Linux Conversion Attempt

As a part of my security journey I have made multiple attempts over the years to convert to Linux, however it has always been so far behind windows I have always had to revert back after a short period of using it.

With the advent of windows 11 having been shown to call home periodically with no option to opt out I decided to make another attempt at converting to Linux.  While Linux has improved, the process is still extremely painful for anyone other than a basic web browsing type user.

Here are some of my major pain points.

Brave Web Browser - works beautifully

OneDrive Sync

Rather painful to setup because Microsoft does not support linux.  I use this as my primary backup solution, i'm sure there are other backup solutions that could be used to overcome this pain point.

VeraCrypt

Rather painful to setup, and the linux version does not have the feature to dismount the drive automatically.  It definitely has fewer features than the windows version of it.  I was able to get around the dismount issue by adding a root level cron job using the following:

sudo crontab -e

 12,16,20,22 * * * /usr/bin/veracrypt --dismount --force

( Edit: that auto dismount created instability in the Ubuntu OS, so I had to disable it )

Synergy

Very painful to get working unless your linux box is your "server".  The biggest pain point is that the synergy software does not start before login, and cannot run when attempting to logout.

For now I have installed Synergy 3 beta, and have a bug ticket in to the team.

In order to get Synergy to run at login you have to switch to wayland as instructed in their setup documentation.  This is done on the login screen the icon in the lower right corner.  However, there's one other piece that has to be done for those who have authentication enabled.

modify this file

sudo nano /etc/gdm3/custom.conf

navigate to #WaylandEnable=false and remove the # to uncomment the line.

Signal - works beautifully

0AD - works beautifully

Open Office - works beautifully, fortunately I was already leaving Microsoft Office behind in favor of Open Office / Libre Office.  While they are not as nice as Microsoft Office, they are good enough for what I do.

ProtonVPN - works beautifully, although it was a manual command line install based on the directions on proton's website.  That said, the windows app is far more polished and has better and clearer configuration features.

ProtonVPN does not yet have the ability to auto start on Linux.  So I added the app to the list of applications to auto start, and for now i'll just manually click the connect button. The auto connect feature is a bit unintuitive and requires you to type in the name of the connection you wish to auto start; in my case I typed in "Fastest" as suggested by their support team and it worked perfectly.

Desktop Customizations

I did have to customize things a little to get rid of somethings that were annoying me.

Minimize windows on taskbar icon click

https://www.omgubuntu.co.uk/2021/07/enable-minimize-click-ubuntu-dock

gsettings set org.gnome.shell.extensions.dash-to-dock click-action 'minimize'

Disable snapping the mouse to the edge of the screen when moving between monitors

https://askubuntu.com/questions/462629/how-to-disable-sticky-edges-in-ubuntu-14-04-ubuntu-13-10-and-earlier-had-a-opti

sudo apt-get install compizconfig-settings-manager

open ccsm from terminal

Go to Snapping Window Managment > Snapping Windows > Behavior > Snap Type and uncheck Edge resistance and Edge attraction

Install a decent screenshot tool that allows for easy partial screen screenshots to be taken.

sudo apt-get install flameshot

Installing VeraCrypt on Raspberry Pi4

Raspberry Pi 4 Project

I have been interested in small computing devices for awhile starting with various Arduino projects.  Recently I took on a new Raspberry project where I needed it to be able to read encrypted USB drives.  I ran into several issues along the way that I intend to document here to help others attempting similar things.

When working with a PI I generally use the Raspbian OS, it has been the one I have had the most success with.  For this project I tried both the Lite and the Full versions of the OS, and while they were both successful, the full version had one feature that caused me to go with it over Lite.

USB exFat Issue

The USB drives I was using were 64GB, which means they were too big for the older FAT32 format and were formatted exFat.  The full version of Raspbian auto mounted and read them perfectly, while the Lite version could not and needed the exFAT libraries installed using the following two commands:

sudo apt-get install exfat-fuse
sudo apt-get install exfat-utils

I didn't have any problem installing the libraries, but after install the drives would still not auto mount as the documentation indicated they should.  They did work correctly after performing a manual mount  using the following command:

sudo mount -t exfat /dev/sda1 /mnt/usb1

Part of this project was having an environment that wouldn't take me too long or too much work to re-create in the future if my micro SD card died.  So rather than continue to fight with why the USBs were not auto mounting, I ditched my preferred Lite version of Raspbian, and went with the Full version.

VeraCrypt

Now that my external USB drives were working correctly "out of the box", all I really needed to do was install the VeraCrypt software.  I use VeraCrypt because it is both free and one of the simplest and most portable encryption options available.

The first place I looked for a package was the recent downloads.  I grabbed the armhf version which is advertised as working on the 32bit Raspbian OS.  After installing and attempting to run it I was presented with the following errors:

veracrypt: /usr/lib/arm-linux-gnueabihf/libstdc++.so.6: version `GLIBCXX_3.4.26' not found (required by veracrypt) veracrypt: /usr/lib/arm-linux-gnueabihf/libwx_gtk3u_core-3.0.so.0: version `WXU_3.0.5' not found (required by veracrypt)

I founded one post that indicated the errors meant I had the wrong version of the libraries installed.  It took me awhile to figure out the actual names of the libraries the dependencies were referring to, however Code Yarns finally solved that problem for me telling me to run this command.

sudo apt install libfuse-dev libwxbase3.0-dev

Unfortunately I was still getting the same error.  Considering Ashwin from Code Yards was successful in getting it to work, and remembering the errors were supposed to be version issues, not just if the libraries were installed at all, I decided to see if the version of VeraCrypt Ashwin used would work.

But of course I didn't want to go all the way back to his version, so I started walking my way back trying each version to see if one would work.  Not a particularly fun task as VeraCrypt is not compiled for Raspian with each iteration, you have to go into each folder and see if you can find an armhf version compiled.  Several people solved this issue by simply compiling the latest version of VeraCrypt for themselves; but again, I was trying to go for the most easily reproducible build.

I finally found a working version in VeraCrypt 1.24 Update 7.  My guess is that if I had looked for newer versions of libfuse and libwxbase I might have been able to use a newer version of VeraCrypt as well.

After that it was all down to testing the install and making sure encrypted files could be created and opened.  I had no more issues afterwards, the Raspberry Pi device is really becoming quite the powerful tool these days.

Recover Windows Files Using Linux

A friend of mine recently corrupted some files on his Windows XP laptop.  The fix is fairly simple and can be handled by a Windows XP recovery CD.  Unfortunately one was not readily accessibly and he needed access to his files.

Since I run a few linux systems I thought I would try booting to a live CD and mounting his local drive from there.  It was a very simple process with lots of documentation all over the web.  I am posting the commands here because it was so useful that it was a must have post for my blog.


mkdir /mnt/mountpoint
mount /dev/sda? /mnt/mountpoint (you need to find the correct number of your partition here: use fdisk -l)
cd /mnt/mountpoint/home/username (puts you in your home directory)

Flash plugin crashing in Chromium on Linux

I have been having random luck with the flash player running in Chromium on my Lubuntu computers.  I have 5 different machines and two of them refused to run flash.  Any time I went to a flash enabled website the plugin would crash.


After reading this website I checked out chrome://plugins but only saw one instance installed.  I tried disabling that instance and the crashing would stop but the site would then tell me I needed to install the plugin.  I tried making it ask me before running, and it would ask, then crash.


Finally I tried going to chrome://plugins and expanding the details and disabling the flash plugin from there, even though it seems to do the same thing as disabling it without the details open, the results are different.  If I disable the main plugin for some reason it still doesn't work, but going into details and disabling it there fixed the issue.

Linux Start Application on Boot

Since being in the army I haven't had a lot of time to mess around with my personal computers.  However, I am back in the states and settled down for a bit so I decided to built myself a desktop computer.  I didn't have a lot of money, so older hardware and Linux was the route I took.

On a recommendation from a friend I researched a program called Synergy which was supposed to allow you to use a single mouse, keyboard, and clipboard across multiple computers and OSs via TCP-IP.

I cobbled together three older machines with about one gig of RAM a piece and loaded Lubuntu ( a lite version of Ubuntu Linux ) on each of them.  The Synergy program worked great and I was able to have a three monitor three machine system that felt much like one machine when using it.

Unfortunately, I ran into a small headache.  Every time I restarted a machine Synergy would shutdown.  On windows it has the option to start with the computer, but Linux is pretty much all manual configuration.  Some versions of Linux GUIs now have session managers which allow users to setup custom programs through a nice GUI app, but Lubuntu doesn't yet come with that.  After a little research I came across a website with a very nice detailed answer, which is copied below in case their site goes down.

There are two main steps:

1. Create a text file named firefox.desktop in your ~/.config/autostart directory. (~ represents the current users home directory, typically /home/user; you will also have to click on View/Show Hidden in the File Manager to see folders starting with a period.)
2. Fill the new file with contents.

Obviously rename the first part of the filename to whatever description best fits the program you are trying to start.  Below are 4 different examples to start up various programs, firefox and thunderbird were the examples on the site, chromium and synergy are the files I built for my needs.  Use or modify them to fit your needs.

One additional bonus, by creating this file you will also make an entry appear in the "Start menu"/Preferences/"Desktop Session Settings" program allowing you to easily toggle it on or off without having to delete and recreate the file.


[Desktop Entry]
Version=1.0
Name=Firefox Web Browser
Comment=Browse the World Wide Web
GenericName=Web Browser
Exec=firefox %u
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=firefox


[Desktop Entry]
Version=1.0
Name=Thunderbird Email Client
Comment=Email Client
GenericName=Email Client
Exec=thunderbird -%u
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=thunderbird


[Desktop Entry]
Version=1.0
Name=Chromium Web Browser
Comment=Access the Internet
GenericName=Chromium
Type=Application
Exec=/usr/bin/chromium-browser %U
Terminal=false
X-MultipleArgs=false



[Desktop Entry]
Version=1.0
Name=Synergy Client
Comment=Connect to the keyboard network
GenericName=SynergyC
Type=Application
Exec=synergyc 192.168.111.114
Terminal=true
X-MultipleArgs=false

Lubuntu on an old Compaq machine

I recently decided I wanted to fire up an old compaq machine for a spare computer.  Due to life circumstances I was down to one machine and really needed to start building the collection back up.

After a little research on stripped versions of Linux I settled on Lubuntu, primarily because of its association with Ubuntu.  I figure with the development support behind the Ubuntu distro there would be updates and fixes coming out for it for awhile still.

I burned a live CD of Lubuntu and started up the Machine:
512MB RAM
120GB HD
AMD Sempron processor 3400+

It had previously run Windows XP very successfully, so I was fairly confident that I wouldn't have any problems.  True to expectations it booted and ran very well off of the CD.  So I clicked the install button figuring that this would be the easiest setup ever.  But the installer couldn't make it past the partitioner, it gave a couple of different errors and refused to format the HD.  After trying every configuration I could think of I gave up for the day.

The next day, on a hunch, I started the computer back up with the live CD, launched a terminal window, and used fdisk to manually format all the partitions on the drive to a Linux format.  After that the installer ran perfectly with no problems.

My next issue came when I tried to boot the newly installed OS.  It would let me into the command prompt on first boot after taking the CD out, but after that it wouldn't even let me get that far.  The error it was throwing was:
drm_crtc_helper_set_config failed crtc:6

After Googling for awhile I finally found someone else who had a similar issue and had posted a fix.
Their post can be seen here.. I have copied the steps below:

There is no other way than adding a parameter to the kernel line before booting. In your case it is probably "nomodeset" or "nomodeset noapic".
1. Restart your PC
2. Hold down SHIFT (if it doesn't work, try 'Esc' or any other key) to display the hidden menu during boot (Note: SHIFT only works for single-OS systems)
3. When you see GRUB menu, highlight the Linux Mint entry and press the 'E' key
4. Use the cursor keys to navigate to the line that ends with "quiet splash", and add nomodeset (like this: quiet splash nomodeset)
5. When you are done editing the kernel line, press Ctrl-X to boot

I held the shift key, got to the Grub menu, pressed E and was on my way.  The line I needed to edit didn't End with "quiet splash" there was a variable after that text, I inserted "nomodeset" between the quiet splash and the variable.  When I pressed Ctrl+X the system booted normally.

TSocks with Ubuntu Linux

So it turned out that a simple SSH Tunnel doesn't always accomplish what is needed.  An SSH Tunnel is great for applications that are able to redirect their own packets to a different proxy, but what about applications that don't natively support proxies?

One alternative is to use a VPN Tunnel, in most cases this will work great, but in some networks VPN packets are restricted.  Also VPN networks doesn't typically run on natively installed software.  To solve this issue I turned once again to Linux which seems to have the best collection of geeky programs natively installed.

Step 1: I downloaded VirtualBox which is an OS simulator.
Step 2: I downloaded an ISO file of Ubuntu linux.
Step 3: Download the tsocks .deb file, you may need a normal SSH tunnel if web traffic to that site is being blocked:
   Go to this website, scroll to the very bottom, and click on the link for the correct version of linux and 32 vs 64 bit OS.
   Under the Download Mirrors section click on "select mirror".
   Click on the binary package link to download the .deb file.
Step 4: Install the tsocks .deb file.
Step 5: Edit the tsocks file, first rename the default file then modify the original file.
   sudo mv /etc/tsocks.conf /etc/tsocks.conf.old
   sudo nano /etc/tsocks.conf
Step 6: Add the following two lines to the file:
   server = 127.0.0.1
   server_port = 6060
   these lines tell tsocks to redirect all traffic fed through it to the local loopback ip using port 800.
Step 7: Start up a ssh session accepting traffic on the port that tsocks is now configured to send it on.
   ssh -C -D6060 -v -v user@www.domain.us
   The -v -v are two levels of verbose troubleshooting, you only need to use them if you want to watch what is happening inside the tunnel.
Step 8: Open another command prompt, and startup a firefox session through tsocks. I used firefox simply because it is a decent browser and is the default one installed on linux. Use the following command at a command prompt.
   sudo tsocks firefox

With this setup all firefox's child processes should be tunneled through the tsocks connection as well which includes things like voice calls or video chats started from the web browser but running on different ports.  Replacing firefox with the command for other applications you can try tunneling them through the tsocks connection as well.

Steps 7 and 8 will need to be repeated every time you want to initiate the tunnel from now on.

Getting your audio, and other USB devices to work correctly through the virtual machine is a whole different issue.  If you have too many problems with this try using a regular Linux install instead of a virtual box.

List of installed packages in linux

I am using CentOS and was wondering how to get a list of all packages installed on my system:

I found a site: Here

which claims

rpm -qa | sort | less

does the trick, however I am unable to find a package I am pretty sure is installed so I am not sure if their is a better method.

checking installed php packages

There is this really easy method of finding out what packages are installed for your current version of php.

just log onto your server and type
php -m
and it will display the list for you.

Mount and Unmout ISO images in Ubuntu Linux

Recently I decided I needed to mount an ISO in Linux. I have done this many times in Windows and expected it to be even easier in Linux. Surprisingly Ubuntu didn't have a graphical tool for this, however some wonderful person created a couple of scripts and some easy install instructions to give us a graphical tool.

I am going to try this out tomorrow I hope.

"Some times you want to use iSO images without burning them.If you don’t want to waste your CD’s/DVD’s here is the simple possible solutions using these tips you can mount and unmount ISO images without burning them.
I know two possible solutions..."

Installing DVD playing codecs on Ubuntu.

I have recently been having a lot of trouble with my MS Windows installations. I really like windows XP (not Vista), I just don't like the spyware, shareware and other junk that comes with it. Also the licensing issues have recently become such a nightmare that I have decided to switch to linux.

I have chosen Ubuntu as my distro of choice and things have been going great. Almost everything works out of the box. The few things that haven't have generally been because of licensing issues (in other words Ubuntu can't include the sofware I want because it isn't free).

My most recent hurtle has been making DVD's play on my Ubuntu installation. I ended up finding a great site (linked to above) which guided me to these two links:
http://www.debian-multimedia.org/pool/main/w/w32codecs/
http://www.debian-multimedia.org/pool/main/libd/libdvdcss/
After downloading the correct two packages for my machine ( they installed without any problems or headaches just link a Windows .exe file ) I was able to use MPlayer to play my DVD's. Totem still didn't work for them, but hey, that's ok, MPlayer is as good or better than any programs I could find for MS Windows, and it is free.

Here is a small excerpt from the site:
"
libdvdcss is a highly portable library for accessing and unscrambling DVDs encrypted with the CSS system. It is part of the VideoLAN project and is used by VLC and all other open source DVD players such as Ogle, xine-based players and MPlayer.
Installing w32codecs in Debian
#wget http://www.debian-multimedia.org/pool/main/w/w32codecs/w32codecs_20060611-0.0_i386.deb
#dpkg -i w32codecs_20060611-0.0_i386.deb
Installing liddvdcss2 in Debian
#wget http://www.debian-multimedia.org/pool/main/libd/libdvdcss/libdvdcss2_1.2.9-0sarge0.0_i386.deb
#dpkg -i libdvdcss2_1.2.9-0sarge0.0_i386.deb
"

I pasted the most important part of the site here in case they ever become unavailable. One of my biggest peeves on the web is people to link to something without giving me a summary or the critical information from the site, then having the link not work.

how to untar/tar

To get the files out of a tarball, you can use the following commands:

tar xvf something.tar

If the tarball has also been gzipped (compressed), you can use the following command:

tar xvfz something.tar.gz

The biggest thing that I always forget when trying to use this command is that it doesn't accept the "-" prefix before its modifiers like most other linux commands.

If you need to create a tar file
http://infohost.nmt.edu/tcc/help/unix/tar_build.html

tar -cvzf name.tgz subdir

the 'z' is optional and gzips the file.
the 'v' is optional and gives a verbose output.