lubuntu

It would be ideal if all my software were Free Software, but until then, I have to be pragmatic if I want my wireless to work. To me, almost any GNU/linux or BSD distribution would be just fine... unless it is too bloated or too confusing to make work. Over the last decade or so, for better or worse, I have settled on lubuntu, even on my more capable hardware.

That written, there are some things that I almost always do to fix problems or set up machines to work the way I prefer. Some of those things appear below for my reference, and may become dated as time marches on.

sshuttle - so-called Poor Man's VPN

$ sshuttle -v -r bob@hbeLabs.com --dns 0/0 This should whole disk encryption How to automatically mount an encrypted disk- Can be used with USB disks, internal disks, etc. that can be added to your system for storage. memory storage When I get a new or old memory storage device (hard disk, ssd, USB stick, SD card, etc), I like to validate it by writing to and reading from it. badblocks does just that. Caution, this command can will turn a good day into a bad day if you apply it to the wrong storage device. Pay very close attention to which storage device you do this to. I will show the command using /dev/XYZ where XYZ is really something like sdc (to help prevent bad days). Really, pause and verify that what you enter is what you really want to do. DO NOT DO THIS TO A STORAGE DEVICE WITH VALUABLE DATA, or DO NOT DO THIS: $ sudo badblocks -b 8192 -vw -o ~/badblocks.dat /dev/XYZ Here the -b 8192 is needed for very large storage devices, the -v is used for verbose, -w is used for writing and reading, which will destroy all data on your storage device. (There are ways of running this kind of command without destroying the data, but I found it was too slow.) There are ways of using the data file to safely use a device with problems, but I recommend that if badblocks does flag problems, don't use that storage device ... and don't give it to a friend. letsencrypt To enable ssl certificates on my website, I use letsencrypt. I have to temporarily disable firewall using "ufw disable", run "certbot renew", and re-enable firewall with "ufw enable". HP Envy laptop fails to boot This has happened twice to me so far, and seems like a frustrating bug. When this HP Envy (i7) laptop computer runs out of battery, it may not boot with the power cable plugged in. (Its battery is not [easily] removable.) I think the BIOS gets confused about the battery, but that is a guess. The big symptom is that when it is plugged in, and the power button is pushed, it stays on for about 8 seconds, then shuts off, and after another 6 seconds or so, it repeats. There is no display activity, but the fan initially spins for a handful of seconds. When it is "on" during one of these endless cycles, press and hold the power button to be sure the computer is turned off (stops cycling). Make sure the power supply is plugged in [and any peripheral is removed and disconnected.] Press and hold the [Windows]+[B] key, then press the power on button for 1 to 3 seconds ... keep pressing the [Windows]+[B] key. My computer will not beep, but the [CapsLock] button will blink (on the order of a few seconds on-off-on-off...). After a minute of that, I let go of the [Windows]+[B] button. The [CapsLock] button continues to blink, and there is still no screen activity, and the power button light is on ... no cycling. After another minute or so, I press the power button until it shuts off. Then, I press the power on button and it comes back to life normally. After the battery ran out, I had left the computer plugged in for a few hours, and when it cam back to life using the above method, the battery appeared to be fully charged. It did seem to charge in that confused state, which I guess is a good thing. See https://www.youtube.com/watch?v=qpiGUojtr3E for more hints. No other method worked, it never beeped, and no "BIOS-update" screen window opened. But, it does seem that [Windows]+[B] is an emergency BIOS restore or fix that works. Obviously, there is a documented fix, however it may be hard to figure out. This bug may have inspired many people to discard their computer ... or pay someone a lot of money to recover. reverse tunnels Reverse Tunnels Quite often, it becomes convenient or necessary to set up reverse tunnels to access any of my computers from anywhere else on the Internet, with even the most hostile intervening network (like the Internet itself), and with only one publicly accessible computer. barrier vnc To setup a vnc server on one local computer: x0tigervncserver -passwordfile ~/.vnc/passwd -display :0 -AcceptSetDesktopSize=0 -AlwaysShared=1 & To connect to vnc server on another local client computer with a given IP address: ssvncviewer <IP address>/tt> If I manage to set up a vncserver over ssh tunnels, connect to it using: $ ssvncviewer -via hbelabs.com localhost:<port> where <port> is the port number. libreoffice Although not my preferred way to produce documents, it is quick and practical unless the dialog menu fonts are simply too small. In that case, the following seems to work wonders: $ sudo apt purge libreoffice-qt5 $ sudo apt install libreoffice-kf5 swap file lubuntu doesn’t automatically set up that annoying swap partition, but sometimes swap is needed. To setup a 16GB swap file (with 16383 1-M blocks), do the following. Remember, the dd command can ruin not only your disk, but also your life when it deletes important and non-backed-up files, so be very careful with it. $ sudo dd if=/dev/zero of=/swap16GB bs=1M count=16384 $ sudo chmod 600 /swap16GB $ sudo mkswap /swap16GB Edit /etc/fstab using sudo: $ sudo emacs /etc/fstab and enter the line: /swap16GB none swap defaults 0 0 You can check to find any mistakes if you enter "$ sudo swapon -a" which will try to activate all swaps listed in your /etc/fstab file. Disable any unwanted swaps in your /etc/fstab file and reboot. Note that some like to use /dev/random instead of /dev/zero. update nagware To disable the very annoying update nagware $ sudo emacs /usr/lib/python3/dist-packages/UpdateManager/UpdateManager.py and add a return statement so that it now looks like: ... def start_available(self, cancelled_update=False, error_occurred=False): self._look_busy() self.refresh_cache() return # <<<--- added statement if self.cache is None: return I don't know if this works any more: $ sudo systemctl disable apt-daily.service apt-daily-upgrade.service $ sudo systemctl disable apt-daily.timer apt-daily-upgrade.timer But be warned that you have to keep software up-to-date manually (or use automatic update, next). Auto updates keyring nagware Disable keyring password prompt Latex Usually, ubuntu and lubuntu are far behind with texlive. So, do not install with apt. Instead, do this: Make sure all the apt installed versions of texlive are purged with $ sudo apt purge textlive* Head on over to https://www.tug.org/texlive/acquire-netinstall.html and download the "install-tl-unx.tar.gz" file. To unpack it, $ tar xvf install-tl-unx.tar.gz Descend into the directory and run "$ sudo ./install-tl" Make sure you check the "letter" page size. Let it install. Update the /etc/environment file to include the path to the binaries. My PATH looks like: PATH="/usr/local/sbin:/us.......bin:/usr/local/texlive/2021/bin/x86_64-linux" It is the last part that is important. Without rebooting, in a terminal window, $ source /etc/environment to make it active for that window. Then you can use pdflatex, latex, etc..... If you do reboot, you don't need to source it. To update, use tlmgr as root. sudo may not work (because of $PATH), so do this instead: $ sudo su # tlmgr update --self --all kdeconnect I managed to setup kdeconnect. Using ufw, on the computer it connects to, these should open the ports: sudo ufw allow proto udp from 192.168.1.0/24 to any port 1714:1764 comment 'kdeconnect' sudo ufw allow proto tcp from 192.168.1.0/24 to any port 1714:1764 comment 'kdeconnect' ssh connect to ipad 1 With the ssh update with lubuntu 22.04 in the spring of 2022, it no longer simply connects to the ipad because ssh-rsa was abandoned in favor of newer and more robust protocols. As a work-around, so I can still ssh into my obsolete iPad 1 I bought in 2010 (which Apple obsoleted and abandoned around 2012), do this: Add these lines to the end of /etc/ssh/ssh_config, presuming that is the local ip address of the ipad, Host 192.168.1.12 ipad HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa Make sure you have a set of rsa keys for root to allow password-less access to the ipad $ sudo su # ssh root@ipad If you need to enter your password, abort and do (as root), # ssh-keygen Take the defaults including entering the ipad root password and then see if you can log in without a password. If all is good, then you can create the ipad directory if it doesn't exist already, here named, /home/bob/ipad, and then update /etc/fstab to include the following entry all on one line: root@192.168.1.12:/var/mobile /home/bob/ipad fuse.sshfs comment=sshfs,defaults,transform_symlinks,users,exec,auto,allow_other,_netdev,reconnect,uid=1000,gid=1000,HostKeyAlgorithms=+ssh-rsa,IdentityFile=/root/.ssh/id_rsa 0 0 Then you can try to automatically mount it using $ sudo mount -a It should not ask for a password and it should survive reboots provided the ipad is turned and on the lan.