ubuntu


Using TeamViewer tar package on Ubuntu

Recently, we needed to start TeamViewer on an Ubuntu GNU/Linux machine where we did not want to install it.
To do so, we used the 64bit tar package from the TeamViewer Linux download page.

After downloading the package and extracting its content, we realised that we could not start TeamViewer (./teamviewer) as is.
In order to troubleshoot, we used a terminal and executed the check libraries functionality (./tv-setup checklibs;) from the archive folder that gave us some missing dependencies:

./tv-setup checklibs

    -=-   TeamViewer tar.xz check   -=-     

  In order to use the tar.xz version of TeamViewer,
  you have to make sure that the necessary libraries are installed.

    Writing raw output to /home/xeirwn/Downloads/teamviewer_13.1.3026_amd64/teamviewer/logfiles/DependencyCheck.log

 Analyzing dependencies ...           
    libQt5Core.so.5 => not found
    libQt5DBus.so.5 => not found
    libQt5Gui.so.5 => not found
    libQt5Network.so.5 => not found
    libQt5Qml.so.5 => not found
    libQt5Quick.so.5 => not found
    libQt5WebKit.so.5 => not found
    libQt5WebKitWidgets.so.5 => not found
    libQt5Widgets.so.5 => not found
    libQt5X11Extras.so.5 => not found

    The libraries listed above seem to be missing.
    Please find and install the corresponding packages.
    Then, run this command again.

    QtQuickControls seems to be missing

    The following command may be helpful:
      apt-get install libdbus-1-3 libqt5gui5 libqt5widgets5 libqt5qml5 libqt5quick5 libqt5webkit5 libqt5x11extras5 qml-module-qtquick2 qml-module-qtquick-controls qml-module-qtquick-dialogs qml-module-qtquick-window2 qml-module-qtquick-layouts;

Solution: Following the instructions we executed the following:

sudo apt-get install libdbus-1-3 libqt5gui5 libqt5widgets5 libqt5qml5 libqt5quick5 libqt5webkit5 libqt5x11extras5 qml-module-qtquick2 qml-module-qtquick-controls qml-module-qtquick-dialogs qml-module-qtquick-window2 qml-module-qtquick-layouts;

After the installation of the libraries, we executed once more the check libraries functionality (./tv-setup checklibs;)  where we got the message that everything seem to be OK.

 ./tv-setup checklibs

    -=-   TeamViewer tar.xz check   -=-     

  In order to use the tar.xz version of TeamViewer,
  you have to make sure that the necessary libraries are installed.

    Writing raw output to /home/xeirwn/Downloads/teamviewer_13.1.3026_amd64/teamviewer/logfiles/DependencyCheck.log

 Analyzing dependencies ...           

    All library dependencies (*.so) seem to be satisfied!

    QtQuickControls seems to be installed

Trying to start the (./teamviewer)  application did not gave an error but it would not start again.
It appeared that there was a service running which would not allow the GUI to show up.
To avoid too much fuss, we restarted the machine and tried (./teamviewer)  once more, this time with success.
So after installing the libraries and restarting the machine, we were able to start TeamViewer on our Ubuntu machine without installing it.


Ubuntu: install / start/stop enable/disable ssh server

OpenSSH is a freely available version of the Secure Shell (SSH) protocol family of tools for remotely controlling, or transferring files between, computers.

Install SSH server

To install the openssh-server on an Ubuntu, you need execute the following command as root or using sudo:

apt-get install openssh-server -y;

Disable SSH server

To disable the ssh service, execute the following command as root or using sudo:

systemctl disable ssh;

Enable SSH server

To enable the ssh service, execute the following command as root or using sudo:

systemctl enable ssh;

Stop SSH server

To stop (or deactivate) the ssh service, execute the following command as root or using sudo:

systemctl stop ssh;

Start SSH server

To start (or activate) the ssh service, execute the following command as root or using sudo:

systemctl start ssh;

Status of SSH server

To check the status of the ssh service, execute the following command as root or using sudo:

systemctl status ssh;

CONCEPTS

In a nutshell:

  • enabled is a service that is configured to start when the system boots
  • disabled is a service that is configured to not start when the system boots
  • active is a service that is currently running
  • inactive is a service that is currently stopped and may be disabled, but it can be started and become active

In much more detail:

systemd provides a dependency system between various entities called “units” of 12 different types. Units encapsulate various objects that are relevant for system boot-up and maintenance. The majority of units are configured in unit configuration files, whose syntax and basic set of options is described in systemd.unit(5), however some are created automatically from other configuration, dynamically from system state or programmatically at runtime. Units may be “active” (meaning started, bound, plugged in, …, depending on the unit type, see below), or “inactive” (meaning stopped, unbound, unplugged, …), as well as in the process of being activated or deactivated, i.e. between the two states (these states are called “activating”, “deactivating”). A special “failed” state is available as well, which is very similar to “inactive” and is entered when the service failed in some way (process returned error code on exit, or crashed, or an operation timed out). If this state is entered, the cause will be logged, for later reference. Note that the various unit types may have a number of additional substates, which are mapped to the five generalized unit states described here.
— From man systemd

 


Ubuntu SSHD listen to multiple ports

Recently, we’ve setup an Ubuntu server behind CloudFlare that needed to listen for SSH connections.
Unfortunately, CloudFlare does not allow connections to the default SSH port which is 22.
So, to achieve what it was needed we either had to change the port that the SSH service was listening to or add an additional port.
We decided to go with the option of listening to multiple ports for SSH connections, this way users that were also behind the CloudFlare CDN could still continue to use their SSH clients without being forced to define the connection port manually.

The port listening setting is available in /etc/ssh/sshd_config, using sudo we edited the file with a text editor and searched for the following lines:

# What ports, IPs and protocols we listen for
Port 22

Right after the line that contains Port 22, we added another line for the new port (to see the list of all available open ports on CloudFlare, check this post)

And the file became as follows:

# What ports, IPs and protocols we listen for
Port 22
Port 2053

Afterwards, we restarted the SSHD service to apply the changes by executing the following command by using sudo:

systemctl restart ssh;


Lubuntu LVM Encrypted

While trying to setup a lubuntu GNU/Linux that would use an encrypted LVM file-system we run into several problems that should have not been there.
For example, the installer would not continue as swap memory was not encrypted and it was blocking the operation.
An other issue was that the LVM support package was not installed by default although it is needed by the installer.

Our solution requires an active internet connection so that you can install the lvm2 package.

Methodology

After booting into the live session, before we started the installation process, we opened a terminal from the main menu (Start Menu) and executed the following two commands:

sudo apt-get install lvm2 -y;

sudo swapoff --all;

These two commands disabled all swap (so that we do not get the error that swap is not encrypted) and it installed the lvm2 package that is needed by the installer to create our LVM setup.

The following video presents the full successful installation procedure by making the changes before starting the procedure.

The next video, shows our attempts to fix the installation after encountering the errors instead of fixing them beforehand.


CloudFlare does not allow port 22 (usual SSH port) on domain 2

When you try to connect via ssh on a domain for which you are using CloudFlare as a HTTP proxy, you will get the following error:

$ ssh [email protected]
 ssh_exchange_identification: Connection closed by remote host

You have a few options to resolve for this issue:

  1. Either connect directly to the IP of the machine.
  2. Or, setup a CNAME record with no HTTP proxy for the SSH (so that you do not need to remember the IP).
    This solution does not offer any additional benefits than connecting directly to the IP of the server.
    To do that, you need to visit the configure DNS page for your site: e.g. https://www.cloudflare.com/a/dns/example.com,
    then create the CNAME named ssh, use as target your domain (e.g. example.com) and disable HTTP proxy by clicking on the orange cloud and making it gray before pressing the Add Record button.

    Then, you will be able to connect via ssh [email protected].
  3. Last solution but not least is configuring your server to listen for SSH on one of the ports of CloudFlare that are open.
    When this post was written, the following ports were available/open for any site in CloudFlare:
    For requests made via HTTP:

    80
    8080
    8880
    2052
    2082
    2086
    2095

    For requests made via HTTPS:

    443
    2053
    2083
    2087
    2096
    8443

    At the time, we were using an Ubuntu GNU/Linux server, to instruct Ubuntu SSHD to listen to multiple ports we edited the file /etc/ssh/sshd_config and right after the lines:

    # What ports, IPs and protocols we listen for
    Port 22

    we added another line with the new port we wanted to use:

    # What ports, IPs and protocols we listen for
    Port 22
    Port 2053

    After restarting the service
    service ssh restart;
    we were able to connect to our page as follows:
    ssh -p 2053 [email protected];

 


Lubuntu: “Do Nothing” when I close the laptop’s lid

A few days ago we setup a server on a laptop with lubuntu. We wanted to make sure that once the screen lid is off, the PC would not shut down (or hibernate or sleep) and it would continue to accept requests.

We tried to configure the PC through the system settings that are available with the GUI but we could not get it to work right. Anyhow, what we did in the end and worked was the following:

In the file /etc/systemd/logind.conf we set the variable HandleLidSwitch to ignore. So after the change, the following line was in logind.conf:

HandleLidSwitch=ignore

If the above line is commented out (i.e. starts with the character #, be sure to uncomment it by removing the # character).
After that, we had to restart the systemd-logind service as follows:

service systemd-logind restart;

Finally, to test we closed the lid and the server was operating as expected.

Note

If you have a power manager such as xfce4-power-manager-settings, it is a good practice to make sure it is configure properly first before doing the change above. (e.g. Set Lock screen or Switch off display in When laptop lid is closed option).

If you start xfce4-power-manager after you do the change above, you might have to restart the service again as the solution seems to stop.


Compiling openbts-umts on Ubuntu 15.04

Below are the steps we followed to compile OpenBTS-UMTS on Ubuntu 15.04.
There could be a chance that we installed a couple of extra system packages while troubleshooting the installation but it works and we did not include some heavy system service as well so it should be OK.

sudo apt-get install build-essential libuhd autoconf libtool libdevel libzmq-dev libzmq libzmq-dev libzmq-dev libosip2-dev libortp-dev libusb-dev libusb-1.0 libtool-bin libsqlite3-dev libboost-dev libreadline-dev;
git clone https://github.com/RangeNetworks/OpenBTS-UMTS;
cd OpenBTS-UMTS/;
git submodule init;
git submodule update;
#First we need to setup ASN1C compiler
tar -xf asn1c-0.9.23.tar.gz;
cd vlm-asn1c-0959ffb/;
./configure;
make;
make check;
sudo make install;
cd ..;
#Finally, we can proceed with compiling openbts-umts
./autogen.sh;
./configure;
make;
sudo make install;


Compiling gr-gsm on Ubuntu 14.04 LTS

Below are the steps that we followed to compile gr-gsm on Ubuntu 14.04 LTS.

sudo apt-get update;
sudo apt-get install build-essential python-dev git python-pip;
sudo pip install PyBOMBS;
sudo pybombs prefix init /usr/local -a default_prx;
sudo pybombs config default_prefix default_prx;
sudo pybombs recipes add gr-recipes git+https://github.com/gnuradio/gr-recipes.git;
sudo pybombs recipes add gr-etcetera git+https://github.com/gnuradio/gr-etcetera.git;
sudo pybombs install gr-gsm;
sudo ldconfig;


Ubuntu: Headless wireshark (or wireshark from terminal)

Recently, we wanted to use wireshark on an Ubuntu through ssh and no X-Server forwarding enabled.
After a quick search we found tshark.

TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark‘s native capture file format is pcap format, which is also the format used by tcpdump and various other tools.
Without any options set, TShark will work much like tcpdump. It will use the pcap library to capture traffic from the first available network interface and displays a summary line on stdout for each received packet.
TShark is able to detect, read and write the same capture files that are supported by Wireshark.

From: man tshark

Install tshark on Ubuntu

sudo apt-get install tshark -y;

Using tshark to capture all traffic on eth0 to a pcap file

sudo tshark -i eth0 -w something.pcap;

Note: If you just want to capture network traffic on a network interface and not use the additional features wireshark has to offer, you can also use tcpdumpas follows

#The following command will create a files that has in its name the current date and time using the date function.
sudo tcpdump -i eth0 -w "data.`date +%Y-%m-%d\ %H.%M`.pcap";


Ubuntu server 16.04+ MySQL port is only accessible from localhost (127.0.0.1)

Recently, we got access to an Ubuntu 16.04 LTS server that had MySQL server installed on it but was not accessible to our external servers.
The service was accessible when testing from localhost but it was not when testing from any other machine.
Executing nmap from another machine would return the value 3306/tcp closed mysql   conn-refused as below.

[[email protected] ~]$ nmap -vv -p 3306 192.168.10.11


 
 Starting Nmap 7.40 ( https://nmap.org ) at 2017-03-06 17:21 EET
 Initiating Ping Scan at 17:21
 Scanning 192.168.10.11 [2 ports]
 Completed Ping Scan at 17:21, 0.06s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 17:21
 Completed Parallel DNS resolution of 1 host. at 17:21, 0.00s elapsed
 Initiating Connect Scan at 17:21
 Scanning 192.168.10.11 [1 port]
 Completed Connect Scan at 17:21, 0.06s elapsed (1 total ports)
 Nmap scan report for 46.101.137.70
 Host is up, received syn-ack (0.061s latency).
 Scanned at 2017-03-06 17:21:31 EET for 1s
 PORT     STATE  SERVICE REASON
 3306/tcp closed mysql   conn-refused
 
 Read data files from: /usr/bin/../share/nmap
 Nmap done: 1 IP address (1 host up) scanned in 0.16 seconds

The problem was with the default configuration of mysqld that is found in the file /etc/mysql/mysql.conf.d/mysqld.cnf.
At line 41 we got the following snippet:

# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address            = 127.0.0.1

What the line bind-address            = 127.0.0.1 says is that, the service will only listen on localhost.
At this stage there are two solutions that you can apply using your favorite text editor (e.g. sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf):

Solution A:

Completely remove the line bind-address            = 127.0.0.1 or comment it out by adding a # in front of it as follows #bind-address            = 127.0.0.1.

Solution B:

Replace 127.0.0.1 with the IP that you want mysql service to be available to. In our case the line became bind-address            = 192.168.10.11.

After you are done with the change, you need to restart the service for the change to take place:

[email protected]:~$ sudo /etc/init.d/mysql restart
 [ ok ] Restarting mysql (via systemctl): mysql.service.

From an external machine you can verify that the configuration was applied correctly using nmap as below:

[[email protected] ~]$ nmap -vv -p 3306 192.168.10.11
 Starting Nmap 7.40 ( https://nmap.org ) at 2017-03-06 17:24 EET
 Initiating Ping Scan at 17:24
 Scanning 192.168.10.11 [2 ports]
 Completed Ping Scan at 17:24, 0.06s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 17:24
 Completed Parallel DNS resolution of 1 host. at 17:24, 0.00s elapsed
 Initiating Connect Scan at 17:24
 Scanning 192.168.10.11 [1 port]
 Discovered open port 3306/tcp on 46.101.137.70
 Completed Connect Scan at 17:24, 0.06s elapsed (1 total ports)
 Nmap scan report for 46.101.137.70
 Host is up, received syn-ack (0.061s latency).
 Scanned at 2017-03-06 17:24:30 EET for 0s
 PORT     STATE SERVICE REASON
 3306/tcp open  mysql   syn-ack
 Read data files from: /usr/bin/../share/nmap
 Nmap done: 1 IP address (1 host up) scanned in 0.16 seconds

You should get the value 3306/tcp open  mysql   syn-ack.