SShuttle – quick and temporary VPN over SSH

Every once in a while you find a gem. One of these for me is SShuttle – until now I have not known about this one.

Sometimes you need to quickly forward all your traffic via a remote server quickly. And while you can do all of this manually using OpenSSH it’s not a quick one-step process (https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding). Dynamic SOCKS5 proxies are great if all you need is browser traffic, but there is always software that won’t play ball with SOCKS.

Use-case: I just been trying to get Ubuntu Make to install Eclipse IDE and the local AARNET download mirror is just refusing to cooperate (https://github.com/ubuntu/ubuntu-make/issues/90). A quick forward to a remote VPS fixed the issue without headaches

Install

sudo apt-get install sshuttle

Run

sshuttle -r username@servername.tld 0.0.0.0/0 -vv

That’s all – it sets up routing & iptable rules transparently and removes them after use. Kudos goes to https://github.com/apenwarr – thank you. A VERY useful utility !!!

Source link: https://github.com/apenwarr/sshuttle

Barebone Ubuntu 14.04 Cloud Desktop

Since I have found some issues with my previous LXQT setup in real-life work I decided to fall back to standard Lubuntu for my cloud desktop. As part of this I also switched to TightVNC which seems a lot easier to configure.

Add local user account

adduser USERNAME
adduser USERNAME sudo

Install Lubuntu Desktop

sudo apt-get install --no-install-recommends lubuntu-desktop tightvncserver

TightVNC Configuration

sudo vim /etc/lightdm/lightdm.conf

#
# VNC Server configuration
#
# enabled = True if VNC connections should be allowed
# port = TCP/IP port to listen for connections on
#
[VNCServer]
enabled=true
port=5900
width=1366
height=768
depth=24

sudo /etc/init.d/lightdm restart

Connect to the remote system

ssh -L 5900:localhost:5900 -i /path/to/your/aws/keyfile.pem YOUR.EC2.IP.ADDRESS

tightvnc

 

If you are using a Chromebook then this article might help.

Ubuntu 14.04 Amazon EC2 Cloud Desktop using LXQT

Using Amazon EC2’s free usage tier to host your own cloud desktop is a very economical way to to have a desktop at hand anytime you can not be near one. Since I quite often use Chromebooks these days when on the road this is a particular handy way should I need a full desktop for certain tasks.

Since Ubuntu 14.05 is my default desktop on my normal hardware I obviously want to have my cloud desktop running the same underlying OS. However I don’t think running Unity as the desktop interface would be appropriate via a low-bandwidth remote desktop connection. For this reason I chose LXQT. If you need total stability you probably should go for the more mature LXDE instead, but I have already tried LXQT on an old EEE PC and was very impressed by the speed and low resource usage.

NOTE (Edit: 2014-11-03): Please find an updated (and easier) version of this blog here. I was experiencing some issues with LXQT (which is understandable as it clearly states that it is not a release version)

Provision Ubuntu 14.04 LTS EC2 Instance

EC2 Choose Image

Instance details

  1. Connect to AWS Console and go to EC2 Service
  2. Choose OS Image: “Ubuntu Server 14.04 LTS” (see screenshot)
  3. Choose a “Micro Instance” if you want to use Amazon’s Free Usage Tier
  4. Choose Instance details – the defaults will generally be fine
  5. Add Storage (I generally add a separate Volume for /home but default should do)
  6. Tag instance (just give it a name to that makes sense to you in the console if you have more than one)
  7. Configure Security Group – I only set SSH which is the default (see Firewall config below). Add any other ports needed
  8. Review & Launch the instance. You need to choose your RSA Access Keys in this step. If you haven’t got any and download. DO NOT LOOSE the private keys or you will not be able to connect.

Setup Desktop & VNC

Connect via SSH to the EC2 Instance you just created (using the IP in the control panel and your RSA Key)

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:lubuntu-dev/lubuntu-daily
sudo add-apt-repository ppa:gilir/q-project
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install lxqt-metapackage lxqt-panel vnc4server

Start VNC server under the desired user account. This will create the desired configuration files. Kill after the startup process is finished.

vncserver
#after successful start
vncserver -kill :1

Edit xstartup files

vim ~/.vnc/xstartup
Paste the following:
#!/bin/sh
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
exec openbox-session &
startlxqt &
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#x-window-manager &

Create startup script

sudo vim /etc/init.d/vncserver
Paste the following:
#!/bin/bash
### BEGIN INIT INFO
# Provides: vncserver
# Required-Start: $syslog
# Required-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: VNC Server Startup Script
# Description: Author: Leo Gaggl (www.gaggl.com)
### END INIT INFO
unset VNCSERVERARGS
VNCSERVERS=""
[ -f /etc/vncserver/vncservers.conf ] && . /etc/vncserver/vncservers.conf
prog=$"VNC server"
start() {
. /lib/lsb/init-functions
REQ_USER=$2
echo -n $"Starting $prog: "
ulimit -S -c 0 >/dev/null 2>&1
RETVAL=0
for display in ${VNCSERVERS}
do
export USER="${display##*:}"
if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
echo -n "${display} "
unset BASH_ENV ENV
DISP="${display%%:*}"
export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
su ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
fi
done
}
stop() {
. /lib/lsb/init-functions
REQ_USER=$2
echo -n $"Shutting down VNCServer: "
for display in ${VNCSERVERS}
do
export USER="${display##*:}"
if test -z "${REQ_USER}" -o "${REQ_USER}" == ${USER} ; then
echo -n "${display} "
unset BASH_ENV ENV
export USER="${display##*:}"
su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
fi
done
echo -e "\n"
echo "VNCServer Stopped"
}
case "$1" in
start)
start $@
;;
stop)
stop $@
;;
restart|reload)
stop $@
sleep 3
start $@
;;
condrestart)
if [ -f /var/lock/subsys/vncserver ]; then
stop $@
sleep 3
start $@
fi
;;
status)
status Xvnc
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
exit 1
esac

Mark the startup script as executable and create the config file for the startup script.
sudo chmod +x /etc/init.d/vncserver
sudo mkdir /etc/vncserver
sudo vim /etc/vncserver/vncservers.conf

Paste the following:
VNCSERVERS="1:USERNAME"
VNCSERVERARGS[1]="-geometry 1024x768"

update-rc.d vncserver defaults 99

Start the VNC Server

sudo /etc/init.d/vncserver start

Firewall configuration

By default VNC will use port 9501 (and subsequent ports for each session). Since VNC password authentication is generally very weak I personally do not expose this port through the firewall. I use SSH port forwarding to tunnel the VNC port through SSH (encrypted) which means only the SSH port is open and can be properly secured.

ssh -L 5901:localhost:5901 -i /path/to/your/aws/keyfile.pem YOUR.EC2.IP.ADDRESS

You should then be able to access VNC via localhost:

VNC Viewer

Hopefully you should see the LXQT Desktop:

Ubuntu LXQT

 

If you want to access this from a Chromebook this blog might help.

Jitsi Ubuntu VoIP SIP Client

The latest instalment in my never-ending quest to find a decent SIP client (see Ubuntu SIP I & Ubuntu SIP II) I came across JITSI (http://jitsi.org/). Since the website looked very interesting and the project seems very well maintained (http://jitsi.org/index.php/Main/Screenshots) I decided to give it a go.

The installation is a breeze with a Ubuntu/Debian package available and the installation also adds the repository to keep the package up to date.

http://download.jitsi.org/jitsi/debian/

After a few test calls it seems to work very well. The UI is much more intuitive than comparable Ubuntu clients. Looks I found my new default client – nice job Jitsi Team.

 

Co-working in Australia

After reading an excellent article by Brad Reed on Network World (this seems to be the online version: Co-working: the ultimate in teleworking flexibility),�I finally got motivated enough to do some more research about this�phenomenum in the two places of interest to me (Austria and Australia)�as well as write a quick entry about this.

The whole co-working concept has been interesting me ever since it started, but the organisational issues associated with starting such a�venture (and as with everything else – a lack of time) have always�prevented any serious attempt to actually move in this direction. But�after reading some of the examples in the above mentioned article and�doing some further research I am starting to warm to the idea again.

Some interesting case studies

Activity in Australia

After some quick online research there appears to be some activity�also in Australia although things seem to be still very much in their�infancy. Most of the activity seems to be happening in Canberra, Perth,�Syndey and Melbourne (in order of ‘online’ activity). �Andy Howard in�Sydney has an interesting post on his site and� fellow software developers describes the situation in Perth and Canberra. It seems (not surprisingly) that most people interested in co-working are in ICT related industries.

Unfortunately so far I have not seen any activity in South Australia. I�would have a few locations in mind in the Adelaide CBD (as I have�rented there before in a previous life), however I don’t have the�capacity to take on the administrative effort at this stage. If anybody�in the vicinity of Adelaide (South Australia) is interested in pooling
some resources to get a similar project off the ground please just us�the contact section of this site or leave a comment.

The rather unfortunate thing (compared to Europe) is that co-working�does not even seem to be on the radar for any Government (or�semi-Goverment) Agency involved in the provision of support to emerging�businesses. I have recently visited a coworking space in Austria�sponsored by the local Chamber of Commerce (Wirtschaftskammer) and I�found it a rather good investment of funds seeing the activit and buzz�around the place.