Ubuntu 7.04 - Disable Recent Documents
There is not an obvious way to disable the Recent Documents menu under the Places menu if you don’t want to use that feature. Here is how I do it:
Open a terminal window and execute these two commands:
$ rm ~/.recently-used.xbel
$ mkdir ~/.recently-used.xbel
Replacing that file with a directory seems to be the only way to keep it from being populated.
Ubuntu 7.04 - Install VMWare-Server from the Ubuntu Commercial Repository
Here is how to install the free VMWare Server application from the Ubuntu Commercial Repository. Note that during the install you will need a VMWare Server key, which you can get for free here.
1. Add the Commercial Repository to your sources. Here is how I do it:
A. Launch Synaptic.
$ sudo synapticB. Click Settings -> Repositories
C. Click the Third-Party Software tab.
D. Click Add.
E. Enter the following line and then click Add Source:
deb http://archive.canonical.com/ubuntu feisty-commercial mainF. Click Close.
G. Click the Reload button in the upper left to have Synaptic update itself with the new repository. Close Synaptic.
2. Install the vmware-server package with the following command:
$ sudo aptitude install vmware-server
Ubuntu 7.04 - Enable/Disable Remote Desktop from the Command Line
First, enable Remote Desktop in Gnome by going to System -> Preferences -> Remote Desktop.
Check ‘Allow other users to view your desktop’.
Check ‘Allow other users to control your desktop’.
Uncheck ‘Ask you for confirmation’.
Type in the password you want to use.
Click Close.
Remote Desktop is now running on your machine.
Now, open a terminal and type this command:
$ gconftool-2 -s -t bool /desktop/gnome/remote_access/enabled false
Go back to System -> Preferences -> Remote Desktop. You will see that it is now turned off.
You can turn it back on from the command line using this command:
$ gconftool-2 -s -t bool /desktop/gnome/remote_access/enabled true
The reason I find these commands handy is that I like to only turn on Remote Desktop when I actually need to use it. So, after I set up SSH and secure it, I then log into my machine remotely via SSH and run the command to enable Remote Desktop. Once I do that, I can then open up VNC Viewer from the remote machine, and do what I need to do. I then disable Remote Desktop via SSH with the disable command so that the server is no longer available to myself or anyone else that might try to access it.
I have taken this a step further on my machine and simplified this process by creating two bash shell scripts:
startvnc.sh
#!/bin/bash
#
# This script starts enables System -> Preferences -> Remote Desktopgconftool-2 -s -t bool /desktop/gnome/remote_access/enabled true
stopvnc.sh
#!/bin/bash
#
# This script starts enables System -> Preferences -> Remote Desktopgconftool-2 -s -t bool /desktop/gnome/remote_access/enabled false
After creating those scripts, I make them executable with this command:
$ chmod +x startvnc.sh
$ chmod +x stopvnc.sh
I then make aliases to them. Open ~/.bashrc in a text editor, scroll to the bottom, and type in these two lines:
alias startvnc=/path/to/your/startvnc.sh
alias stopvnc=/path/to/your/stopvnc.sh
Now, when you SSH into your box (or open a command line), you can just type $ startvnc to enable Remote Desktop, or $ stopvnc to disable Remote Desktop.
*Remember, if you are behind a firewall, you have to allow access through port 5900 if you want to Remote Desktop into your default display (:0).
Ubuntu 7.04 - Use Windows XP inside of Linux
Virtualization allows you to create a ‘virtual machine’, which is essentially an application that runs another operating system inside of your current operating system. There are several different virtualization solutions available, some of which include QEMU, Xen, VirtualBox, and VMWare. This post will detail how to set up Windows XP in VMWare.
VMWare sells virtualization products and also offers some tools at no cost. One of their no cost tools is called VMWare Server, which lets you build and run virtual machines. I personally prefer another one of their no cost tools called VMWare Player, which allows you to run an already created Virtual Machine.
I install VMWare Player from the repositories with this command:
$ sudo aptitude install vmware-player
I then create my own virtual machine from scratch. I use the website EasyVMX to create the virtual machine shell that I will then install Windows XP into. This virtual machine shell consists of two components - a configuration file (VMX), and a virtual hard disk (split into multiple files depending on the size). So, at EasyVMX, I create my virtual machine with the following settings:
- Virtual Machine Name: xp_pro (or xp_home)
- Select Guest OS - either XP Pro or XP Home, whichever you are going to install
Network Configuration
- Use the default settings
Disk Configuration
- Floppy Disk Drive - I leave this unchecked
- CDROM Drives - I check both of the options. Later, I comment out CDROM 2 until I actually want to use an ISO file as a CDROM
Hard Disk Drives
- I select 12GB and leave SCSI unchecked. I leave Disk #2 unchecked.
Sound and I/O-Ports Configuration
- Use all of the default settings
Click the ‘Create Virtual Machine’ button, and then save the zip file that it creates for you. Note that, even though I selected a 12GB hard drive, the output files come out to be about 7.4KB. The hard drive space doesn’t actually take up physical disk space until there are actually files there to occupy the space. You now have a virtual machine to install Windows XP onto.
Extract the zip file and then open up the .vmx file in your text editor. Find the following lines:
# Settings for the optional virtual CDROM, ISO-image
ide1:1.present = “TRUE”
ide1:1.fileName = “.iso”
ide1:1.deviceType = “cdrom-image”
ide1:1.mode = “persistent”
ide1:1.startConnected = “FALSE”
and comment that whole section out, so it looks like this:
# Settings for the optional virtual CDROM, ISO-image
#ide1:1.present = “TRUE”
#ide1:1.fileName = “.iso”
#ide1:1.deviceType = “cdrom-image”
#ide1:1.mode = “persistent”
#ide1:1.startConnected = “FALSE”
Save the file. Now we are ready to install Windows XP. Put your Windows XP CD in your CDROM drive, and then open the .vmx file with VMWare Player. The virtual machine will start its boot process, it will look just like a computer booting up with a BIOS post and everything else. As the BIOS is loading, click your mouse in the window and hit the ESC key to get to the boot options and tell it to boot from your CDROM. Note that if you want your cursor back, you have to press CTRL+ALT one time. The virtual machine should now be booting off of your CDROM and you can now install Windows XP the same way you would install it on a normal computer.
Once the installation is finished, you can zip up a copy of this virtual machine folder and re-extract it anytime you want to in order to return to this ’saved state’. So, once you install Windows XP once, you can save a backup copy of those files and should never have to reinstall it again. Instead you would just unzip a new copy.
One last consideration: VMWare Tools is an application that can be installed onto Windows XP inside of the virtual machine that makes the experience a whole lot nicer. For example, it improves the display resolution and also allows you to move your mouse in and out of Virtual Machine without having to click CTRL+ALT. VMWare Tools does not come with VMWare Player, however it does come with VMWare Server - one of their other free products. Here is how I get VMWare Tools set up in my virtual machine:
Download a copy of VMWare Server. Once it is downloaded, extract the files. The file that we want that contains VMWare Tools is in that directory in this folder path:
lib/isoimages/windows.iso
I have saved a copy of ‘windows.iso’ so that I have it whenever I need it. Now, we need to have our Windows XP virtual machine use this ISO file as a CDROM so that we can run the installer that the iso contains. Open your vmx file in a text editor again and find the section that we commented out previously:
# Settings for the optional virtual CDROM, ISO-image
#ide1:1.present = “TRUE”
#ide1:1.fileName = “.iso”
#ide1:1.deviceType = “cdrom-image”
#ide1:1.mode = “persistent”
#ide1:1.startConnected = “FALSE”
Uncomment the lines and change the fileName to match the path to where you have saved windows.iso:
# Settings for the optional virtual CDROM, ISO-image
ide1:1.present = “TRUE”
ide1:1.fileName = “/your/path/to/windows.iso”
ide1:1.deviceType = “cdrom-image”
ide1:1.mode = “persistent”
ide1:1.startConnected = “FALSE”
Save the file and then open it with VMWare Player. You will now notice an extra CDROM button at the top of the window. You can click that to enable this second CDROM (which is actually windows.iso). Windows should detect the CDROM and will either auto-launch the VMWare Tools installer, or you can navigate to the cdrom in Windows Explorer and start the installation from there. Once the installation is complete, shut down the virtual machine and then open the vmx file in a text editor and comment out those lines again until the next time you need to use an ISO as a CDROM. I usually back up a copy of my virtual machine once I have VMWare Tools installed along with all of the Windows Updates, etc.
That’s it, you can now run Windows XP as an appliation inside of Ubuntu. If I ever run across an oddball task that I can’t figure out how to do in Ubuntu, I just open up my VMWare session and do the task in there. This has eliminated the need for me to have to run a dual boot with Windows on my computer.
Ubuntu 7.04 - Protect your SSH server
SSH is a network protocol that allows establishing a secure connection between a local and a remote computer. You can install SSH server on your workstation and then have remote command line and Secure FTP (SFTP) access.
I use this command to install SSH server from the repositories:
$ sudo aptitude install ssh
By default, SSH server will run on port 22 and use standard username and password authentication. If you are behind a firewall, you will have to use some mechanism to allow traffic through that port if you want to access your machine remotely. I use port forwarding; I forward port 22 to the IP address of my workstation.
By opening up a port on your firewall, you now have a security concern. You need to come up with a way to keep the bad guys out while letting the good guys in. There are lots of methods to use to make your SSH server more secure, this is by no means a comprehensive list. That being said, here are a few methods that some people use:
Allow Known IP addresses with /etc/hosts.allow
If you know the IP addresses of all the machines that you want to allow access to your SSH server remotely, you can explicitly allow them using the /etc/hosts.allow file. This file does not exist by default in Ubuntu 7.04. To use this method, first create the /etc/hosts.allow and /etc/hosts.deny files:
$ sudo touch /etc/hosts.allow
$ sudo touch /etc/hosts.deny
Next, start by blocking ALL users from ALL services with /etc/hosts.deny:
$ sudo gedit /etc/hosts.deny
Add this lines:
ALL: ALL
Next, edit your hosts.allow file to allow the known IP address:
$ sudo gedit /etc/hosts.allow
Then add the IP address to the file and save it. For example, if the IP address from your office is 123.456.789.999, then create the entry like this:
# allow ssh login from my office
sshd: 123.456.789.999
Configured like this, all access attempts will be denied unless they originate from your office’s IP address.
Key Authentication
You can configure your SSH server so that it uses public keys for authentication instead of just username/password. Here are instructions on how to configure that.
Configure SSH server to run on a non-standard port
You can set up SSH server so that it runs on a port other than 22. This will thwart many of the less-than-tenacious attackers and zombie bots. So, for example, if you wanted to change your SSH server to run on port 1025, you would just make that change in the sshd_config file:
$ sudo gedit /etc/ssh/sshd_config
Change “Port 22″ to “Port 1025″. Then restart your SSH server:
$ sudo /etc/init.d/ssh restart
Remember, if you are behind a firewall, make sure you account for the port change there as well. Also, remember that when connecting to your server from a remote machine, you have to account for the port change in your login command:
$ ssh username@server -p 1025
DenyHosts
DenyHosts is a script that is intended to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks). This is a daemon that runs on your server and watches for failed authentication attempts. Once it sees a certain amount of failures from a particular IP address, it blocks that IP address by adding it to /etc/hosts.deny.
Here are the steps I use to install DenyHosts:
DenyHosts is written in Python, so make sure all of the Python packages that it depends on are installed:
$ sudo aptitude install python python2.3-dev python2.3
Download the DenyHosts package, the current release as of this post is available here. Download the .tar.gz file (DenyHosts-2.6.tar.gz).
Untar the file, then enter the folder with your terminal and run this command:
$ sudo python setup.py install
The next step is to configure the script. First, create the configuration files:
$ cd /usr/share/denyhosts
$ sudo cp denyhosts.cfg-dist denyhosts.cfg
$ sudo cp daemon-control-dist daemon-control
Edit denyhosts.cfg
$ sudo gedit denyhosts.cfg
The settings are well documented, so configure the settings according to your preferences. Here are some of the key operating system specific settings that you will need to know when setting up this file for Ubuntu 7.04:
SECURE_LOG = /var/log/secure
HOSTS_DENY = /etc/hosts.deny
LOCK_FILE = /var/run/denyhosts.pid
Also, you’ll see that there is a set of Syncronization settings in there. This script has the ability to send the list of IPs that you blocked up to a centralized server. It then keeps a running list of all the IPs that have been blocked by all the DenyHosts users and gives you the option to have all of those IPs automatically blocked by your server.
Next, edit daemon-control
$ sudo gedit daemon-control
The only thing you should have to modify in this file is DENYHOSTS_LOCK:
DENYHOSTS_LOCK = “/var/run/denyhosts.pid”
Next, we have to make sure that /etc/hosts.allow and /etc/hosts.deny exist. In Ubuntu Feisty 7.04, these files are not created during the initial installation. To create these files, do this:
$ sudo touch /etc/hosts.allow
$ sudo touch /etc/hosts.deny
Finally, we need to make sure DenyHosts runs automatically on startup. First, create a symbolic link in /etc/init.d:
$ cd /etc/init.d
$ ln -s /usr/share/denyhosts/daemon-control DenyHosts
I then use BUM (Boot Up Manager) to set DenyHosts to run on startup. If you don’t have bum installed, you can install it from the repositories like this:
$ sudo aptitude install bum
Open BUM by clicking System -> Adminstration -> BootUp-Manager. Look for DenyHosts in the list, check the box, then click Apply. You can check to see if DenyHosts is running with this command:
$ ps -ef|grep denyhosts.py
If you see a result that looks like this, then it is running:
root 12325 1 0 Apr20 ? 00:00:00 python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
Note - it appears that denyhosts is now in the repositories. I’m not sure how to configure the version from the repositories, or if its already pre-configured, I may look into that in the future.
Other Methods
There are lots of other methods you can use to make your SSH server more secure. If you are interested, a couple other methods you can research are Port Knocking and fail2ban (which is in the repositories).
Ubuntu 7.04 - How I set up Firefox
Here is a screenshot that shows the way I configure my Firefox toolbars, etc: (click the thumbnail for a larger image):
I use the Tiny Menu extension to condense Firefox’s main menu (File, Edit, View, etc) into one item so that I get that screen real estate back. I then drag my bookmarks up to the top row so that I can disable Firefox’s Bookmark Toolbar (again, gives me more screen real estate).
Sun Java and Adobe Flash
I install the Adobe (formerly Macromedia) Flash plugin and the Sun Java plugin from the repositories using aptitude:
$ sudo aptitude install sun-java5-plugin flashplugin-nonfree
Playing embedded video
I use the MediaPlayerConnectivity extension to automatically find all embedded videos and turn them into an icon that I can click to launch them into the video player of my choice (I use mplayer). I detailed how I installed mplayer and set up all of the codecs in this post.
My Favorite Extensions
Here is a list of the Firefox extensions that I use:
Adblock Plus
Ever been annoyed by all those ads and banners on the internet that often take longer to download than everything else on the page? Install Adblock Plus now and get rid of them.
Add Bookmark here
Allows you to add bookmarks to any folder in the bookmarks menu like in Opera.
Download Statusbar
Despite its compact size, Download Statusbar packs in more useful features than the standard download window. The fully customizable interface auto-hides when not in use, allowing full control without interruption.
DownloadThemAll
DownThemAll is all you can desire from a download manager: it features an advanced accelerator that increases speed up to 400% and it allows you to pause and resume downloads at any time.
MediaPlayerConnectivity
Allows you to launch embed video of website in an external application with a simple click.
Tab Mix Plus
Tab Mix Plus enhances Firefox’s tab browsing capabilities. It includes such features as duplicating tabs, controlling tab focus, tab clicking options, undo closed tabs and windows, plus much more. It also includes a full-featured session manager with crash recovery that can save and restore combinations of opened tabs and windows.
Tiny Menu
Replace the standard menu bar with a tiny menu popup.
Ubuntu 7.04 - Setting up MPlayer with codecs to play most types of video
MPlayer is my video player of choice. Here is how I install it and set up the codecs:
Install Mplayer from the repositories:
$ sudo aptitude install mplayer
Then, download the codecs package that MPlayer distributes from here. After you download and extract that file, copy the resulting ‘win32′ folder to ‘usr/lib’:
$ sudo cp -R win32 /usr/lib/
Now if you launch mplayer (or gmplayer), it should find those codecs and be able to play most videos.
To play videos embedded in web pages via Firefox, I use mplayer with codecs in conjunction with the MediaPlayerConnectivity extension for Firefox. This extension finds all embedded videos and replaced them with a shortcut that, when clicked, launches the video into your player of choice (mplayer).
Ubuntu 7.04 - Configure Microsoft Wireless Intellimouse Explorer 2.0
This post shows how to get the side buttons (back/forward) on the Microsoft Wireless Intellimouse Explorer 2.0 to work in Firefox in Ubuntu 7.04:
Edit xorg.conf
$ sudo gedit /etc/X11/xorg.conf
Find this section:
Section "InputDevice"
Identifier "Configured Mouse"
Driver "mouse"
Option "CorePointer"
Option "Device" "/dev/input/mice"
Option "Protocol" "ImPS/2"
Option "ZAxisMapping" "4 5"
Option "Emulate3Buttons" "true"
EndSection
and replace it with this:
Section "InputDevice"
Identifier "Configured Mouse"
Driver "mouse"
Option "CorePointer"
Option "Device" "/dev/input/mice"
Option "Protocol" "ExplorerPS/2"
Option "Buttons" "7"
Option "ZAxisMapping" "4 5"
Option "ButtonMapping" "1 2 3 6 7"
EndSection
Save the file. Next time you restart Gnome, your back/forward mouse buttons should work in FireFox. You can restart Gnome by pressing CTRL+ALT+Backspace on your keyboard, or by running this command in terminal:
$ sudo /etc/init.d/gdm restart
Ubuntu 7.04 - Software that I install right away
Ubuntu and its community maintain servers full of software applications that are all compiled to be used in the Ubuntu operating system. These servers are called repositories. Instead of having to go out onto the internet and search for the application that you want, you can simply search for it in the repositories and then install it right from there.
There are several ways to install software from Ubuntu’s software repositories. There are GUI tools, like Synaptic, as well as command line tools like apt and aptitude. I prefer to use aptitude. The reason why I like aptitude is because when you install software from the repositories with it, it keeps track of all the dependencies that were needed for that installation and then removes those dependencies automatically if they are no longer needed after you uninstall the application. The other tools may do this as well, but aptitude is the one I have the most experience with and am most comfortable with.
I generally use the ‘apt-cache’ command to search the repositories, and then use aptitude to install the package once I find it. For example, if I wanted to install the BitTorrent client called Azureus, I would search the repositories for it:
$ apt-cache search azureus
That command would return a response like this:
azureus - BitTorrent client
azureus-gcj - BitTorrent client (native code)
So, I see that the package that I want to install is just called ‘azureus’. I would then install it with this command:
$ sudo aptitude install azureus
That’s it! It automatically installs it, and then I’m ready to go. Once the installation finishes, I would launch it by clicking the Gnome Application menu, then Internet, then Azureus.
So, now that you’ve had a brief introduction to how Ubuntu’s software repositories work, here is a list of the software packages that I install right away on a fresh Ubuntu installation:
bum - Boot Up Manager, graphical runlevel editor that helps you control the ’services’ that start when you start your machine
build-essential - a package of various compilers that are needed when installing certain applications, etc
nvidia-glx - the 3d NVidia driver for my video card
msttcorefonts - Microsoft native fonts, such as Arial, Comic Sans, etc. These fonts are used by various web pages, etc
ssh - Secure shell client and server, I use ssh to access my machine from work. It gives me both command line access as well as FTP-style access via SCP
gaim-extendedprefs - a plugin for GAIM that gives it more functionality, like hiding the buddy list automatically on sign-on
fast-user-switch-applet - Applet used to switch between user accounts
beep-media-player - a nice MP3 player, basically a Winamp clone
mail-notification - an applet that sits in your notification area and lets you know when you have new mail
unrar - adds the ability to handle rar files to the Gnome archive manager
par2 - utility to handle parity files
wine - Microsoft Windows Compatibility Layer, you can install and use some Windows applications with this
mpg123 - package needed to allow you to preview an MP3 file by holding your mouse over it
xchat - IRC client
xchat-systray - a plugin that allows you to minimize xchat to your notification area
mplayer - my favorite movie player
vmware-player - allows you to run VMWare images
gftp - FTP client
soundconverter - converts FLAC (and others) to MP3 (and others)
xinetd - replacement for inetd with many enhancements, needed for some applications
frozen-bubble - the best game ever?
neverball - the second-best game ever?Various Codecs for multimedia playback:
gstreamer0.8-plugins
gstreamer0.8-lame
gstreamer0.8-ffmpeg
lame
sox
ffmpeg
mjpegtools
vorbis-tools
gstreamer0.10-plugins-ugly-multiverse
So, above I have listed 31 software packages that I install right off the bat in a new Ubuntu installation. Sounds like a lot of work…but it’s not! I install all 31 of these applications in one step using the following command that I keep saved in a text file:
$ sudo aptitude install bum build-essential nvidia-glx msttcorefonts gstreamer0.8-plugins gstreamer0.8-lame gstreamer0.8-ffmpeg lame sox ffmpeg mjpegtools vorbis-tools ssh frozen-bubble gaim-extendedprefs fast-user-switch-applet beep-media-player mail-notification unrar par2 wine neverball mpg123 xchat xchat-systray mplayer vmware-player gftp gstreamer0.10-plugins-ugly-multiverse soundconverter xinetd
That command goes out and finds each one of those application and installs it automatically on my machine. Once that command finishes running, all of those applications are then available for me to use.
Ubuntu Feisty Fawn 7.04 - My Initial Installation
I just completed my initial installation of Ubuntu Feisty Fawn 7.04. I used the standard i386 Live CD desktop installer (ubuntu-7.04-desktop-i386.iso).
The only thing that I do which is a little different than a standard installation is I keep my /home directory on its own partition. The reason I do this is because all of my configurations and personal files are in my HOME folder, and keeping it on its own partition allows me to reinstall Linux whenever I want to (rarely) with minimal extra file backup needed beforehand.
I was running Ubuntu Edgy prior to this installation of Ubuntu Feisty. I have two user accounts set up on this machine. I prefer to do fresh installs of new versions of the OS as opposed to using APT to upgrade the OS. I also like to have my user account recreated, and then import my files and settings from my old home folder as needed. So, in order to get my existing home folders out of the way for the new installation (but also keep the existing files intact), I opened Gnome Terminal and did the following:
$ cd /home
$ sudo mv <USER1> <USER1>.old
$ sudo mv <USER2> <USER2>.old
I replaced <USER1> with my username and replaced <USER2> with my wife’s username. Once I finished executing those commands, I rebooted the machine and booted off of the Ubuntu 7.04 Live CD installer.
After the machine finished booting from the CD, I started the installer via the shortcut on the desktop. I went through each screen entering the appropriate information at the prompts (language, my name, my username, etc). I did a typical install up until the part of the installation that handles partitioning the hard drive. I have a 250 GB hard drive, my partitions are set up like this:
/ 23622 MB
swap 2146 MB
/home 203748 MB
free 21476 MB
I keep about 20 GB of free space on the drive, just in case I ever need to dual boot with another operation system.
During the install, I set the mountpoint of the first partition to ‘/’ and told it to format this partition. The ’swap’ partition was already set to swap and ready to go. I set the mount point on the third partition to ‘/home’ and was sure to tell it NOT to format this partion (so I wouldn’t lose my old home folders that I renamed).
From this point, I continued through the rest of the installation screens normally. The Live CD installer is nice because you can play games like Free Cell while your installation is completing (if you don’t have anything better to do).
The installation completed without any hitches. I rebooted my computer and logged into my new Ubuntu Feisty Fawn 7.04 installation. I then proceeded to move some of my backed-up files and configurations from my old folder into my new folder like this:
$ cd /home/<USER1>.old/
$ mv <folder1> <folder2> <folder3> ../<USER1>/
(replaced <USER1> with my username)
So, that’s where I stand right now. The repositories are very slow right now because so many people are installing Ubuntu 7.04 like I am, creating a heavy load on the servers. That being said, I may wait a bit before I move on to my next step of installing my applications, codecs, etc. My next post will detail how I go about installing codecs for MP3, DVD capability, as well as applications that I commonly use.
