Looking for some extra security, privacy and anonymity whens sending files? This might be a neat solution for you.
Currently it seems the instructions for using this interesting Onionshare technology are not super clear so I’m writing up a quick tutorial so others can save a few minutes and set their expectations correctly.
First, how it works is this:
- You have to use a command line tool for now
- Onionshare does a bunch of fancy stuff to your file and turns it into a shareable link
- The person on the other side gets the files by entering that link into a tor browser (not a regular browser – won’t work)
- You get a .zip file, not the raw file which you download to your local device and extract
- It seems you only get one chance and if you don’t get the files, the link dies and the sender has to start again.
So, let’s get started:
1. Install Onionshare.
Command line install instructions are in the Ubuntu section here
2. Install Tor browser
I used the Ubuntu Software centre. Probably there are other ways to get it.
3. Convert your file into a shareable and anonymous link
In the terminal, go to where your file is with the CD command and then type:
Where filename.txt is whatever file it is you are trying to share.
4. Copy Link to clipboard
If you haven’t used a terminal for copying before you’ll need to do control + shift + C (not just control + c)
5. Have sender open link in Tor browser
In this case it’s probably you for the first test so paste the link into the Tor browser.
6. Download the file(s)
It seems you only get one shot and that it won’t download raw file but only compressed package. Also if you aren’t familiar with Tor, I lost some precious time here as well looking on my computer for the file but it downloads into a ‘tor folder’ it seems so use the browser to go find your file in case it didn’t end up where you expected…what I did was find it, and then control + X it to my local machine from there to do the next steps.
7. Extract and Enjoy
Worked for me!
Try now to click the download files button again. You will see it’s dead.
Try also to use the same share link again. You will see this also is dead.
Kind of cool.
Sending more than one File at Once
So, after sending one file, I tried again to send an entire directory containing a screenshot, a PDF and a music file just to see what happened. I then tried to do the exact command with a regular directory to see if this would be able to handle it but no go. Onionshare appears not to be able to do this. It failed and couldn’t open the end zip file. For the second test I compressed the directory first as a .zip, then sent that via the instructions above and … still no go. When I try to extract it fails.
So it may currently only be able to send single files, but definitely single files work well with these instructions above and if you figured out how to send a directory, throw that in the comments below.
Note that this tutorial should also work for any device upon which you can put OpenWRT (ie any compatible old router you have kicking around).
With this project, what I was really trying to do was create a legitimate ‘mesh network’ but my skills and time ran out so I resolved to have a ‘half victory’ which was to be able to use these little devices to expand our home wifi with small size footprint and lower energy usage, even if it was just on demand, as needed. For example, if I needed wifi to reach outside while gardening so I could listen to streamed music, etc, I could plug one of these in nearby and extend the range instantly.
Before beginning, it’s important to note that this process may need your critical thinking to build on what I’ve done, and if you have further progress, it would be appreciated by all to know, if you could write them in the comments. For full disclosure I fried two Zsun devices while learning so make sure to heed my advice in the other blog if you are using this device.
Oh, one last useful statement: I recommend turning off the wifi in your master-router so that you (you) don’t get confused by which wifi radio device you are connecting to since both devices will, by the end of the tuturial, be sharing the exact same SSID. It reduces confusion and headaches to turn this off (just the wifi, you can use wired connection if you have access). Also, while you are turning it off, take note as to what channel it is broadcasting on since you will want to choose a new channel that is far away from this one on the new device.
Ok, let’s get started.
Setting up the Device as an Access Point
For full credit I pulled the methods for this process from this video, but the video wasn’t super helpful because it required an internet connection to do the changes and I needed a static page with text instructions! These are those:
Step 1: Set up the Interface
- Go to ‘network’ and ‘interfaces’ in the sub-servient (new word I made, enjoy, GNU license word..gnucabulary…) device (in my case the zsun).
- If you have any other interfaces besides ‘LAN’, remove them as they won’t be used
- Edit the LAN
- Change the IPv4 field to the static IP address that this device will have on your main home network.
If your main router is 192.168.1.1 for example, then you could set this to 192.168.1.5 if it’s available. If not, find one that is and set it. And don’t lose it! You will need it to log back into the router after making the change.
- Change the gateway IP address to the master (gnucabulary…) routers (ie. 192.168.1.1 if that’s your router’s admin login page)
- In the “DHCP Server” settings below on the same page, there is a checkbox called ‘ignore interface’. Check that box which will disable DHCP (the thing that sends out IP addresses to all your devices) since you won’t need it
- “Save and Apply’ button at the bottom
Reminder note: your device will no longer be found at 192.168.1.1 if that’s where you just logged in. It will now be accessible at the address you chose in step 4 above. I always forget this one, ha. Go find it and log back in…
Step 2: Disable the Firewall
- Go to ‘System’ and then ‘Startup’
- Scroll down until you see ‘firewall’
- Disable it by clicking on the ‘enabled’ button
- ‘Submit’ button
Step 3: Adjust the Wifi settings
- Go to ‘Network’ then ‘wifi’
- Edit the active wifi entry
- Change the channel (1 to 11) of the device to one that is fairy far away from that of your main router so there is a nice gap between the frequencies
- In ‘Interface Configuration’ section, change the mode to ‘access point’if it isn’t already
- change the SSID to exactly the same one as your main router (if it’s slightly different it won’t work)
- Change the WPA2/psk password to exactly the same one as your main router is outputting. If you don’t it won’t work
- ‘Save & Apply’ button
Some Follow up Notes
As hinted at at the very beginning of this tutorial, from this point on you will not (or may not?) be able to access your subservient device while the wifi of the master router is on. The reason for this is because probably your computer will find the master router’s wifi device and connect to that. I had big struggles trying to find this device again. If you need to access it, either unplug your master router (honestly this is the easiest way if no one will be angry at you for killing their internet) or go into the master router’s settings and disable the wifi transmit. For me, I recommend turning off the master router’s wifi transmit until it’s all setup on the subservient first.
I had quite a bit of problems, even though my master router wasn’t transmitting wifi, connecting to my newly-IP’d subservient device. After I cleared my browsers cache it did re-appear but I’m not sure that’s why. You might need to mess around with your browser to be able to hit the admin page again. I think my problem might be because I have multiple devices running OpenWRT and the browser gets confused…
Special thanks to all the contributors at OpenWRT!
EDIT JAN 7, 2019
Warning! Before beginning this tutorial, note that I have **fried** two Zsun devices nearly immediately after doing these steps. My theory appears to be correct that as soon as you flash to OpenWRT the default power output is way, way too high and so it starts heating up and frying it. Within about 15 minutes of flashing both devices were dead and inaccessible – their SSID didn’t even show up. I am now testing another one where I dropped the power to low and it’s still alive after about 45 minutes. Therefore pay special attention I’m going to test another one now, but in case you find this blog today, you might want to wait a few days for my findings….
I found a lot of pages on the internet showing that it’s possible to flash OpenWRT onto a Zsun Smart Card Reader. A friend gave me a couple and I wanted to try some mesh network ideas. However, for some reason I couldn’t find everything in one spot for Ubuntu, so I’m writing this guide for anyone else who might want to try. There was also a significant bug I encountered which I overcame which might help you if you have tried and failed in the past.
I also recommend staying fully disconnected from your home wifi while you are doing this to avoid confusion. If you have access to an ethernet cable and router this will make things a bit more simple.
What You Will Need
- Zsun Reader
- micro SD card to insert into reader – BONUS! I just discovered you only need this for the flashing process and then can remove and use again for flashing other devices (microSD not required to function as extender!)
- Ubuntu machine with understanding of how to open a Terminal
- (optional) A dedicated folder/directory on your computer where you can ‘do all your actions’. I find this reduces risks and helps you keep your files in one place. You can even download this blog to PDF and put it in the same folder.
- All the stuff you need in one place on local machine (because your internet will go down while flashing)
Step 1: Download to local machine the File you will need to flash onto the Zsun
I found it really hard to find the file on this page. Here is a direct link to the file and save this in a memorable location on your computer as we’ll need to access it soon.
Step 2: Make sure your micro SD card is formatted to FAT32
On ubuntu you can do this by pressing the super key, typing ‘disk’and using the disk utility. Note – always unplug all external drives you do not want to accidentally kill! Also pay super-special attention you are not accidentally formatting your own computer’s hard drive (I’ve done this hard life lesson and you don’t want it)
Step 3: Insert empty and correctly formatted card into the Zsun card reader
Step 4: Plug in Zsun card reader into your computer (or any powered usb slot)
Step 5: Connect the Zsun to your WIFI network
This is funny because I totally missed this step and (obviously) it has to be connected to the network in order for it to show up in network and be able to access the admin page. I had an attempted connection which failed and then the second time it connected. You connect to it like any wifi network but it won’t ask for a password.
Step 6: Make Card Accessible to Admin
I ‘guess’ that this step in one of the tutorials I read preps the card to be able to access via Samba. Not sure, I could not access the files on the card until I performed this step so let’s do that now. In a browser, copy/paste this:
It should spit back this:
Note: if you get ‘connection refused’ message in the next step you may have to re-try this command a few times. Make sure you are actually connected by wifi to device. One time I had to do a full computer reboot too and then it seemed to work.
Step 7: Access the Zsun via Samba (SMB)
(reminder this is an Ubuntu tutorial so you might have to do it a different way on your machine if it isn’t the same)
The super painful part of this tutorial for me is that this easy part was subject to a weird Ubuntu bug that tracks back nearly 10 years. If you are bored you can read about it here, but probably, like me, you just want to hack this zsun and then put evertyhing back the way it was. So let’s do that:
Step 8: Overcoming the Ubuntu Samba Username password bug
- in a terminal enter this:
sudo nano /etc/samba/smb.conf
- Scroll down into the ‘Authentification’ section.
- at the very bottom in the space just above the “Domains” section, paste in (with control shift paste) this:
security = user
client use spnego = no
ctrl xto get out
ctrl yto agree to write the changes
Step 9: Continue with Tutorial and Accesss the Zsun via Samba
- Open Nautilus (called ‘Files’ on the launcher) (the file cabinet icon thing…)
- Go to ‘Other locations’ on the left menu at the bottom. A ‘Enter server address’ field will appear.
- Type in zsun address as follows: smb://10.168.168.1
- enter admin/admin pass/user (don’t worry about ‘workgroup’)
- when greeted with ‘public’ enter that directory
- hit ‘contrl h’ on your keyboard which will show hidden folders. If you don’t do this step you might not think the next step will work since it’s a hidden folder.
- You should see ‘trash~’ something. But if you don’t… whatever. Seems to work if it’s fully blank too… Here is where you create the following folder (with the dot/period in front):
.updateif it doesn’t appear after creating this folder, review step 6 above…
- Drag and drop the file you downloaded way above (SD100-openwrt.tar.gz) into this new .update folder. Yes, the whole tar file, don’t extract it.
- CRITICAL STEP! Before doing step 10, make sure you skip ahead, and deeply familiarize yourself with the steps following it because you will have a short time to do those steps before the device fries and dies. Once you have read it all (especially big step 11 below) then come back here and execute step 10.
- After you are sure that the file is done copying in, go to a browser and enter this:
When you see this, things should be working:
Here is a fair-use paste from buddy’s blog
Wait for the reboot into OpenWRT
Wait for long LED flash, then multiple fast flashes – now OpenWRT is booting for the first time.
There will be a long period of (normal slow) flashing, then one long flash, then a whole bunch of very fast flashes. The ZSun Wifi network disappears, and eventually re-appears as OpenWRT.
What he didn’t add that I discovered was when everything is totally done it will be a solid light colour.
SUPER IMPORTANT NOTE (in case you missed my other 20 warnings…) immediately as quickly as possible and reduce transmission power on device! Learn how to do this in Big Step 11 below …if it’s not too late.
Step 10: Log into your new OpenWRT Mini Router!
I have another OpenWRT router going in my house so right away I’m going to log into the new little guy here and change it’s IP address to something different to make sure they don’t conflict. The default OpenWRT is 192.168.1.1 so we’ll access it there now.
You’ll get a browser warning that it’s not secure. No problem, add exception, move forward.
You’ll be greeted with a log in screen with no password set.
Step 11: Turn Down Radio Transmission Power to Prevent Deep Fried Zsun!
IMMEDIATELY reduce the transmission power of the device. The default is set to the maximum power and it will fry/kill this device in less than 10 minutes after you flash it. I lost two devices this way so act quickly as follows:
1. Go to network
2. go to ‘wifi’
3. click ‘edit’ on the ‘OpenWRT’ entry
4. Drop transmit power to 4 (lowest)
5. ‘save and apply’ button at the bottom
This will momentarily disconnect you from the device while it makes these settings. From here, assuming my theory above is true, you can start doing other things now such as resetting your device access password:
Go to ‘system’ and ‘system administration’ and create a new user/password
Step 12: Undo whatever we did to that Samba bug above (If you want)
Remember when we fixed that Samba bug above? I’m frankly not sure if that was a secure thing to do so let’s undo it in your computer just in case by going back in the same way, deleting those lines you added, and then saving.
Step 13: Remove microSD
As mentioned above, the microSD is no longer required if you are just using device as a wifi range extender (see this tutorial). You can unplug, remove microSD and plug it in now.
Step 13: Enjoy!
The rest, my friends, is up to you. Hope this helps!
Thanks to the following resources
- This nice video helped me create this Ubuntu guide
- This great blog entry mentioned at the beginning.
- Of course the awesome people who hacked this thing here
What a pain in the hindquarters… I lost about 2 hours of my life after I plugged in a Samsung 40″ monitor after having been using a Samsung 20″ Monitor. When I went back to my 20″ in my office, Ubuntu (I’m using Gnome currently until Unity8 is ready) my laptop continued to falsely detect the monitor as a 40″ still . The result was a bad display of the wrong size. I could not adjust the settings, nor save any changes, etc, etc.
Thankfully, a friend in the UBports community (awesome, awesome community and project by the way) just saved my day, and what was most nice (is that English?) is that it took less than 30 seconds to fix.
So, if you want to erase or delete or get rid of some false monitor detection in your ubuntu machine, this might also help you 🙂
Note before beginning: The monitor may/will still display as the wrong size/name but it will work as it should regardless of the name it has in the display settings.
- Open a Terminal
- Enter this command
- Press enter (of course)
- Enjoy your life again
PS – After searching for hours and blogging this someone did point out that there was an official page with this solution, but yeah. If you don’t find it hopefully this blog will help solution be found.
For this tutorial, we shall assume that you already have:
- An existing Matrix chat room of which you are administrator and
- A Telegram supergroup with admin rights to add members
- The Matrix room is set to “Anyone who knows the room’s link, apart from guests” in the “Who can access this room” settings of the group
- Encryption is turned off (otherwise bridge won’t work)
Let’s continue assuming the above to be true.
1. Add username “@tchncs_bot” to the Telegram group to which you wish to bridge Matrix
Do this in the usual way you add a member to a Telegram group.
2. Send Request to Telegram Bot to get Alias Info
In the Telegram Group chat text input area, type
And then send as a message to the group. It will spit back a long paragraph including this key information:
3. Invite the Alias Bot to the Matrix group
This step should be ok by any regular member of the group (no admin needed)
Invite this user to your matrix group: @aliasbot:tchncs.de
You should see message “Alias Bot joined the room”
4. With Full Admin Rights to the Matrix Group, Bridge it!
You will not be able to do this with anything less than full admin rights.
In the chat text input area, enter:
and send it (of course replacing the numbers with the ones you got in Step 2 above)
5. Enjoy your newly built bridge
Ubuntu Touch is awesome. Nextcloud is also awesome. Put them together and you have awesome… squared. How cool would it be to have your photos automatically sync to your own Nextcloud sever? Well, you can do it today and here is how.
EDIT DEC 24, 2018 – Important Security Warning before beginning!
Currently as of the time of this post, UBsync is not very secure. The volunteers who forked it are not security experts and the password file is not secure and is in plain text. Therefore, be warned that if your content is of extremely private nature, do not use this blog contents until the app has been properly updated.
However, if you are just trying to move your selfies from your phone to your Nextcloud for safe-keeping, this blog will suffice and hopefully in the next little while we’ll have some helpers in the project to improve the way the password is handed.
Also, there is a way to mitigate some risk so that at least your main NC user/password cannot be high jacked. When you log in to your Nextcloud user settings through a browser and go to ‘Security’ and ‘Create new app password’. Be sure to save this password right away during creation and in a safe place because you can only see the password one time (you can’t come back and see it again).
Once you have this password ready, continue with the blog.
- Make sure that you have a user account and password from a Nextcloud server.
If you don’t have a nextcloud user account, consider strongly hosting your own. You can do this on an unused computer, or using Nextcloudpi on a Raspberry pi, or host a more ‘serious server’.
- In your Nextcloud user directory, create an appropriate directory to put your Ubuntu Touch files in. If you don’t touch anything everything will go into your ‘Photos’ folder by default.
- Make sure you have the UBsync app installed from the OpenStore
- Go to System Settings in Ubuntu Touch
- Go to ‘Accounts’
- Select ‘Add Account’
- Select ‘Nextcloud’
Note: If you try to add an account and it doesn’t respond and take you to the next step, you may need to reboot your device.
- Enter your Nextcloud credentials (from the ‘new app password’ you created at the very beginning)
- Open UBsync App on your Ubunt Touch device
- Select ‘Add a New Account’
- Select ‘allow’ if the prompt is showing the correct username with the correct server address
- Go back to ‘General Settings’ screen of UBsync
- Set your sync frequency.
- Select any other changes you want on this page.
- Go back another screen with the back button top left
- Select the folders on your device that you want to sync to your Nextcloud with the ‘Sync Folders’ option.
The default option will put your Ubuntu Touch photos (unedited) into the /photos directory (which is a default directory when Nextcloud creates a new account) from the following Ubuntu Touch directory
- Add a new folder with the + plus sign on the top right.
Select the directory on your UT device you want to sync. NOTE: This is the tricky part, the big ‘tick’ check mark in the center of the screen is not ‘touchable’ but is trying to direct you to hit the ‘tick’ in the top right menu!
Do the same actions for the remote folder.
If the Folder doesn’t exist you can create a new one easily by just typing it. After creating it, touch it again and hit the ‘tick’ in the top right to make it real.
- When complete, press the back arrow at top left of ‘sync settings’ title.
- Start the sync
Select ‘sync service’ and then the green ‘sync’ button. NOTE: Make sure you are on wifi if you allowed your settings to use both cell phone data and wifi as the sync could be pretty big, especially the first one while it pulls the files from your phone and moves them to nextcloud.
How to Delete an Account un UBsync for Ubuntu Touch
- Go to System Settings in Ubuntu Touch
- Go to ‘Accounts’
- Touch ‘Nextcloud’
- Select ‘Remove Account’ button
That’s it. The account is now removed/deleted.
OpenWRT project is awesome for sure. It’s free software (open source) and it allows you to use your router the way you want, unlike how they usually come out of the box. That said, there doesn’t appear to be a super vibrant community around it (yet) so some stuff is pretty hard to do. I’ve created an OpenWRT English-speaking Telegram Group (for now) in hopes this might help some more community building.
Anyway, here is what you came to this blog for: Making the DDNS service work in your OpenWRT router – in my case, specifically, this is a Dlink DIR-615 router and I’m working with No-ip.com so you may need to adjust a bit according to your service. But if you have NO-IP or haven’t started yet, then maybe just use No-IP?
Let’s do it.
- Get your OpenWRT router setup with OpenWRT. If you happen to have a Dlink DIR-615 – bonus! Here is my blog post to that. If not, it might still be useful or inspiring for helping you get rolling.
- At the top of the router menu options, go to ‘System’ and then ‘Software’ and click the ‘update lists’ button.
This will pull all the possible packages you can install into your router from the community.
- Before installing other packages, install package named “luci-app-ddns.”
It ‘seems’ that this also installs ddns-scripts when you install this which is another one you need so it’s nice it’s automatically installed with this package.
Important Note: If you cannot find packages, or something is strange during package install, you may need to reboot your router to free up some RAM memory. This happened a few times and after rebooting the router I was then able to update the lists correctly.
- Using the same method as the step above, Install the No-IP package for OpenWRT called “ddns-scripts_no-ip_com”
A tab called ‘Services’ should now appear at the top of your router’s menu options because you performed step 3 above. Verify this is good and if some problem, repeat the above steps until you have your tab and possibly you will need to reboot router (see important note above)
- Under new ‘Services’ menu dropdown at top, “Dynamic DNS’ should now be an available option. Here is a link to some No-IP documentation for the client that I found useful. This link here in the ‘OpenWRT configuration’ section was also helpful to me for your reference although it wasn’t No-IP specific.
- In the ‘add’ field at the bottom left, give your service a listing name (I used ‘Noip’ for mine) Then click ‘add’.
- In the DDNS Service provider[IPv4] field, select “no-ip.com” from the dropdown list. Note: even though this is later in the order of fields, do this now.
- Press ‘change provider’ button
- For the ‘Lookup Hostname’ give it your No-IP custom URL without the “HTTPS://” stuff.
- In the “Domain” field, put the same info from step 7 above.
- username = your No-ip username (maybe your email?)
- Password = you guessed it! Your password for the No-IP service
- Under ‘Advanced Settings” I selected “https:// checkip .dyndns .com” from the “URL to detect[IPv4]” field. I found No-IP service wouldn’t work until I chose something from this list. It wouldn’t seem to point No-IP to my router without it…
- ‘Save and Apply’
- At the top right you might (I can’t remember to be honest) see a notification that you have unsaved changes in your router. If so, go and apply those changes to your router.
- Go back to overview list where you started. You should now see your new entry
- Click the ‘enabled’ checkbox
- Press ‘start’ button. You should now see a PID and a number with it and a red icon.
Now, you should be up and rolling and after No-IP has a bit of time to apply the changes your router should now be accessible by the URL you put in step 8 above.
The funny part about this blog is that I spent an entire day searching for how to do this and then I ended up landing on a blog post with the answer… written by ME. in this 2015 blog post Lol or something?
This tutorial assumes you are using Ubuntu and know how to access your terminal and do some basic commands. If not, do a quick study on that before you begin. If you aren’t using Ubuntu on your computer I’m not sure what I can do to help other than encourage you to switch immediately.
This tutorial also assumes that your computer/laptop is plugged directly into the DIR-615 router by ethernet cable and not by wifi. It could probably be done with wifi, but I don’t know and I know it adds an extra layer of complexity I don’t like. So find a cable and plug in to do all this.
1. Download the appropriate image from OpenWRT to your computer.
I got mine by refining a search here.
2. Extract the file into it’s raw ‘.bin’ format.
Mine looks exactly as follows at the time of this writing when it’s sitting in my directory but as versions change and improve this could slightly change be aware:
3. Using your terminal cd (change directory) to the location where the file is you just extracted in step 2.
4. Make sure your computer is set to a static IP address.
If you don’t know how to do this, search it online as I don’t have a quick link to it right now. “How to set static IP address in Ubuntu’ should find something. Make sure that your static IP address you are setting does not conflict with another device on the router, nor with the router itself at 192.168.0.1.
NOTE: After this router is flashed you will need to get rid of this static IP address since it won’t match your new router!
5. Pre-enter the following command into your terminal so you are ready to press enter
curl -0vF email@example.com http://192.168.0.1/cgi/index
Again, the part after the @ symbol in the command above might change depending on the .bin file you are flashing on. This tutorial will likely get old at some point so you may need to swap out a different file name into the command above but the rest should work long term.
6. Power off the router by unplugging the black power cable
Warning. You are about to forever wipe your router’s ‘operating system’ so if you have anything in there you care about this would be the time to get those out!
7. Put pen in the reset button of router and hold it there
8. While still holding reset button, plug in the power cable.
Keep holding the reset button! Don’t let go. The light will be a solid colour (orange, I recall?) but you are waiting for the first flash before executing the next step.
9. As soon as the solid light starts to flash hit the enter key in your terminal and run the curl command you pre-entered in step 5 above
After you hit this command at the perfect moment, things should start to work. When they do, you’ll see some funky html stuff come on the screen that looks like this:
* Hostname was NOT found in DNS cache
* Trying 192.168.0.1…
* Connected to 192.168.0.1 (192.168.0.1) port 80 (#0)
> POST /cgi/index HTTP/1.0
> User-Agent: curl/7.35.0
> Host: 192.168.0.1
> Accept: /
> Content-Length: 3932431
> Content-Type: multipart/form-data; boundary=————————464dbec1925a46d8
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Server: uIP/0.9 (http://dunkels.com/adam/uip/)
< Content-type: text/html
backup loader Device is Upgrading the Firmware
- Don’t turn the device off before the Upgrade jobs done !