Running New Software on an Old System

I have a netbook which still runs a very old system. It's ancient and no longer supported (just like Windows XP). But it's the last version which supports the proprietary Intel Graphics drivers (poulsbo) with video acceleration in Linux. Now the problem is using this in any environment would be extremely dangerous, because it's full of years of serious security issues. And the software really is very ancient.

Luckily, there is help, called schroot. Using a simple script, you can replace any command with a command out of the chroot. With this simple script, the application will behave just as if it was installed in your current environment - except for access to directories.

#!/bin/bash
schroot -c precise -- /usr/bin/google-chrome-stable ${@}

Of course you could just the same method to simple make your system a bit more secure for a few programs. You can use schroot and debootstrap to setup a secure environment.

New Favorite Root Server Hoster: On demand virtual machine for 5 $/month or .7 ¢/hour

I've been thinking about root server hosters recently and a friend pointed me towards Digital Ocean. And besides their good pricing and choice in OSes I really like that you can pay by the hour. That means you can use a server for a few hours, shut it down again, create a snapshot, and "detroy" it. You keep the state of your machine and you can return to this state easily at any time.

A server with 512 MB RAM, 20 GB SSD and 1 TB transfer costs you 5 $ per month. But you can also use a server just for an hour for just one cent or precisely $ 0.007. This is very cheap yet comfortable for remotely testing things. And you get a fully set up Ubuntu or other server in just under a minute. Just remember to shut it down, snapshot and destory the server when you're finished if you want to pause the billing. And they have servers in Amsterdam / EU.

Of course, you could also use this to create your own private cloud service. Try it out!

Note: I get a provision for referrals if you click the link. But I wrote about it because I like it, not for the money. I may have written more than I would have otherwise, though. ;)

Two Factor Authentication for SSH with Ubuntu

Here is a great very quick Ubuntu two factor authentication setup guide, which I'ved tested to work for Ubuntu 12.04 and 14.04. It sets up two factor authentication for SSH login. You can still login via public key instead, which may be even safer. But it's a good way to prevent bad effects from someone just stealing your password.

Here's a link to the companion authenticator apps for different mobile platforms (Android, iPhone, ...).

Make sure you keep logged in with one session when setting it for remote machines! If you make a mistake you won't be able to log in at all until you correct it.

Two Factor Authentication for SSH with Ubuntu

Here is a great very quick Ubuntu two factor authentication setup guide, which I'ved tested to work for Ubuntu 12.04 and 14.04. It sets up two factor authentication for SSH login. You can still login via public key instead, which may be even safer. But it's a good way to prevent bad effects from someone just stealing your password.

Here's a link to the companion authenticator apps for different mobile platforms (Android, iPhone, ...).

Make sure you keep logged in with one session when setting it for remote machines! If you make a mistake you won't be able to log in at all until you correct it.

Freetz and Knockd: Most Ports don't work

One important thing to note when using knockd with freetz is that only forwarded ports are possible. Only they arrive at the dsl interface. But of course you can add forwarding rules. "dsl" is the correct interface for dsl users.

Very Short Knock Client Bash Script

All clients I saw were a bit too elaborate. So I wrote this one which only needs four lines and could do with less:

#!/bin/bash
target=$1; shift
echo knock $target with knock $*
for i in $*; do
echo > /dev/udp/$target/$i;
done

Fixing "Valid eCryptfs headers not found in file header region or xattr region, inode"

This is a manual process, once step. You need to remove the file. Then it can be recreated.

e. g. Valid eCryptfs headers not found in file header region or xattr region, inode 123344

You will need to inode number in bold. Then use this command to find out which file it corresponds to:

find ~/ -inum 123344

I'm assuming here that the ecryptfs is mounted in your home directory, as e.g. in Ubuntu.

Then this gives me some filename, e.g.
/home/user/.kde/share/config/session/konsole_10101dd02011

To check it's really the problem try to read the file:
cat /home/user/.kde/share/config/session/konsole_10101dd02011.

You should get an input output error now. If so, feel free to remove the file:

rm /home/user/.kde/share/config/session/konsole_10101dd02011

Done. HTH!