x is 1 – 31. These are preset quality settings, with 1 being the highest and 31 being very poor video quality. I have found -qscale 10 to be the sweetspot between quality and file size.
• If you’d like the file to be a bit smaller and if you prefer an .AVI to a raw .MPG, then simply remove the /home/john/desktop.mpg in the command above and replace it with:
  • -vcodec mpeg4 /home/john/desktop.avi
    • This is file will be a bit smaller using the mpeg4 codec in an avi container. You can still use the -qscale option with this change.

3. Copy an entire directory tree through ssh using on the fly compression through an SSH session (no temporary files!):

$ ssh <host> 'tar -cz /<directory>/<subdirectory>' | tar -xvz

Just enter the <host> to SSH to, and the host’s <directory> and <subdirectory> path to compress that subdirectory on the fly at the host, but decompress it as it arrives locally to your current location and path. This will have the advantage of not taking up any extra space at the host (since the files are compressed as they’re transmitted) and easily drops the entire directory tree specified onto the client uncompressed, saving time and bandwidth and transmission time.

This works well for large directory trees and is easy to use for a quick copy where you don’t want to spend a lot of time compressing it at the host manually and transmitting the compressed file, then uncompressing it, then deleting the original compressed file created at the host. Note: This will replicate the full directory path at the client side (desired).

SCP or RSYNC are recommended for automated backup though, this is more appropriate for a 1-shot copy of a large directory.

4. Resize any image files in the current directory to Width x Height specifed (regardless of image format)!

$ for a in `ls`; do echo $a && convert $a -resize <Width>x<Height> $a; done

Simply do a man convert to learn more about the convert program, other options can be added into the command. Also this is a great syntax for doing ANYTHING to any files in a particular directory that would be a batch process consistent with all the files in that directory.

5. Grab a screenshot of the current desktop to the current directory

$ import -pause 5 -window root desktop_screenshot.jpg

This command will wait 5 seconds (assuming you want some time to set up the shot and to get the command prompt out of the way) and take a snapshot of the root (primary) desktop currently running. This command requires imagemagick be installed.

Share!

• 

. . . So Bill Gates & Steve Jobs both threatened to sue the former standard bearer of the Open Source movement, SUN Microsystems (before it was whisked away from us by Oracle). The CEO at the time was Jonathan Schwartz, who by waving the banners of Unix and JAVA in front of both Bill and Steve forced them to stand down.

Being an obvious proponent of Open Source (also known as FOSS), I generally use only Linux and Open Source software. I own an Android phone, my home machines run Linux and wherever possible I try to deploy Open Source software professionally where possible & appropriate. I’ve never owned an Apple/MAC or an iAnything. In fact, my Sansa e280 media player runs Rockbox, the Open Source Jukebox Firmware for media players instead of the closed source software shipped with it. I have owned Windows systems and played with DOS in my youth, but once I reached the age of liberation I made a conscious choice to walk down the less trodden path and have reaped the rewards for it.

We’re all interdependent and this fact is ignored by many. Both Microsoft and Apple deny that the very foundations of their closed source products are rooted in the collaboration of the community, rooted in Free and Open Source Software (FOSS). Indeed, Apple’s OS is based on FreeBSD, while .NET (Microsoft’s primary application framework) is clearly drawing its inspiration from JAVA.

UNIX is one of the seminal operating systems which in many ways has influenced the world in which we live and I contend, moreso than Apple or Microsoft. In some of its core applications under the hood, some Windows code is based on FreeBSD. Simply click here for an example of which there are many, or this link, or this link. Although not a majority of it; I wouldn’t want to demean BSD by drawing parallels between the two <smirk>.

Of course as we all know, Apple is based on FreeBSD. Mac OS X is based upon the Mach kernel, parts of  FreeBSD’s and NetBSD’s implementation of Unix were incorporated in Nextstep, the core of Mac OS X. See this link for more info (Wikipedia).

Internalizing these facts in consideration helps me to realize that raw creativity, intelligence, community and ingenuity can provide great fulfillment, certainty and happiness in many spheres.

Having said all of the above, reading this article brought a smile to my face. It is a summary of Jonathan Schwartz’s blog post which can be read in its entirety here.

Share!

• 

Source: The Original Developer.

(Launchpad link):

A dynamic tunnel SSH multiplexer. When heavily using a Dynamic SSH tunnel, this application will open concurrent SSH tunnels to multiplex the load. This is useful when using torrent connections locally, or when using your computer to share internet access via the dynamic proxy.

To install on Ubuntu Karmic:

sudo add-apt-repository ppa:martineve/ppa

sudo apt-get update

sudo apt-get install sshsplit

If no arguments are passed, you can run sshsplit from command line and it will bring up a convenient GUI for on the fly configuration.

Share!

• 

For $100/year CrashPlan will store an *unlimited* amount of data and keep it for you in case of local failure of your storage devices. The excellent feature here is that they support Linux (rare for online storage offerings), Mac as well as Windows. If you plan to backup more than 100GB, they offer and recommend shipping you a 1TB drive with software to copy your data to the drive which writes encrypted & compressed, for mailing back to them.

In the event of a failure when you need to do a restore, you can order a drive to be mailed back to you (2 day priority) or download the data you need off their servers.

They also offer a nice little interactive table showing their pricing structure against other popular services where you can modify the amount of data you want to store to see how the pricing would change across different providers.

Crashplan offers a variety of plans that either count or don’t count the number of machines being backed up. Accordingly, plans vary from $4.50/month to $8.33/month depending on your needs. I have not yet tried the service, but I may consider it for backing up vital files to a secure off-site location.

I know of some folks who prefer services like Carbonite, but they don’t seem to support Linux. Another alternative, Jungledisk (front end to Amazon’s S3 cloud) has a Linux client for their backup server product, but I’ve never tried it. I have tried Jungledisk for Windows servers, and it works well, but Amazon meters the data being transferred to and from their cloud whereas Crashplan does not.

Share!

• 

By default, the newer versions of Ubuntu (9.04 and up) now auto-edit the MOTD. This annoyed me, so I researched how to stop that, since I prefer my own MOTDs and I’m quite particular about what I am presented with when SSH’ing into a box.

Ubuntu is running an application called “landscape-common”.

More on this application here. The easy thing to do here is to simply type update-motd – -disable and you can then modify your MOTD. Also I have noticed that sometimes, the contents of motd.tail will overwrite the MOTD, so I would simply make sure whatever you want in /etc/motd is also in /etc/motd.tail. [On Debian systems, the system message of the day is rebuilt at each startup. /etc/motd.tail is the file to edit permanent changes to the message of the day].

Share!

• 

I have tried many types of encryption, and I’ve had issues with them all. For many reasons, some programs make it too complicated to access the data, while others require special software to be made available on the system so that the data could be accessed. Others require that fixed-size containers be used, which can create all sorts of issues if there’s a corruption or if the container needs to be resized.

Ultimately, I have settled on a system known as eCryptfs. Of course, this runs only on Linux. However Windows/MAC users could access encrypted data on a Linux server if the decrypted data were presented with a SAMBA share.

eCryptfs is a kernel-native, stacked cryptographic filesystem for Linux. This means that it will run seamlessly with an existing Linux install and its filesystem. A stacked filesystem is one that is layered ontop of an existing filesystem (such as a transparency laid over a page beneath). As data is read from or written to the disk, data is encrypted or decrypted on the fly.

The flexible part of eCryptfs is that it embeds the cryptographic metadata into the header of each file. The benefit of storing the cryptographic metadata into each file is that any one file can be given to a friend, or sent through e-mail or copied by any other means and the recipient can conveniently decrypt the file so long as they have correct key (password).

Most encryption programs are not this versatile. They require special software or require that the file be separately encrypted so that it could be transmitted, and even then the recipient needs to jump through many hoops to decrypt the file. The only exception to this is PGP or GPG. GPG makes is very convenient to transmit files, but does not work well on large directories of files. eCryptfs bridges this gap very nicely. Also, since eCryptfs uses a stacked filesystem, there is no limit to what can be put into the directory for encryption, or subdirectories. They will simply and naturally fill the drive like any file would without any preset encrypted container limitations.

In Ubuntu (or any other Debian based distro) the following steps will allow one to easily encrypt an entire drive, directory or file.

To begin encrypting and decrypting your data, simply install the ecryptfs utilities.

sudo apt-get install ecryptfs-utils

Once installed, create a directory mystuff (or any name you like). This will be where you’ll store your data to be encrypted. The directory can be made anywhere, your home directory or any storage device (USB key or USB hard drive). It is important to note that you cannot encrypt a directory with data already in it. The easy way to accomplish this is to follow the steps below, then move the data from the original directory to the newly encrypted directory. You can rename the newly encrypted directory to match the original once the files have been moved and the original directory deleted.

mkdir ./mystuff

To be extra safe here, be sure only your Linux user has rights to the files in the directory. To accomplish this, simply change the permissions on the directory. The commands below assume you’re already in the directory where your new directory was just created (like your home directory). You may need to specify the full path to the directory if you’re not executing the command from that location.

chmod 700 ./mystuff

Now, you just have to leverage the encryption already available in your Linux kernel. To do this, you must layer the encrypted transparency, if you will, over the unencrypted directory. This is done by re-mounting the directory with the encrypted transparency layer.

sudo mount -t ecryptfs ./mystuff ./mystuff

This command simply remounts the exact same directory, however with the encryption overlay in place. From this moment forward, any files written to the mystuff directory will be encrypted. Also any files read from the directory will be decrypted on the fly (until the transparency is removed by unmounting the transparency, but more on this later.) Until the directory is dismounted from its encrypted transparency layer, the files will be easily readable and silently encrypted/decrypted on the fly.

Once the above command is executed, eCryptfs is going to ask some questions. The answers to these questions dictate the nature of the encryption.

It is perfectly safe to keep hitting <enter> on every one of these questions. This will use the defaults which are very well selected. There is one exception however. One question asks if you’d like to enable filename encryption. The default answer here is no. In many cases, the filenames themselves offer a lot of information about its contents and that alone is more than many want revealed. For example, a filename named “Bank Account PIN numbers 2009” would certainly be a target file and while helpful for you in organizing your data, would be too much information to reveal if anyone were able to get a directory listing of the files in question. To prevent this, answer yes when eCryptfs asks to enable filename encryption (again, the default will be to not scramble the filenames).

One other question which might confuse is the plaintext passthrough question. If enabled, this option allows non-encrypted files to be used inside the mount, which to me defeats the purpose of an encrypted directory. Allow for the default answer to this: no.

At the end of the process, eCryptfs will alert that this is the first time you have used your passphrase, and will ask if it can save a hash of it. It is safe to answer yes to this question. If keeping a hash of your passphrase is a source of concern, then I would encourage more research on the subject.

At this point, you may write, delete, read as much data into that directory as you’d like. The files will remain free to access until you dismount the encrypted layer, leaving you with the closed, encrypted files. To dismount the transparency, simply dismount the directory.

sudo umount ./mystuff

At this point, any attempt to read the files will fail. You can browse the encrypted files themselves, but the filenames will be scrambled random characters and the contents will be totally incomprehensible.

To reopen your encrypted files, simply remount the encrypted directory as we first did earlier. However, upon doing this eCryptfs will ask all the same questions it did before (key type, your passphrase, the cipher, and the key length), so it will know the parameters of this particular encrypted directory. It will ask these questions every time you attempt to mount your encrypted directory. Fortunately, this can all be automated (except the passphrase entry obviously) so as to speed up the process.

The command can be given ahead of time and written into an executable script:

sudo mount -t ecryptfs /home/johnny/mystuff /home/johnny/mystuff -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,ecryptfs_fnek_sig=ed221f243b153323

Be mindful of the last option in the command above, namely ecryptfs_fnek_sig. When you first encrypt your directory, eCryptfs will tell you what the ecryptfs_fnek_sig is for your specific directory (or drive). You’ll need to enter this unique number into your command so that you will have a smooth and quick mounting process. Type this entire command into a text file (obviously replacing /home/johnny/mystuff with the actual path to your encrypted directory and entering your unique ecryptfs_fnek_sig number), save it (I’ll call mine crypt) and make it executable by typing:

chmod +x ./crypt

While you’re at it, create a quick script to dismount the encrypted mount.

sudo umount /home/johnny/mystuff

Then make it executable using the chmod command as shown above.

Of course in Linux you can also create a custom application launcher (a graphic on your taskbar or desktop) that can execute these scripts with the click of the mouse.

Share!

• 

I use this command to change the resolution of my EEE 1000HE from 1024×600 to 1024×1024 which allows me to work well with large web pages, though I must pan-n-scan the desktop (which runs past the borders of the monitor), it’s worth it.

Not every EEE PC is built the same, nor do they use the same video drivers. Therefore first, you have to find what the minimum and maximum resolutions are available for your unit. To see this, simply type this in command line:

xrandr

As an aside, the commands below work with any Linux system, EEE or otherwise. This command will tell you the minimum and maximum resolution of your screen plus the available “standard” resolutions.. mine were:

Screen 0 (the local screen): min 320×200 ………. current 1024×600 ……… max 1024.x1024

Available standard modes were: 1024×600, 800×600 and 640×480.

To max out my screen resolution I chose to work with 1024×1024, that would give me the most pixels (+ the most panning) but it would show me more of an application in a glance. Normally working in 1024×600 (native resolution of the EEE PC 1000HE) I’d have to hit F11 to go to full-screen mode in Firefox. Now, running in 1024×1024, I can run without full screen mode and can see a nice portion of my browser window. The panning isn’t much of a bother, and I feel less constrained on the desktop.

To change the resolution to the max specified by running xrandr above, type this:

xrandr --output LVDS --panning 1024x1024

. . . and voila !  Instant pan/scan screen. To change it back to the original resolution …

xrandr --output LVDS --panning 1024x600

Place these two commands in separate scripts with execute rights, then attach to a launcher and place on your taskbar and/or desktop and you can do this in one click.

###

UPDATE: On Ubuntu 9.10, this command WORKS, however, the local display is now LVDS1, not LVDS.

Share!

• 

This is a good Linux site and has a good collection of shell scripts. Enjoy.

They’re sorted newest-first, so click the <previous entries> at the bottom of the page to see the prior scripts.

Here’s also a few links on learning the basics of shell scripting:

IBM’s extensive site on the subject.

Linuxcommand.org

Share!

• 

For Debian-based distros, this utility (not related to the ‘nice‘ command) will limit the cpu usage of a program. It works with multiple cores as well.

Simply sudo apt-get install cpulimit. More info can be found here.

Share!

• 

Ctrl+Alt+Backspace (the shortcut which was used to restart the X server) has to be enabled in a different way starting in Ubuntu 9.10 (Karmic Koala).

Using GNOME

• Get to the System->Preferences->Keyboard menu.
• Select the “Layouts” tab and click on the “Layout Options” button.
• Then select “Key sequence to kill the X server” and enable “Control + Alt + Backspace”.

Click the link below for the full article and how to do it in KDE.

Source: Ubuntu Geek.

Share!

• 

Pretty straight forward stuff in this article, but it’s a good reference on how to use the most-excellent tools in an Ubuntu Live-CD to recover drives (whether they be Windows hard disks or Linux-flavored data) with damaged data or corrupted boot sectors and easily make it bootable and/or usable again.

I recently had to run a ReiserFsck myself on one of my primary home Linux boxes off a Live-CD; worked very well!

Here’s the link for reference:

NOTE: The above link is just a broad stroke introduction to some of the more commonly used repair functions, a lot more research is needed by the user if in-depth recovery of a hard disk or repair is required.

Share!

•