The Blog of Tom Webster

Chronic Ranter, Reviewer, and Developer. I speak only for myself, opinions are my own.

Quick Notes on "Thoughts on Flash"

  2010-05-01 13:18:00 PDT

Lets start with a quote from the original article:

"Adobe's Flash products are 100% proprietary. They are only available from Adobe, and Adobe has sole authority as to their future enhancement, pricing, etc. While Adobe’s Flash products are widely available, this does not mean they are open, since they are controlled entirely by Adobe and available only from Adobe. By almost any definition, Flash is a closed system."

Lets make some quick changes to this...

"~~Adobe's Flash~~ Apple products are 100% proprietary. They are only available from ~~Adobe~~ Apple, and ~~Adobe~~ Apple has sole authority as to their future enhancement, pricing, etc. While ~~Adobe’s Flash~~ Apple's products are widely available, this does not mean they are open, since they are controlled entirely by ~~Adobe~~ Apple and available only from ~~Adobe~~ Apple. By almost any definition, ~~Flash~~ _any Apple software _is a closed system."

Don't even get me started on the App Store. Hey, Jobs, talk when you can put your app store where your mouth is. Just sayin'.

Server-Bits: Tip #2

  2010-04-19 02:57:00 PDT

Just a cool tip I found to hide the user list on the logon screen. I have a great number of users, and the list was getting pretty ridiculous... This command will restart your xserver. Save your work beforehand.

**sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type Boolean --set /apps/gdm/simple-greeter/disableuserlist True

sudo /etc/init.d/gdm restart**

And that will give you a nice clean username/password box.

Via: Ubuntu Geek: http://www.ubuntugeek.com/how-to-remove-hide-users-list-at- login-screen-in-ubuntu-9-10-karmic.html

About Server-Bits:

If you've ever wanted to get started building a server, right in your own backyard, kitchen, closet, mother's closet, mother's basement, then this is the read for you. Aimed at the not-so-technical-but-willing-to-learn, this will give you everything you need to build... that monster-server you've dreamed of. My goal: To give you a working, rocking server, for free, that you can use daily.

Server-Bits #6: Duck and Cover or: Protecting your users with VPN

  2010-02-26 18:53:00 PST

In this world of turmoil, uncertainty, and Wireshark, web browsing in a public place is like putting on an 80's hair metal concert, completely unsafe and everyone can see what's going on. Unsecured wifi access points (And even those secured, but using older protection) will show a great deal of your traffic in plain text to anyone who loads up a program and 'sniffs' the air. Too embarrassed about still using Friendster? Then set your server up as a VPN proxy and route all of your traffic through encrypted SSH. Completely secured internet, on all of those untrusted networks. What are you waiting for? Get to it!

  1. The first thing to do is set up a new user account that will only have VPN access. - 'sudo adduser vpnbuddy' (You can set this up with any user account you wish)
  2. Set up a new password for the user account (Make sure it is a lengthy/complicated password, the user will not be able to log in and change it.
  3. Next, we need to disable shell access for this account. We can change shells in /etc/passwd - 'sudo nano /etc/passwd'
    1. NOTE! This is if you would like the user to have only VPN access, for standard SSH accounts, you don't need to change anything on their account, VPN is already available to them.
  4. Navigate to the bottom of the file, to the line with the new username, go to the end of the line and change the '/bin/bash' to '/bin/false'.
  5. Ctrl+O to save, hit enter.
  6. Ctrl+X to exit.

That should be all the server-side work you have to do. With SSH already set and configured, your newly created VPN user is ready to go! But.... That's the easy part... Next, we have to work on deploying and setting up VPN for your new users.

Possibly the easiest way to accomplish this goal is to make a nice zip file of the things we will be building, and give people a foolproof way to set up their programs to take advantage of the secured connection.

  1. The first thing to do is go download Putty. Realistically, most of your users will be on Windows, so we need an SSH client to connect them over to your server and open up the VPN port. The perfect program to do the job would be Putty.
  2. create a new text file. You can do this in notepad, nano, gedit, Notepad++, whatever plain text editor you please.
  3. You want to put this in your text file:

putty.exe -N -D 8888 CLIENTUSERNAMEHERE@pastanet.homelinux.com

  1. Save the file as "Connect.bat"
  2. Make a new folder somewhere and put the 'putty.exe' file in it. Next, throw your new 'Connect.bat' file in it.
  3. Now... its time for some documentation... One of the slowest parts of running your own server. Yes... we all know you know how to connect to SSH and make everything just work, but your users need you to hold their hands as they walk through this desolate land of technology. Take a look at the documentation I've given my users...(Google Docs Link)

As you can see, its easy to understand, easy to distribute, and in a format that most anyone can open (PDF).

  1. Now users need to set up FireFox and Pidgin to use the VPN access. You can head HERE to run through the Flickr screenshot tour of setting up FireFox and Pidgin (Feel free to take my screenshots/documentation and use it for your own server, everything I make is under a free-to-share Creative Commons license)
  2. After that, the only thing that is left is to acquire users and remain encrypted online. VPN works wonders for thwarting wifi eavesdroppers, suspicious network admins, and poorly built web filtering software. Have fun with it!

Again: Sorry this took so long to publish, its been a great deal of work getting all of the documentation kinks worked out. Its a bit difficult to make things perfectly easy and usable for standard users, and while running your own server, you'll figure that out as well. Next up: Remote torrent administration with Transmission.

About Server-Bits:

If you've ever wanted to get started building a server, right in your own backyard, kitchen, closet, mother's closet, mother's basement, then this is the read for you. Aimed at the not-so-technical-but-willing-to-learn, this will give you everything you need to build... that monster-server you've dreamed of. My goal: To give you a working, rocking server, for free, that you can use daily.

Server-Bits: Interlude

  2010-02-15 21:44:00 PST

I really have been working on the next set of posts, really... For two weeks. The next post will include something equally different, but just as important as sheer technical skill: The ability to work with users. Deployment, documentation, dumbing-things-down. If you always count on the super-nerdy to use what you build, you won't go very far, things need to be documented and easy to use. Stay tuned, there is a lot to go through.

Server-Bits #5: Sockso Music Server and the Joys of SSL

  2010-01-16 16:43:00 PST

Sockso!! Sockso is a music streaming server program. It will take into account any folders you have on your computer, index the music from them, then create an online-accessible database which you can stream from. Your entire music collection: Working anywhere the internet and flash will. Lets get started:

  1. Head over to http://sockso.pu-gh.com/ and download Sockso. If you're running this through ssh, use this command to download it: wget http://sockso.googlecode.com/files/sockso-1.2.1.zip
  2. Then extract the files - unzip sockso-1.2.1.zip
  3. Then we'll move it to the /var directory - mv sockso-1.2.1 /var
  4. Next, we'll jump into the sockso directory - cd /var/sockso-1.2.1/
  5. But we can't run it just yet, we don't have the java runtime environment install on our server, but don't fret, its but a command away.
  6. sudo apt-get install openjdk-6-jre
  7. Now we can launch Sockso *[This method of launching will launch Sockso with https forced and without a graphical interface, if you want to run unsecured or with a graphical interface, just remove either (or both) of those switches] *-** cd /var/sockso-1.2.1 && java -jar /var/sockso-1.2.1/sockso.jar "$@" --ssl --nogui**
  8. Now you can type 'help' to see your choice of commands. Running Sockso through the terminal limits you in some ways, to gain the full feature set, plug in a monitor and check out the sockso GUI. [The easiest way of launching the Sockso GUI is by running 'sh /var/sockso-1.2.1/linux.sh]
  9. Now lets add a folder for Sockso to watch - coladd /home/username/Music/
  10. This could take a while to add to Sockso... When it adds a folder, it indexes all of the files into a database that it can then pull from.
  11. Next, we should add a user to the system - useradd username password emailaddress@hostnamehere.com
  12. The default port for Sockso is 4444, but you can change this with - propset server.port [port number]
  13. All of the settings can be shown with proplist and changed with propset.
  14. The only thing left to do now is test it! Head over to https://yourhostnamehere.com:4444 to test it out! [You must use https if you have --ssl enabled, otherwise, use http].
  15. I recommend using the commands "propset users.disableRegistration yes" *and *"propset users.requireLogin yes" to lock down your media streaming to only those users you specify, but this is up to you.
  16. Have fun streaming!

One of the cooler parts about running a linux box is the ability to add things to what's called your .bashrc _file. This file can do anything from setting environment variables, to running a startup command when you log in, to setting program aliases. We we be doing the latter with Sockso. The command to run Sockso securely is long, arduous, and complicated, by adding a single line to the .bashrc file, we'll turn this command into a single word. **[NOTE: You will have to restart your bash session for the changes to take effect. This means either logging out of ssh and logging back in, or closing the terminal and opening a new one.]_**

To add a line to your .bashrc file, use the following command: echo "*cd /var/sockso-1.2.1 && java -jar /var/sockso-1.2.1/sockso.jar "$@" --ssl --nogui" >> ~/.bashrc
*

Ok, let me explain this one.. The echo command just throws text on the screen, but it can also be used with a redirect to throw text in a file as well. Right now, you are throwing that big long command in quotes into the file ~/.bashrc. "~" or "Tilde" is a very short way to say "My Home Directory" and the .bashrc is the text file located in your home directory. Now, the part in the middle of these two, ">>", this is output redirection. Instead of echo throwing text into the terminal, it will instead append that text into the file of your choice (in this case, your .bashrc file). Doubles (>>) will add the output to the end of the file, while a single redirect (>) will completely replace the file. You should probably be careful with this one. You can redirect output for just about any program in a bash shell, it comes in hand for many many things. For further reading on Bash Redirection head over here, a wonderful noobie-friendly post.

And that's it for Sockso. In the future, we'll be covering remote BitTorrent administration, URL-rewriting, and Wiki's!

About Server-Bits:

If you've ever wanted to get started building a server, right in your own backyard, kitchen, closet, mother's closet, mother's basement, then this is the read for you. Aimed at the not-so-technical-but-willing-to-learn, this will give you everything you need to build... that monster-server you've dreamed of. My goal: To give you a working, rocking server, for free, that you can use daily.

Page: 27 of 32