Monthly Archives: October 2015

Install VLC Media Player On Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

VLC Media Player is a handy program that can play numerous forms of video, and runs on just about any OS platform. It also runs on Ubuntu 15.10 Wily Werewolf and installing it is quite simple.

Before you install VLC, you will likely want to install the Ubuntu Restricted Extras package in order to add the necessary multimedia codecs to your system. Directions for installing the Ubuntu Restricted Extras package are here.

To install VLC itself, first open up a Terminal window and type this command:

sudo apt-get install vlc

Enter your password to authenticate, and apt will download and install VLC and its various dependencies for you. (You can also install it through Synaptic Package Manager and Ubuntu Software Center.) Afterwards you can launch VLC by going to the Dash and searching for VLC.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Configure OpenSSH Server To Use Key-Based Authentication In Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

SSH is pretty secure, but it does have one weak link – the password. If someone cracks your SSH password, they can gain control over your SSH server.

A more secure method of SSH logons is to use a public/private key. With a public/private key, you create a matched pair of private and public keys. You keep the private key on your personal machine, while you put the public key on the SSH server to which you wish to connect. When configured in this manner, the SSH server will only allow connections from systems that have a matching private key for one of the public keys.

In this section, we’ll show you how to set up key-based logons for SSH.

First, install OpenSSH server on your server. For the rest of this walkthrough, we’ll assume that you installed the SSH server on a machine with the IP address of 192.168.1.100, and that you intend to connect to that server from a client machine with the IP address of 192.168.1.200.

After SSH server has been installed, go to your client machine at 192.168.1.200 and enter this command:

ssh-keygen -t dsa


Press Enter, and the command will save a matched public/private key in the ~/.sshdirectory. Specifically, it creates two files – id_dsa, which is your private key, andid_dsa.pub, which is your public key. It will also ask you to set a passphrase for the use of the key, which is an additional layer of security in case someone gains access to your account. Setting a passphrase is usually a good idea.

After the command is complete, you’ll need to transfer the newly created id_dsa.pubpublic key file to your SSH server at 192.168.1.100. Once you have moved it to your server, copy the file to your user account’s ~/.ssh directory on the server. (If this directory does not already exist, create it with the mkdir command.) Next, change to the~/.ssh directory, and use this command:

touch authorized_keys

This will create a file to store authorized keys in the ~/.ssh directory. Use this command to add your public key to the authorized_keys file:

cat id_dsa.pub >> authorized_keys

Finally, use the chmod command to make authorized_keys read-only to protect from accidental deletion:

chmod 400 authorized_keys

Finally, you’ll need to alter your SSH server’s configuration file to mandate key-based logins, otherwise the server will continue to allow password-based login. Use the vi editor to edit SSH’s main configuration file:

sudo vi /etc/ssh/sshd_config

Once editing the file, make sure the PasswordAuthentication directive is set to no. This will force your SSH server to only allow key-based login attempts. After you’ve finished editing the file, restart your SSH server with this command:

sudo service ssh restart

Your SSH server will not only permit key-based logons – users must have a private key that matches with a corresponding public key in their ~/.ssh/authorized_keys file in their home folder on the SSH server.

Make sure to back up your private key in a safe place – if you lose it, you will lose access to the SSH server.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Install Google’s Chrome Web Browser On Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

To install Google’s Chrome web browser on Ubuntu 15.10 Wily Werewolf, first launch the Firefox web browser and visit the Google Chrome website:

http://www.google.com/chrome

Click on the Download button, which will take you to the download page. Select the 32-bit or the 64-bit version for Ubuntu, depending upon your system’s processor architecture. Hit the accept and install button, and the Chrome installer will download.

Once the download is complete, you’ll have a *.deb installer package for Chrome in your Downloads folder. Double-click on it to launch the installer. You’ll be taken to the Ubuntu Software Center. Click on the Install button to begin the installation of Chrome.

You’ll need to enter your password to authenticate, and then follow the default prompts to install Chrome.

After the installation is complete, the first time you launch Chrome you will have to do so from the command line. It will not appear in the Dash or the Launcher until you launch Chrome from the command line for the first time. To launch Chrome from the command line, summon a Terminal window by hitting the CTRL+ALT+T keys simultaneously, and typing this command into the Terminal prompt:

google-chrome-stable

Chrome will then launch and ask if you wish to set it as the default browser. After this first run, you can launch Chrome by clicking on the Dash (the Ubuntu icon on the upper-left hand corner of your screen), searching for Chrome, and clicking on the Chrome icon.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Install And Configure An FTP Server On Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

The most common FTP server software for Ubuntu is the vsftpd package, which stands for “very secure FTP daemon.” It’s the default FTP package for Ubuntu, and most other Linux distributions as well. As an added bonus, vsftpd is pretty secure out of the box – to make it insecure, you have to go out of your way to mess up the configuration file.

As an added bonus, vsftpd is simple to install and configure on a Ubuntu machine. To install the vsftpd package, make your way to a command prompt and type this command:

sudo apt-get install vsftpd



Enter your password to authenticate and apt will download and install vsftpd for you.

Follow the default prompts, and the vsftpd server will be installed on your computer. Generally, the default configuration for vsftpd is pretty secure, and good enough for casual use. Anonymous users are blocked, and no one can write files to the server (or, in FTP terminology, no one can upload files to the server). Anyone with a system account will be able to connect to the FTP server and download, though not upload, files.

If you want to change any settings, the configuration file for vsftpd is /etc/vsftpd.conf. Like any other configuration file, you can edit it with vi:

sudo vi /etc/vsftpd.conf

Like Samba, the vsftpd.conf file contains a large number of “directives” that govern how the server behaves and operates. If you want to change its configuration, you’ll need to alter the directives.

If you want users to be able to write files to your FTP server, change this directive:

#write_enable=YES

To this:

write_enable=YES

With the write_enable directive set to YES, users will be able to upload files to your FTP server. Note, however, that they will only be able to do so if they have proper permissions to the directories in question. They’ll be able to upload files to their home directories, but not, for instance /var or /usr.

Anonymous access is controlled with this directive:

anonymous_enable=NO

Under no circumstances should you allow anonymous access to your FTP server, especially if it is accessible from the Internet!There are certain circumstances when you might find it useful, but you should only enable it if you know exactly what you are doing. Generally, it is almost always best to keep anonymous_enable set to NO.

If you make any changes to the file, switch vi to command mode, save the changes, and then exit vi. Then restart the vsftpd server so it reads its new directives:

sudo service vsftpd restart

You can then test your Ubuntu machine’s FTP service from the server’s command line:

ftp 127.0.0.1

The FTP client will ask for your username. Enter that, and then the client will ask for your password. Enter that as well, and you should then see the FTP prompt, which looks like this:

ftp>

If you see that, you know the server is working. You can return to the regular command line with this command:

exit

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

now playing Icewind Dale: Enhanced Edition

IcewindDaleScreenshot



Having just finished a major project, I now have time to play some Icewind Dale: Enhanced Edition. It’s a great game, featuring a classic soundtrack from Jeremy Soule, and the Enhanced Edition includes many welcome improvements.

Of course, I named all the characters in my party after the characters from my FROSTBORN series of books.

-JM

Set A Static IP Address In Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

A static IP is one that you manually assign to a computer, one that it keeps forever or until you change it. You’ll need to make sure that it doesn’t conflict with your DHCP server, so you’ll need to either reconfigure your DHCP server to exclude the static address from its address pool, or ask your system administrator to do it.

Here’s how to set a static IP for your Ubuntu 15.10 Wily Werewolf system’s Ethernet adapter from the GUI.

-Launch Network Connections by clicking on the Dash and searching for it in the search field.

-When the Network Connections dialog box opens up, click on the Wired tab, and then on the connection labeled eth0. Click on the Edit button.

-When the Editing eth0 box opens up, click on the tab for IPv4 Settings.

-In the IPv4 box, change the Method drop-down box from Automatic to Manual.

-Under the Addresses heading, click the Add button to add a static IP, subnet mask, and default gateway.

-Add your DNS server to the DNS Servers line.

-Click OK.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

How To Delete Users From The Command Line In Ubuntu 15.10 Wily Werewolf

From time to time, you’ll want to remove accounts from your Ubuntu system. It’s quick and easy to remove an account from the command line. In fact, it’s rather less cumbersome than doing it through the GUI.

Before you delete a user account, you might first consider locking it with the usermod command. Locking an account disables its password, which means the account can no longer log into the system. For example, to lock the camalas account:

sudo usermod -L camalas



(Note that options, like commands and filenames, are case sensitive, and the -L option must be capitalized.)

If you want to get rid of an account entirely, use the userdel command with sudo:

sudo userdel camalas

This command will delete the camalas user account from your system. However, it will not delete camalas’s home directory, which means that all her personal files and configuration settings will remain on your system in the /home/camalas folder. To delete both the camalas account and camalas’s home folder, use userdel with the -r option:

sudo userdel -r camalas

This will delete both the camalas account and camalas’s home folder.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Add Users From The Command Line In Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

Before creating any user accounts in Ubuntu 15.10 Wily Werewolf, it’s best to choose some kind of naming convention for your user accounts. A naming convention sounds fancy, but it just means that you just stick to a consistent way of naming the accounts. Usually, something like the first initial and the last name is best – like “camalas” for Caina Amalas.

To actually create the new camalas user account, use the useradd command. You’ll need root-level permission to create an account, so you’ll have to use useradd with the sudo command:

sudo useradd camalas

However, this command by itself, without any options, is not very useful. It creates the camalas user account, but doesn’t assign a display name for the account, nor does it create a home user for camalas. It also doesn’t set any variables – for instance, if Caina logs in using the camalas account, she’ll get the older sh shell for her command line, instead of the bash shell.

We’ll need to add some options to the useradd command to make it more effective. To start, here’s how to create a home directory with the command:

sudo useradd -m camalas

The -m option causes useradd to create a home directory. Next, we’ll add another option, and tell useradd to set bash as camalas’s default shell:

sudo useradd -m -s “/bin/bash” camalas

The addition of the -s switch and “/bin/bash” tells useradd to set the bash shell for camalas’s default shell. Now we’ll want to make sure that camalas’s display name is properly set as Caina Amalas with the -c option:

sudo useradd -c “Caina Amalas” -m -s “/bin/bash” camalas

With these options, useradd creates a new account named camalas, sets the account’s display name as Caina Amalas, creates a home directory for the new account, and sets bash for camalas’s default shell. (Note that useradd has many options, and you can view them all in useradd’s man page.)

There’s one final thing you need to do to allow Caina to log in using the camalas account – you need to set a password for the new account. You can do that using the passwd command:

sudo passwd camalas

You can then set a password for camalas. Note that you can also use the passwd command, without sudo, to reset the password for your own account.

Ubuntu’s user accounts are stored in the /etc/passwd file. It’s a plain text file, so you can view it like any other text file:

cat /etc/passwd

You will see a lot of accounts in there, but most of them are for various system services and you needn’t concern yourself with them. For actual user accounts, in /etc/passwd you can view the account name, the user id (UID) number, the group id (GUID) of the account’s default group, the display name, the location of the home directory, and the default shell.

You might be tempted to manually add user accounts by editing the /etc/passwd file. Do not do this! The passwords for user accounts are stored in a restricted file called /etc/shadow, and it needs to stay in sync with /etc/passwd. Manually editing /etc/passwd can mess up your system.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Launch The Terminal In Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

If you’ve never used the command line in Ubuntu before, you might not know how to access it. Fortunately, it’s quite simple. There are three ways to launch the command line.

The first way is to go to the Dash (the Ubuntu icon on the upper-left hand corner on your screen, on top of the Launcher) then to click on the Terminal icon. This will launch the GNOME Terminal emulator application, which lets you launch commands from within the GUI.

The second way is to hit the CTRL-ALT-T keys simultaneously, which will immediately open a new Terminal window.

The third way is to hit the CTRL-ALT-F1 keys on your keyboard. Do this, and the GUI will disappear, replaced by a black screen with a logon prompt in white text. Don’t be alarmed! This is a “virtual console”, which lets you shift the GUI to the background and log in again in a command-line only mode. Your logon session with the GUI will be unaffected – Ubuntu Linux allows multiple logons from the same user at the same time.

You can return to the GUI at any time by hitting CTRL-ALT-F7.

Note that Ubuntu Linux allows you to have seven virtual consoles, from F1 to F7. F7 is reserved for the GUI, and the remaining six allow you to log on using the command line.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide

Install And Configure OpenSSH Server In Ubuntu 15.10 Wily Werewolf

Ubuntu1510Terminal

Linux has always had strong support for SSH, and Ubuntu is no different. In this post, we’ll walk through a basic installation of an SSH server, and some basic security configuration as well. The default SSH server package for Ubuntu is OpenSSH Server, which we’ll use here.

First, you’ll need to install OpenSSH Server. To do so, open up a Terminal window and type the following command:

sudo apt-get install openssh-server



Enter your password to authenticate, and the apt utility will download and install OpenSSH Server for you. Depending on the speed of your Internet connection and your computer, the installation may take several minutes.

Once the installation has finished, return to the Terminal window. We’ll need to make a few changes to your /etc/ssh/sshd_config file in order to increase SSH’s security. First, as always, we’ll want to make a backup copy of your sshd_config file in case anything goes wrong. Type this command into the Terminal:

sudo cp /etc/ssh/sshd_config ~

This will make a backup copy of the sshd_config file in your home directory.

Next, we’ll need to edit the sshd_config file itself. So it’s time to use your skills in vi again:

sudo vi /etc/ssh/sshd_config

Like almost every other server software package, SSH is controlled by a number of directives in its configuration file. The default installation of OpenSSH server is reasonably secure. However, you might want to make a few changes to tighten up its security to additional degree.

The “PermitRootLogin” directive is one you’ll want to change. Once you’re editing the /etc/ssh/sshd_config file, you’ll want to change the following directive as follows:

PermitRootLogin no

This will keep anyone from attempting to log into your server via SSH as root. It’s generally a good idea not to allow any to log into your SSH server as root. If an attacker manages to hack into your SSH server with the root login, he will have complete control over your machine, and that is definitely not a good thing.

Another directive you might want to change is the “AllowUsers.” When the AllowUsers directive is active, only users specifically specified in the directive can access the system through SSH. This adds an additional layer of protection to your SSH server by only allowing specific users to connect via SSH. For instance, if you wanted to limit SSH access to just the “camalas” user account, edit the AllowUsers directive like this:

AllowUsers camalas

To add multiple users to the AllowUsers directive, just add them one by one without commas or semicolons. An AllowUsers directive that permits the camalas user account and the lmaraeus user account to log in would look like this:

AllowUsers camalas lmaraeus

You may also want to consider changing the Port directive. By default SSH runs over TCP/IP port 22, which means that any malware bot autoscanning port 22 can target it. If you set up your user accounts with a weak password (always a bad idea), eventually an automated bot might break through and guess the password. Changing the Port directive to something different will make SSH run over a different port, blocking some of those automated cracking attempts. To set SSH to run over port 5699 instead, make sure your Port directive looks like this:

Port 5699

Note that if you change your SSH server’s default port, you’ll need to remember the new port number when using an SSH client, which we’ll cover in the next section.

After you’ve finished changing the directives in /etc/ssh/sshd_config, switch vi to command mode, and save and quit vi. After you return to the command line, restart the SSH daemon with this command:

sudo /etc/init.d/ssh restart

You should now be able to SSH into your Ubuntu machine from another system with an SSH client.

-JM

ADDITIONAL READING:

Ubuntu: 101 Tips & Tricks

The Ubuntu Beginner’s Guide

The Ubuntu Desktop Beginner’s Guide

The Linux Command Line Beginner’s Guide