SSH Chrooting on Ubuntu 9.10

SSH Configuration Section:

First thing first, setup sshd so that it allows chroot for a given user as following:

Match User jazz
ChrootDirectory /home/jazz
AllowTCPForwarding yes
X11Forwarding no

Next, make sure the directory /home/jazz is owned explicitly on root and no one else:

chown -R root:root /home/jazz

Next execute following:
cd /home/jazz
mkdir etc
mkdir bin
mkdir lib
mkdir usr
mkdir usr/bin
mkdir dev
mknod dev/null c 1 3
mknod dev/zero c 1 5

Execute following:
APPS="/bin/bash /bin/ls"
for prog in $APPS; do
cp $prog ./$prog

# obtain a list of related libraries
ldd $prog > /dev/null
if [ "$?" = 0 ] ; then
LIBS=`ldd $prog | awk '{ print $3 }'`
for l in $LIBS; do
mkdir -p ./`dirname $l` > /dev/null 2>&1
cp $l ./$l
done
fi
done

Please note apps above can be modified as per needed binaries. In a nutshell all the libraries on which binaries depend must be copied to lib, even those libraries depending on libraries must be copied.

Finally copy library as following:

cp /lib/ld-linux.so.2 lib

If you would like to share files between chroot and otherwise use following:

mount --bind /home/ubuntu/Downloads /home/jazz/Downloads

Ofcourse /home/jazz/Downloads must exist!

There chroot should work!

Installing Ubuntu without functioning CDROM, Bootable USB Bios

In a nutshell here are the steps to be executed:

• Assumptions: there is a bootable MBR already present, either though Linux or Windows.
  
• Get a bootable USB drive and the CD image of the ubuntu distribution.
• Install the CD image on the usb drive using software say: PendriveLinux.Com
  
• Make sure that software goes fine, else it may crib about some error if the usb drive is not bootable.
• Get a hold of plop boot loader. This guy allows you to boot to USB drive through its boot loader.
• Reboot into plop boot loader and you are good to go!

Here is the screenshot of plop that should be visible:

Smooth, eye catching fonts on linux - using Ubuntu 9.10 - Karmic

First thing first, let the screen shots do the talk:






Thats pretty good looking font ;)

+LT

|| प्रार्थना ||

आवाहनं ना जानामि न जानामि तवार्चनम् |

पूजांचैव न जानामि क्षम्यतां जगदीश्वर |

अपराध सहस्त्राणि क्रियन्तेऽहर्निशं मया |

दासोऽयमिति मां मत्वा क्षमस्व परमेश्वर |

पापोऽहं कर्माऽहं पापात्मा पाप संभवः |

त्राहिमां कृपया देव शरणागत वत्सल ||



गतं पापं गतं दुःखं गतं दारिद्रयमेवच |

आगता सुखसंपतीः | पुण्याच्च श्री दर्शनात् ||

Android theme on Ubuntu.

Looks pretty cool :P

Accessing X11 through VNC

Tested in Ubuntu Karmic 9.10

Create following file /etc/xinet.d/x11vnc as following:

service x11vnc
{
port = 5900
type = UNLISTED
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/x11vnc
server_args = -inetd -o /var/log/x11vnc.log -display :0 -passwd yourpassword -many -bg
disable = no
}


Make sure it has permission set to 600 for security sake. Restart the xinetd daemon and you are good to go.

VNC vs X11 Forwarding

Image via Wikipedia

Did some research around and compiled following, they are pretty interesting:

• VNC typically uses fewer round-trips than X, particularly as an application starts up. Your link is quite high bandwidth, but if the latency is high, you may find things appear more quickly if you use VNC than if you use X.
• X, however, generally requires much less bandwidth once the application is up and running. This is because it makes more use of resources at the terminal (fonts, cursors, etc). With VNC these are all rendered at the server and copied over the network. So X will often be faster, but VNC works across more platforms and is less dependent on the facilities at the terminal.
• X applications will die when the connection is broken, whereas a VNC viewer can disconnect and reconnect as many times as it likes and the applications keep running. This is particularly useful if you have long-running apps, or if you wish to connect from more than one place.
• People seem to be forgetting one of the more important factors - normally when you run an X server (such as XWin32 for Windoze) the heavy memory usage is at the user's end. The applications you start on the server and that connect to your X server are relatively light-weight. With VNC you reverse that role again, not only will you most likely run your apps on your server, but also the X server itself will then be on that server. With a few users running (VNC) X servers memory usage could be significant.
• Previously I used XWin32 at work, but everytime the machine (or just XWin32) crashed I would lose all my sessions. Also, XWin32 can be quite heavy for your PC - depends a bit on how much memory you have and all that. Nowadays (ever since I learned of VNC) I and several colleagues run VNC X servers on our admin server and connect there with the VNC clients. With SSH and port forwarding we're also able to pick up our sessions from home (mostly through dial-up ISDN, usable but not fast) as well.
• I also use VNC at home to access the VNC server on my Linux box. Speed is good (would be better even with 100Mbit ethernet instead of 10Mbit) and again it doesn't matter whether my W98 box crashes, the server will stay up.
• I've used VNC a long time ago too when I first tested it over a 2Mbit connection, and I recall that as very usable. X connections over that connection are slow anyway. :) Your mileage may vary - what window manager and the like you use matters a lot too. The simpler the graphics the less data, etc. It can't be put as simple as you think.
  

Source: http://www.realvnc.com/pipermail/vnc-list/1999-October/010265.html

Updates: VNC is much much faster than X forwarding, as observed from the testing.