Increase Volume of Video

I often do video guides to the solutions I create to help the administrators of the system. I use Open Broadcaster. I sometimes forget to adjust the recorded volume and need to adjust it after the video has been recorded.

To increase the volume I use ffmpeg

ffmpeg -i create-an-event.flv -vcodec copy -af "volume=30dB" -strict -2 create-an-event.mp4

 

Published in Linux

Resizing Images

As a web designer I often have to resize a large number of images. Here are a couple of the commands I use. These use the ImageMagick application.

To recursivly resize images over 2000px width while preserving teh images aspect ratio and  ignoring smaller images

find . -iname "*.jpg" -exec convert "{}" -resize '2000>' "{}" \;

you can add -quality 90 to further reduce the size

To recursivly crop an image

for file in ./*.jpg; do convert "$file" -gravity Center -shave 20x20 "./out/${file%.JPG}"; done;

Published in Linux

Kubuntu 10.04 and the T-Mobile Broadband 615 USB Device

The T-Mobile 615 USB broadband stick is not recognised on insertion by Kubuntu/Ubuntu 10.04/10.10. These instructions enable you to use the device.

Once the device is inserted do a lsusb. The result should look like:

Bus 001 Device 006: ID 12d1:1c0b Huawei Technologies Co., Ltd.
Install usb-modeswitch if not installed  installed by doing:

sudo apt-get install usb-modeswitch

create a new entry  12d1:1c0b in the /etc/usb_modeswitch.d directory by doing sudo vi /etc/usb_modeswitch.d/12d1:1c0b. The contents of the file should be:

########################################################
# Huawei E173s

DefaultVendor= 0x12d1
DefaultProduct= 0x1c0b

TargetVendor= 0x12d1
TargetProduct= 0x1c05

CheckSuccess=20

MessageEndpoint= 0x0f
MessageContent= "55534243123456780000000000000011062000000100000000000000000000"

save the file and do a sudo usb-modeswitch -c /etc/usb_modeswitch.d/12d1:1c0b and then sudo modprobe usbserial vendor 0x2d1 product 0x1c05

Your device should now be working and visible in network manager

 

Published in Linux

Creating a Secure File System in Linux Using ecrypts

As a web designer and a computer support service provider I keep a lot of my customers information and need it to be secure in case of theft. To do this I use the ecrypt file system.

This is a basic guide to creating an encrypted file system. In my case I encrypt all sensitive information and the backups of the whole system. My system is a file server running Ubuntu 10.10 and a desktop machine / storage server running Kubuntu 11.10. On the file server I have an encrypted  samba share that contains all my customer critical data. The encryption code is held on a USB device secured to the server room bricks and mortar. For the storage server the encryption code is held on the file-server in the encrypted area. Therefore if the server is stollen the encryption key will not be available and if the storage server is stolen the encryption key will not be available. If both systems are stolen the enrytion key(s) will not be available. Therefore a conciderably more secure solution than a vanilla installation.

Requirements

The ecrypts file system need to be installed.

sudo apt-get install  ecryptfs-utils

A usb pen drive if you wish to store your key on a usb drive.

A backup of your passphrases or all will be lost !

Server Setup


For this example I'm going to encypt a directory called /ToBeEncrypted and mount it as /Encrypted

sudo mount -t ecryptfs /ToBeEncrypted /Encrypted

  • You will be prompted for a passphrase. This should be a secure password. I use this generator Password Generator. There appears to be an issue with using ( or ) in the password. You will get spurios errors if you do so.
  • I accept the defaults aes, 32, Plain Text Passthrough (N), Filename Encrytion I set to (Y), Accept the FNEK
  • As this is the first time you have mounted this mount you will be asked if you want to proceed (yes)
  • Would you like to append sig (yes)
  • Keep a record of all the options you have selected.
To mount this share in fstab you need to update a file /root/.ecrytfsrc with the information used to mount the share. An example is shown below

key=passphrase:passphrase_passwd_file=/media/usb/passwd_file.txt
ecryptfs_unlink_sigs
ecryptfs_key_bytes=32
ecryptfs_cipher=aes
ecryptfs_sig=cbea2d2b4cda6971
ecryptfs_fnek_sig=cbea2d2b4cda6971
ecryptfs_passthrough=n
ecryptfs_enable_filename_crypto=y

Then chmod 600 .ecrptfsrc

You now need to create the passwd_file.txt. Which looks like this:

passphrase_passwd=PASSPHRASEGENERATEDABOVE

If you are using a USB drive to store the passwd_file.txt then remember to mount it in fstab as needs to be availabe during boot.

Modify the fstab to have the following line:

/ToBeEncryted /Encrypted ecryptfs user,_netdev 0 0

Now the share should auto mount at reboot.

Mount as a Samba Share


In samba you can now share the /Encryted Directory

Setting up the Storage Server

Repeat the process above using a different passphrase and using the directory for your backups. The only changes are:

  • In the .ecryptsrc file the key=passphrase line needs to point to the mounted secure share on the server

key=passphrase:passphrase_passwd_file=/media/server/secureshare/passwd_file.txt

My backup is done by rsyncing the server to the storage servers encryted area. Providing me with a reasonable level of encrytion.
Please feel free to leave comments/corrections
Published in Linux

Linux Ubuntu 11.10 mdadm Raid 5 - Incorrect Raid Array Name

Having recently configured a Linux storage server using mdadm in Ubuntu 11.10 I experienced some problems with the array device name being rest to md127.

Configuration

I have three 1TB drives /dev/sda, /dev/sdd, /dev/sdc that are included in the RAID 5 Array using the followin mdadm command:

sudo mdadm --create /dev/md9 --level=5 --raid-devices=3 /dev/sda1 /dev/sdc1 /dev/sdd1

Issue

Once I reboot the server the array is shown as /dev/md127

Resolution;

Add the array conficguration into the /etc/mdadm/mdadm.conf file using:

sudo mdadm -Db /dev/md9 >> /etc/mdadm/mdadm.conf

The resuting mdadm.conf file will look like 

# mdadm.conf
#
# Please refer to mdadm.conf(5) for information about this file.
#
# by default, scan all partitions (/proc/partitions) for MD superblocks.
# alternatively, specify devices to scan, using wildcards if desired.
DEVICE partitions
# auto-create devices with Debian standard permissions
CREATE owner=root group=disk mode=0660 auto=yes
# automatically tag new arrays as belonging to the local system
HOMEHOST <system>
# instruct the monitoring daemon where to send mail alerts
MAILADDR root
# definitions of existing MD arrays
ARRAY /dev/md9 metadata=1.2 spares=1 name=spcw-linux:9 UUID=e37cd4ee:f8458d49:037bddd2:71c11c8d

It seems that the name argument is responsible for the changing of the name from md9 to md127 so edit this line and remove all the unnecessary stuff. My line now looks like this:

ARRAY /dev/md9 UUID=e37cd4ee:f8458d49:037bddd2:71c11c8d.

In addition I changed the DEVICE line to just include the partitions that I wanted in my array

DEVICE /dev/sda1 /dev/sdc1 /dev/sdd1

Last but not least update the initramfs so that ubuntu knows about the array at boot

sudo update-initramfs -u

Published in Linux

Linux Poor Mans Raid

I needed to create a stable Linux Raid 5 Array for a client but money was tight and the performance requirements could not be satisfied by MDADM. There are a number of options available. A Raid 5 controller supported by ( in this case ) Ubuntu. These were elimated on cost as it costs approx £200-£250 for a PCI-E based controller that supports Raid 5. e-bay has lots of cheaper secondhand controllers but they tend to be PCI-X based and the server in this case only had PCI and PCI-E slots. The solution turned out to be cleaver port replicator from span.com. The model can be found here. This card can either as as a Port Multiplier where one SATA port can support upto 4 Devices or provide Raid 5/0/1.

Installation is simple. I mounted the device in a SCSI Pci adapter.  Cabled my 3 1TB drives into the device and connected the device to my onboard sata controller. On rebooting all the drives on the device were shown. The device then needed to be reconfigured into Raid 5 mode by pressing the reset button. Resrating the machine, switch the mode to Raid 5 and pressing the reset button again ( 5 secs ). On restarting the individual drives had disappeared and a single device was shown /dev/sda.

The performance metrics were satisfactory with hdparm -t and dd giving read/write rates of about 165MB/s both ways.

I have not explored the management options for the raid yet. eg device failure etc. But will update these pages when I have.

Published in Linux