Sunday, November 9, 2008

Installing Sun Java 6.0 on Ubuntu

Ubuntu is defaultly deployed with GNU libgcj JVM which doesn't work with some applications, for example Eclipse. Also in my experience GNU libgcj JVM is much slower than Sun JRE.
Installing Sun Java 6 JRE is simple. Just issue the following command from shell:
apt-get install sun-java6-jre sun-java6-bin sun-java6-plugin sun-java6-jdk
You will need to be root or use "sudo" to perform this operation. You can skip package sun-java6-jdk if you dont plan on doing development in Java.

Once these packages are installed you can use Alternatives to make sun java your default JVM. To do this issue following command from shell:
update-alternatives --config java
You will get a screen like following:

The * sign means that this JVM is default. Enter the number for Sun JRE which in my case is 3. Now you can check your java version using: java -version

Tuesday, November 4, 2008

Virtual CD software for Windows XP from Microsoft?

I needed to add an ISO image as virtual drive to my system and I was looking for some free software to do the job. During my search i found out that there is a software from MS, called WinXP Virtual CD control panel, to do the job but it is not listed at Microsoft Download Center. You can download it from here. It is very primitive software but gets the job done nicely.

Installation Instruction (from readme.txt)
  1. Copy VCdRom.sys to your %systemroot%\system32\drivers folder.
  2. Execute VCdControlTool.exe
  3. Click "Driver control"
  4. If the "Install Driver" button is available, click it. Navigate to the %systemroot%\system32\drivers folder, select VCdRom.sys, and click Open.
  5. Click "Start"
  6. Click OK
  7. Click "Add Drive" to add a drive to the drive list. Ensure that the drive added is not a local drive. If it is, continue to click "Add Drive" until an unused drive letter is available.
  8. Select an unused drive letter from the drive list and click "Mount".
  9. Navigate to the image file, select it, and click "OK". UNC naming conventions should not be used, however mapped network drives should be OK.

video

I have used it with ISO images and it works very well. dont know if it works with other formats

Sunday, October 5, 2008

Installing and using knockd to allow temporary SSH access

knockd is a port-knock server which runs silently on your machine until it sees a specific port-sequence. When it sees the specific port sequence it performs an action associated with that sequence. Port sequence and the associated actions can be easily configured in knockd's configuration file /etc/knockd.conf.
In below example we will use knockd to, upon seeing a specific sequence of port knocks, open a "hole" in our firewall to allow ssh access from outside. Dont worry this is not insecure as you will be the only one knowing that port sequence, unless ofcourse you share that sequence with some one else :)
To accomplish this we will need to do following:
  • install knockd
  • configure it to allow ssh access on seeing a specific port sequence
  • configure it to close ssh access on seeing a different port sequence
Install knockd using: sudo apt-get install knockd. This installation will create a file /etc/knockd.conf.
Open this file using “sudo nano /etc/knockd.conf”.The file will look something like this:

----------------------------------------------------------------------------------------------------

[options]

logfile = /var/log/knockd.log

[openSSH]

sequence = 7000,8000,9000

seq_timeout = 5

command = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCE$

tcpflags = syn

[closeSSH]

sequence = 9000,8000,7000

seq_timeout = 5

command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCE$

tcpflags = syn

-----------------------------------------------------------------------------------------------------

we need to change the sequence and seq_timeout lines for both, [openSSH] and [closeSSH] sections. This is just a precautionary measure as sequence 7000,8000,9000 is a very common and well known. So change the file to look as one below. You can use any sequence that you like but avoid commonly used ports. You can even use ports that are closed/blocked on ur system as knockd works on link layer and will see all the traffic destined for your system even for closed or blocked ports. Dont change command, tcpflags or logfile options. After you have changed the file save it.


Now you need to edit your /etc/default/knockd. Open that file using “sudo nano /etc/default/knockd”. Change it to match the following. This will ensure that knockd is always run as daemon at init i.e at system startup.

The “-i eth0” will ensure that knockd listens on eth0 for port knock sequence. You can change it to whatever interface that you want knockd to listen at.

Now start knockd. You need to do this just this one time.

sudo /etc/init.d/knockd start

Now you are up and running :). knockd will open ssh access for you on seeing the specific port knock sequence. To try this try SSHing this computer from any other machine connected to this computer on interface that you selected in /etc/default/knockd which in my case is eth0. Your firewall will not allow access. To get access you will need to knock at the doors of your computer and for that you will need knock client on the machine that you are using to do ssh. If you are using a linux machine install knockd package and if you are using windows machine you can use windows client from here.

To knock issue following command ( replace 192.168.1.2 with the IP of your computer)

knock 192.168.1.2 5000 7000 9000

This will open ssh access for you. Now use ssh to access your gateway. When you are finished issue following command to close the ssh access.

knock 192.168.1.2 6000 7000 8000

Wednesday, September 3, 2008

Installing Ruby and Rails on Ubuntu

Ruby is not installed on Ubuntu out of the box. To get Rails working you will need to install ruby and some other things first. Simply enter following line on shell prompt

sudo apt-get install ruby ruby1.8-dev irb rubygems build-essential libopenssl-ruby

This will install ruby and ruby gems on your machine. To install rails enter following on shell prompt

sudo gem install rails rake mongrel


this will install rails and mongrel, a rails web server, on your system. If you dont need mongrel you can remove mongrel from the above line.

Mysql + Mysql Administrator + Mysql Query Browser on Ubuntu

I am using Ubuntu(Hardy).
To install mysql use apt-get. Issue command "sudo apt-get install mysql-server mysql-client libmysqlclient15-dev". This will install mysql server on your system. You can start the server using "sudo /etc/init.d/mysql start" and similarly stop it using "sudo /etc/init.d/mysql stop".

Note: RedHat users install package mysql-devel instead of libmysqlclient15-dev

To create and manage databases you can use command line utility 'mysqladmin' installed with mysql server. If you dont like command line then u can install MySql Administrator to manage mysql databases using GUI. To install MySql Administrator issue command "sudo apt-get install mysql-admin".

To connect to databases and execute queries you can use command line utitlity 'mysql' or you can install MySql Query Browser using "sudo apt-get install mysql-query-browser".

MySql Administrator and MySql Query Browser can be run from command line using commands 'mysql-admin' and 'mysql-query-browser' respectively or you can access them from Applications->Programming system menu.

Note: To install these apps you may need to enable universe repository for apt-get. To do this edit /etc/apt/sources.list and uncomment all lines of the form
deb http://xxxx.ubuntu.com/ubuntu/ hardy universe. To uncomment remove '#' from start of these lines.

Monday, September 1, 2008

Portable encrypted filesystem using Flash Drive, LInux and Cryptmount

Encrypted file-system can be easily created using cryptmount. On Ubuntu/Debian you can install cryptmount using “sudo apt-get install cryptmount”.

In this example I will demonstrate how to create an encrypted file-system on a flash drive and then use it on another machine. You will need root privileges on machines where you want to create or access this file-system. First we need to create the file system on the flash drive. To do this create an entry in the /etc/cryptmount/cmtab like this


cryptusb {
        dev=/media/flash/cryptusb.fs
        dir=/home/adnan/cryptusb
        fstype=ext3
        fsoptions=defaults
        cipher=aes
        keyfile=/media/flash/cryptusb.key
        keyformat=builtin
    }


This tells cryptmount that your file-system name is cryptusb and you want to store your file-system in /media/flash/cryptusb.fs and to mount it to /home/adnan/cryptusb. It also tells it that the filesystem type is ext3 and to use AES algorithm to encrypt/decrypt the file-system. You can change cipher filed to change the encryption algorithm. Its important that the keyfile and dev are flash drive paths because other wise your file system wont reside on your flash drive and hence you wont be able to use it on any other machine. man cmtab has more information on all the available fields and their valid values.


Now create the file(specified in dev field) which will contain this encrypted file system and the mount point.


$ dd if=/dev/zero of=/media/flash/cryptusb.fs bs=1M count=32

32+0 records in

32+0 records out

33554432 bytes (34 MB) copied, 0.673204 s, 49.8 MB/s

$ mkdir /home/adnan/cryptusb


Next generate the encryption key. You will need to specify key size in bytes


$ cryptmount --generate-key 32 cryptusb

generating random key; please be patient…
enter new password for target "manual":
confirm password:


Now issue following commands to prepare and format the file-system:


$ cryptmount --prepare cryptusb

enter password for target "cryptusb":


$ mkfs.ext3 /dev/mapper/cryptusb


$ cryptmount --release cryptusb


The file-system is now ready and can be mounted using command “cryptmount cryptusb”. To unmount use “cryptmount –u cryptusb”. To use this file-system on another machine just copy


cryptusb {
        dev=/media/flash/cryptusb.fs
        dir=/home/adnan1/cryptusb
        fstype=ext3
        fsoptions=defaults
        cipher=aes
        keyfile=/media/flash/cryptusb.key
        keyformat=builtin
    }


to /etc/cryptmount/cmtab on other machine. Change path in dev and keyfile fields to path to cryptusb.fs and cryptusb.key if flash drive on this machine is not mounted as /media/flash. You can also change dir field if you want the file system to be mounted some where else. After adding this to /etc/cryptmount/cmtab save the file and issue follwing commands


$ cryptmount --prepare cryptusb


$ cryptmount --release cryptusb


and you are done. you can now mount and unmount the file system using cryptmount. You may face some problem accessing files and directories because of file permissions. You can always change file and directory permissions using “chmod” and “chown” commands. A simple workaround is to make root to be the owner of this filesystem. To do this mount this file system using “cryptmount cryptusb” then issuing command “chown root:root /home/adnan1/cryptusb”. Then you can access this file system as root on both machines. This way you wont have to change permissions whenever you take this filesystem from one machine to other.

Wednesday, August 20, 2008

Installing cryptmount on Redhat Linux Enterprise 4

Cryptmount is a utility for mounting encrypted file systems. A nice tutorial on using cyptmount can be found here. But you first need to install cryptmount :-). I was installing it on Linux Enterprise 4 and was not able to make Yum or apt-get work so i had to use rpm and resolve dependecies my self :(. If u face the same problem try following.
Download Cryptmount, glibc, glibc-headers, glibc-devel and glibc-common and put them in the same directory. Now change ur working directory to that directory and issue command "rpm -Uvh glibc-2.8.90-11.i386.rpm glibc-common-2.8.90-11.i386.rpm glibc-devel-2.8.90-11.i386.rpm glibc-headers-2.8.90-11.i386.rpm"
This will install or update GNU C library on ur system. Now issue command "rpm -Uvh cryptmount-3.0-1.i586.rpm" and this will install cryptmount on ur system.

Sunday, June 15, 2008

Sqlite3 with Rails

Sqlite3 is an easy to use DBMS available as a library. It is a self contained and server less SQL database engine. Because of its ease of use and small foot print it has become DBMS of choice for low traffic web applications.
Using Sqlite3 with rails is real easy. Grab the binaries from Sqlite3 download page. for windows you will require sqlite-3_5_9.zip and sqlitedll-3_5_9.zip. Unzip these files and add them to your PATH environment variable ( or u can simply put the unzipped files to your ruby/bin directory) and you are ready. All Sqlite3 functionality is accessible via sqlite3.exe which you just unzipped and added to path.
To use sqlite3 with rails install sqlite3-ruby gem using gem command. Finally you will need to specify sqlite3 as the connection in the database.yml file of your rails application. Given below is development section of a sample database.yml

development:
adapter: sqlite3
database: db/development.sqlite3
timeout: 5000

Notice that there is no username or password fields as they are not required.
When you do rake db:migrate database file will be created if not already exists.

Note: as of rails 2.0 sqlite3 is the default database and you will need to -d command line option when creating a rails application using to change it or you will need to change database.yml manually.

Thursday, June 12, 2008

REST in peace

I have been hearing this term (REST) alot lately and during my quest to find telecommuting work on internet I saw this term many many times. So today when I had a little free time I decided to do little research to find out what the hell it is. Once again, to no surprise, its a complicated term for a simple simple concept. Its not a framework or a standard or a protocol. Its simply a way of building web applications or web services. You can build RESTfull apps using any framework Rails or DJango or whatever you like.

Here you can find a simple tutorial about REST or you can follow this link to see how to build RESTful applications in Rails

Sheritech - What went wrong

For long time now I have been thinking to write about my experience at Sheritech.I had, and still have a lot of complaints but when I finally sat to write all I could remember was that I enjoyed my stay there. Question is why? Did I enjoy not getting paid or working long hours or working unpaid overtime. I think it was because I was in the company of my friends.

But this post is about "what went wrong" so I will try to stick to the topic :)

Generally people working in startups have stakes in them. This is what compensates for things like overtime and late or small salaries, and makes people, who are part of that startup, feel like they are doing it for nobody but themselves. And this was my and others (you know who) expectation from Sheritech but when things got documented we came to know that this was not the case. So obviously I started to look at things differently and i believe same is true for other people working there.

Startups require lot of hard work and little SLEEP. It is not possible for a startup to be successful when its CEO is almost never available (I believe you know the reasons for his unavailability :D). This thing wasted the best resource that we had and destroyed the office environment.

Startups require focus and determination. It is important to have a game plan before starting a new company. If one partner is thinking one thing and other is thinking another, it is never going to succeed.

Lastly and most importantly in any business owners/partners should be fair with each other and employees. You cant deceive people for long and it always ends badly when you try to.

The most important thing that I learnt from Sheritech and which I want to share is "Never ever work for your friend" because if you do you lose both.

Wednesday, June 11, 2008

Some Thing

In last few days I have been told by many friends that a blog is not supposed to be empty and that I should write some thing on it. So here it goes "SOME THING" :)