Linux.com

Home Linux Community Community Blogs

Community Blogs



Exciting New Terminal Emulators

Even though Terminator meets all my needs, I am always on the look out for new terminal emulators that might offer a different way of working. In this article, I explore three new terminal emulators. Each of these open source applications are a long way from the finished article. The software featured here are not stable, not feature complete, and should not be used in a production environment. But they have real potential.

<A HREF="http://www.linuxlinks.com/article/2014080911395451/TerminalEmulators.html">Read on</A>

 

What is Web signage?

signage graphicWhat is Web signage? It's the future of signage aka DOOH. Powered by Linux.

Allow me to explain.

First generation sign - Static

An etching on a cave wall, to a flashing Neon sign. These are static signs usually fixed to a particular location. Their often cumbersome to replace, though are pretty simple and reliable.

Second generation sign - Digital

Using usually a standard TV screen, a series of images are displayed in rotation or a video is simply looped. Some televisions are capable of being programmed to become a sign, simply by inserting a USB stick. Most solutions sadly fail to provide a polished out of the box solution for this use case, requiring someone to setup the DVD player or re-configure the software on the "SMART TV", every single time that device is power cycled or fails. Awkward.

Even though most "SMART TV"s are powered by Linux, typically TV manufacturers provide no documentation or way to modify the existing software to stream line this relatively simple use case. Which is a shame.

This generation of signage is where we are mostly at the moment. Advertisers like this as they can convey "experiences" well with short clips, sometimes with an annoying sounded message, in rotation. They are usually easy to update, but often they are not for hours at a time, since most of them use a USB stick as their source which manually needs to be swapped out.

Third generation sign - Internet powered

There are many players in the "DOOH" industry vying for your custom, peddaling their own proprietary systems that lock customers onto their particular platform, e.g. BrightSign or Harris are leading examples.

You can recognise these locked in systems easily because they are not Web powered or confusingly embrace and extend the Web.

There are even "opensource" platforms to create signage content, but since they do not use Web standards to layout the content, they should be avoided, as they are effectively locking you into their format only they control.

Note that all you need to configure a proper Web signage operating system is a URL. So switching between Web signage players should be even easier than switching between Chrome & Firefox today.

There are a couple of major stumbling blocks to Web signage, the first being that many advertisers and "DOOH" content producers are really quite poor at creating and managing Web content with information.

The second is that the "Web sign" playback devices are typically clumsily put together boxes running a full screen browser, with no "polish".

I don't have quick solutions to offer for the first problem, though for the second problem, one solution is Webconverger Neon.

It runs Linux. It's opensource It supports a wide range of hardware. It's stable. It keeps the browser upto date, supporting the latest standards like the Web Video Text Tracks Format.

Furthermore Webconverger Neon is polished, if it fails in often hostile outdoor environments, such as a hardware issue of loss of connectivity, it defaults to a black screen. No silly network can't be found messages. No blue screens. No modal dialog boxes. And then network/hardware is restored, it lights back up as best it can as it's retrying in the background.

As for networked Web signage itself, information can be delivered as fast as a Web page takes to load. Images, videos and other HTML useful technologies such as caching can be used to deliver useful information. Just like your favourite Web application.

 

Hitech-Cloud Hosting Services Sharpening Its Peculiarities on Application Hosting

With the rise of cloud technology, most of the business houses have been seen taking the advantage of this technology. Owing to the rising importance of cloud computing, Hitech-cloud hosting solutions has recently launched application hosting services which is a part of cloud-computing.

According to the research done by the company on 100 small and  medium sized businesses in Texas, United States, 85 percent of the companies outsource application hosting to a hosting service provider, owing to high cost of maintaining IT infrastructure.

Most of the applications used by these companies were Quickbooks, Peachtree, Drake, and Lacerte. On asked, "Why are they opting for Application Hosting services?” The answer from most of the respondents was, hosting application has many advantages like it allows multiple users, to use the same application at the same time, it reduces cost of setting IT infrastructure and also reduces extra manpower.

Mr. Harry Lawrence, Service designer and IT head of Hitech-cloud said " Application hosting technology is a  blessing to all the medium and small sized businesses who cannot afford the high cost of maintaining heavy IT infrastructure, whereas on the other hand, they can outsource the services on minimum payment of monthly rent"

Hitech-cloud hosting services has made a sound revolution by ensuring best quality in its services that helps in boosting the profits of the clients. On the basis of the research made on the 100 companies, the company is coming up with a journal, titled “Application hosting increasing the productivity of small businesses” which will be published shortly. The company is really looking forward to materialize the research and enlighten other companies about the benefits of application hosting. The company strongly believes that its initiatives will be very helpful for small and medium sized business. Through its website called hitech-cloud.com, which was launched in the year 2012, the company is offering better services related to cloud computing.

 

Top 10 Best Open Source Softwares that Rocks World Wide Web

Top 10 Open Source Softwares that Rocks World Wide Web

Open-source software is also called as OSS, which is a computer software program designed and deployed with its source code made available and licensed with a free license in which the copyright holder provides the rights to an anonymous entity for any purpose. People using OSS can distribute the software to anyone and for any purpose because Open-source software is very often developed in a public, collaborative manner. Open-source software is the most prominent example of open-source development and often compared to (technically defined) user-generated content or (legally defined) open-content movements.

The top Five reasons why individuals or organizations choose open source software are:

1) Lower cost,

2) Security,

3) No vendor 'lock in', and

4) Better quality

5) Transparency

The Open source code modification, redistribution of open-source software reserved under copyright holder according to copyright law. GNU General Public License (GPL), is a good example of it which allows free distribution under the same license for  its free usage. Software licenses grant rights to users, which would otherwise be reserved by copyright law to the copyright holder. Among thousands of  Open source software projects these 10 Open Source Softwares  listed below are the most important and valuable. These are rare software product that has no alternatives and must require.

1) Linux kernel

The Linux kernel is a prominent example of free and open source software. It is a Unix-like operating system released under the GNU General Public License version (GPLv2). Linux wasn't the first open source software project, but it was the powerful community developed by contributors worldwide. The Linux kernel is used by a variety of operating systems based on it, which are usually in the form of Linux distributions. The popularity of Linux Kernel rapidly accumulated developers and users who adopted code from other free software projects for use with the new operating system.

2) GNU Utilities and Compilers

The GNU Project is the flagship of the free software movement and Compiler Collection, which is also named as GNU Compiler Collection (GCC) which is developed by the GNU Project supporting various programming languages. The Free Software Foundation (FSF) distributes GCC under the GNU General Public License (GNU GPL), which is the source of an amazing variety of tools and utilities that, when combined with the Linux kernel, provide a complete operating system.

With the Linux kernel, the GNU utilities and the GNU Compiler Collection make up the holy trinity of the Linux world. As well as being the official compiler of the unfinished GNU operating system, GCC has been adopted as the standard compiler by most other modern Unix-like computer operating systems, including Linux and the BSD family. Versions are also available for Microsoft Windows and other operating systems. GCC is also available for most embedded platforms, including Symbian (called gcce),[6] AMCC, and Freescale Power Architecture-based chips. It is named the GNU C Compiler, because it only handled the C programming language and the compiler was extended to compile C++ in December of that year 1987.

3) Ubuntu

Ubuntu is a Debian-based Linux operating system developed to increase usability and ease of use.  Ubuntu is a free software and named after the Southern African philosophy of Ubuntu (literally, "humanness"), which often is translated as "humanity towards others" or "the belief in a universal bond of sharing that connects all humanity". Ubuntu is the first choice of novice users and PC sellers because its free and no need to pay fees. The Ubuntu project is publicly committed to the principles of open source development; people are encouraged to use free software, study how it works, improve upon it, and distribute it.

According to some metrics, Ubuntu is the most popular desktop Linux distribution. Ubuntu comes installed with a wide range of software that includes LibreOffice, Firefox, Empathy, Transmission, and several lightweight games.

4) BSD Operating Systems

Linux isn't the only popular free open source operating system, there are a number of Unix-like operating systems under active development, named behind BSD (Berkeley Software Distribution). Free BSD, Net BSD and OpenBSD are very famous examples of the BSDs.

FreeBSD is famous for superior reliability and performance. It’s a free Unix-like operating system developed by AT&T UNIX and has more than 200 active developers and thousands of contributors.

NetBSD is a freely redistributable, open source version of the Unix-derivative BSD, computer operating system notable for supporting a wide range of hardware platforms, including embedded systems and mobile devices. NetBSD is famous for its portability and quality of design and implementation, it is often used in embedded systems and as a starting point for the porting of other operating systems to new computer architectures.

OpenBSD is touted as perhaps the most secure Unix-like operating system, with a security audit that never stops. It includes a number of security features absent or optional in other operating systems and has a tradition of developing auditing the source code for software bugs and security problems.

5) Samba

Samba is Free Software licensed under the GNU General Public License, the Samba project is a member of the Software Freedom Conservancy. Samba is a free software re-implementation of the SMB/CIFS networking protocol, originally developed by Andrew Tridgell. Samba bridges the gaps between Linux/Unix and Windows, allowing Unix and Linux servers to provide file and print services to Windows clients, and Linux and Unix clients work with Windows file servers. A Samba host can even serve as the primary domain controller for a Windows network. Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. Samba is released under the terms of the GNU General Public License. The name Samba comes from the SMB (Server Message Block), the name of the standard protocol used by the Microsoft Windows network file system.

6) MySQL

The world's most popular open source database with easy administration, excellent read performance, and transparent support for large text and binary objects make it the top choice for many Web sites. The MySQL development project has made its source code available under the terms of the GNU General Public License, as well as under a variety of proprietary agreements. It is a popular choice of database for use in web applications, and is a central component of the widely used LAMP open source web application acronym for "Linux, Apache, MySQL, Perl/PHP/Python." Free-software-open source projects that require a full-featured database management system often uses MySQL. Applications which use MySQL databases include: TYPO3, MODx, Joomla, WordPress, phpBB, MyBB, Drupal and other software.

7) BIND

BIND is the most popular open source DNS (Domain Name System) server software on the Internet. It works on Unix-like operating systems, it is the de facto standard that implements DNS protocols for the Internet. The Berkeley Internet Name Domain package was originally written at the University of California at Berkeley.  The software consists, most prominently, of the DNS server component, called contracted for name daemon. In addition the suite contains various administration tools, and a DNS resolver interface library. The latest version of BIND is BIND 9, first released in 2000.

8) Sendmail

Sendmail is a general purpose internetwork email routing facility born before the Internet was standardized and supports different kinds of mail-transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet. Sendmail served as the backbone of the Internet mail system throughout the 1980s and 1990s. It has lost ground to Postfix, Qmail, Exim, and Microsoft Exchange in recent years, but still ranks among the most popular MTAs (mail transfer agents). It is a well-known project of the free and open source software and Unix communities. It has spread both as free software and proprietary software.

9) OpenSSH and OpenSSL

OpenSSH

OpenSSH is an abbreviation of OpenBSD Secure Shell developed as part of the security conscious OpenBSD project. It is a set of computer programs providing encrypted communication sessions over the Internet using the SSH protocol. It was created as an open source alternative to the proprietary Secure Shell software suite offered by SSH Communications Security.

OpenSSL

OpenSSL is an open-source implementation software package uses strong cryptography. OpenSSH encrypts shell communications to remote computers, addressing the shortcomings in tools such as rlogin and telnet, which send usernames and passwords in clear text. OpenSSL is a software library that allows developers to incorporate SSL or TLS into their Internet applications. It was written in the C programming language, implements the basic cryptographic functions and provides various utility functions. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

10) Apache

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The Web server that puts the A in LAMP is still fast, flexible, and secure, with broad operating system and Web programming language support and hundreds of modules available to extend the functionality. Apache is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Apache httpd has been the most popular web server on the Internet and generally used on a Unix-like system, the software is available for a wide variety of operating systems, including Unix, FreeBSD, Linux, Solaris, Novell NetWare, OS X, Microsoft Windows, OS/2, TPF, OpenVMS and eComStation. Released under the Apache License, Apache is open-source software.

 

Smart Cities Market - A Brief Insight 2013 - 2019

The global Smart Cities Market is expected to reach a value of USD 1,265.85 billion by 2019, growing at a CAGR of 14.0% from 2013 to 2019. Increase in migration from rural to urban areas is the major factor responsible for the growth of smart cities market, globally. North America was the largest contributor to the smart cities market and accounted for a share of 34.5% in 2012. This is mainly attributed to the increasing smart grid investments, upgradation in the water infrastructure and transportation sector. The manufacturers in this region are investing more in smart meters and smart grids to provide an excellent foundation for smart city programs.

Browse the full Smart Cities Market Report at http://www.transparencymarketresearch.com/smart-cities-market.html

Among the different application categories, smart transportation segment held the largest share of around 16% in 2012. This was due to the growing demand for advanced traffic management, building a superior environment and reducing the volume of delivery vehicles. At the same time, smart transportation links the modes of transport to improve the traffic flow in both urban and inter-urban networks. Smart transportation system helps in minimizing the economic burden of government by reducing traveling delays and fuel consumption rate. Smart security is the fastest growing segment and is expected to grow at a CAGR of 15.0% during the forecast period from 2013 to 2019. One of the reasons for the growing popularity of smart security is that it avoids third party misuse by imposing high security requirements onto the used technology.
In terms of geography, North America represents largest market for smart cities and is expected to reach a market size of USD 392.41 billion by 2019. The regional governments are taking steps towards reducing the carbon footprint by increasing the use of renewable energy resources. Governments in North America are currently working on an objective to accomplish the target of zero wastage of energy by the year 2020.

Get report sample PDF copy from here: http://www.transparencymarketresearch.com/sample/sample.php?flag=B&rep_id=357

Some of the major players in smart cities market include Siemens AG, ABB Ltd., IBM Corporation, Hitachi Ltd., Alcatel-Lucent S.A., Honeywell international Inc., Alstom S.A., General Electric Company, Telefonaktiebolaget L. M. Ericsson, Cisco Systems Inc., Oracle Corporation and others.

The global smart cities market is segmented as below:
Smart Cities Market, By Application

  • Smart homes
  • Smart buildings
  • Smart energy management
  • Smart industrial automation
  • Smart healthcare
  • Smart transportation
  • Smart security
  • Others (smart water management, smart education, so on)

Browse the full Smart Cities Market Report Press Release : http://www.transparencymarketresearch.com/pressrelease/smart-cities-market.htm

Smart Cities Market, By Geography

  • North America
  • Europe
  • Asia Pacific
  • Rest of the World (RoW)

Browse Technology and Media Market Research Reports @ http://www.transparencymarketresearch.com/technology-market-reports-8.html

 

 

Securing SSH with two factor authentication using Google Authenticator

Securing SSH with two factor authentication using Google Authenticator

Two-step verification (also known as Two-factor authentication, abbreviated to TFA) is a process involving two stages to verify the identity of an entity trying to access services in a computer or in a network. This is a special case of a multi-factor authentication which might involve only one of the three authentication factors (a knowledge factor, a possession factor, and an inheritance factor) for both steps. If each step involves a different authentication factor then the two-step verification is additionally two-factor authentication.
Link to original post: http://www.blackmoreops.com/2014/06/26/securing-ssh-two-factor-authentication-using-google-authenticator/

Google’s two-step verification process

Google was one of the first Internet companies to introduce a two-step verification process. To access a Google service using the two-step verification process, a user has to go through the following two stages:

The first step is to log in using the username and password. This is an application of the knowledge factor.
The implementation of the second step requires a mobile phone or the Google Authenticator application, which is an application of the possession factor.

If the user opts to use a mobile phone, he/she has to register his/her phone number with Google. When one attempts to authenticate with username and password, Google will send via SMS a new, unique code to the phone. Receiving the SMS demonstrates that the user has the phone (or, in the case of GSM like networks the appropriate SIM chip).

If the user opts to use the Google Authenticator (or another supported code generator application), he/she simply opens the application, which generates a new code every 30 seconds. This code is to be entered to complete the log in process. As a backup option in case the registered mobile phone or device running Google Authenticator is lost, stolen, or otherwise unavailable, the user can print a set of static single-use backup codes (also the knowledge factor) and store them in a safe place.

The following are some other sites which offer two-step verification service:

  1. Amazon Web Services
  2. ANX
  3. App.net
  4. Apple ID
  5. Authy
  6. Battle.net
  7. Bitstamp
  8. Blockchain.info
  9. Box
  10. Dropbox
  11. eBay
  12. Etrade
  13. Evernote
  14. Facebook
  15. GitHub
  16. GoDaddy
  17. HootSuite
  18. Lastpass
  19. LinkedIn
  20. LocalBitcoins
  21. Microsoft
  22. MongoLab
  23. Namecheap
  24. PayPal
  25. SocialFlow
  26. timetotrade
  27. Tumblr
  28. Twitter
  29. Viaduct
  30. WordPress
  31. Yahoo! Mail
  32. innoview.gr
  33. zoho

Google Authenticator

Google Authenticator implements TOTP security tokens from RFC6238 in mobile apps made by Google, sometimes branded “two-step authentication”. The Authenticator provides a six digit one-time password users must provide in addition to their username and password to log into Google services or other sites. The Authenticator can also generate codes for third party applications, such as password managers or file hosting services. Some versions of the software are open source.
[Source: WikiPedia]

14 - Securing SSH with two factor authentication using Google Authenticator - blackMORE Ops

Note: Google Authenticator doesn’t “call home” to Google — all the work happens on your SSH server and your phone. Google Authenticator is a open-source software, that means you can check the codes yourself. I guess after what happened with openSSL, that’s not a bad idea after all.

In this article I will demonstrate how to secure SSH by setting up Two Factor Authentication (TFA) with Google Authenticator for the following Linux operating systems:

  1. Debian
  2. Ubuntu
  3. Linux Mint
  4. Kali Linux
  5. Red Hat
  6. CentOS
  7. Fedora

Google Authenticator can be used in the following smartphones:

  1. Android,
  2. iOS and
  3. Blackberry.

I am not too sure if you can use this on a Windows Based phone (i.e. new Nokia phones or Windows Mobiles devices). Feel free to try and report back.

App Download Links as follows:

  1. Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
  2. iOS: https://itunes.apple.com/au/app/google-authenticator/id388497605?mt=8
  3. Blackberry: http://www.google.com/mobile/other

More detailed per device install instructions can be found on this page:
https://support.google.com/accounts/answer/1066447?hl=en

The implementation is exactly same except for some package name differences. So you can implement this in any Linux Operating System that uses these packages.

Requirements

Followings are the requirements for using Google Authenticator on your system:

  1. A PC running Linux
  2. A smartphone
  3. A running SSH server on your machine.

In case you don’t have SSH server running, just follow this guide to install openSSH server.

Step 1: Install dependencies for Google Authenticator Module

You need to have either root or sudo privileges on the machine where you want to secure SSH by enabling Two Factor Authention using Google Authenticator. Login to your machine and use the following commands to install required dependency packages:

On Debian, Kali, Ubuntu, Linux Mint (they all are Debian based system that uses aptitude as package manager i.e. apt-get/aptitude)

apt-get install libpam0g-dev

1 - Install dependencies for Google Authenticator PAM module - blackMORE Ops

On Red Hat, CentOS and Fedora (they all are RedHat based where you use yum as the package manager):

yum install pam-devel

That’s it. That should install the necessary dependencies on your system. In case you have a very restricted system where you dont have GCC, make and wget, you can install them using the following command(s):

yum install make gcc wget
(or)
apt-get install make gcc wget
 

Step 2: Download Google Authenticator Module

Google Authenticator is available on GoogleCode website.

Link: https://code.google.com/p/google-authenticator/

You can just copy paste the codes below to download and extract Google Authenticator codes. I personally use Kali Linux, that means I am always logged in as root user, if you’re using any of the other Linux distributions like Debian, Ubuntu, Linux Mint, Red Hat, CentOS or Fedora where you don’t usually login as root user, then you should choose your own directory to download and extract these codes.

To download Source code of the Google Authenticator PAM library module use the following command:

root@kali:~# wget http://google-authenticator.googlecode.com/files/libpam-google-authenticator-1.0-source.tar.bz2

At the time of writing this article, v1.0 was available.

2 - Download Google Authenticator PAM module from GoogleCode - blackMORE Ops

Now extract your tarball:

root@kali:~# tar -xvf libpam-google-authenticator-1.0-source.tar.bz2

Change directory to the extracted folder:

root@kali:~# cd libpam-google-authenticator-1.0/

3 - Extract Google Authenticator PAM module from GoogleCode - blackMORE Ops

Step 3: Compile and Install Google Authenticator PAM module

So far we’ve installed dependencies, downloaded and extracted Google Authenticator PAM module. Now we need to compile the codes and install compiled software on our system.
use the following command to compile your downloaded source codes:

root@kali:~/libpam-google-authenticator-1.0# make

4 - Compile extracted Google Authenticator PAM module from GoogleCode - blackMORE Ops

Now install Google Authenticator PAM module on your system:

root@kali:~/libpam-google-authenticator-1.0# make install

5 - Install compiled Google Authenticator PAM module from GoogleCode - blackMORE Ops

Step 4: Run and configure Google Authenticator

Just run Google Authenticator PAM module from command line to configure it for your system:

Run Google Authenticator PAM module using the following command:

root@kali:~/libpam-google-authenticator-1.0# google-authenticator

It should present you with bunch of question where you get to choose Y or N . Let’s have a quick look at those questions and the outputs.

Do you want authentication tokens to be time-based (y/n) y
https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/root@kali%3Fsecret%3DWKHM6UVJNTPYSPTQ
Your new secret key is: WKHM6UVJNTPYSPTQ
Your verification code is 434260
Your emergency scratch codes are:
  30287010
  70585905
  68748337
  15176712
  38041521

So on your first question, you get a secret key, Your new secret key is: WKHM6UVJNTPYSPTQ and 5 emergency scratch codes. You use the emergency key on your mobile so that you can get the correct verification code next time you login. Emergency codes are used when you’ve lost your mobile.
Next it asks you if you want to use this for your root account? Me being root users, I’ve chosen Yes.

Do you want me to update your "/root/.google_authenticator" file (y/n) y

Next up, it asks you if you want to disallow multiple uses of the same verification code. Unless you have a good reason not to, choose Yes.

Do you want to disallow multiple uses of the same authentication
token? This restricts you to one login about every 30s, but it increases
your chances to notice or even prevent man-in-the-middle attacks (y/n) y

Next part is time based login. From the point of getting the code on your mobile to typing in to your login prompt, 30 seconds should be more than enough. If you’r time sync is bad on your system or you’ve giving the code to someone over phone or you are a VERY slow keyboard warrior, I see no reason to change it. Select Yes here.

By default, tokens are good for 30 seconds and in order to compensate for
possible time-skew between the client and the server, we allow an extra
token before and after the current time. If you experience problems with poor
time synchronization, you can increase the window from its default
size of 1:30min to about 4min. Do you want to do so (y/n) y

Last up, well, of course we want to enable rate-limiting, by enabling this, you ensure that only 3 login attempts every 30s can be made.

If the computer that you are logging into isn't hardened against brute-force
login attempts, you can enable rate-limiting for the authentication module.
By default, this limits attackers to no more than 3 login attempts every 30s.
Do you want to enable rate-limiting (y/n) y

This finishes your initial setup for Google Authenticator PAM module. Now we need to configure PAM and SSH to actually use this technique. This is really awesome.

6 - Configure google-authenticator PAM module for the first time - blackMORE Ops

 

Note: Leave this terminal window open (DO NOT CLOSE). We need the codes for next steps.

Step 5: Configure SSH to use Google Authenticator PAM Module

Open your PAM configuration file /etc/pam.d/sshd

root@kali:~# vi /etc/pam.d/sshd

and add the following line:

auth       required     pam_google_authenticator.so

7 - Configure SSHD PAM to use Google Authenticator PAM Module - blackMORE Ops

Next up, open your SSH configuration file /etc/ssh/sshd_config

root@kali:~# vi /etc/ssh/sshd_config

and modify the line containing ChallengeResponseAuthentication no:

ChallengeResponseAuthentication no
(change it to)
ChallengeResponseAuthentication yes

8 - Configure sshd_config PAM to use Google Authenticator PAM Module - blackMORE Ops

To have these changes take effect, restart SSH server:

service ssh restart
(or)
service sshd restart
(or)
/etc/init.d/ssh restart
(or)
/etc/init.d/sshd restart

Why 4 commands? Depending on your Linux distribution, some refers SSH Daemon as SSHD, some as SSH, some got service module installed, some requires you to go into /etc/init.d folder and restart SSH service manually.

Step 6: Configure your SmartPhone for Google Authenticator App

Like I said before, Google Authenticator can be used in the following smartphones:

  1. Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
  2. iOS: https://itunes.apple.com/au/app/google-authenticator/id388497605?mt=8
  3. Blackberry: http://www.google.com/mobile/other

More detailed per device install instructions can be found on this page:
https://support.google.com/accounts/answer/1066447?hl=en

Assuming you managed to install the App properly, Launch your Google Authenticator app in your SmartPhone.

From Menu select Set up account

9 - Configure SMARTPhone to use Google Authenticator - blackMORE Ops

Step 6.1: Google Authenticator Setup Account

Remember the secret key you got when you initialized Google-Authenticator PAM module on your computer? I hope you still got that window open. Select Enter provided key.

10 - Select Enter provided key on SMARTPhone to use Google Authenticator - blackMORE Ops

Next window you give it a name (something you can remember or relates to your workstation .. i.e. Home Workstation or My SuperAwesome LinuxBox … I’m going to use blackMORE Ops as the name.

Type in your Secret Key on the next field and click on Add button.

11 - Manually enter name and secret key on SMARTPhone to use Google Authenticator - blackMORE Ops

Once it’s added it will generate a one time verification code (pin number) that will keep changing every 30 seconds.

Step 7: Login to your computer via SSH

Because I am doing all these in the same computer I will just login to localhost (IP: 127.0.0.1) If you got 2 or more machines or VirtualBox/VMWare machines then you can try to login from a different one. One thing to note, you MUST have SSH server running.

In case you don’t have SSH server running, just follow this guide to install openSSH server.

So we type in the following command: (this is where you need to find out your SSH server’s IP address, I’ve shown using localhost or 127.0.0.1 IP but this can be anything from an IP, FQDN or Domain name.)

root@kali:~# ssh 127.0.0.1

and immediately you see a prompt asking for Verification code. This is your Google Authenticator code that you get from your Google Authenticator Mobile App.

12 - Verification Key on SMARTPhone to use Google Authenticator - blackMORE Ops

Type in the numbers from your SmartPhones Google Authenticator App and then it will prompt your for your password. Type in your password to login now.

13 - Securely SSH and enter Google Authenticator Verification Key and password to login to SSH - blackMORE Ops

If you failed to type in the Verification code within 30 seconds, you have to try the next code shown on your SmartPhones Google Authenticator App. Awesome? Wouldn’t you agree?

Alternatives to Google Authenticator SmartPhone App:

In case you don’t own a SmartPhone or don’t want to use any, you can use the following add-on on your FireFox or IceWeasel browser:

FireFox/IceWeasel App: GAuth Authenticator https://marketplace.firefox.com/app/gauth-authenticator/

15 - Secure SSH with two factor authentication using Google Authenticator from FireFox- blackMORE Ops

Interesting Fact:

[Update]

Got a response from the dev behind the Google Authenticator add-on for Chrome, Gerard Braad, who explained that Google have taken it down but gave no explanation as to why even after being asked several times.

The Firefox version is still available though and work great. Hopefully he may look into the issue with the Chrome version and re-submit.

Here is the FF version for those wishing to use it:

https://marketplace.firefox.com/app/gauth-authenticator/

Richard

How about that?

[ Source: https://productforums.google.com/forum/#!topic/chrome/P9rTLaeyHjg ]

Conclusion

Securing SSH with two factor authentication using Google Authenticator is possibly the best security model you can out there for free. You can always restrict SSH by IP, change port, rate-limit and do all sorts of crazy stuffs. But those who wants to open SSH to the outside world and implement all these extra security models (i.e. Brute-force detection etc.) have to constantly worry about the fact that who is trying is and what you’ve missed while securing your system. Securing SSH with two factor authentication using Google Authenticator possibly relieves you from that worry and you stop getting emails in the middle of the night saying someone tried to login via SSH X amount of times.

Let me know you thoughts and if you’ve found this useful. Thanks for reading and being on my website. Please share. This would be best for System Administrators on any Linux systems.

 

How to Create Professional Stop-Motion Animations with Free and Open-Source Software

When my brother and I set out to create The Hello World Program, a series of videos and tutorials teaching computer science, programming, Linux, and web development, we gave ourselves the seemingly impossible challenge of producing the show with free and open-source software. Our goal is to help remove the economic barrier associated with digital media production by sharing the lessons we learn while making the show. For Daisy's Web Development Diary, our HTML-centric video series, we wanted to incorporate stop-motion papercraft animations, but there was a problem. There is no free, open-source, professional-grade, stop-motion animation software for Linux. Having grown up creating our own animations with nothing but a camcorder, we were no strangers to hacking together animation solutions. At the most basic level, we needed some way of connecting a camera to our computer for remote shooting, and a way to compile those images into a movie. Entangle and avconv were just the tools for the job.

Entangle uses the gPhoto library for remote shooting, so it is necessary to have a gPhoto compatible camera. If your camera is not compatible with gPhoto, don’t fret. You can still make animations by shooting blindly with you camera, copying the files to your computer, then compiling with avconv. That process isn’t as fancy, but that’s how this art form started, so you’d be animating just like the old pros! Depending on your operating system, you can probably install Entangle from the software repository, however I would advise against that. Entangle is constantly being updated, and I found that the version in the software repository had major problems that had been addressed in the newest release. This means you are probably going to have to build from source.

When you have Entangle installed, open the application and connect your camera. Right away, you will get hit with a couple of warnings. The first one asks if you want to unmount your camera, because your operating system most likely already mounted it, preventing Entangle from accessing it. The next one is a warning that claims your camera is still in use. It’s not. Entangle just got ahead of itself. Click the affirmative for both of these and you should be up and running.

The default settings for Entangle are not optimal for doing animation. The first thing you will need to change is the continuous preview handling. Open the application preferences and check the “Continue preview mode after capture” checkbox on the “Capture” tab. Now when you capture an image, the program will return to the live view. At least it should return to the live view. If you get an “Unable to capture preview” error, you will need to change the capture target to “Memory card” instead of “Internal RAM”. This setting is found in the camera settings menu on the left hand side of the program. If you don’t see this menu, click the “view full list of camera settings” button at the top of the program.

Entangle gives you access to most of your camera's settings. Because it is critical that our lighting stay consistent from frame to frame, you should look through your available camera settings and manually set everything (aperture, shutter speed, ISO). Also make sure any picture styles or in-camera enhancements are turned off.

Finally, you may begin animating. The animations in Daisy's Web Dev Diary are made entirely out of scraps of paper, but you could animate just about anything. A lump of clay, old toys, or some colored sand. The possibilities are endless!

I found that positioning the camera upside down was the ideal setup for shooting on a tabletop. This freed up a lot of space and helped minimize the possibility of bumping the tripod. It's a little confusing while shooting, but it’s trivial to rotate the video when we compile it.

Making small adjustments to your model, capture each frame of the video one after the other. Ideally you would be shooting your animations at 24 frames per second, because this is the standard for film, but I’ve found that stop motion still looks good at only 10 or 12 frames. Just keep in mind that your animation will look crisper and more fluid with higher frame rates. The trade off is that you will need to shoot many more frames. For slow movements, you will want to make tiny adjustments between frames. Quick movements would require bigger adjustments, of course. While you can shoot several of the same frame to create a pause, it looks much more natural if there is a bit of movement in the frame. Lightly touching the model in between every frame will bring a static shot to life.

If you make a mistake, you can right click on the thumbnail in Entangle and select delete. This will cause problems when we compile our video, because Entangle doesn’t adjust the names of your other files to accommodate the missing frame, but don’t worry about it for now. Continue on as though everything is perfectly okay.

stompo5

When you are satisfied with your animation (or tired of working on it), you may move on to compiling your animation with avconv. You should have a folder located at ~Pictures/capture that is chock full of images labeled “capturexxxxxx.jpg”. This is perfectly formatted for feeding an image sequence into avconv, but if you deleted any frames as you were animating, there will be gaps in your image sequence. A bulk rename utility such as pyRenamer can easily correct them.

In pyRenamer, navigate to the folder containing your captured images. Select all of the images, change the “renamed file name pattern” to “frame{num6}.jpg” (without the quotes), preview your changes, then commit them with the “Rename” button.

Before you can compile your video, you will need to decide how to crop your video. Unless you set your camera to shoot in a standard video frame size, you’ll need to adjust the crop manually. These next few steps require some command line magic, so it may look scary, but it’s pretty straightforward. The easiest way I’ve found to determine the crop parameters is with Gimp, so open any one of your frames in Gimp. With the crop tool selected, check the “Fixed” option and set it to “Aspect ratio”. For the sake of demonstration, I’m assuming we are going to output a 1080p video, so in the field just below the “Fixed” checkbox, enter “16:9″.

Drag out a selection on the image for the crop you intend to use for your video, but don’t execute the crop. Take a look at the juicy information in the crop tool options panel. You'll need the values of the position and size parameters in a moment, but for now you can put Gimp aside.

Now it's time to compile the video. Here's the command I used to create my animation:

avconv -f image2 -r 12 -i frame%06d.jpg -vf crop=4663:2623:289:448,scale=1920:1080,vflip,hflip -r:v 30000/1001 -c:v libx264 -qp 0 -preset medium -an "animation.mkv"

Generally when converting input with avconv, you would only need to specify the path to the video file with the -i parameter. With image sequences, we need to supply a little more information.

-f Indicates that the input is an image sequence.

-r is the input framerate. So if you were shooting for 24 frames per second, you would put 24 here. You may want to try compiling several times at different input frame rates to find the one that suits your animation best.

-i is the naming scheme for your image sequence. “frame%06d.jpg” tells avconv that your files all begin with the word “frame” followed by a sequential number that is six digits long, contains leading zeros, and ends with “.jpg”.

The -vf parameter is a comma separated list of video filters. This is where the real magic happens. First you need to crop the image using the data gathered with Gimp’s crop tool. The format of the crop filter is “crop=output width:output height:x:y”. The output width and height are the “size” parameters from Gimp’s crop tool, and the x and y are the “position” parameters.

Surely you noticed that the output width and height are rather large. Normally I would set the video size with the -s:v parameter, but it doesn’t play nice with the crop filter, so you'll need to use a scale filter to properly size the output. This one is pretty straightforward, it’s formated as “scale=output width:output height”. To output a 1080p video, the scale filter would be “scale=1920:1080″.

If your camera was oriented upside down, you’ll also need to tack on the “vflip” and “hflip” parameters. These flip your output video vertically and horizontally, essentially rotating it 180 degrees.

The remaining parameters are for your video codec. You could set these to anything you want, but in my example, I chose to export a lossless, x264 encoded mkv file at 30 frames per second.

Now for the best part… watching your animation!

 

Cautions for the HP_RDI Alarm on OptiX OSN9500

Identification method:
1. The source version  is V100R003 or V100R004.
2. The EXCL board is used and lower order services access to the 1+1 linear MS.
3. Run the: cfg-get-1j1lmsp-lxcoptmz command. "Unregistered command" is displayed or the result is "disable".
4. Lower order services access to the 1+1 MSP protection path earlier than the working path. Run the :cfg-get-lmsbdmap:pgi (pgid indicates the ID of the 1+1 linear MSP group) command. The timeslots for the protection and working paths are A and B respectively. Run the : dbms-query: " Cfgmapxc.dbf ", mdb command. It is found that A is earlier than B. The following example shows that timeslot 1 for port 2 of the board in slot 17 priors to timeslot 1 for port 1 of the board in slot 17.

:cfg-get-lmsbdmap:1
LMS-PU-MAP
PG-ID   PU-ID   BOARD-ID   PORT-ID   AU4-MAP
1                  0                17                  2               1&&8
1                  1                17                   1               1&&8
Total records :2
: dbms-query: " Cfgmapxc.dbf ", mdb (The following values are displayed in the hexadecimal format.)
CfgMapXc.dbf
record num         MAPIDX       MAPBID   MAPPID     MAPAUID     MAPRSV
1                              02000000       04                01                 0001               00
2                             02010000        04                01                 0001               00
3                             02000040        11                 02                0001               00
4                             02010040         11                 02                0001              00
5                             02000080         11                 01               0001               00
6                             02010080         11                 01                0001               00
Total records :6

If the preceding four conditions are all met, after the version is upgraded to V100R005 or V100R006 earlier than V100R006C05SPC203, the HP_RDI alarm is inserted in downstream devices (the corresponding inspector is available and preferred).

[Root Cause]
The optimization function for lower order service configuration on the 1+1 liner MS is not supported by earlier versions, while that is supported by V100R005 and V100R006 by default. In an earlier version, if lower order services access to the 1+1 protection path earlier than the working path, after the version is upgrade to V100R005 or V100R006 earlier than V100R006C05SPC203, the system control board first recovers the services that access to the 1+1 protection path by default and performs lower order optimization when recovering the services that access to the 1+1 working path. Therefore, the lower order services of both protection and working paths use the same higher order point on the EXCL board, while the higher order point of the working path is idle, so the EXCL board inserts the HP_RDI alarm in the downstream to the working path.
[Impact and Risk]
After the related version is upgraded to V100R005 or V100R006 earlier than V100R006C05SPC203, the downstream devices receive the HP-RDI alarm. Services are faulty when some switching devices receive the HP_RDI alarm, causing service interruption.

[Measures and Solutions]
Preventive measures:
Use either of the following methods:
1. Delete the MS before the upgrade, and configure the MS after the upgrade.
2. Deactivate and activate the faulty service before the upgrade.
Solution:
Upgrade the NE to V100R006C05SPC203 or a later version.
[Inspector Applicable or Not]
Update the test case package to the latest one.
Path: Upgrade pre-check/ Checks whether the HP_RDI will be triggered after lower order services are accessed into 1+1 LMS and V100R004 is graded to V100R006C03SPC200
[Rectification Scope and Time Requirements]

 

Smart Cities Market Analysis 2013 - 2019

The global Smart Cities Market is expected to reach a value of USD 1,265.85 billion by 2019, growing at a CAGR of 14.0% from 2013 to 2019. Increase in migration from rural to urban areas is the major factor responsible for the growth of smart cities market, globally. North America was the largest contributor to the smart cities market and accounted for a share of 34.5% in 2012. This is mainly attributed to the increasing smart grid investments, upgradation in the water infrastructure and transportation sector. The manufacturers in this region are investing more in smart meters and smart grids to provide an excellent foundation for smart city programs.

Browse the full Smart Cities Market Report at http://www.transparencymarketresearch.com/smart-cities-market.html

Among the different application categories, smart transportation segment held the largest share of around 16% in 2012. This was due to the growing demand for advanced traffic management, building a superior environment and reducing the volume of delivery vehicles. At the same time, smart transportation links the modes of transport to improve the traffic flow in both urban and inter-urban networks. Smart transportation system helps in minimizing the economic burden of government by reducing traveling delays and fuel consumption rate. Smart security is the fastest growing segment and is expected to grow at a CAGR of 15.0% during the forecast period from 2013 to 2019. One of the reasons for the growing popularity of smart security is that it avoids third party misuse by imposing high security requirements onto the used technology.
In terms of geography, North America represents largest market for smart cities and is expected to reach a market size of USD 392.41 billion by 2019. The regional governments are taking steps towards reducing the carbon footprint by increasing the use of renewable energy resources. Governments in North America are currently working on an objective to accomplish the target of zero wastage of energy by the year 2020.

Get report sample PDF copy from here: http://www.transparencymarketresearch.com/sample/sample.php?flag=B&rep_id=357

Some of the major players in smart cities market include Siemens AG, ABB Ltd., IBM Corporation, Hitachi Ltd., Alcatel-Lucent S.A., Honeywell international Inc., Alstom S.A., General Electric Company, Telefonaktiebolaget L. M. Ericsson, Cisco Systems Inc., Oracle Corporation and others.

The global smart cities market is segmented as below:
Smart Cities Market, By Application
Smart homes
Smart buildings
Smart energy management
Smart industrial automation
Smart healthcare
Smart transportation
Smart security
Others (smart water management, smart education, so on)

Browse the full Smart Cities Market Report Press Release : http://www.transparencymarketresearch.com/pressrelease/smart-cities-market.htm
Smart Cities Market, By Geography

North America
Europe
Asia Pacific
Rest of the World (RoW)

Browse Technology and Media Market Research Reports @ http://www.transparencymarketresearch.com/technology-market-reports-8.html

 

Linux Kernel 3.16 Stable is Now Available! Install Linux Kernel 3.16 in Ubuntu/Linux Mint Systems

The Linux Kernel 3.16-Stable is now available for the users, announced Linus Torvalds. This Linux Kernel version comes with plenty of fixes and improvements. This article will guide you to install or upgrade to Linux Kernel 3.16 in your Ubuntu or Linux Mint system.

 

Read more on YourOwnLinux.

 

Advanced Gtk+ Sequencer Version 0.4.0

Advanced Gtk+ Sequencer Version 0.4.0

Advanced GTK+ Sequencer is intended to use for music composition. It features a piano roll, as well a synth, matrix editor, drum machine, soundfont2 player, mixer and an output panel. It's designed to be highly configurable, you may add effects to its effect chain, add or remove audio channels/pads. You may set up a fully functional network of engines, therefore exists a link editor for linking audio lines.

Features

  • save or open Advanced Gtk+ Sequencer XML files with XPath support
  • add or remove audio engines with adjustable audio channels and pads
  • link channels with property dialog
  • output panel, mixer, drum and matrix sequencer, soft synth and audio file player
  • piano roll with basic notation editing supporting copy & paste
  • adjustable BPM

Caveates

The timings described in thread tree assumes optimal case. Note your system may hang up when you run Advanced Gtk+ Sequencer.

It's the response of your distributer to take care that it won't interfer with other processes.

 

 

 
Page 7 of 146

Upcoming Linux Foundation Courses

  1. LFD211 Introduction to Linux for Developers
    08 Dec » 09 Dec - Virtual
    Details
  2. LFS220 Linux System Administration
    08 Dec » 11 Dec - Virtual
    Details
  3. LFD331 Developing Linux Device Drivers
    15 Dec » 19 Dec - Virtual
    Details

View All Upcoming Courses


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board