Setting up MultiTech LoRaWAN gateway on Ubuntu

As the convener for the Adelaide community of The Things Network, I am frequently setting up Multitech Conduit Gateways. Depending on your PC or notebook hardware you might have some problems with the Exar USB-UART driver on Linux.

Here are the steps to getting this unit setup from an Ubuntu (should work for any other Linux distro) machine.

lsusb

Should show something like this:

Bus 002 Device 006: ID 04e2:1410 Exar Corp. XR21V1410 USB-UART IC

Download the driver for the Exar site: https://www.exar.com/design-tools/software-drivers

unzip xr_usb_serial_common_lnx-3.6-and-newer-pak.zip
cd xr_usb_serial_common_lnx-3.6-and-newer-pak
make
sudo insmod ./xr_usb_serial_common.ko

Ensure driver is loaded at startup

sudo vim /etc/modules
#Add the following
xr_usb_serial_common

ls /dev/tty*

should now show another USB port ttyXRUSB0

For the rest you just need to follow the excellent instructions by Jac Kersing who maintains the Multitech TTN installer and documentation here:
https://www.thethingsnetwork.org/docs/gateways/multitech/mlinux.html

Get EUI of your gateway

mts-io-sysfs show lora/eui 2> /dev/null | sed 's/://g'

Moving to KVM virtual machines

Installing VirtualBox is getting increasingly painful on Ubuntu due to the problems with UEFI Secure Boot and the VirtualBox kernel modules. Another reason for an alternative is that running VirtualBox VM’s completely in the background is not as straightforward as it could be.

From the available alternatives I looked into (VMWare, Xen & KVM) it was KVM that fitted my needs (casual VM usage with mostly headless VM’s for testing purposes). Main reasons:

  • Well supported by Ubuntu
  • Easy, straightforward install
  • Background VM’s are simple as
  • Moving VM’s from one host to another is a breeze

Checking system

To check if the CPU can actually support

egrep -c '(svm|vmx)' /proc/cpuinfo

If the number returned is > 0 your systems should be capable to run.

You will also enable your BIOS for virtualisation (in Security settings of most BIOS’s) if that has not already be done. You will get an error if not enabled if you are trying to run an install. The Install of KVM will work fine.

Installation

sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager
sudo addgroup libvirtd
sudo adduser libvirtd
sudo service libvirtd start
sudo service libvirtd status
sudo virt-manager

Moving VM’s to another host

Source Host

virsh shutdown VMNAME
virsh dumpxml VMNAME > /tmp/VMNAME.xml
scp /tmp/VMNAME.xml TARGETHOST:/tmp/VMNAME.xml
scp /var/lib/libvirt/images/VMNAME.qcow2 TARGETHOST:/var/lib/libvirt/images/VMNAME.qcow2

Target Host

virsh define /tmp/vm.xml
virsh start vm

Once you have confirmed operation you probably want to remove the source VM from the Source Host.

virsh undefine VMNAME
rm /var/lib/libvirt/images/VMNAME.qcow2

Display your Flickr Favourites as Screensaver Slideshow

Install XScreenSaver and remove Gnome default

sudo apt remove gnome-screensaver
sudo apt install xscreensaver xscreensaver-gl xscreensaver-gl-extra

Run the Screensaver UI and configure

In the “Advanced” section enter your Flickr RSS URL in “Choose Random Image”

XScreenSaver Ui
XScreenSaver Ui

https://api.flickr.com/services/feeds/photos_faves.gne?id=YOURFLICKRUSERID #replace with your Flickr User ID

Create a systemd user service to autostart

mkdir -p ~/.config/systemd/user/
vim ~/.config/systemd/user/xscreensaver.service

Past the following
[Unit]
Description=XScreenSaver
[Service]
ExecStart=/usr/bin/xscreensaver -nosplash
[Install]
WantedBy=default.target

Start and enable systemd user service

systemctl --user enable xscreensaver
systemctl --user start xscreensaver

To copy the settings (including RSS URL) onto other PC’s or re-install it might be a good idea to backup or copy the contents of ~/.xscreensaver

ChromeOS – removing SSH known_hosts from Chromebook

One of the things that is not implemented in the Secure Shell Chrome extension is the ability to remove know_host fingerprints which alert you if the fingerprint for a specific IP address has changed.

However there are times when you upgrade a systems and this need to be done.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
d6:be:12:7e:22:23:c3:e1:56:30:d6:cd:65:b7:ab:42.
Please contact your system administrator.
Add correct host key in /.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /.ssh/known_hosts:7
ECDSA host key for xxxxxxxxxxxxx.yyy.au has changed and you have requested strict checking.
Host key verification failed.
NaCl plugin exited with status code 255.
(R)econnect, (C)hoose another connection, or E(x)it?

Here is how to remove a known host fingerprint (from known_hosts) on a Chromebook.

You can find the index of the offending host entry reported by ssh if the connection fails (see above: “Offending ECDSA key in /.ssh/known_hosts:7”). Then you can open the JavaScript console (CTRL +Shift +J) and type the following into the console.

term_.command.removeKnownHostByIndex(INDEX);
Replace INDEX with the number obviously.

To clear all the known hosts:
term_.command.removeAllKnownHosts();

Ubuntu 14.04 Webmin Install from PPA

On remote systems sometimes a web-based tool can be very handy. Webmin is such a tool that has been well maintained for decades. To install quickly on a Ubuntu Server without having to manage dependencies and keeping it updated as part of normal OS update operations installing from a PPA Repo is handy.

sudo echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list
wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
#OpenSuse Repo Key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 977C43A8BA684223
sudo apt-get update
sudo apt-get install webmin

After this you should be able to connect to your webmin instance on port 10000

https://hostname:10000

Security note: I would never allow direct access to Webmin on a remote server but rather tunnel port 10000 over SSH !

Simple conky system monitor configuration

Just a quick note on install and configuration of Conky.

Conk Screenshot

Installation

sudo apt-get install conky conky-all hddtemp curl lm-sensors
sudo chmod u+s /usr/sbin/hddtemp
sudo sensors-detect

vim ~/.conkyrc

This is the content of my config file.

use_xft yes
xftfont Ubuntu Condensed:size=9
xftalpha 0.8
override_utf8_locale yes
update_interval 5.0
total_run_times 0
own_window yes
own_window_transparent no
own_window_argb_visual yes
own_window_argb_value 155
own_window_colour 081100
own_window_type normal
own_window_class conky-lgaggl
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager
#background yes
#out_to_console no
double_buffer yes
#max_user_text 32768
minimum_size 300
draw_shades no
draw_outline no
draw_borders no
draw_graph_borders yes
default_shade_color black
default_outline_color white
default_bar_size 150 5
default_gauge_size 20 20
imlib_cache_size 0
draw_shades no
alignment middle_right
gap_x 15
gap_y 15
border_inner_margin 10
no_buffers yes
uppercase no
cpu_avg_samples 2
override_utf8_locale no
default_color ffffff
color1 ffffff
color2 cccccc
color3 000000
color4 FFAA00

TEXT
${font UbuntuBold:bold:size=11}${color4}Info ${color2}${hr 2}${font}
${color1}Date ${alignr}${color2}${time %a,}${color}${time %e %B %G}
${color1}Time ${alignr}${color}${time %T}

${font UbuntuBold:bold:size=11}${color4}System ${color2}${hr 2}${font}
${color1}Hostname ${alignr}${color}${nodename}
${color1}${sysname} ${alignr}${color}${kernel}-${machine}
${color1}CPU ${alignr}${color}${freq_g}GHz
${color1}Loadaverage ${alignr}${color}${loadavg 1} ${loadavg 2} ${loadavg 3}
${color1}Uptime ${alignr}${color}${uptime}
${color1}Cpu Temperature ${alignr}${color}${acpitemp}C

${font UbuntuBold:bold:size=11}${color4}Processors ${color2}${hr 2}${font}
${color1}Core 1 ${alignr}${color}${cpu cpu1}% ${cpubar cpu1}
${color1}Core 2 ${alignr}${color}${cpu cpu2}% ${cpubar cpu2}
${color1}Core 3 ${alignr}${color}${cpu cpu3}% ${cpubar cpu3}
${color1}Core 4 ${alignr}${color}${cpu cpu4}% ${cpubar cpu4}

${font UbuntuBold:bold:size=11}${color4}Memory ${color2}${hr 2}${font}
${color1}Memory ${color}${alignr}${memeasyfree} / ${memmax}
${color1}Currently ${color}${alignr}${memperc}% ${membar}

${font UbuntuBold:bold:size=11}${color4}Filesystem ${color2}${hr 2}${font}
${color1}/ ${color}${alignc}${fs_used /} / ${fs_size /} ${color}${alignr}${fs_free_perc /} %
${color}${fs_bar 5,300 /}

${font UbuntuBold:bold:size=11}${color4}Networking ${color2}${hr 2}${font}
${if_existing /proc/net/route wlan0}${color1}Ip ${color}${alignr}${addr wlan0}
${color1}AP ${color}${alignr}${wireless_essid wlan0}
${color1}Signal ${color}${alignr}${wireless_link_qual_perc wlan0}${wireless_link_bar 10,100 wlan0}
${color1}Download ${alignr}${color}${downspeed wlan0}${downspeedgraph wlan0 10,100}
${color1}Upload ${alignr}${color}${upspeed wlan0}${upspeedgraph wlan0 10,100}
${color1}Total Down/Up ${alignr}${color}${totaldown wlan0}${color1}/${color}${totalup wlan0}
${else}${if_existing /proc/net/route eth0}${color1}Ip ${color}${alignr}${addr eth0}
${color1}Download ${alignr}${color}${downspeed eth0}${downspeedgraph eth0 10,100}
${color1}Upload ${alignr}${color}${upspeed eth0}${upspeedgraph eth0 10,100}
${color1}Total Down/Up ${alignr}${color}${totaldown eth0}${color1}/${color}${totalup eth0}${endif}${endif}

${font UbuntuBold:bold:size=11}${color4}Weather ${color2}${hr 2}${font}
${color1}Temperature ${alignr}${color}${weather http://weather.noaa.gov/pub/data/observations/metar/stations/ YPAD temperature} ${iconv_start UTF-8 ISO_8859-1}° ${iconv_stop}C
${color1}Humidity ${alignr}${color}${weather http://weather.noaa.gov/pub/data/observations/metar/stations/ YPAD humidity} %
${color1}Cloud Cover ${alignr}${color}${weather http://weather.noaa.gov/pub/data/observations/metar/stations/ YPAD cloud_cover}

${font UbuntuBold:bold:size=11}${color4}Top Processes ${color2}${hr 2}${font}
${color1}${top name 1} ${alignr}${color}${top cpu 1} ${top mem 1}
${color1}${top name 2} ${alignr}${color}${top cpu 2} ${top mem 2}
${color1}${top name 3} ${alignr}${color}${top cpu 3} ${top mem 3}
${color1}${top name 4} ${alignr}${color}${top cpu 4} ${top mem 4}
${color1}${top name 5} ${alignr}${color}${top cpu 5} ${top mem 5}

Note: if you want to use this config file you want to at least change the METAR code (YPAD in my case) with one closer to you – see http://www.rap.ucar.edu/weather/surface/stations.txt.

Autostart config

vim ~/.config/autostart/conky.desktop

This is the content of my config file.

[Desktop Entry]
Type=Application
Exec=/usr/bin/conky
Hidden=false
NoDisplay=false
X-GNOME-Autostart-enabled=true
Name[en_AU]=Conky
Name=Conky
Comment[en_AU]=Conky System Monitor
Comment=Conky System Monitor

Sources

Enabling the watchdog timer on the Raspberry Pi

Turns out that the Broadcom BCM2708 chip on the RPi has a hardware watchdog. This can be very useful if your RPi is located remotely and locks up. However, this would not the preferred method of restarting the unit and in extreme cases this can result in file-system damage that could prevent the RPi from booting. If this occurs regularly you better find the root cause of the problem rather than fight the symptoms.

Enable Watchdog Kernel Module

echo 'bcm2708_wdog' >> /etc/modules
sudo modprobe bcm2708_wdog

Install Watchdog Daemon

sudo apt-get install watchdog chkconfig
chkconfig watchdog on
sudo /etc/init.d/watchdog start

sudo vim /etc/watchdog.conf
# Uncomment the line watchdog-device = /dev/watchdog
# You might also want to uncomment max-load-1, or add something like "max-load-1 = 24" to reset your Pi if the load average exceeds 24 in any 1-minute span.

sudo /etc/init.d/watchdog restart

The watchdog daemon will send /dev/watchdog a heartbeat every 10 seconds. If /dev/watchdog does not receive this signal it will brute-force restart your Raspberry Pi.

If you are feeling adventurous you can test the setup by launching one of the fork-bombs you can find out there. Just make sure you don’t have anything of importance running.
: (){ :|:& };:

Thanks to gadgetoid for the original tip !