Category Archives: Linux Notes

Arch Linux OpenVPN Server on Raspberry Pi (part 2)

Once yaourt has been configured, download the “netcfg” package by issuing the following commands;

yaourt netcfg

There will be a list of programs that have netcfg as a search string. Choose the netcfg by the appropriate number:

If you are editor savvy then choose to edit the file before it is downloaded to suit your purposes. There will be a prompt to delete the network package (netctl) which is automatically shipped with Arch. Accept the changes.

Setting up the network on for the OpenVPN server

A quick word about subnets –

The setup is a client to site bridge and as a consequence the client is connecting to the servers network. To avoid conflict in connection, the server subnet should be different from the client subnet. To illustrate by example, if the client subnet is of the following configuration 192.168.1.0/24, then the server subnet should be 172.17.173.0/24 to avoid a routing conflict. So if the server subnet is 192.168.1.0/24 then there would be a routing conflict.

The genreral advice is that the server subnet should be of a non-standard subnet with the folowing choice:

10.0.0.0 – 10.255.255.255

172.16.0.0. – 172.31.255.255

192.168.0.0 – 192.168.255.255

The network configuration can be easily be changed in the network configuration for the wireless router.

If using linux, information of the network configuration can easily be found using the following commands via CLI;

iwconfig

ifconfig

ip route

Setting up a static IP Address

This setup uses the “netcfg” framework to manage the network connections, which include the following;

A VPN tap adapter

A Bridge adapter

Ethernet which is already handled by the bridge adapter.

As mentioned previously, the Arch setup is a CLI affair. Use Nano (editor) to open a new file called bridge. To do this change into the directory and create the file entitled bridge via the following commands;

cd /etc/network.d

nano bridge

Then type the following exactly apart for your own network values;

INTERFACE=”br0”

CONNECTION=”bridge”

DESCRIPTION=”VPN Bridge Connection”

BRIDGE INTERFACES=”eth0”

IP=’static’

ADDR=’192.168.1.0′

NETMASK=’24’

GATEWAY=’192.168.1.254′

DNS=’192.168.1.254′

the file is saved by CTRL + O and then exit out of the editor (CTRL+X). The VPN Adapter is added at a later stage.

The next step is to configure which profile netcfg will load by editing the following file;

/etc/conf.d/netcfg

and configuring the networks as follows:

NETWORKS=(bridge)

Save and exit nano. The next step is to disable DHCP and enable the ethernet static IP address by the following commands:

systemctl disable dhcpd@eth0.service

systemctl enable netcfg.service

Reboot the Pi to enable the changes.

part 3 to follow

Arch Linux OpenVPN Server on Raspberry Pi

Brief introduction

After reading so many articles in setting up a VPN for the Raspberry Pi the one used in this guide was published in Linux User and Developer Magazine. Whilst the article is excellent, expanded notes have been added for those new to Linux. This is split over three posts so please be patient.

Arch Linux has been used as the OS for the OpenVPN Server on the Raspberry Pi and for the OpenVPN Client the OS given reference to is any Debian based OS.

The following link sums up what an OpenVPN is;

http://en.wikipedia.org/wiki/OpenVPN

and for the Arch Linux description please see the following summary;

  1. OpenVPN is a robust and highly flexible VPN daemon. OpenVPN supports SSL/TLS security, Ethernet bridging, TCP or UDP tunnel transport through proxies or NAT, support for dynamic IP addresses and DHCP, scalability to hundreds or thousands of users, and portability to most major OS platforms.
  2. OpenVPN is tightly bound to the OpenSSL library, and derives much of its crypto capabilities from it.
  3. OpenVPN supports conventional encryption using a pre-shared secret key (Static Key mode) or public key security (SSL/TLS mode) using client & server certificates. OpenVPN also supports unencrypted TCP/UDP tunnels.
  4. OpenVPN is designed to work with the TUN/TAP virtual networking interface that exists on most platforms.
  5. Overall, OpenVPN aims to offer many of the key features of IPSec but with a relatively lightweight footprint.
  6. OpenVPN was written by James Yonan and is published under the GNU General Public License (GPL).

source: http://en.wikipedia.org/wiki/OpenVPN

Preparation

OpenVPN Client on the Raspberry Pi – Please note that because Arch Linux is a rolling release, “netcfg” is not available in the main repos. Also GUI is a not default on Arch so there is a reliance on the command line.

For instructions on flashing the latest Arch Linux ARM image please see the following link;

http://archlinuxarm.org/platforms/armv6/raspberry-pi#qt-platform_tabs-ui-tabs2

The user name is root and the password is root at the Arch Linux login prompt. If you are using wireless rather than wired connection then run the following command to gain internet access;

wifi-menu

Choose the correct AP, then run the following command;

pacman -Syu

to update system.

The VPN server on this set-up for the Raspberry Pi is be made up of the following software components:

  1. Base Arch Linux system
  2. OpenVPN – the software used to create a secure VPN
  3. Netcfg – used to easily manage the multiple network adapters needed
  4. Bridge-utils – used to bridge the VPN and Ethernet adaptors
  5. SSH – will provide secure remote access to the Raspberry Pi and the files on it

To download the main components as listed bar “netcfg” run the following command;

pacman -S noip bridge-utils openvpn

Netcfg is based in the unofficial arch repos (AUR). So to download any packages from here you will need packer or another program like yaourt. To download yaourt run the following;

curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz

tar zxvf package-query.tar.gz

cd package-query

makepkg -si

cd ..

curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz

tar zxvf yaourt.tar.gz

cd yaourt

makepkg -si

cd ..

Part 2

Tender beginnings with Python

These are scrap book notes on the basics of Python Programming. This is not meant to be definitive guide as there is no “correct” way to play with linux..

I use two distros, Debian and Arch Linux. The body of reference used for the notes is “Python Programming for the absolute beginner, Michael Dawson. If you are new to Python, there are various versions of Python. The book uses Python 3.1.1.

The Raspberry Pi comes with python and related tools pre-installed but if you are new to Python and Linux then you may not realise (as I have done) to use the correct versions on a separate Linux box.

There are many articles on how to download Python version 3.x – the easiest method is

Open root in your favourite terminal and run the following

apt-get install python3.2

once loaded exit out of root and your may open python via the GUI or type

python3.2

on the command line. Debian comes preloaded with various versions of python so stating the version is important if using the command line.

Why do I mention this? Because this affects the way the syntax is used. There are also various programs that you are able to use to code in Python; Vi Editor, IDLE, Gedit etc..

The one that I am using is IDLE as it is the easiest because it is specifically designed to be used with Python. To download,

Open as root in the terminal of your choice. Run the following command;

apt-cache search idle

this comes up with a list of results. The one to look out for is

idle3 or

idle-python3.2

I have loaded the latter by running the following command

apt-get install idle-python3.2

exit out of root and to run idle from the command line type the following

idle-python3.2

Writing your first program – open idle and type the following.

print(“hello world”)

in order to run the program you will have to save it, so do so in a folder of your choice. Then hit F5.. it should print out hello world

The task of the print () function is to display a value (or a sequence of values). You can call a function by using the function name followed by a set of parentheses. You can also pass a function values to work with called arguments between the parentheses.

In the example above you passed the print () function with the argument “hello world”, which the function used to display the message hello world

More to follow..

Minecraft-Pi : the first stages

Minecraft, heavily inspired by Infiniminer, is a sandbox indie video game written in Java originally created by Marcus “Notch”W Persson. The game focuses on allowing the player to explore, interact with, and modify a dynamically generated map made of one meter sized blocks..

For more information, please click the following links..

http://minecraft.gamepedia.com/Minecraft

http://minecraft.gamepedia.com/Pi_Edition

Preparing the SD Card

The following instructions are applicable if you are running Linux. Place SD card in the computer.

Run the following command –

df -h – this gives information of the mounted devices.. You should be looking for the following output

/dev/mmcblk0p1

Unmount the device –

umount mmcblk0p1

I like to format the disk, so I run the following command. To do this you need to be a superuser;

mkfs.vfat -n {name of device of your choosing} dev/mmcblk0

Two things to note, the name of the device is without the braces and the p1 is left out off the device’s name

as an example, mine is the following;

mkfs.vfat -n minecraft -I /dev/mmcblk0

This will take a few moments..

To load the Raspbian image on the SD card run the following;

dd bs=1M if=2013-09-25-wheezy-raspbian.img of=/dev/mmcblk0

This will a bit of time so you could make yourself a cuppa..

Once the image has been loaded place the SD Card in the Raspberry Pi and boot up..

Connect the Pi to the internet and run the following commands..

sudo apt-get update

sudo apt-get dist-upgrade

Loading Minecraft on the Pi

cd into your home folder

cd ~

download the minecraft package

wget https://s3.amazonaws.com/assets.minecraft.net/pi/minecraft-pi-0.1.1.tar.gz

decompress the tar

tar -zxvf minecraft-pi-0.1.1.tar.gz

move into the minecraft directory

cd mcpi

and to run game

./minecraft-pi

🙂

David Whale – The Raspberry Pi Expert

I came across David Whale in Foyles in London 2 weeks ago whilst purchasing a copy of Practical Raspberry Pi by Brenda Horan. The main reason for the purchase was to look into the subject of cross compiling.  The initial question that I asked David was based on how accurate chapters and articles in books and magazines are referencing projects related to the Raspberry Pi.

We both agreed that articles written on any projects related to the Raspberry Pi in magazines contain a number of inaccuracies but he did go on to say that anything that is published in books goes through much more of a stringent control process than in magazines.

Now you may be wondering why I spoke to David? David runs a blog on some very exciting Raspberry Pi Projects one of which that stands out is the “Raspberry Pi Internet of Things Demonstrator”. Why? Because it aptly defines the concept of “The Internet of Things”.

The Demonstrator is basically two Raspberry Pi’s connected with each other in a controlled environment over a simple LAN. The aim of the project is to ask partipants to come up with ideas of what the two devices would be communicating.

Let me briefly mention what we mean by the Internet of Things – if a “thing” can be connected over the internet, it will be able to participate in the WWW network of sensors and output devices (referencing David’s blog). The concept can be applied to various ideas which include healthcare, crop management and security.

To use an recent commercial example. The Good Night Lamp is based on sharing presence and availability of people across the globe. The idea – once a Primary lamp is switched on in a location (any where in the world) then any lamps that are connected also switch on simultaneously.

For more interesting Raspberry Pi projects by David click here .

Back from the Wilderness with Linux

This is a first of a series of posts looking at alternative Mobile devices and Operating Systems that are not as well known as the “Big Boys” (you know which ones I am referring to) and their impact on the Location Based Services Ecosystem.

I have used Linux for 6 years now but only as an alternative to Windows. However for the last 8 months or so I have been focused in understanding the command line and with the advent of re-flashing my Nokia N900 due to a faulty camera (the fault is with a bug in the module for the flash operation) I have decided today, to give a very brief overview of my thoughts.

So why would I use a 3 year phone? For two main reasons. First because Easy Debian (a customised version of a flavour called Debian) can be installed on the external microSD card which allows for a fully functioning Debian system. The icing on the cake is the Nokia N900 can be used as a device for browsing through the Iceweasel browser with addons, giving a level of privacy which other mobiles phones are unable to do.  I don’t have to sign in to use a repository update or download a program (app) and let Google or any other pernicious OS use my behaviour to build a profile and sell that data with out my knowledge. In a world where privacy is a luxury, the Nokia N900 and other similar devices allow me to partake of this precious fruit.

And secondly, because of the Mer project as well as Nemo OS both of which are closely related to Tizen and Sailfish OS – to be explained further in my next post.  With the advent of these new Mobile OS’s (Tizen and Sailfish)  and the new Mozilla Phones, the privacy issue could be re-addressed and brought back in balance from a world where corporates are aware of one’s every move.

The Nokia N900 is not as powerful as the newer Android or iPhone cousins but there is a level of pliability which comes with the territory when using Linux which is not experienced with the newer OS. There are restrictions whilst using Easy Debian because it is used in conjunction with Maemo (the underlying OS driving the N900) but I still have to understand what those mean as I am in the latter stages in “cutting my teeth” with the system.

My sole focus was on Arch Linux as I feel I was blinded by the sheer difficult learning curve that I had to endure whilst mastering a level which would place me in the non noob grade. What changed my perception is the advent of another unstable OS distro entitled Aptosid. This post mentioned the blog writers migration from Arch to this “Sid” distro highlighting a key issue related to the security of the package manager (which Arch has addressed). This was enough for push for me to use this in conjuction with Arch.

Debian is one system that I have always liked but not really understood – I found it to be a bit regimented for my liking but Aptosid showed me that it can be as flexible as Arch. But most importantly it taught me the community was more open about how secure one can and has to be with solutions for every scenario.

So what is the next step?  I’m looking at flashing Nemo OS on the second N900 to test how good it is.

Next post will cover the Mer project and the new Firefox OS.