Archive for the ‘GNU/Linux’ Category

Using Cloud storage safely – encrypt & sync with Ubuntu

October 30, 2011 Leave a comment

The advent of “The Cloud” has meant that there are now services available on the internet for many of the tasks which traditionally would have been tackled by systems within your company or home.

One of the most basic is the storage of files on the internet which synchronise with a folder on your computer.  Although there are many examples, I am going to use a free 5Gb Ubuntu One (U1) account to keep my secret files backed up offsite.

When it comes to backups, there are a couple of issues that need to be addressed.

  1. If you backup to an external hard-drive, what happens if someone steals it?  Do they get access to your personal information?
  2. What if the house burns down? Do you lose both the original store of that information on the PC as well as the “safe” backup on the external hard drive in the same room?

I suspect that for most people the answer to both of those questions is yes.  It does not need to be and GNU/Linux allows you to fix these issues relatively easily.  I don’t know whether it can be done on Microsoft Windows or Mac OSX, you’re on your own there. 🙂

I have a PC with Ubuntu 11.10 “Oneiric Ocelot” installed.  As usual, I have a “home” folder for my own account but because there is no encryption on those files by default, anyone who gets their hands on my PC or external hard drive can read my files.

So this is what I did…

Install the package ecryptfs-utils with support for encfs to add an encrypted folder under your home folder called “Private”.

Open up a terminal window and execute the following command

sudo apt-get install ecryptfs-utils encfs

Then run the following command to create the Private folder


This will ask you for your login password/passphrase and will then create for you a mount passphrase which you should record somewhere as it is the key to decrypting your secure data in future.

(Hint, don’t just stick it in a text file in the same folder. Nature has a way to stop this sort of behaviour a.k.a. “Natural Selection”.  You could backup the folder ~/.ecryptfs as it contains the mount passphrase wrapped up by your login password.)

At this point there is a folder called “Private” in your home folder which looks much like all the other folders.  The difference however, is that every file or folder you place in there becomes encrypted and stored in a hidden folder called “.Private” (note the initial fullstop/period in that name).

In fact, the data is ONLY stored in that .Private folder and it is your mount passphrase that decrypts it and allows you to interact with the files through the Private folder. The .Private folder is what you can safely store out on the internet because nobody can decrypt it without your mount passphrase.  What we will do next is synchronise this folder to be stored out on a cloud file storage service.  I’ve chosen UbuntuOne but you could just as easily use Dropbox

Now this is where the fun starts…

Sign-up for an UbuntuOne account

or Dropbox here (using my referral)

Ubuntu One software is already included with Ubuntu, for other services you will need to install some software e.g. Dropbox client software.

Launch the Ubuntu One software from the Unity launchbar on the left of your screen in Oneiric. Once you have logged in, you will see that the “Ubuntu One” folder in your Home folder is automatically synchronised.  Now I am sure that the nice people at Canonical would not sift through your files or that they’d make a technical error that allowed your files to be seen by all and sundry on the internet.  But with this approach, we don’t have to worry.

In the Ubuntu One software, you need to add the .Private folder (the one starting with the period, remember?) which contains encrypted gobbledygook so that it gets synchronised from your PC to your 5Gb Ubuntu One (U1) account. To accomplish this, right click on the folder in Nautilus (the normal file explorer in Ubuntu) and choose the menu option for Ubuntu One to “Synchronise This Folder”.

If you like, you can login to the U1 website to check the progress of the upload.

Once that is completed synchronising, you will have your files safe and secure on the cloud in case you lose your primary source of those files.  Every time you edit one of those files or add another, they will immediately be encrypted and synchronised with that U1 account.

The mount passphrase is essential in getting access to that data so DO NOT SHARE OR LOSE IT.

If you want to retrieve that data on another Ubuntu machine, then merely setup U1 as before using the same account details. You will probably need to click the checkbox in the U1 software, “Cloud Folders” tab for the .Private folder to be downloaded to this new machine. (CAUTION: It is not necessary to perform the step earlier to create the Private folder on this second machine using ecryptfs-setup-private.  In fact, if the Private folder already exists on this second machine, don’t do this because encryption is already setup and you’re probably overwriting some other encrypted data.)

Give it some time to synchronise and run the following command in a terminal

sudo mount -t ecryptfs ~/.Private ~/Private

Enter your mount passphrase and you should be able to see your data in the Private folder.

Some additional things to note.

If you need more than the free 5Gb, you can pay for more storage.

Software clients exist for many operating systems (Windows, Android smartphones etc) but you will need a means to decrypt the data when you want to read or edit it. This guide assumes that we are only using Ubuntu 11.10.  Hint: For Android check out the boxcryptor application with a Dropbox account as it has encfs support and is well integrated with Dropbox.  I prefer to use free software and will keep an eye out to promote an Android solution in future.

I hope this helps explain how to protect yourself from data theft or loss by using readily available cloud services.  If you require further explanation, please let me know and I will try to clarify.


AMD video problems in Ubuntu 11.10 Oneiric Ocelot

October 30, 2011 Leave a comment

I’ve had some issues with graphics in Oneiric Ocelot since the Alpha pre-releases.

There were issues with the AMD proprietary driver (“fglrx”) for both my 5770 and 5870 graphics cards and, since I would always prefer to use free software, I decided to revert to the free Radeon driver that does have some 3D support now.

The problem is that, even after removing the proprietary AMD driver, some residual issues still persist that stop the radeon driver from working properly.

The trick is to reinstall a few components after removing all the fglrx packages.  Then remove the xorg.conf file.

That was enough for me, I now have my dual monitor setup back in action with the compiz wobbly-windows effect that I like.

In a terminal, try these commands one-by-one and then reboot.

sudo apt-get remove --purge fglrx fglrx_* fglrx-amdcccle* fglrx-dev* xorg-driver-fglrx
sudo apt-get remove --purge xserver-xorg-video-ati xserver-xorg-video-radeon
sudo apt-get install xserver-xorg-video-ati
sudo apt-get install --reinstall libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core
sudo mv /etc/X11/xorg.conf /etc/X11/xorg.conf.backup


The free software radeon drivers wins over the proprietary AMD software.

For more help with getting AMD cards working try reading this excellent guide for Natty.

Upgrading from ext3 to ext4 in Ubuntu

February 20, 2011 Leave a comment

If you have installed Ubuntu recently you will find that ext4 is the standard format used for creating filesystems. However, if you upgraded from an older version of Ubuntu you may be still using ext3.

The following instructions show how to upgrade the filesystem format with the data still in place. I am presuming you have a backup of your data in case this goes completely pear-shaped.

First confirm that you are using ext3 by typing the following command in a terminal window (Go to Applications menu, Accessories, Terminal)

sudo df -Th

One of the lines that showed up for me was

/dev/sdb1     ext3   241263968  93827044 137632456  41% /media/mirror

Now download, create and boot from a Ubuntu live CD so that none of your hard drives are in use.  Choose the 32-bit option of the latest version (ver 10.10 at time of writing) of Ubuntu.

Then restart the machine with this newly created CD and again confirm the name of the device you want to upgrade from ext3 to ext4.

sudo df -Th

Before making the change in format, let’s check the disk for any errors

sudo e2fsck -fDC0 /dev/sdb1

When that completed, we make the change from ext3 to ext4 with

sudo tune2fs -O extents,uninit_bg,dir_index /dev/sdb1

The only thing left to do is to edit the fstab file so that the filesystem loads with ext4

The fstab file will be on the drive that you use to boot the PC in the /etc directory.  Although not in my example here, this may be the drive you just modified.

We need to mount the drive that is used for booting (I assume it is sda1 here)

sudo mkdir /mnt/sda1
sudo mount -t ext4 /dev/sda1 /mnt/sda1

Now edit the fstab file

sudo nano /mnt/sda1/etc/fstab

Look for the line which contains your recently changed drive (sdb1 for me) and alter the format from ext3 to ext4 and hit control-x to exit.  Then hit the Y key to accept the changes and hit enter to replace the old fstab file.

Now it’s just a matter of restarting for the drive to be reloaded with ext4.

Categories: ext4, GNU/Linux, Ubuntu Tags: ,

Free graphics card by earning bitcoins

February 12, 2011 15 comments

Well, here’s the plan.

I’ve just bought a Powercolor ATI Radeon HD 5770 for AUD$127 from in Ultimo, Sydney yesterday.

This is a good quality graphics card that is below the current 6000 series cards in terms of performance but cheap at the price.

What I plan to do is earn enough money from it to cover the cost within 2 months!

How is that to be achieved? By “GPU mining”.

With the advent of OpenCL support, the newer graphics cards can be instructed to use the onboard graphics chip (known as the “GPU”) to focus on intensive mathematical tasks and free up the main system CPU to do other things.  The GPU is designed for this sort of work so it’s an ideal way to get the most out of the hardware you have purchased.

Ok, here’s where the money comes in.  Bitcoin is a form of virtual currency that is managed by a network of connected computers on the internet that talk to each other at a peer level to manage the transfer of bitcoins from one party to another.  The transfer is anonymous in that you know the identifier of the party you are dealing with but not who they are. There are businesses that are accepting bitcoins as a form of payment. The computers in the bitcoin network belong to any individual that is interested in partaking in the bitcoin economy.

My computer is now one of them.

Every now and again, one of the nodes (i.e. computers) in the network creates some new bitcoins (50 at a time to be precise).  The more processing power you have, the more likely you are to create a block of 50. By adding this graphics card, I have increased my processing power for bitcoin generation by about 150 times and should create 50 within 8 days on average according to the bitcoin calculator. I am processing at 155 Mhash/sec now.

There are markets to swap bitcoins for USD through paypal transactions which at time of writing show that 1 bitcoin is near to USD$1.  I will earn USD$50 per week on that basis which will pay for the card in under a month but I’m being conservative by aiming for 2 months. There has been a significant rise in the relative value of a bitcoin in the past 6 months which is a critical factor in this plan.

In order to get things running on Ubuntu 10.10 64-bit “Maverick Meerkat”, I had to download and install the proprietary version of the ATI driver (10.11 is the best for performance currently) for my card.  It chose the radeon driver by default which does not provide the OpenCL support required. Also, I chose ATI since their performance for mining is far, far better than Nvidia’s.

It was necessary to also get the ATI Stream SDK 2.1 from here.  This provides the OpenCL libraries.

I also downloaded this to get the correct ICD files installed under /etc/OpenCL/vendors

This how-to for Maverick Meerkat and also this link were invaluable in getting to this point.

Having achieved that little success, now we need to get the bitcoin software and also the Diablo GPU miner software.

You should ensure that the bitcoin server is running rather than the actual user interface (see below).

In a terminal window, run the following

sudo gedit ~/.bitcoin/bitcoin.conf

and put in any values for rpcuser and rpcpassword



Then you need to run the bitcoin server with

bitcoind -server

Now finally you need to run the Diablo miner making sure that it knows where the ATI Stream SDK OpenCL library is. (find it with sudo find / -name and using the path to where you downloaded the miner along with the username and password you put into the bitcoin.conf earlier.

export LD_LIBRARY_PATH=~/Downloads/ati-stream-sdk-v2.1-lnx64/lib/x86_64/

./ -u myself -p somethingsecret -w 64 -f 10

This should then show the current processing in terms of khash/sec.  Mine is between 150,000 and 160,000.

Now to sit back and see if I improve on my free 0.05 bitcoins in the next 8 days (UPDATE: First 50 bitcoins arrived this morning, 27/02/11 4:14:49 AM, after about 15 days of processing)

Oh, and if you do manage to get some coins and fancy giving them away, my bitcoin wallet is 1Cfdc5DHMABv27eyQ9xcrnuynQmx9dRXTg

Downloading repo keys from behind a corporate firewall

October 2, 2010 19 comments

Corporate firewalls commonly block port 11371 which launchpad PPA’s use for their keys.

It is possible though to get these through the normal port 80 for web traffic using the format below (replace the last reference to reflect the key you want to download)…
gpg --keyserver hkp:// %%recv-keys 0A5174AF

Using a USB modem for wireless 3G internet with Ubuntu 10.04 “Lucid Lynx”

October 2, 2010 Leave a comment

Many of these devices contain their own software to work with Windows.
If you use them with a Windows machine, they act like a USB flash key containing the software and will install the necessary drivers.
Once this is done, they switch into a different mode of operation and act like a modem from then on.
This is not required in Ubuntu so we just need to make sure the modem skips that first stage. It’s a very simple fix actually but will involve getting an internet connection through another means first i.e. home internet, wifi at a cafe, a friend’s place etc

Open a Terminal window (under the Applications menu, Accessories).
Type the following to install what you need

sudo apt-get install usb-modeswitch

This will ask you for your password in order to install the software.
Once it is completed, you can just insert the USB modem again and connect using the Network Manager applet near the top right hand corner of the screen.
From here it depends on the internet provider that the USB modem relates to but it should get you a good deal closer to getting it working.