Old iMac Ubuntu Studio Installation

On September 3rd, 2015 Joseph asked…

Hi Matt,

I have the opportunity to install Linux at work on a 5 year old iMac rarely used due to its age. My gut tells me I should go with Ubuntu Studio as it has access to just about every type of creative and office software imaginable upon installation. I see this as an opportunity to grab a few entry level users with varied needs. What would you install on an older system collecting dust that gets used maybe once a week?

 

Hi Joseph,

I definitely think you’re on the right path for getting more life out of the old Mac. I recently did some testing with a 2010 Macbook Pro (6,2 version) and Ubuntu MATE. It’s more involved than simply installing Linux onto a PC, but it’s totally possible. Unlike Macbook Pro laptops however, the process should be a bit easier with the iMac.

That article is coming out soon and addresses how to install Ubuntu MATE onto a Macbook Pro under UEFI mode. Needless to say, I was able to get the proprietary graphic drivers working despite some known issues (black screen). The existing fixes found on Google are not compatible with Ubuntu 15.10 (nomodeset and other related hacks) and will likely create new issues, hence, why my upcoming article addresses this directly. Okay, back to your question.

Preparing for the installation

First and foremost, you should prep the hard drive for the Ubuntu Studio installation while booted into OS X. This OS X article provides a relevant guide for preparing a second partition using Disk Utility. The key here is to shrink down the existing OS X partition. I’d shrink it down substantially, since we’re only keeping this partition for access to recovery stuff, should you need to access them in the future. The newly freed space on the drive should be left as unformatted, since we’re going to be using the Ubuntu installer to handle the file system creation. As for the USB flash drive, make sure it’s formated as Mac OS Extended (Journaled) and that your partition table is set to GUID.

The next step is to install a new boot manager. Yes, you could “try” the old “hold down the Option key” approach and hope it works. Historically, I’ve found this approach to be very hit and miss. By installing the boot manager known as rEFInd (download the zipped package), a USB flash drive with Ubuntu will show up as bootable. Simply follow these instructions for installation and you should be good to go. We’re avoiding the Option key approach as I found it was not working reliably.

At this stage, you are ready to take your downloaded Ubuntu ISO and install it to a USB flash drive. Personally, I’ve always done this from the Mac itself. Here’s how on OS X, using an Apple keyboard.

Cmd+Space then type terminal and hit Return.
(Windows) Cmd+Space then type terminal and hit Enter.

hdiutil convert /path/to/ubuntu.iso -format UDRW -o /path/to/target.img

Don’t worry about adding dmg to the file, this happens automatically.

Now you’ll want to list the existing drives available. For newer users, I recommend running the command twice – once without the flash drive and a second time with it. If you feel comfortable in doing so, once is fine as you’ll be able to recognize drive.

diskutil list

In the list, you should see something like /dev/disk#
(The # might be a 2 or a 3)

When we plugged in the flash drive, OS X automatically mounted it. We need to unmount it.

diskutil unmountDisk /dev/disk#

(Remember to replace # with the correct number corresponding to the flash drive)

If it doesn’t eject correctly and you see something like “Unmount failed”, I’d try dragging it to the trash to unmount it.

Okay, the next step is to dd the new dmg over to the flash drive.

sudo dd if=/path/to/downloaded.img.dmg of=/dev/diskN bs=1m

(Yes, it appended .dmg to the .img file. In the interest of just getting things moving, I left it.)

At this stage, your flash drive has an OS X bootable copy of Ubuntu on it. All that’s left is to unmount the flash drive.

diskutil eject /dev/diskN

(Or drag it to the trash – when you completed the dd, the drive re-mounts itself and needs to be unmounted.)

Installation

Reboot the Mac. Since we shrunk down the OS X partition, freeing up a ton of free space for Ubuntu…the installation process is painfully simple.

After rebooting, you should be staring at rEFInd. Simply arrow key over to the icon representing the flash drive. If there are multiple entries, it’s usually the first one.

Once booted, you’ll be asked to select Try or Install. Choose Try, then run Gparted. Historically, I’ve found that sometimes the installer hangs. To avoid this, I usually setup an ext4 partition in Gparted, close the program and THEN run the installer.

When promoted, choose “install along side of OS X” and the rest of the process is exactly like a normal Ubuntu installation. Once completed, reboot.

Pro tip: Nine times out of ten, you’ll find that you’re presented with a grub menu instead of rEFInd. When this happens, I hold down the power button and then restart the Mac. This time, I hold down the Option key (Alt on a PC keyboard). I then select the OS X partition. Once back in OS X, I run the terminal script for rEFInd again (see above). This provides me with my rEFInd menu at boot again and grub there after.

That said, this may not be critical. If you don’t plan on using the OS X option frequently, you may be able to boot into Ubuntu without the above step – I’ve never tried, so I don’t know for sure. If it fails, the above steps will get you going.

Getting stuff working in Ubuntu

With my tested Macs, I found everything worked great. The only exception in my case, was the brightness keys on a Macbook Pro. With your Mac being a 2010 iMac you’re likely looking at an AMD graphics card, AirPort Extreme wireless and gigabit Ethernet. Out of the box, everything “should” work. This means everything is set to the non-proprietary drivers ranging from the wifi to GPU.

Most common issues with iMacs of that vintage is the audio not working. I doubt this is an issue with today’s latest kernels, but just in case…keep reading.


 

ONLY DO THIS IF: After jumping into the Sound Preference dialog and confirming that A) Everything is turned up or B) Options in Output or Hardware are grayed out. I highly doubt this is needed any longer…but just in case it is I’ve provided some things to try. Also double-check alsamixer (run in a terminal) to verify nothing is muted). Any time you use alsamixer, the things to watch for are Master, PCM, Front, Surround and that the right card is selected and everything is unmuted. Use the function keys in the upper right to navigate.

From your Ubuntu terminal:

cat /etc/modprobe.d/options

and

 cat /etc/modprobe.d/options.conf

if the file doesn’t exist:

sudo touch /etc/modprobe.d/options.conf

Next we need to paste or type in the following into the file:

options snd-hda-intel model=imac24

Then do a Ctrl+X to save the file, and reboot.

If that failed to work after verifying that Sound Preferences shows you all the sound toggles are up all the way, then try this next.

sudo rm /etc/modprobe.d/options.conf

Try the same code in this file below:
options snd-hda-intel model=imac24
pasted at the bottom of:

 sudo nano /etc/modprobe.d/alsa-base.conf

then

 sudo alsa force-reload

And like before, run alsamixer to see if things are working and make sure stuff is unmuted.
alsamixer

To reiterate, I do not believe this will be an issue for most people using the modern kernel(s). This is just in case, as a grab bag of stuff to try.

In my case, the iSight camera worked out of the box with Cheese and other apps. If however, it doesn’t work for you, I recommend taking this for a spin.


 

Parting thoughts

In my case, everything except some of the function keys worked great. I seriously doubt you’ll have any need to fool with the audio tweaks above. The keys for brightness controls and what not are usually bound to the proprietary video drivers.
In an upcoming article, I’ll share exactly how I got proprietary drivers working and avoiding a black screen after installing them!

Until next time…keep an eye our for the Macbook Pro Ubuntu MATE article. I’ll show you how to avoid the black screen of death using NVIDIA proprietary drivers on an Intel/NVIDIA MBP.

Do you have Linux questions you’d like Matt to help with? Hit the link here and perhaps you too, can Just Ask Matt!


FTC required disclosure of Material Connection: The Ebay product links in the post above are “affiliate links.” This means if you click on the link and purchase the item, Freedom Penguin will receive an affiliate commission.

Shazam Music Search Alternative For Linux

music

Growing up in a time of vinyl records and 8-track cassettes, it’s safe to say that I have an appreciation for music. Flash forward to today and we’re now able to enjoy any song we want, on demand! With music services provided by Amazon and independent sources, legally downloading music has never been so easy.

These days, most of my music is set up on my Android smart phone. And should a song that I don’t recognize end up being blasted on my car’s radio, I can rely on the Shazam app to help me determine the song’s name and artist.

But what about when you’re sitting in front of your Linux box, hammering away in your terminal? The boss is nearby and opening up a browser window to search for a possible song match isn’t practical. What then? I recommend installing and running an app called instantmusic.

True to its name, instantmusic provides you with the ability to determine the name of a song/artist simply by providing some clues about the song. Installing instantmusic is simple enough. Just install it from your distro’s repository. Distros such as Arch (AUR) and Ubuntu will have immediate access for easy installation.

Correction: I installed this sometime ago, I forgot I used pip to install it. Install pip from your local repository, then use these commands to install the app. You’ll need to run python –version to determine which version of Python you’re using.

Python 2.7

sudo  pip install instantmusic

or

Python 3.4

sudo pip3 install instantmusic

 

Okay, now that you have it installed I want to share the two basic functions this software provides.

1) It’ll help you to determine the name of a song and the band that sings it.

2) It allows you to download the music from YouTube. Now, due to copyright laws in most countries, I’d recommend sticking to legal to download music for this last part. Creative Commons and public domain songs both are fine.

 

Open up a terminal window and type the following:

instantmusic

You’ll then be presented with something like this:
Enter songname/ lyrics/ artist.. or whatever
>

 

For demonstration purposes, type the following.

Emancipate yourselves from mental slavery

 

These are the lyrics to a song you’ve heard somewhere, but you don’t know who sings it or the name of the song. Okay, hit enter.
Making a Query Request!
Found: Bob Marley - Redemption Song<
Download song (y/n)?

Because there is a copyright for this song in place, I’d simply choose n and then buy the song from Amazon or another music store online.

Let’s try another:

instantmusic
ironman ac dc

Making a Query Request!
Found: Iron Man: AC\DC - Thunderstruck (Music Video)
Download song (y/n)?

In this case, I know who the band is. But I may have forgotten the name of the song, only remembering hearing the song in the Iron Man movie.

Now sometimes you may run into an instance where the song has been played by multiple musicians. For example:

instantmusic

Enter songname/ lyrics/ artist.. or whatever >

mamma told me when I was young

Making a Query Request!
Found: shinedown simple man lyrics
Download song (y/n)?

 

In this case, that isn’t the original version of the song. Since I was looking for the original, I’ll try this instead.

instantmusic

Enter songname/ lyrics/ artist.. or whatever >

mamma told me when I was young original

Making a Query Request!
Found: Simple Man - Lynyrd Skynyrd - Lyrics HD
Download song (y/n)?

 

This time I have the original song, played by the correct band. This is useful when you want the original version of a song but don’t know who sings it.

Now let’s download a song (a legal one – copy left):

instantmusic

Enter songname/ lyrics/ artist.. or whatever >

Making Me Nervous

Making a Query Request!
Found: Brad Sucks - Making Me Nervous (I Don't Know What I'm Doing) [Lyrics]
Download song (y/n)? y
Downloading...

 

So basically what happened is instantmusic went out to YouTube, grabbed a copy of the song, then converted it to mp3 for your listening enjoyment.

And that’s it! Go ahead and give it a whirl. I’ve used this app countless times when a song gets in my head and for the life of me, I can’t remember who sings it.

Open FOSS Training

teacher

Over the years, I’ve ranted and complained about the state of FOSS documentation and the barrier to entry for the casual user. With mixed success, I’ve championed various efforts to provide FOSS training and documentation. Recently, I was contacted by a friend of mine who has put together a team of individuals dedicated to providing accessible, easy to digest online videos.

The the production of these videos is being funded by an Indiegogo campaign. They’ve had some great contributions thus far, but they still need your help. If you’re interested in seeing an improvement to FOSS documentation and also the production of quality of FOSS training videos, I’d suggest giving what you can to their campaign.

Have you ever wanted to get started with Free and Open Source Software but couldn’t find clear easy to follow documentation to get you started? The end goal of the project is to create easy to follow videos and documentation that will be freely available to the community to help get you started with Free and Open Source Software. “

(Learn more at Open FOSS Training)

Recalbox Raspberry Pi Retro Gaming

recalbox

I’ll be first to admit that I’ve been putting off setting up a Raspberry Pi for my wife to use for retro gaming. I knew there were a few games she missed but Mario Kart 64 was the big one. I’ll also be first to point out that setting up a RetroPi isn’t difficult with the correct setup guide. I will, however, point out that configuration can be time-consuming…unless you have all of your ducks in a row. This means you’re remembering to configure Bluetooth if you’re using Bluetooth controllers, you’ve verified you’re setup to add games wirelessly via your LAN and other minor considerations that are easy to overlook. Basically, you need to make sure your have all of your hardware handy and the ROMs ready to go.

Since everyone and their mother seems to flock to RetroPi, I decided to try something different called recalbox. It shares many of the same features as RetroPi and other solutions like it but I found recalbox to be a brain-dead simple way to get into retro gaming immediately. Note: RetroPi is a good option for those needing maximum customization.

Important: As cool as recalbox is, it has issues with its documentation. Recalbox.conf mentions “Network”, which should be “Wifi” (without quotes). This article will also help you overcome the known WiFi WPA bug using two methods instead of one, plus you’ll also learn how to get N64 games running as well.

Installation

This is the hard part – ready? Download, unzip to your micro SD card, boot/select/install/run. That’s all there is to it. Just select recalboxOS with your space key and install with the “letter i.”

In a perfect world, you just happen have some XBox360 controllers laying around. If you do, just plug and play! For those of us who don’t own console gaming rigs, I’ve had great success with Logitech Gamepad F310 controllers. I own two of them, with USB extension cables and while they’re unwieldy, they work really well.

I should point out that if you use the XBox360 controllers you won’t have to configure the controllers. Using the Logitech option means you will. This matters because not all of the button configurations will work as expected. Pressing down on the sticks for example, won’t take. Nor will one of the trigger buttons. Pressing either of these options simply skips that part of the configuration. Those hiccups aside, I would recommend the controllers “overall” as a low-cost solution.

First impressions

I’ve seen video of EmulationStation in the past, but man, I had no idea how slick it looked in real life! Even though the games provided by default aren’t anything to get excited about, having ROMs for each game platform category allows the EmulationStation UI to show off what is available. In order for EmulationStation to show off what is available. In order for EmulationStation to display each category/platform, at least one ROM matching that platform must be present in the corresponding directory.

Once you get a handle on the controls and tour the various emulators installed, the next logical step was to add my ROMs to my recalbox installation.

Getting WiFi running and adding ROMs

One of the things I discovered early on was what a pain it was to get connected to the WiFi. Having used vanilla Raspbian previously, I knew the dongle I had connected was compatible. The obvious fix was to edit:

/recalbox.conf

located in:

/recalbox/share/system

How you decide to connect is up to you. Some people have found it’s easiest to just pop out the micro SD card and browse to the conf file from their main PC using a card reader. Being too lazy myself to pull my case apart just to retrieve my micro SD card, I instead opted to do the following:

From the EmulationStation screen where I select the games to play, I grabbed my iPazzPort keyboard/touchpad and got myself into a command prompt by first pressing F4, then ALT+F2.

If you’re looking at this on a large TV, the next step is going to be really small and located in the upper left corner. Your default login is as root and looks like this:

User: root

Password: recalboxroot

From here, I’m able to browse to my conf file using nano.

nano /recalbox/share/system/recalbox.conf

With both the nano and micro SD card to PC method, the text you’re going to be looking for is WiFi (case sensitive).

# ------------ B - Wifi ------------ #
## Set direclty your WiFi key and ssid here
;WiFi_ssid=new ssid
;WiFi_key=new key

Change new ssid and new key to match your own WiFi settings. Save and then reboot. Should this not work for some reason, you may have to resort to removing the card as described above and browsing to your /etc/wpa_supplicant/wpa_supplicant.conf for manual editing. If the former didn’t work, this solution will work so long as you follow the right format.

Here’s mine for example:

ctrl_interface=/var/run/wpa_supplicant
ap_scan=1

network={
ssid="SecretAgentPoliceVanDeathStarNaughtyPlace"
psk="WouldntYouLikeToKnow"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP
auth_alg=OPEN
}

 

Save this and reboot. You’ll connect to your wireless network if you’re using WPA (WiFi Protected Access) for router WiFi security and your router is handing out IP addresses correctly.

Now that we have the recalbox connected, let’s add those ROMs! From your file manager, browse to your Samba shares:

smb://recalbox/

One of the directories you’ll see listed is going to be named RECALBOX. Click into this directory and you’ll be presented with a list of directories that reflect various emulators and functions. Everything from XBMC to System files are listed here. Some of these directories will be easily recognizable while others are going to look rather strange. The easiest way to navigate this is to click into each directory and read the “readme”files provided. For example, famicomdisksystem represents the Japanese NES system while mastersystem represents the Sega Master System.

To make ROMs readily accessible to your Pi, simply drag and drop them into the correct directory representing the correct system emulator.

Pro-tip: After adding ROMs to their corresponding directories, make sure to reboot your Pi. This will ensure the games appear. Also, not all games are going to run perfectly. Atari, NES, SNES, Sega Master System and other older systems will run fine. PSX (Playstation 1), GameGear and others are hit and miss. Also, some emulators will require specific BIOS to work. Easiest way to know for sure: when you see a game goto black screen/start and stop when executed. For the sake of simplicity, older system based emulators will generally be free of this. Some hand-held system emulators can be an exception. The RetroPi wiki has a fairly decent roundup that you can browse through.

N64 won’t work out of the box!

Depending on bug fixes and emulator release cycles, this issue may be fixed by the time you read this. However as things stand now, it’s still a problem. With my current recalbox installation, trying to play N64 games leads to a whole lot of “NOPE” and that can be pretty frustrating.

Before I provide you with my N64 fix, understand the following: this will NOT work on all games. Some N64 games simply won’t work at all. And even with those that do, some understandable audio stuttering can still take place. The two games I’ve had success with are Mario Kart 64 and Super Mario 64. To date, I’ve not had any success with games like Paper Mario. Then again, I haven’t looked too deeply into what’s causing the problem, either.

To get your N64 emulator working with Mario Kart 64 and Super Mario 64, do the following. First, SSH into your recalbox (so you can do this from your desk). Then do the following:

cd ../recalbox/scripts
cp emulatorlauncher.sh emulatorlauncher.bk

(This ensures even if you do something foolish, you can restore your launcher easily)

nano emulatorlauncher.sh

Look for the very first instance of:

if [[ "$emulator" == "n64" ]]; then

Immediately below or beside this, you’ll see:

/recalbox/scripts/runcommand.sh 4

You need to change the 4 into a 2. Once you’ve done this, do a Ctrl+X and then press Y.

Important:DO NOT use nano’s search function to locate this entry. I’ve tried this and found it actually made changes to the file for some reason – phantom characters or something similar. Just scroll and look for the first instance of code as stated above.

Once you’ve done this, simply reboot the Pi from SSH to make sure the changes take effect.

reboot

Hit the enter key and you’re all set!

SSH settings and security considerations

By default, recalbox has its users running as root and with a password SSH connection. Secure, it’s not. The default login (mentioned previously) is:

User: root
Password: recalboxroot

As I’ve talked about in the past, setting up SSH keys on a Linux system needs to rely on SSH keys and not merely a password. Use the aforementioned link as your guide for correcting this issue. By using authorized keys, you’ll make your recalbox installation much more secure.

Should you choose to retain a password protected SSH setup instead, then at the very least make sure you’re not leaving the WiFi dongle plugged in. I generally don’t recommend security by obscurity, but this will reduce the “attack window” that brute force attacks have to work with.

Closing thoughts about recalbox

As happy with recalbox as I am, my wife swears by it. Each day she returns home and immediately boots up the Pi. She insists that the two of us playing Mario Kart 64 in battle mode does wonders for our marriage. Personally, I believe she’s just looking for an excuse to fling turtles in my general direction.

Joke aside, recalbox is great and it comes highly recommended. Despite its attempt at a fool-proof setup however, there are tweaks that need to be made in order to have an outstanding gaming experience. If you have the ROMs, free time and an interest in retro-gaming, recalbox is a heck of a platform.


FTC required disclosure of Material Connection: The Amazon and Ebay product links in the post above are “affiliate links.” This means if you click on the link and purchase the item, Freedom Penguin will receive an affiliate commission.

How to Setup SSH Keys on a Linux System

SSH

On September 9th, 2015 Chris L. asked…

Hello Matt and the Freedom Penguin staff! I have a question about generating RSA public and private keys under Linux. Is there a Linux/Open Source equivalent to PuTTYgen? A PuTTY GUI is available in Ubuntu GNOME 15.04 (what I am using), but is there a PuTTYgen GUI that I can install over the CLI? If not, can you give a short tutorial on how to do this in the command-line? Congratulations on the site, added to my favorites! I miss you on LAS, but I’m glad you are back with this awesome idea.

Chris (all the way from Japan)


Hi Chris!

Allow me to let you in on a little secret – I have never used PuTTY or PuTTYGen. All of my key generation has always been done in the Linux command line. Lucky for you my familiarity with the latter is going to help you overcome the former.

First, allow me to acknowledge that most documentation is convoluted. Despite interesting details being presented, often it comes across as a wall of text to Linux newcomers or those simply new to certain aspects of Linux.

On the client side, Ubuntu comes with the SSH client already installed. You can’t see it, because it’s not a GUI application. For the server (the remote computer you wish to SSH into), you’ll need to install the SSH server software.

The steps we’re going to be taking break down as follows:

1) Generate a key on your local machine.
2) Install OpenSSH Server on remote machine.
3) Send the key to your remote machine.
4) Lockdown the remote machine by removing the password authentication.

Step #1 – From your local machine, you need to create RSA keys. This provides a private key for your local machine and a public one for your remote machine.

On your local machine, in a terminal:

mkdir ~/.ssh

If it already exists that’s great, let’s make sure the permissions are correct.

chmod 700 ~/.ssh
cd ~/.ssh

Now let’s create our keys.

ssh-keygen -t rsa

This will kick out the following cryptic tidbit:

Generating public/private rsa key pair.

Let’s give the keys a name like this.

Enter file in which to save the key: (/home/USER/.ssh/id_rsa): type-something-clever-here

Next, you’re going to want to provide a pass phrase to protect the private key that resides on your local machine. This isn’t to be confused with the SSH server password or anything related. The entire purpose of this pass phrase is to protect the private key on your local machine in case of theft.

Now if you get an error like the one below, try a longer pass phrase. To do this, type ssh-keygen -t rsa and redo the process.

Error example mentioned above:
passphrase too short: have 4 bytes, need > 4
Saving the key failed:

If everything went correctly, your ~/.ssh should contain the following: somethingclever.pub and somethingclever – to see the ~/.ssh directory, browse to /home/USER/ and type Ctrl+h to make the hidden directories visible.

Step #2 – If the remote machine is a desktop PC, you’ll likely need to sit in front of it and install OpenSSH server yourself. If this is an Ubuntu Server provided by a web hosting company however, you’re most likely already set to go. Here’s a tidbit no one ever talks about. If the remote machine is a desktop PC, the SSH password is your user’s password. Same applies for the server. The difference is with the server. You may be looking at a root user. Do NOT use a root user for SSH. It’s asking for trouble and completely unnecessary. Best to follow this guide (hat tip to Digital Ocean) and setup a regular user with sudo privileges instead.

Regardless of which type of remote machine it happens to be, let’s get OpenSSH Server installed next.

sudo apt-get install openssh-server

This will install the server component and start the service up for you. If for any reason you don’t see ssh start/running or the process appearing, you can manually start up the server. If you’re root, you can forgo the sudo for each command.

Ubuntu 15.04+

systemctl restart ssh

Ubuntu 14.04

 service ssh restart

This will get the OpenSSH server running on your system. Now that we have the server running, we need to send the public key over to the remote machine from the local machine.

Step #3 – Now we need to send your public key to the remote machine. To do this, we need to enter this code from the client machine.

ssh-copy-id username@host

The host is going to be the local IP address for the remote machine. During this process, you will be prompted for a password – it will be the password for the remote machine.

Step #4 – At this point, SSH works to access the remote machine from the local one. The next step is to disable password authentication as it’s very insecure. With the public key installed on the remote machine, it’s time to allow it to handle the SSH authentication.

First, SSH into the remote machine:

ssh username@host

After entering your password again, go ahead and use the nano editor to edit your SSH config on the remote machine. Remember, if you’re NOT root, be sure to use sudo below.

nano /etc/ssh/sshd_config

Scroll down and look for #PasswordAuthentication yes
Next, change the entry accordingly:

#PasswordAuthentication yes

into this

PasswordAuthentication no

At this point, you’re ready to save the file. Type Ctrl-x. When promoted to “Save the modified buffer”, type the Y key. As it presents you with “File name to write”, just hit the enter key. This modifies your SSH configuration and ensures you will only be able to login using your SSH key.

Final words of advice

I imagine this seems like a ton of information. After all, this is all keyboard and no GUI. But once you complete it you will be shocked at how simple it really is.

The only issue you might run into could be the ufw blocking port 22 (both locally and potentially on the remote machine). Use ufw but be aware that if you can’t connect it’s either because you uploaded the public key to the wrong user, you’ve been trying to SSH to the wrong host IP or you simply have port 22 blocked some place. Another issue to consider is trying to SSH into a remote host with an encrypted directory or perhaps your remote machine’s ~/.ssh permissions are screwy. This would mean accessing the machine through other means and adjusting the permissions for the remote machine’s affected directory.

chmod go-w ~/
 chmod 700 ~/.ssh
 chmod 600 ~/.ssh/authorized_keys

I hope this is helpful and best of luck in your Linux SSH adventures!

Do you have Linux questions you’d like Matt to help with? Hit the link here and perhaps you too, can Just Ask Matt!

Schedule FiOS Router Reboots with a Pogoplug

Pogoplug_Mobile

There are few things in life more irritating than having your Internet go out. This is often caused by your router needing a reboot. Sadly, not all routers are created equal which complicates things a bit. At my home for example, we have FIOS Internet. My connection from my ONT to my FIOS router is through coaxial (coax cable). Why does this matter? Because if I was connected to CAT6 from my ONT, I could use the router of my choosing. Sadly a coaxial connection doesn’t easily afford me this opportunity.

So why don’t I just switch my FIOS over to CAT6 instead of using the coaxial cable? Because I have no interest in running the CAT6 throughout my home. This means I must get the most out of my ISP provided router as possible.

What is so awful about using the Actiontec router?

1) The Actiontec router overheats when using wifi and router duties.
2) This router has a small NAT table that means frequent rebooting is needed.

Thankfully, I’m pretty good at coming up with reliable solutions. To tackle the first issue, I simply turned off the wifi portion of the Actiontec router. This allowed me to connect to my own personal WiFi instead. As for the second problem, this was a bit trickier. Having tested the “Internet Only Bridge” approach for the Actiontec and watching it fail often, I finally settled on using my own personal router as a switch instead. It turned out to be far more reliable and I wasn’t having to mess with it every time my ISP renewed a new IP address. Trust me when I say I’m well aware of ALL of the options and this is what works best for me. Okay, moving on.

Automatic rebooting

As reliable as my current setup is, there is still the issue of the small NAT table with the Actiontec. Being the sort of person who likes simple, I usually just reboot the router when things start slowing down. It’s rarely needed, however getting to the box is a pain in the butt.

This lead me on a mission: how can I automatically reboot my router without buying any extra hardware? I’m on a budget, so simply buying one of those IP-enabled remote power switches wasn’t something I was going to do. After all, if the thing stops working, I’m left with a useless brick.

Instead, I decided to build my own. Looking around in my “crap box”, I discovered two Pogoplugs I had forgotten about. These devices provide photo backup and sharing for the less tech savvy among us. All I need to do was install Linux onto the Pogoplug device.

Why would someone choose a Pogoplug vs a Rasberry Pi? Easy, the Pogoplugs are “stupid cheap.” According to the current listings on Amazon, a Pi Model B+ is $32 and a Pi 2 will run $41 USD. Compare that to $10 for a new Pogoplug and it’s obvious which option makes the most sense. I’d much rather free up my Pi for other duties than merely managing my router’s ability to reboot itself.


Installing Debian onto the Pogoplug

I should point out that most of the tutorials regarding installing Debian (or any Linux distro) onto a Pogoplug are missing information, half-wrong and almost certain to brick the device. After extensive research I found a tutorial that provides complete, accurate information. Based on that research, I recommend using the tutorial for the Pogoplug v4 (both Series 4 and Mobile). If you try out the linked tutorial on other Pogoplug models you will “brick” the Pogoplug.

Getting started: When running the curl command (for dropbear), if you are getting errors – leave the box plugged in and Ethernet connected for at least an hour. If you continue to see the error: “pogoplug curl: (7) Failed to connect to”, then you need to contact Pogoplug to have them de-register the device.

Pogoplug Support Email
Pogoplug Support Email

If installing Debian on the Pogoplug sounds scary or you’ve already got a Raspberry Pi running Linux that you’re not using, then you’re ready for the next step.

Setting up your router reboot box

(Hat tip to Verizon Forums)

Important: After you’ve installed Debian onto your Pogoplug v4 (or setup your existing Rasberry Pi instead), you would be wise to consider setting up a common non-root user for casual SSH sessions. Even though this is behind your router’s firewall, you’re still running a Linux box as root with various open ports.

First up, login to your Actiontec MI424WR (or similar) FIOS router, browse to Advanced, click Yes to acknowledge the warning, then click on Local Administration on the bottom left. Check “Using Primary Telnet Port (23)” and hit Apply. This is for local administration only and is not to be confused with Remote Administration settings.

Go ahead and SSH into your newly tweaked Pogoplug. Next, you’re going to want to install a package called “expect.” Assuming you’re not running as root, we’ll be using “sudo” for this demonstration. I first discovered this concept on the Verizon forums last year. Even though it was scripted for a Pi, I found it also works great on the Pogoplug. SSH into your Pogoplug:

cd /home/non-root-username/
sudo apt-get install expect -y

Next, run nano in a terminal and paste in the following contents, edit any mention of your
/home/non-root-username/
and your router’s IP LAN address to match your personal details.

spawn telnet 192.168.1.1
expect "Username:"
send "admin\r"
expect "Password:"
send "ACTUAL-ROUTER-password\r"
expect "Wireless Broadband Router> "
sleep 5
send "system reboot\r"
sleep 5
send "exit\r"
close
sleep 5
exit

Now name the file verizonrouterreboot.expect and save it. You’ll note that we’re saving this in your
/home/non-root-username/ directory. You could call the file anything you like, but for the sake of consistency, I’m sticking with the file names as I have them.

The file we just created accesses the router via telnet (locally), then using hard returns (\r) is logging into the router and rebooting it. Clearly this file on it’s own would be annoying, since executing it just reboots your router. However it does provide the executable for our next file so that we can automate when we want it to run.

Let’s open nano in the same directory and paste in the following contents:

{
cd /home/non-root-username/
expect -f verizonrouterreboot.expect
echo "\r"
} 2>&1 > /home/non-root-username/verizonrouterreboot.log
echo "Nightly Reboot Successful: $(date)" >> /home/non-root-username/successful.log
sleep 3
exit

Now save this file as verizonrouterreboot.sh so it can provide you with a log file and run your expect script.

As an added bonus, I’m going to also provide you with a script that will reboot the router if the Internet goes out or the router isn’t connecting with your ISP.

Once again, open up nano in the same directory and drop the following into it:

#!/bin/bash
if ping -c 1 208.67.220.220
then
: # colon is a null and is required
else
/home/non-root-username/verizonrouterreboot.sh
fi

Save this file as pingme.sh and it will make sure you’ll never have to go fishing for the power outlet ever again. This script is designed to ping an OpenDNS server on a set schedule (explained shortly). If the ping fails, it then runs the reboot script.

Before I wrap this up, there are two things that must still be done to make this work. First, we need to make sure these files can be executed.

chmod +x /verizonrouterreboot.sh
chmod +x verizonrouterreboot.expect
chmod +x pingme.sh
Pogoplug Debian
Pogoplug Debian

Now that our scripts are executable, the next step is to schedule the scripts on their appropriate schedules. My recommendation is to schedule verizonrouterreboot.sh at a time when no one is using the computer, say at 4am. And I recommend running “pingme” every 30 minutes. After all, who wants to be without the Internet for more than 30 minutes? You can setup a cron job and then verify your schedule is set up correctly.

Are you a cable Internet user?

You are? That’s awesome! As luck would have it, I’m working on two different approaches for automatically rebooting cable modems. If you use a cable modem and would be interested in helping me test these techniques out, HIT THE COMMENTS and let’s put our heads together. Let me know if you’re willing to help me do some testing!

I need to be able to test both the “telnet method” and the “wget to url” method with your help. Ideally if both work, this will cover most cable modem types and reboot methods.