Published January 28th, 2009 by admin

Ubuntu Pocket Guide and Reference

41ikw6gi-cl_sl160_You can find a pretty comprehensive Pocket Guide for Ubuntu here. I must say that it is probably the best book I have seen so far on the topice.

You may want to consider buying the print edition from Amazon though as it is a rather long read (or print) from PDF…

Published May 14th, 2008 by admin

How to Patch Ubuntu for openSSL and openSSH Vulnerability

I’m sure you have heard by now that there is a reported vulnerability in openSSL and openSSH. This only affects Debian and its variants for now (ie:Ubuntu).

This is a pretty serious issue so it should be patched ASAP.

Follow the instructions below to guard your Debian and Ubuntu machines from the vulnerability.

Run the following to find out if you are affected:

wget -c http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
gunzip dowkd.pl.gz
chmod u+x dowkd.pl
./dowkd.pl user
./dowkd.pl host hostname

If either the 2nd to last or the last command issued above shows something similar to the following:

.ssh/id_dsa.pub:1: weak key

…then you are affected by the vulnerability. If you do not see “weak key” reported then you are OK.

Otherwise follow below:

Apply any updates by entering the following at a command line:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

You should see an update for openssl and openssh packages (along with anything else available).

After these new packages have been installed you will want to regenerate any keys that you’ve generated (ie; openssh keys, CA cert, etc).

To generate a new openssh key for your user: (This only required if ‘./dowkd.pl user‘ reports weak)

ssh-keygen -t dsa -b 1024

To generate a new openssh key for your server: (This only required if ./dowkd.pl host hostname reports weak)

sudo rm /etc/ssh/ssh_host_{dsa,rsa}_key*
sudo dpkg-reconfigure -plow openssh-server

You should now run the validation script again and make sure it does not report any errors. If you still see reported warnings such as:

.ssh/authorized_hosts:1: weak key

…this means that you have keys saved that are still affected, in this case in the authorized_host file. The easiest way to solve this is issue the following:

rm .ssh/authorized_hosts

This will remove the file, which will be recreated the next time it is needed or you can delete the line in the affected file using your favorite text editor. The line is indicated by the ending “:1” which maps to the affected line number.

Continue to run the ./dowkd.pl script until no weaknesses are reported.

Published February 13th, 2008 by admin

Time to Update – Now!

I can’t add anymore than wonderful Mackenzie already did:

A new kernel update just went out yesterday or the day before (not
sure), but it fixes the vmsplice proof-of-concept exploit that was
released two days ago. The exploit would allow someone at a non-root
console to elevate themself to root without using sudo or su or knowing
any passwords at all.

Check out Mackenzie’s site: Ubuntu Linux Tips & Tricks

Technorati Tags: ,

Published February 9th, 2008 by admin

How-To: Migrating Amarok Playlists and Collection Data to a New Computer

So you have your Amarok playlists and collection set up all how you want and now you want to migrate everything over to a new computer, but don’t want to start from scratch? Read on for instructions on how to pull off this task with ease.

In my example I had all my music saved on an external hard drive that mounted itself as “disk”. I wanted to change it over to a new computer and a new external drive that mounts itself as “OneTouch1” (Maxtor external drive). It doesn’t matter where your music is and where you want it to go (maybe you just want to connect the same drive to a new computer) but in either case this is how I did it:

First off I mounted both drives on the computer that had the current configuration I wanted to save.

Then I ran an rsync command to transfer all my music from the old external drive to the new one:

rsync -av /media/disk/Music/ /media/OneTouch1/Music

This copied all my music from disk/Music to OneTouch1/Music.

Then I needed to grab the current mySQL database, so I fired up webmin on the localhost and did a backup of my “amarok” database I had all my collection data stored in. One more thing you will need for all your playlist and configuration settings is the app settings folder located in your home directory in a hidden directory. You can grab it like so:

rsync -av /home/yourusername/.kde/share/apps/amarok/ /media/OneTouch1/amarok

Make sure you substitute your username and new drive name above.

Now we should be ready to configure the new computer with your old computer’s settings. The next steps assume you have Amarok installed and running.

Make sure Amarok is closed and not running and then plug in your external drive.

Create a symbolic link to map everything up like it was before. In my case it was done like so:

ln -s /media/OneTouch1/ /media/disk

The above is needed even if you want to use the same drive, but only in the case that it mounts itself on the new computer with a different name than it does on the old computer.

Now we want to create an empty database called amarok (or whatever your previous db was called) (I used webmin for ease of use) and create the same user id and credentials that you had used on your previous computer.

The next step is open your home directory and hit ctrl “h” to show hidden files and browse to .kde/share/apps and rename the amorak folder to amorak_old (just so we can revert later if needed). Then copy the amorak folder we had backed up from your old computer onto the external drive to replace the folder we just renamed.

Once this is all complete, we can open Amarok and go to Settings -> Configure Amarok and navigate to the Collection tab on the left. Make sure that the correct directory is selected (using the symbolic link to select it) and also that the correct db and user credentials are entered.

After the above is done, go to Tools -> Rescan Collection. This may take awhile, depending on the size of your collection, but when it is complete you should see that everything is how it was on your old computer!

Technorati Tags: , , , ,