Posts

Showing posts from December, 2006

Encrypted swap -> No hibernate

Hans asked about if it is meaningless to do encryption if you just suspend/hibernate your laptop. When I answered that it did not crossed my mind that hibernation will not work, but if you think it is quit obvious. The swap is encrypted with a random key, which is generated each time the computer boot. The memory information at hibernation is stored on the swap partition and the computer will not remember what key the information was encrypted with. Therefore is it not possible to wake your computer up from the hibernation, since you do not have the key. Okay, too bad. But if we skip to encrypt the swap, what will happened then. Is my computer safe? The thief, Bill, can either boot the computer from a liveCD or removes the hard disk from the laptop and put it in in another computer. So password on BIOS and GRUB is not enough. Bill can not access you home directory since it is encrypted. If Bill is very interested in your information he can probably break the encryption with some super...

I am blogging about Ubuntu

Carthik wrote before Christmas a blog note searching for other people blogging about Ubuntu . Since I were just about to start this blog I read the results with extra interest. Now that I have written a few things about Ubuntu I think it is time to pingback. I hope my English is not too bad.

Securing your laptop

I assume that you store things on your laptop that you do not want other people to read. Especially, you may store important accounting information about your bank etc in cache files or config files. A laptop is also more probable to be stolen than a normal desktop machine. Therfore you may want to encrypt your home directory and swap partition. Ideally you encrypt everything except /boot. There is a good how to in the Ubuntu wiki . It explains how to to things in a breath perspective. I followed those instructions and complemented with usages of pam_mount. The pam_mount module automatically mounts your encrypted home directory when you login and uses your password as the encryption key. Encrypting the swap is straight forward from the wiki, therefore I will not write more about it here. To encrypt your home directory you have to do some extra things, that may not be too easy to read from the wiki. I will try to point out things I think might need to be clarified. I use LVM to handle ...

New BIOS

Today, I did an upgraded of the BIOS in my laptop (MSI S271). I took a FreeDOS-image from the net and run dd to put it on a USB-memory-stick. I copied the unziped BIOS-files from MSI to the stick. Booted the laptop from the memory stick and run the BIOS update program. It is important to take the BIOS for the right type of hard disk and to have the computer connected to the power net. (Do not run on the battery!) Unfortunately, the problem with PXE-boot was not solved. All hardwarecomponents I have tested so far had worked without any configuration; wireless, sound, screen, touchpad, ethernet. Except that the screen resolution was not correct detected during the installation of Ubuntu Edgy. I have not tested firewire, bluetooth and the SD/MMC/MS-card reader yet. I have identified some activities that I have to do, to get things working like I want: encrypted home directory encrypted swap smoother switching between wireless and ethernet synchronization of the home directory and some oth...

New computer

I finally got my new notebook its a MSI S271 with 100GB disk and 1GB RAM. The best of all is that I did not have to pay for Windows. So I saved 1200 Swedish crowns (about $170). I have started right away installing Ubuntu Edgy. I am doing the installation by PXE-boot the machine and download the files from the net. I had have some struggling in the beginning to get it to boot using PXE, but I hope that will be solved with a BIOS update. One interesting thing during installation is that the wireless network was found before the classical ethernet.

Music taging in Python

During the X-mas, I took a closer look in meta data tagging in music files using Python. There are modules to tag mp3, flac and ogg vorbis file, but each file format has its own module and each module has its own API. That's bad! Then I found a Python module called mutagen . Mutagen handles tagging for all the file formats above and some other too. Thats nice! If you are happy to only use some of those tags that are possible in MP3 files, you will have the same API for the three files. If you want to use all the tags in MP3, we are at least down to two instead of three different API:s. Unfortunately I noticed that mutagen convert all tag names in ogg files to lower case. The recomendation from the xiph-people that had defined the ogg-vorbis standard is that tag names should be in upper case. I have mailed the mailing list for mutagen and hope that they will change the behavior according to the recommendations.

What is this?

I have been using Linux since before 1.0 of the kernel. I have been using it at home, school and work. Actually, Linux is my main task at work to day. I am responsible for the Linux servers at the Swedish weather service, SMHI . At work we are mostly running Red Hat Enterprise Linux. But at home I am running Ubuntu since an early release candidate of Warty. Before that I ave been running Red Hat/Fedora , Slackware , Yggdrasil, Debian , Gentoo and Suse . Booth me and my wife are running Linux on our desktop. I have an extra lab-machine, that I easy can change between different versions due to network boot. The server is also running Ubuntu with an addition of Xen. So the server is hosting four other servers: One for internal file, printing, web etc. One authentication and authorization server running MIT Kerberos and OpenLdap. One DMZ server accessible from internet with web and mail. Finally a lab server that I am using to develop a music jukebox together with some friends. Okey, s...