%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20190217080552+00'00') /ModDate (D:20190217080552+00'00') /Title (wayneoutthere-02-2019) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 9 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 2715 >> stream 0.988 0.988 0.988 rg 0.000 0.000 612.000 792.000 re f 1.000 1.000 1.000 rg 11.250 408.405 589.500 372.345 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 11.625 408.780 588.750 371.595 re S 0.773 0.773 0.773 rg 27.000 667.794 m 585.000 667.794 l 585.000 668.544 l 27.000 668.544 l f 0.267 0.267 0.267 rg BT 239.982 738.278 Td /F1 12.0 Tf [(Wayne Out There \(.com\))] TJ ET BT 262.650 716.126 Td /F1 12.0 Tf [(wayne-out-there)] TJ ET BT 233.298 693.974 Td /F1 12.0 Tf [(Stuff that matters to Wayne)] TJ ET BT 27.000 648.572 Td /F1 12.0 Tf [( )] TJ ET BT 27.000 633.920 Td /F1 12.0 Tf [(The Future of Ham Radio: Freedom)] TJ ET 0.400 0.400 0.400 rg BT 27.000 614.699 Td /F1 9.0 Tf [(Posted on )] TJ ET BT 70.029 614.699 Td /F1 9.0 Tf [(November 14,2016)] TJ ET BT 146.565 614.699 Td /F1 9.0 Tf [( by )] TJ ET BT 161.073 614.699 Td /F1 9.0 Tf [(admin)] TJ ET 0.267 0.267 0.267 rg BT 27.000 600.779 Td /F1 12.0 Tf [(This )] TJ ET 0.200 0.400 0.733 rg BT 53.004 600.779 Td /F1 12.0 Tf [(article on the ARRL website)] TJ ET 0.267 0.267 0.267 rg BT 201.060 600.779 Td /F1 12.0 Tf [( summarizes quite well the situation with ham radio - and radio in )] TJ ET BT 27.000 586.127 Td /F1 12.0 Tf [(general. Although it is exciting to be part of a club of radio enthusiasts around the world, one must )] TJ ET BT 27.000 571.475 Td /F1 12.0 Tf [(question whether the licensing system on its own is a hindrance both to freedom and innovation. The )] TJ ET BT 27.000 556.823 Td /F1 12.0 Tf [(basic debate has these two sides: )] TJ ET BT 210.432 556.823 Td /F1 12.0 Tf [(Restrict Frequencies for Licencees)] TJ ET BT 49.500 535.352 Td /F1 9.0 Tf [("By proving skills and taking tests, you can keep a higher quality of person on the frequencies. If we don't do this we will have CB )] TJ ET BT 49.500 524.363 Td /F1 9.0 Tf [(radio on ham frequencies")] TJ ET BT 27.000 502.943 Td /F1 12.0 Tf [(Let Them Go)] TJ ET BT 49.500 481.472 Td /F1 9.0 Tf [("By restricting access to the airwaves we all breath and share, you are exerting controls that should not be there - especially on a )] TJ ET BT 49.500 470.483 Td /F1 9.0 Tf [(technology that enables humans to transmit data. By restricting the airwaves you are limiting both God-given freedom of speech but )] TJ ET BT 49.500 459.494 Td /F1 9.0 Tf [(also innovation because the technology remains only in the hands of those who can \(and will\) exploit it for gain.")] TJ ET BT 27.000 438.074 Td /F1 12.0 Tf [(And it's a very great debate and one worthy of fighting for. )] TJ ET 0.400 0.400 0.400 rg BT 27.000 426.353 Td /F1 9.0 Tf [(Posted in:Amateur Radio,Freedom And Privacy,Technology | Tagged:Freedom,Future,Ham Radio,Privacy | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Annot /Subtype /Link /A 10 0 R /Border [0 0 0] /H /I /Rect [ 53.0040 599.6694 201.0600 611.8794 ] >> endobj 10 0 obj << /Type /Action /S /URI /URI (http://www.arrl.org/news/amateur-radio-uniquely-situated-to-be-at-leading-edge-again-conferees-told) >> endobj xref 0 11 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000273 00000 n 0000000302 00000 n 0000000447 00000 n 0000000528 00000 n 0000003295 00000 n 0000003402 00000 n 0000003528 00000 n trailer << /Size 11 /Root 1 0 R /Info 5 0 R >> startxref 3679 %%EOF freedom – wayne-out-there

Tag: freedom

Converting a Zsun Wifi Card Reader into a Wifi Range Extender

This post is a follow-up post to my original where I successfully flashed OpenWRT onto these Zsun devices. Be sure to see that post first if you haven’t already flashed OpenWRT onto the device.

Note that this tutorial should also work for any device upon which you can put OpenWRT (ie any compatible old router you have kicking around).

With this project, what I was really trying to do was create a legitimate ‘mesh network’ but my skills and time ran out so I resolved to have a ‘half victory’ which was to be able to use these little devices to expand our home wifi with small size footprint and lower energy usage, even if it was just on demand, as needed. For example, if I needed wifi to reach outside while gardening so I could listen to streamed music, etc, I could plug one of these in nearby and extend the range instantly.

Before beginning, it’s important to note that this process may need your critical thinking to build on what I’ve done, and if you have further progress, it would be appreciated by all to know, if you could write them in the comments. For full disclosure I fried two Zsun devices while learning so make sure to heed my advice in the other blog if you are using this device.

Oh, one last useful statement: I recommend turning off the wifi in your master-router so that you (you) don’t get confused by which wifi radio device you are connecting to since both devices will, by the end of the tuturial, be sharing the exact same SSID. It reduces confusion and headaches to turn this off (just the wifi, you can use wired connection if you have access). Also, while you are turning it off, take note as to what channel it is broadcasting on since you will want to choose a new channel that is far away from this one on the new device.

Ok, let’s get started.

Setting up the Device as an Access Point

For full credit I pulled the methods for this process from this video, but the video wasn’t super helpful because it required an internet connection to do the changes and I needed a static page with text instructions! These are those:

Step 1: Set up the Interface

  1. Go to ‘network’ and ‘interfaces’ in the sub-servient (new word I made, enjoy, GNU license word..gnucabulary…) device (in my case the zsun).
  2. If you have any other interfaces besides ‘LAN’, remove them as they won’t be used
  3. Edit the LAN
  4. Change the IPv4 field to the static IP address that this device will have on your main home network.
    If your main router is 192.168.1.1 for example, then you could set this to 192.168.1.5 if it’s available. If not, find one that is and set it. And don’t lose it! You will need it to log back into the router after making the change.
  5. Change the gateway IP address to the master (gnucabulary…) routers (ie. 192.168.1.1 if that’s your router’s admin login page)
  6. In the “DHCP Server” settings below on the same page, there is a checkbox called ‘ignore interface’. Check that box which will disable DHCP (the thing that sends out IP addresses to all your devices) since you won’t need it
  7. “Save and Apply’ button at the bottom

Reminder note: your device will no longer be found at 192.168.1.1 if that’s where you just logged in. It will now be accessible at the address you chose in step 4 above. I always forget this one, ha. Go find it and log back in…

Step 2: Disable the Firewall

  1. Go to ‘System’ and then ‘Startup’
  2. Scroll down until you see ‘firewall’
  3. Disable it by clicking on the ‘enabled’ button
  4. ‘Submit’ button

Step 3: Adjust the Wifi settings

  1. Go to ‘Network’ then ‘wifi’
  2. Edit the active wifi entry
  3. Change the channel (1 to 11) of the device to one that is fairy far away from that of your main router so there is a nice gap between the frequencies
  4. In ‘Interface Configuration’ section, change the mode to ‘access point’if it isn’t already
  5. change the SSID to exactly the same one as your main router (if it’s slightly different it won’t work)
  6. Change the WPA2/psk password to exactly the same one as your main router is outputting. If you don’t it won’t work
  7. ‘Save & Apply’ button

Some Follow up Notes

As hinted at at the very beginning of this tutorial, from this point on you will not (or may not?) be able to access your subservient device while the wifi of the master router is on. The reason for this is because probably your computer will find the master router’s wifi device and connect to that. I had big struggles trying to find this device again. If you need to access it, either unplug your master router (honestly this is the easiest way if no one will be angry at you for killing their internet) or go into the master router’s settings and disable the wifi transmit. For me, I recommend turning off the master router’s wifi transmit until it’s all setup on the subservient first.

I had quite a bit of problems, even though my master router wasn’t transmitting wifi, connecting to my newly-IP’d subservient device. After I cleared my browsers cache it did re-appear but I’m not sure that’s why. You might need to mess around with your browser to be able to hit the admin page again. I think my problem might be because I have multiple devices running OpenWRT and the browser gets confused…

Special thanks to all the contributors at OpenWRT!

Tags : , , ,

Bridging a Matrix and Telegram Room

ASSUMPTIONS

For this tutorial, we shall assume that you already have:

  • An existing Matrix chat room of which you are administrator and
  • A Telegram supergroup with admin rights to add members
  • The Matrix room is set to “Anyone who knows the room’s link, apart from guests” in the “Who can access this room” settings of the group
  • Encryption is turned off (otherwise bridge won’t work)

Let’s continue assuming the above to be true.

1. Add username “@tchncs_bot” to the Telegram group to which you wish to bridge Matrix

Do this in the usual way you add a member to a Telegram group.

2. Send Request to Telegram Bot to get Alias Info

In the Telegram Group chat text input area, type
/alias
And then send as a message to the group. It will spit back a long paragraph including this key information:

….”#telegram_-123456789:tchncs.de”…..

3. Invite the Alias Bot to the Matrix group

This step should be ok by any regular member of the group (no admin needed)
Invite this user to your matrix group: @aliasbot:tchncs.de
You should see message “Alias Bot joined the room”

4. With Full Admin Rights to the Matrix Group, Bridge it!

You will not be able to do this with anything less than full admin rights.
In the chat text input area, enter:

!alias #telegram_-12345668987654321

and send it (of course replacing the numbers with the ones you got in Step 2 above)

5. Enjoy your newly built bridge

Tags : , , ,

How to Sync Files from Ubuntu Touch to Nextcloud using UBsync

Ubuntu Touch is awesome. Nextcloud is also awesome. Put them together and you have awesome… squared. How cool would it be to have your photos automatically sync to your own Nextcloud sever? Well, you can do it today and here is how.

EDIT DEC 24, 2018 – Important Security Warning before beginning!
Currently as of the time of this post, UBsync is not very secure. The volunteers who forked it are not security experts and the password file is not secure and is in plain text. Therefore, be warned that if your content is of extremely private nature, do not use this blog contents until the app has been properly updated.

However, if you are just trying to move your selfies from your phone to your Nextcloud for safe-keeping, this blog will suffice and hopefully in the next little while we’ll have some helpers in the project to improve the way the password is handed.

Also, there is a way to mitigate some risk so that at least your main NC user/password cannot be high jacked. When you log in to your Nextcloud user settings through a browser and go to ‘Security’ and ‘Create new app password’. Be sure to save this password right away during creation and in a safe place because you can only see the password one time (you can’t come back and see it again).

Once you have this password ready, continue with the blog.

  1. Make sure that you have a user account and password from a Nextcloud server.
    If you don’t have a nextcloud user account, consider strongly hosting your own. You can do this on an unused computer, or using Nextcloudpi on a Raspberry pi, or host a more ‘serious server’.
  2. In your Nextcloud user directory, create an appropriate directory to put your Ubuntu Touch files in. If you don’t touch anything everything will go into your ‘Photos’ folder by default.
  3. Make sure you have the UBsync app installed from the OpenStore
  4. Go to System Settings in Ubuntu Touch
  5. Go to ‘Accounts’
  6. Select ‘Add Account’
  7. Select ‘Nextcloud’
    Note: If you try to add an account and it doesn’t respond and take you to the next step, you may need to reboot your device.
  8. Enter your Nextcloud credentials (from the ‘new app password’ you created at the very beginning)
  9. Open UBsync App on your Ubunt Touch device
  10. Select ‘Add a New Account’
  11. Select ‘allow’ if the prompt is showing the correct username with the correct server address
  12. Go back to ‘General Settings’ screen of UBsync
  13. Set your sync frequency.
  14. Select any other changes you want on this page.
  15. Go back another screen with the back button top left
  16. Select the folders on your device that you want to sync to your Nextcloud with the ‘Sync Folders’ option.
    The default option will put your Ubuntu Touch photos (unedited) into the /photos directory (which is a default directory when Nextcloud creates a new account) from the following Ubuntu Touch directory

Default: /Pictures/com.ubuntu.camera/.original

  • Add a new folder with the + plus sign on the top right.
    Select the directory on your UT device you want to sync. NOTE: This is the tricky part, the big ‘tick’ check mark in the center of the screen is not ‘touchable’ but is trying to direct you to hit the ‘tick’ in the top right menu!

Do the same actions for the remote folder.
If the Folder doesn’t exist you can create a new one easily by just typing it. After creating it, touch it again and hit the ‘tick’ in the top right to make it real.

  1. When complete, press the back arrow at top left of ‘sync settings’ title.
  2. Start the sync
    Select ‘sync service’ and then the green ‘sync’ button. NOTE: Make sure you are on wifi if you allowed your settings to use both cell phone data and wifi as the sync could be pretty big, especially the first one while it pulls the files from your phone and moves them to nextcloud.

How to Delete an Account un UBsync for Ubuntu Touch

  1. Go to System Settings in Ubuntu Touch
  2. Go to ‘Accounts’
  3. Touch ‘Nextcloud’
  4. Select ‘Remove Account’ button

That’s it. The account is now removed/deleted.

Tags : , , , ,

MAKING DDNS WORK IN OPEN WRT

OpenWRT project is awesome for sure. It’s free software (open source) and it allows you to use your router the way you want, unlike how they usually come out of the box. That said, there doesn’t appear to be a super vibrant community around it (yet) so some stuff is pretty hard to do. I’ve created an OpenWRT English-speaking Telegram Group (for now) in hopes this might help some more community building.

Anyway, here is what you came to this blog for: Making the DDNS service work in your OpenWRT router – in my case, specifically, this is a Dlink DIR-615 router and I’m working with No-ip.com so you may need to adjust a bit according to your service. But if you have NO-IP or haven’t started yet, then maybe just use No-IP?

Let’s do it.

  1. Get your OpenWRT router setup with OpenWRT. If you happen to have a Dlink DIR-615 – bonus! Here is my blog post to that. If not, it might still be useful or inspiring for helping you get rolling.
  2. At the top of the router menu options, go to ‘System’ and then ‘Software’ and click the ‘update lists’ button.

This will pull all the possible packages you can install into your router from the community.

  1. Before installing other packages, install package named “luci-app-ddns.”
    It ‘seems’ that this also installs ddns-scripts when you install this which is another one you need so it’s nice it’s automatically installed with this package.
    Important Note: If you cannot find packages, or something is strange during package install, you may need to reboot your router to free up some RAM memory. This happened a few times and after rebooting the router I was then able to update the lists correctly.
  2. Using the same method as the step above, Install the No-IP package for OpenWRT called “ddns-scripts_no-ip_com”

A tab called ‘Services’ should now appear at the top of your router’s menu options because you performed step 3 above. Verify this is good and if some problem, repeat the above steps until you have your tab and possibly you will need to reboot router (see important note above)

  1. Under new ‘Services’ menu dropdown at top, “Dynamic DNS’ should now be an available option. Here is a link to some No-IP documentation for the client that I found useful. This link here in the ‘OpenWRT configuration’ section was also helpful to me for your reference although it wasn’t No-IP specific.
  2. In the ‘add’ field at the bottom left, give your service a listing name (I used ‘Noip’ for mine) Then click ‘add’.
  3. In the DDNS Service provider[IPv4] field, select “no-ip.com” from the dropdown list. Note: even though this is later in the order of fields, do this now.
  4. Press ‘change provider’ button
  5. For the ‘Lookup Hostname’ give it your No-IP custom URL without the “HTTPS://” stuff.
  6. In the “Domain” field, put the same info from step 7 above.
  7. username = your No-ip username (maybe your email?)
  8. Password = you guessed it! Your password for the No-IP service
  9. Under ‘Advanced Settings” I selected “https:// checkip .dyndns .com” from the “URL to detect[IPv4]” field. I found No-IP service wouldn’t work until I chose something from this list. It wouldn’t seem to point No-IP to my router without it…
  10. ‘Save and Apply’
  11. At the top right you might (I can’t remember to be honest) see a notification that you have unsaved changes in your router. If so, go and apply those changes to your router.
  12. Go back to overview list where you started. You should now see your new entry
  13. Click the ‘enabled’ checkbox
  14. Press ‘start’ button. You should now see a PID and a number with it and a red icon.

Now, you should be up and rolling and after No-IP has a bit of time to apply the changes your router should now be accessible by the URL you put in step 8 above.

Tags : , , , ,

Flashing OpenWRT onto a D-link DIR-615 – The Sequel!

The funny part about this blog is that I spent an entire day searching for how to do this and then I ended up landing on a blog post with the answer… written by ME. in this 2015 blog post Lol or something?

This tutorial assumes you are using Ubuntu and know how to access your terminal and do some basic commands. If not, do a quick study on that before you begin. If you aren’t using Ubuntu on your computer I’m not sure what I can do to help other than encourage you to switch immediately.

This tutorial also assumes that your computer/laptop is plugged directly into the DIR-615 router by ethernet cable and not by wifi. It could probably be done with wifi, but I don’t know and I know it adds an extra layer of complexity I don’t like. So find a cable and plug in to do all this.

1. Download the appropriate image from OpenWRT to your computer.

I got mine by refining a search here.

2. Extract the file into it’s raw ‘.bin’ format.

Mine looks exactly as follows at the time of this writing when it’s sitting in my directory but as versions change and improve this could slightly change be aware:

lede-17.01.4-ar71xx-generic-dir-615-c1-squashfs-factory.bin

3. Using your terminal cd (change directory) to the location where the file is you just extracted in step 2.

4. Make sure your computer is set to a static IP address.

If you don’t know how to do this, search it online as I don’t have a quick link to it right now. “How to set static IP address in Ubuntu’ should find something. Make sure that your static IP address you are setting does not conflict with another device on the router, nor with the router itself at 192.168.0.1.

192.168.0.2 static

NOTE: After this router is flashed you will need to get rid of this static IP address since it won’t match your new router!

5. Pre-enter the following command into your terminal so you are ready to press enter

curl -0vF files=@lede-17.01.4-ar71xx-generic-dir-615-c1-squashfs-factory.bin http://192.168.0.1/cgi/index

Again, the part after the @ symbol in the command above might change depending on the .bin file you are flashing on. This tutorial will likely get old at some point so you may need to swap out a different file name into the command above but the rest should work long term.

6. Power off the router by unplugging the black power cable

Warning. You are about to forever wipe your router’s ‘operating system’ so if you have anything in there you care about this would be the time to get those out!

7. Put pen in the reset button of router and hold it there

8. While still holding reset button, plug in the power cable.

Keep holding the reset button! Don’t let go. The light will be a solid colour (orange, I recall?) but you are waiting for the first flash before executing the next step.

9. As soon as the solid light starts to flash hit the enter key in your terminal and run the curl command you pre-entered in step 5 above

After you hit this command at the perfect moment, things should start to work. When they do, you’ll see some funky html stuff come on the screen that looks like this:
* Hostname was NOT found in DNS cache
* Trying 192.168.0.1…
* Connected to 192.168.0.1 (192.168.0.1) port 80 (#0)
> POST /cgi/index HTTP/1.0
> User-Agent: curl/7.35.0
> Host: 192.168.0.1
> Accept: /
> Content-Length: 3932431
> Content-Type: multipart/form-data; boundary=————————464dbec1925a46d8
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Server: uIP/0.9 (http://dunkels.com/adam/uip/)
< Content-type: text/html
<
backup loader Device is Upgrading the Firmware


  • Don’t turn the device off before the Upgrade jobs done !
` `

More notes for this step
The screen will stay with this html/> script on there and at this point you can keep your eyes on the router as nothing will happen on the screen.
You should see lights flashing and reboots. Wait, wait, wait. Failure seems real but it’s not yet…. For me I was stuck on a green light for a really long time and no updates in terminal.

If after 5 minutes (or so) things appear to be ‘stuck’ at that point you could try unplugging the power cable and plugging it back in again to test.

To test to see if it worked, go to the new access IP address which should be 192.168.1.1. If you are prompted for user/password you succeeded.

A few troubleshooting notes

Something didn’t work? Read these next few points for some inspiration:

  • Did you really make a static IP address in step 4? You might think you did but maybe it didn’t work. Check with ifconfig command and see what IP address your computer/laptop has. If it’s not static, things won’t work right.
  • Were you too fast or too slow with the timing of the curl command in Step 5? Timing is a bit finicky here so you may have to try a few times to nail it.
  • If things are really goofy you ‘may’ need to install the original Dlink .bin file and start from there. I doubt it but there are records of this online so I thought I would mention it. You could get this on there by finding this .bin file online and using your new curl skills from above to flash the original .bin on there first.

Bin file name for DIR-615 = dir615_revC_firmware_311NA.bin

command to flash it on:
curl -0vF files=@dir615_revC_firmware_311NA.bin http://192.168.0.1/cgi/index

Follow up notes

  • Reminder! Turn your computer/laptop back to DHCP mode from static IP otherwise you might not be able to connect at all to your new router! I made this mistake way too many times and easy to forget.
  • After getting things up and running and if you need ddns, reboot device via ssh. when it comes back, then you could try this tutorial I wrote for the No-ip service. Here is a link to that tutorial.

Tags : , , , , ,

Doing a Really Big and Fast First Upload on a Fresh Nextcloudpi Install (the Samba Way)

Nice long title. Thankfully the speed of getting your first big upload to your new Nextcloudpi (NCP) server won’t be so long, thanks to this tutorial! By spending 10 minutes and doing this tutorial you will be uploading 95% faster (that was my experience).

Assumptions Before Beginning

  • You have full 100% admin access to your NCP (ie. you are the master admin and probably created the server and installed it, or are close friends with the person who did)
  • You have SSH access to your NCP, and you know how to SSH into your NCP. If you don’t… you’ll need to research that first.

1. Confirm the Username in NCP Who Will receive the Big File Shipment

This major upload will need to be associated with a username. In my case, I have created a ‘master-master user’ for this kind of reason. So I will be shipping this big upload to my ‘master-master user’ so that after it’s done that user can assign which files are to be shared with whom (and how). I think this is the right way to do it, even if you are the admin yourself. Topic is open to discussion, but that’s how I roll…

Make sure this user exists in NCP is the key point.

2. SSH into your NCP

NOTE!  Apparently you can do steps 2, 3, and 4 via the NCP web admin so this means you might not need SSH, plus it might be easier.  I won’t have a chance to test myself for a while but try that out first maybe! Otherwise, learn SSH and do the next few steps the way I write.

3. Setup Samba in NCP

  • sudo ncp-config

The first screen is informative and the ‘yes/no’ answers don’t make sense if you read it for grammatical sense. Just chose ‘yes’ which means “I understand that I have to force NCP to ‘scan’ the files when I’m done putting files on the box” This has now (Dec 2018) been fixed by the developers and it now says ‘I understand’ in the option box. Nice and thanks!
You will see:
ACTIVE: NO
PASSWORD: ownyourbits

Type ‘yes’ (no quotes) overtop of ‘no’ in ‘active’ and type in a strong password. You will use this password later and probably you don’t want to give this to anyone else because if you do, that user can go in and mess with other people’s files (I think) Use the Tab key until you arrive at ‘yes’ and press ‘enter’

It should automatically create the ‘samba shares’ for each username you have already put into the system. This means that every user in your box can also access files on the cloud this way and not just with a nextcloud client user features. But the main point is that we’ll be able to move files quickly across the Local Area Network (LAN)

Once this part is done, press any key it will bring you back to your ncp-config screen.

Tab twice until you hit ‘finish’ and then press enter. That will bring you back to your terminal.

4. Do your Samba Shares (and I don’t mean the dance….)

In this example I will be using Ubuntu desktop, so if you are using some other operating system – tough bananas – and you’ll have to search some other tutorial about how to connect your computer to your NCP using Samba.

First, open Nautilus (also called ‘Files” if you mouse-over it. The thing that lets you browser your files on your computer and looks like a file cabinet.

Next, go down to ‘Other Locations’ on the left panel and click it. In this case we want to use the LAN IP address because that’s the whole point of this exercse – fast transfer across LAN instead of going through the internets…

As soon as you enter it in, assuming your box is on, it will find all those usenames and folders for them automatically. Double click the one you want to dump all the files into (probably your master-master admin account). The next part, although it seems easy – is not! But the reward is great so let’s do it.

I realized that what you need here for the username is indeed the NCP username but, but, but.. the password is the one you created in step 3 above! So tricky but alas…

5. “You like to Move it, Move it.”

Let’s move the files now. In Nautilus, middle mouse click wherever your main dump of files are. That will open up a new Nautilius tab from where you can drag, drop stuff into the other tab you just logged into. I just find this a nice and easy way but you can drag drop files there however you like.

Now, select everything you want to move and move them into your NCP user’s Nautilus tab.

Note: You should consider doing this piece by piece unlike me who tried to move 13 GB at a time. You don’t have an easy way to check the progress in this way so consider doing these moves small pieces at a time so you can see progress more easily.

While this is file move is happening, read on to the next section because you’ll have to tell NCP to scan the files when it’s done.

6. Scan the Files

After the move is completely finished from step __ above, in your Nextcloudpi web admin area, scroll down to the ‘nc-scan’ section and run it. It took much less time than I expected. It quickly scans all the files associated with all the users and (I guess) says ‘hey, there is a file here connected to this user’. After running the scan NCP is ready to roll.

7. Start your sharing

Log into the account you just put the files in and start sharing as you like and normally do.

We here at wayne(outthere) hope this made your day shiny and bright. Have a nice day.

Tags : , , , , ,

Setting up Nextcloudpi (NCP) with an Encrypted Hard Drive

The following tutorial is how you can setup an encrypted hard drive to work with Nextcloudpi. Please note that there are a few steps you will have to perform every time your pi goes down because the drive will require decrypting. Basic understanding of the command line will be required for this so if you don’t have these skills locate someone who does. One step that should be complete before beginning is formatting your encrypted drive. We recommend following this tutorial for setting up your drive.

1. Flashing Nextcloudpi onto the SD Card using Etcher

Go and find Etcher. There are other ways to do it but Etcher works really well and fast. They seem to have deb packages now if you are Ubuntu/Debian

2. Download the appropriate NCP image

Here is the repository for the NCP downloads. Make sure to get the right one as there are different ‘flavours’ of raspberry pi’s out there. Consider asking a community member. Generally it will be the generic RPi version if you are on a raspberry pi.

3. Extract the image from the downloaded archive

This extraction of the downloaded archive takes a bit more time than I expected so maybe get a coffee or play with your cat. Just saying. The extracted version is what you’ll flash to the card in the next steps, however, I think Etcher can use the raw archive but I’m too lazy to research that…

4. Flash the NCP Image to the SD Card

The instructions are pretty hard to mess up with Etcher in terms of how to use it. Just do it, but read the next important note (seriously read it, that’s why i put it bold and I’m mentioning it before you even read it)

Important usefule note!! It’s very easy to create a tragedy when flashing an image onto an SD card since Etcher doesn’t care that much what you are flashing on. I recommend physically removing any drive you don’t want to screw up. If you don’t it’s possibe to accidentally flash this onto your drive and completely kill it. Again, physically remove the drives you don’t want to kill and you’ll be a happier person.

  • Optional Step if you have previously attempted an Installation on this computer (clearly out your history)
    If you have already accessed a nextcloud server from Firefox and accessed it via ssh. While image is flashing onto the SD, remove historical garbage that will screw things up:
    • Remove cached stuff in Firefox (assuming Firefox)
      By going to settings and preferences / privacy & security / Cookies & Site data-Manage Data, then search IP address of your box and ‘remove’ and then ‘save’. It will give a warning which you say ok to. Not doing this might prevent you from accessing your box on same IP address with new install
    • Remove ‘known_hosts’ from SSH.
      This makes sure your old SSH keys and such don’t get in the way of a new SSH setup. In terminal go to /home/user(whatever it is) / .ssh.
      Now you are in the .ssh folder. Now type rm known_hosts.

5. Plug in Encrypted Drive

This step assumes you have already encrypted your drive. If you haven’t or aren’t sure if you have, don’t continue but instead refer to comment in pre-amble above.

6. Put newly-etched SD card with NCP image on it, into your Raspberry Pi and plug it in.

About 2 minutes later you should be able to move to next step. If it hangs, you’re too zealous… and chill. If you find the page won’t load, perhaps you already tried an installation and you need to follow the ‘optional steps’ above?

7. Go to IP address of your Pi in your Browser

If you don’t know the IP address of your Pi yet, you can get it from your router (if you know how) or you can use tools like nmap and zenmap to do this on your network. They scan to show what devices are there and their IP addresses. After entering your IP address into the browser URL (something like 192.168.x.xx), you will be prompted with an activation page. But righ before that you will be prompted to accept the not secure connection (which is fine for this part).

Save those passwords somewhere safe (note the convenient clipboard icon which automatically copies the long string to clipboard!) (I use KeepassX and ‘activate’ installation. Should take a minute or two. If it hangs on the activation page for more than 5 minutes, although unlikely, you may need to re-flash the image from Step 1 above as there could be a problem with the way the image flashed onto the card.

8. Enter user and password into the prompt box.

These are the passwords you saved from step 5. Specifically it will be the password for the top one (:4443). The user is ‘ncp’ and the password is that long string of gobbly gook you saved in Step 5 above. You may/will also need to confirm security exception here again (which is normal).

9. Skip the installation wizard when prompted

We are skipping this step since we are adding an encrypted drive. We’ll do part of it later.

10. (Optional) Make Static IP

You can skipt this step, but I think it’s smart for your future to make a static IP for your NCP at this point because some routers tend to change it etc, etc. Just go to the nc-static-IP option and type in what you like and what will work in your unique network config.

Power off and get back to this web admin area so that your router/network will have new static IP if you did this step. You can do this with the power button icon in the top right of NCP admin, too, but when it comes back remember you’ll need to change the URL to the new IP in your browser.

11. Activate SSH in NCP admin

  • On the left hand column you will see the SSH option in the NCP admin page. Go there and click the activate checkbox and enter an easy password. You can enter something as simple as 1234 here since it won’t be your ‘actual password’.
  • Go to your terminal and do ssh pi@xxx.xxx.x.xx where the x’s are your pi’s IP address discovered in step 5 above.
  • At the first prompt you enter the 1234 (easy password) you just made in the NCP admin page. This next part is a bit ‘weird’ if you haven’t dont it because it will kick back a request for the same password again.
  • Enter it again.
  • NOW you enter a real and strong SSH password that you will use for actual access to your box. Make sure it’s strong and you don’t lose it.
  • Once you enter that it will log you out of SSH again and force you to log in again with your new and real password.

Mastering this step is critical because you’ll need SSH access to do encrypted drive stuff (such as decrypting it every time the power goes off) if something ‘goes wrong’ usually you can access your pi via SSH to try to fix it. Note: if you are prompted for the key fingerprint (should be) then answer ‘yes’.

12. Update your Pi-kages

This is to make sure you have the packages required to do useful stuff such as encrypt your drive. The cryptsetup package is in here so if ou want to do steps 11 below you better run these two:

sudo apt update
sudo apt upgrade

9. Do an NCP Update

Log in again with ssh pi@xxx.xxx.x.xx and run this command below. This is to make sure that your packages includ the ‘cryptsetup’ package and also makes sure that your box is up to date:

sudo ncp-update

10. Make Apache2 not start on boot.

Making apache2 not start on boot lets you decrypt your encrypted drive before the system starts up. If/when your pi goes down, you will need to later go in and manually mount the drive each time (instructions to follow):

sudo update-rc.d apache2 disable

Remember: when the power goes off your Nextcloud will not work until you go in with SSH, decrypt drive, and restart apache2. More on this later…

11. Pre-Mounting of the Encrypted Drive

From this point we assume your drive is already encrypted in Luks format. If it’s not refer to [this page](link to come) for those instructions

  • a) Install the encryption toolset so you can decrypt your drive on NCP sudo apt install cryptsetup
  • b) Check your pi to make sure the drive is showing up at least sudo lsblk

Mine shows up as ‘sda’ but yours might be different. Look at profile of it and make sure it’s at least there.

  • c) Key step: –> make sure contents of encypted drive are EMPTY…..
  • d) Decrypt the drive so it’s usable by Nextcloud. You’ll need your drive de-cryption password here (and every single time you reboot your NCP…so get used to this step…): sudo cryptsetup luksOpen /dev/sda gcw2
  • e) Check again to make sure drive is looking right sudo lsblk
    Mine looks like this:

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 232.9G 0 disk
└─gcw2 254:0 0 232.9G 0 crypt

12. Start apache

This makes your nextcloud stuff work so you can reach it in a browser

sudo /etc/init.d/apache2 start

13. Run the NCP Installation Wizard to Move Files to Encrypted Drive

  • Go to the address of your pi in your browser with :4443/wizard at the end to access the first run wizard in NCP https://xxx.xxx.x.xx:4443/wizard
  • “Do you want to save Nextcloud data in a USB drive?” Yes.
  • “Plug in the USB drive and hit continue.” –> it’s plugged in so ‘continue’
  • “If you want to prepare the USB drive to be used with NextCloudPi hit Format USB. Skip if already formated as ext4 or BTRFS. Attention! This will format your USB drive as BTRFS and will destroy any current data.” –> Skip formatting of drive because it’s encrypted and you want to keep it that way
  • Move data to USB –> click the button
  • Go through the ‘external access’ wizard however you like. I do mine manually in router
  • For DDNS, I skip and do mine manually in router as well with No-ip but you can try this if you want. This is not the point of this tutorial This should make your nc-datadir point to your drive meaning that your hard files will now save to the encrypted USB drive instead of to the stock SD card which is by default where they would go. You will know if this part was successful because nc-automount and nc-datadir should will change from an orange colour to a green colour in the bottom right side of your browser screen.
  • Go back to web admin panel from there

14. Run the nc-database move feature in the NCP admin panel

Again, make sure the hard drive is completely clear at this point. It’s probably possible to move a previous existing database here, but it’s out of the scope of my ability or this tutorial. You can investigate it yourself but this is assuming you have a clear drive.

Bonus section you hopefully won’t need

If you got a green light above in the last step don’t even read this section and skip to Step 15. If you have a problem where you try to do the above step and it gives you a permission So what happens here with encryption is a ‘symlink’ is created so it’s this symlink that needs to get the right permissions or NCP can’t do it’s thing with the step above. This may be a bug that no one else sees, but I’m leaving a few hints here in case we need it later:

In the next steps you have to in your terminal go to your /media/ folder and correct a permission manually before you are able to use the NCP ncdatabase function. if you have done previous nextcloud installations with their default directories on this drive, you will need to wipe out whatever is there before you move forward.

sudo chmod o+xr /media/gcw-ssd

(gcw-ssd is the name of the symlink created on your drive that points to USBdrive in Nextcloud)

Now go back to your NCP web area and do the nc-database move and it should work.

Command to empty your folders complete are as follow (use with caution, of course because this will ruin your day if you do it to the wrong dir!)

(if it’s not empty run: sudo rm -rf /media/USBdrive/ncdatabase)

You might also like to keep this command handy to check permissions if someone asks:
sudo ls -ld

15. LetsEncrypt – nice and easy.

This is a good chance to relax and do some Lets Encrypt since it’s easy and satisfying. Go to the left panel of web admin find letsencrypt, fill in the blanks, and press go. Now you should be able to find your box from the internets with secure connection too. You’ll need your dynamic dns url at this point to make it all work so go and do that at no-ip.com or whatever you like. S

16. Reboot system to make sure things are working as they ought

  • Shut down your box with command:
    sudo reboot
  • To be sure it’s back up you can ping xxx.xxx.x.xx (your box). When it starts responding you should be ready to ssh in
  • SSH in (see instructions above in Step 8) At this point, because you made apache2 not start on reboot, neither your NCP admin pages nor your nextcloud instance will be accessible. We will proceed with a new section now which will be your process to get it back up each time the power goes down or it’s rebooted.

17. Getting things back up after a reboot:

  • Unlock/decrypt drive. Note: yours will not be ‘gcw2’ – that’s just my example. Can be whatever you like.
  • sudo cryptsetup luksOpen /dev/sda gcw2
  • Enter your decryption password for drive
  • Restart apache (see above)
  • sudo /etc/init.d/apache2 start

Celebrate if it’s working! Try again if it’s not!

Special thanks to Tobias, Nachoparker and Kevin for all your hard work with me getting it this far!

Tags : , , , , ,

Stop Fighting Apple-Just Force this Disclosure on buyers!

I’m super bored reading these kind of stories.  I’ve been free from such software and hardware for many years so at this point it’s just boring.  However, I do have a solution instead of trying to sue them for monopolizing or overcharging: just force a really simple, plain language disclosure document before the sale of any Apple Inc device. Here is my proposed disclosure:


I understand that by purchasing this Apple Inc device I will be forced into a software environment called the “App Store” that is the equivalent of a rigid monopolist jail cell.  I understand that the only apps I will be able to install must come from this Apple ‘App Store’.  There is no other way to get an app without violating your warranties but through this monopolist app store .

Because Apple Inc will take from the software developers who develop for this device a mandatory 30% of the purchase price when you purchase an app through their system, I could either be spending money on an app that could be otherwise free, or spending 30% more than I could while software developers try to make up for their business losses from this significant commission that Apple unilaterally takes for itself. 

Furthermore, I also understand that I will risk the chance of having my device’s performance remotely throttled by Apple Inc whenever they feel it is right to do so and without first consulting me about it.  I also understand that even the hardware itself is made with proprietary connectors (i.e. chargers) that will not work with other standard industry connectors.

I also understand that there are other software systems such as Linux which has operating systems such as Ubuntu, that respect my freedom and choices, and provide free software and free delivery of software and that are capable of running on top of many different types of hardware, including mobile phones.  I understand that many of the large corporations (such as Apple, Google) run these Linux systems for their own computers and servers. 

I declare that no one is forcing me to enter into this relationship with Apple Inc, that I have do have choices, that I have been warned, and I now choose to move forward with this purchase and risk suffering all of the above pains.

________________________

Apple Inc Device Customer

 

__________________________
Date of purchase

 


 

Tags : , , , , , , , , ,

Ubuntu: The Relationship Between Freedom and Quality in The Software World

Unlike previous blog posts, I’m going to start this one with two exciting tables to get you thinking. In the first table, I increased freedom and in the second table, I decreased it so that we could look at the effect, if any, on other items. Sorry, they are just image screenshots:

wot_decreased_freedoms wot_increased_freedoms

Someone sent me over this article written by Mark Shuttleworth, chief of Canonical – the company behind Ubuntu.

Usually, Mr. Shuttleworth writes with excitement, hope, positivity and other such forward-moving adjectives. Unlike pretty much anything else I have read written by him, this article sounded more like a dad who was forced by his disobedient kids to lay down the hard law. Just the tone alone being so different from his usual, caught my attention.

It appears that some unnamed European corporation has taken the Ubuntu code (written for free by many coders and volunteers around the world and maintained by the for-profit company Canonical at their heavy cost of time and money), done a few ‘things’ to it, and published it as ‘their own’. For full disclosure, I haven’t done any of my own research like looking at the notice of claims against them. However, what I’m picking up from the article is that the soon-to-be defendantscontributed little or nothing to the base code that made ubuntu what it is today

  • invested little or no money to the ubuntu project
  • decreased the quality of the user experience
  • harmed the Ubuntu name
  • harmed Canonical by means of all of the above

If this is true, it should not be difficult to prove monetary damages for Canonical plus I’m guessing there will be a lot of angry programmers out there who would rally beside Mr. Shuttleworth for screwing up all their volunteer work.

From a bird’s eye view it seems like a suitable analogy for this behaviour would be something like this:

Imagine a grade 5 teacher creating a cool project where the students build a gizmo that’s valuable to the world – let’s say it creates clean drinking water out of thin air. Next thing you know, all the parents and grandparents are excited about the project and start volunteering their time to help build it and make it better. Next thing you know, a company (let’s call them Company A) picks up on the project and realizes that they can help improve the project by funding certain parts plus they can make some money as well because some industries will want an industrial version of these water-makers which is out of the scope of these volunteers time/money to build or support. So Company A starts investing time and money and builds a business around it while continuing to support the kids’ gizmo proliferation around the world. Out of nowhere, Company B, which has not participated in the project at all, shows up, takes the plans that all these volunteers made and improved on over the years at the cost of their time (and at Company A’s expense, too), and starts making their own industrial water-makers. They slap their own brand on it, change one or two small things and start making money. Then problems start happening. They don’t have a volunteer base of countless thousands who can jump in to improve or fix things when they go wrong, so this makes sense. Company B then routes all the problems of their customers to Company A saying “they have support over there, I think…”

I’m guessing that there would be lots of angry kids and grandparents and most people would agree to take action to stop Company B.

The question of this soon-to-be lawsuit will probably hinge entirely on the licensing of the software. Has this European company violated any software license agreements including the free software licenses of Ubuntu? What exactly did they change? Are they guilty of changing the code or are they guilty of not supporting the code? It will be interesting to read the claim, for sure (if you like reading litigation documents)

This also got me thinking about correlation between freedom and regulation. I know that one of the main reasons why myself and others moved to Ubuntu was for the freedom. We didn’t want to be told by bullies like Apple or Microsoft how we are going to be using our hardware and who will be accessing our private information. I started thinking about un-related industries and correlations between different things when you increase or decrease freedom. I thought it would be timely to share the quick charts that I built.

(review charts above again)

As you can see from the charts, it was an interesting exercise. It seems that in most cases clear changes occur in most columns – except one. I could not determine in any instance that quality increased or decreased with the increase *or decrease* of freedom. At a glance you might quickly disagree with my conclusions, but allow me to explain them.

Drinking water: Although you may increase regulation and decrease freedom to do what you want with your drinking water, it is debatable that the government controlled waters with chlorine, fluoride, and who knows what, is better for you that this or that in a free stream of water. The long term jury is still out on this one.

Voting: To clarify I am referring simply to the freedom to vote and having a regulatory system to govern the actual elections and voting procedure. By regulating or not, does it really help improve the final product (the person you are voting for)?  Point proven in recent elections in big North American country…

Guns: Perhaps you could say the quality of the actual physical gun might improve with regulation…. I don’t know enough on the topic, but it would seem to me that a nice old man building a gun in his shop could do just as well as a heavily-regulated gun factory.

Religions beliefs: the ‘negative event’ here would be something like a mass suicide with a cult. The Catholic church is heavily regulated, but is the quality of faith and the fruit of believers higher?

Marriage: I was thinking here free-love marriages versus arranged marriages. Although one might think that by choosing your spouse, instead of your parents choosing him/her might yield a higher-quality spouse/match, I believe the jury is still out on this. Look at the divorces in ‘love marriages’, for example.

So when it’s all said and done the only category where I felt freedom had a measurable impact on quality was in the realm of computer code. No one will deny that the fruity computer company typically has typically stable software which works on stable hardware. But on the other hand, very few of its users, when asked, deny that they feel stifled, controlled and possibly even spied on – if not totally ‘stuck’.

And so there seems to be a much more pronounced correlation between freedom and quality in the world of code.

And that also is why this will be a very interesting legal case to follow. Will Shuttleworth be tempted to pull in some of the freedoms of the Ubuntu code base in order to maintain the quality that Ubuntu deserves? Will a task force of lawyers be commissioned to seek and attack low quality Ubuntu publishers much like how a big proprietary corporation might do?

Until now Ubuntu has wowed the world with its ability to stay both free and yet maintain an incredibly high quality final product which I can boldly say is the same and better than competing proprietary systems in every category. The proof of this quality has been in the pudding with fast world-wide growth with more and more everyday users converting 100% to ubuntu and also in the realm of innovation (look it all up yourself because I don’t even know where to begin!).

On the one hand I’m completely in agreement that selfish individuals and corporations should be stopped in their tracks and made to pay for damaging others. On the other hand, I’m also keenly aware that the freedom of the Ubuntu code must remain of higher importance overall.

I find myself favouring the ‘whatever-it-takes-to-make-sure-ubuntu-comes-out-the-winner’ side but I will remain full open to all sides of this story.

 

Tags : , , , , , , , ,

The Future of Ham Radio: Freedom

This article on the ARRL website summarizes quite well the situation with ham radio – and radio in general.

Although it is exciting to be part of a club of radio enthusiasts around the world, one must question whether the licensing system on its own is a hindrance both to freedom and innovation.

The basic debate has these two sides:

Restrict Frequencies for Licencees

“By proving skills and taking tests, you can keep a higher quality of person on the frequencies.  If we don’t do this we will have CB radio on ham frequencies”

Let Them Go

“By restricting access to the airwaves we all breath and share, you are exerting controls that should not be there – especially on a technology that enables humans to transmit data.  By restricting the airwaves you are limiting both God-given freedom of speech but also innovation because the technology remains only in the hands of those who can (and will) exploit it for gain.”

And it’s a very great debate and one worthy of fighting for.

Tags : , , ,