Friday, 8 October 2010

Email me when someone logs in remotely via ssh?

I like to be able to ssh into my home Ubuntu server. I've got the server locked up pretty tight (I hope) and have Fail2Ban installed to lock out repeated (failed) ssh attempts.

However if anyone does log in (including me) I'd like to know about it asap, just in case someone does find a way in. My aim is to receive an email as soon as anyone logs in via ssh (since I'm the only one who ever logs in my server there shouldn't bee too many emails).This is easily done with the log-monitoring tool Tenshi.

First install Tenshi with sudo apt-get install tenshi

Note, there is a conf file provided with Tenshi for ssh, but it doesn't work with the format of log lines produced in Ubuntu (at least for 10.04 Lucid Lynx). However it's easy to write ones that do match. All you need are the following two lines in your tenshi.conf (ignore the wrapping, this should be just two lines):

  • set queue critical tenshi root@localhost [now] tenshi CRITICAL report
  • critical ^sshd: pam_unix\(sshd:session\): session opened for user (?:.+)

Note, in the "set queue" line, ensure the from-address is a fully qualified name (tenshi@abc.com) or, as I did, just a username (tenshi). I found from-addresses in the form tenshi@localhost didn't work with my Postfix install (although a to-address of root@localhost is fine).

The second conf-line (above) watches for a log-line that indicates someone has logged in, and if found adds it to Tenshi's critical queue. The first conf-line specifies that additions to the critical queue should be sent immediately ([now]) to the root@localhost address. In my set-up this address is then forward by Postfix to my personal gmail account (as explained in an earlier post).

Sunday, 5 September 2010

Adding Windows Vista to make Ubuntu dual boot with two, separate hard drives

If making a dual-boot Windows/Ubuntu system, most of the advice is to install Windows first. However, I already have a nice shiny Ubuntu set-up and wanted to add Windows (Vista). If you can install Ubuntu and Windows on two separate hard drives then it's a breeze. Here's what I did:
  • Install an extra hard drive for Windows and temporarily disconnect the Ubuntu drive
  • Install Windows to the new hard drive using an install CD/DVD (or however)
  • Reconnect the Ubuntu hard drive (and ensure it's the 1st hard drive in the BIOS boot list)
  • Boot to Ubuntu. Run the following
    sudo grub-mkconfig --output=/boot/grub/grub.cfg
    This will detect the Windows drive and add a grub entry. Note this applies to grub2 (i.e. the new grub and not legacy-grub) as used by Ubuntu Lucid Lynx (10.06) and later.
That's it. Reboot and you should see boot item entries for Windows and Ubuntu.

You might find that your grub boot menu is a bit cluttered with old rubbish. See the following post on how to tidy that up.

Wednesday, 4 August 2010

Asus HD 5750 Graphics Card on Ubuntu Lucid (10.04): Drivers & Blank Screen

I recently got a new Asus HD 5750 Formula 1GB video card (Model: EAH5750 FML/2DI/1GD5). The plan was to run this under Ubuntu Lucid Lynx (10.04) and to drive two HD Samsung monitors (SyncMaster P2450H 24" Monitor 1920x1080) from one card using the two digital outputs (1 HDMI and 1 DMI). The Asus card is based on the Radeon 5750 chipset and the heatsink looks like a formula 1 car. Sadly I thought that was quite cool.

I had already installed Ubuntu, stuck the card in and rebooted. Everything worked initially - the BIOS screen appeared and then the Ubuntu logo - very early in the boot up the screen went blank. The appeared to happen about when I would expect the video mode to change. I tried a Live-CD and got the same. What appears to be the problem is that the default drivers for the card that Ubuntu loads simply don't work. It seems to be a fairly common problem if you google it.

The solution is to get the "proper" drivers installed (I used the proprietary drivers). Of course if you have no working screen then that's tricky. I had the additional problem that holding down shift didn't show the grub2 menu at boot, which seems to be a known bug.

Getting the Grub2 Menu to Display

If you're lucky you should be able to get the grub2 menu to display at boot by holding down the shift key - I couldn't. Since my motherboard has a built graphics card I used the BIOS to enable this card (which works fine) and disabled the new card. This allowed me to boot up and log in. I guess I could have ssh'd in if I had set this up. Once logged in I:
  • Edited /etc/default/grub
    • Commented out the following line with a hash
      #GRUB_HIDDEN_TIMEOUT=0
    • Changed the time out to -1 to make it wait for a selection:
      GRUB_TIMEOUT=-1
  • Applied the above changes with:
    sudo update-grub
  • Rebooted the machine (and changed the BIOS back to use the new graphics card)

Installing Proprietary ATI Drivers to Prevent Blank Screen

The default Ubuntu proprietary drivers just don't work with this card. I found the Ubuntu X Team offer an excellent repository for a package of prop drivers rather than having to download them from Asus/ATI. I generally followed the instructions at the cchtml wiki.
  • At boot-up get the grub menu to display (hold down shift or do the above)
  • Select failsafeX from the grub menu and boot with this & log in
  • Add the following repository from Ubunutu X Team:
    sudo add-apt-repository ppa:ubuntu-x-swat/x-updates
    sudo apt-get update
  • Install the driver package (a bit different from the cchtml wiki):
    sudo apt-get install fglrx
  • This last step was crucial for me:
    sudo aticonfig --initial -f
  • Reboot the machine
At this point I could boot with the Asus video card without having to go via failsafeX. To configure the card use the ATI control centre in the under the preferences menu. A little playing around gave me a single huge desktop of 3840x1080 over the two monitors. And it looks rather sweet.

Wednesday, 17 March 2010

Remote-desktops with NX. And how to delete old sessions.

I use NoMachine's (free) NX server on my Ubuntu server to allow me to remote-desktop to Ubunutu from my Windows laptop (where I use the NoMachine's (free) NX client). It's dead clever and well thought out technology, much quicker than VNC or using an X-server (e.g. Xming) and tunnelling through putty. The best feature, however, is that it allows you suspend sessions and resume them later (from a different machine even), it's kind of a GUI version GNU screen for your desktop. Google liked NX so much they wrote their own server!

Note that the free (as in beer) version of the NoMachine server only allows you to have two sessions running concurrently. That's fine for me, but if you want something unrestricted and free (as in speech) try Google's NeatNX or FreeNX. When I tried, neither was particularly simple to get going (though I'm sure this bound to improve, at least for NeatNX if not FreeNX).

That said, one downside of the NoMachine NX server is that if you don't cleanly shut down your server you can leave hanging sessions which can prevent you from logging in. If you get errors like this do the following:

NX> 596 NX> 596 ERROR: NXNODE Ver. 3.4.0-6 (Error id ...)
NX> 596 NX> 596 ERROR: resume session: make commands
NX> 596 NX> 596 ERROR: NXNODE: ERROR: cannot get property monitor.pid for session ...

Log in to your server and look at the /usr/NX/var/db/running directory. If there are files present, delete them, then try reconnecting with your client. That should do the trick!

Saturday, 13 March 2010

Reducing Memory Usage in Ubuntu (9.10 Karmic)

I run Ubuntu on a super-efficient (and thus pretty low spec) machine. I finally got round to installing Ubuntu 9.10 (Karmic Koala) over 8.10 (Intrepid Ibex). The install went smoothly but I straight away noticed the memory usage had gone up by about 15-20% (at a rough guess, and to be fair I only have 256MB to play with). This put me at near 100% memory usage (without even opening any apps) giving increased swapping and a huge decrease in performance.

My first thought was to get rid of any unwanted startups & daemons/services. I installed & started BootUp-Manager (named "bum" ho ho) with:
sudo aptitude install bum
sudo bum

This is what I deactivated:
  • apmd
  • speech-dispatcher
  • winbind
  • hotkey-setup
  • exim4
  • powernowd
  • nullmailer
  • kerneloops
  • bluetooth
  • cups
  • rsync
  • saned
  • pppd-dns
  • dns-clean
  • laptop-mode
  • acpi-support
Hit apply, and then rebooted the machine...

And wow - what a difference! Memory usage is down 25% and performance is better than with 8.10! Makes me think there was a issue with one of the items I removed, but for whatever reason it's done the trick.