Skip navigation

Category Archives: Linux

I was always worried about having to go up in a unix directory tree with cd ../. Then I was introduced to this project at work where I noticed that I was doing so much cd-ing around. Sometimes I went so deep in the directory tree I had this scary feeling inside that I’d get lost in a dark pit (true story).

I wanted a better way to do it. So I did what anyone these days would do. But the best the internet could offer were using pusd/popd, aliasing multiple ../s to ..n and using CDPATH. None of these felt natural enough.

So on one boring evening at work I started to scratch my own itch. I started to do it in python but I ended up in a simpler, much better solution. A function for my bashrc.

I call it za because …

cd to za

cd to za (image: markhillary flickr)

you can use za to jumpback any number of directories up to your $HOME directory. Just put the following function in your .bashrc

za 2 #will jump 2 directories up
za #will jump one directory up

Just see it in action.

za-in-action

za in action

Hope you find it useful.

PS: My blog marked 6 years to yesterday (8th August 2012). I’m out of (a year?) long block with this post :)

Update (07-03-2014): There’s a Fish Shell port of Za now.

I was really fascinated by the stuff I have read about Truecrypt. I wanted to try that but I had two reasons to not do that. First, I had nothing really to hide; Second, I thought my poor hp mini won’t be able to handle encrypting a partition, if not the whole disk. And also I was lazy. My close friends, bro and sis know my password anyway. Sis won’t find anything I don’t want her to and I have no problem others finding those. So the only reason I’d try encrypting is curiosity.

One day I was struck by a fireball of curiosity. And I was looking for ways to make portable, encrypted disk I can even put in Dropbox [referral link]. I found few good howtos with lot of details but what I’m going to put together will be an easier howto for a better virtual disk that is encrypted on-the-fly.

I am using Ubuntu 10.04 Lucid Lynx so there maybe a leetle Ubuntu specific things that I’m not sure of. The process has commands that can destroy your data if not used with care. I have tried this and it works perfect for me. If you manage to screw things up in the process that should be purely because you are stupid or careless or even both. And that was my disclaimer.

Alright let’s go make it.

We need dmsetup and cryptsetup installed for this.
$sudo aptitude install dmsetup cryptsetup

Once the installation process is finished we can start making our encrypted vitual disk.

1)
First we create a file with random data in it. You can chose a size that matches your needs. In this example I’m making a 20MB virtual disk so I will create a 20MB file in this step.

$ dd if=/dev/urandom of=~/sekret bs=1M count=20

Here, the dd command creates 20 1MB blocks and fill it with random data. ~/sekret means that we create the filee named sekret in your home directory. You can chose a file name you like and also a path you like.

2)
Next we need to create a block device from the file. For that find a free loop device with
$ sudo losetup -f

And use that loop device and create the block device. Let’s assume /dev/loop0 is free.
$ sudo losetup /dev/loop0 ~/sekret

3)
Now we need to luks format the device. FYI: LUKS stands for Linux Unified Key System.
$ sudo cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/loop0

This will warn you that the data in /dev/loop0 are gonna be overwritten. Hope you are confident enough to say yes. Then you are required to enter a pass-phrase for this encrypted this. Chose a powerful pass-phrase here. And then confirm the pass-phrase. The process will report success if we are lucky.

4)

Map the crypto partition using

$ sudo cryptsetup luksOpen /dev/loop0 mycrypt

To be sure about the success run
$ sudo dmsetup ls

This will output something like mycrypt (252, 0).

5)
Now we create file system on the device we created.
$ sudo mkfs.ext3 /dev/mapper/mycrypt

This will create EXT3 file system on the device. You can format it with your choice of file system. At the successful finishing of formatting, we have our own encrypted disk ready to use.

6)
We can mount it with..
$ sudo mount /dev/mapper/mycrypt /media/sekret

7)
Once you are done adding juicy stuff on your device you should unmount it AND REMOVE THE DEVICE FILE.
$ sudo umount /mnt/sekret
$ sudo cryptsetup luksClose mycrypt
$ sudo losetup -d /dev/loop0

Once you have created an encrypted disk, to use next time you only have to follow the steps 2), 4) and 6). Once you are done using the device, unmount with step 7).

I have put an encrypted virtual disk in my Dropbox and it works pretty well. Maybe you’d like to try that too. To use it in Dropbox, copy the encrypted virtual disk file (~/sekret in our case) in to your Dropbox directory.

I have put together a bash script to automate the process and I named it crysp :). You have to run the script as root so use sudo when running it. I might be an evil bastard trying to destroy your data so take a look at the script before you run. With the script you can easily mount and unmount the encrypted devices similar to the usage of mount/umount commands. I have added a dirty hack to allow read/write access to the device from Nautilus. To use this, change chanux to your login name in line 08 in the script.

Find the source in it’s Google Code repository. There’s a version that prevents the existence of thumbnails related to the encrypted disk. check crysp-no-thumb branch for that.

Update: 27-01-2013 Updated the script and put it on a github gist.

My tweet you just read says the long story short. In case you didn’t come across, Google made DNS a buzzing topic again with Google Public DNS. So I felt like trying a dns cache again. The logic is “If a better DNS server makes things better, DNS cache makes it even better.”

This is more of a note to self than a HOWTO. If your use case atches with mine, feel free to use this.

My use case: I use an HSDPA, mobile broadband connection on Ubuntu 9.04 Jaunty Jackalope.

Install pdnsd with,

$sudo apt-get install pdnsd

Now launch the text editor you hate and add following to /etc/pdnsd.conf

(By default all the parts are commented so just adding this was fine enough for me)


server {
ip=208.67.222.222 , 8.8.8.8;
timeout=5;
interval=30;
uptest=ping;
ping_timeout=50;
purge_cache=off;
}

global {
 perm_cache=5120;
 cache_dir="/var/cache/pdnsd";
 min_ttl=15m;       // Retain cached entries at least 15 minutes.
 max_ttl=1w;        // One week.
 timeout=10;        // Global timeout option (10 seconds).
}

I copied this piece from here and edited ;). Added the global field because defaults were not cool enough for me. And in ip field I’ve put respectively OpenDNS and Google DNS addresses. You can just add one address there. ‘man pdnsd.conf’ will teach you more about the content in the file.

Once you are done editing the configuration file restart pdnsd with

$sudo /etc/init.d/pdnsd restart

Now you should tell the network manager to look for pdnsd for it’s DNS needs.

Right click network manager icon and then follow Edit Connections > Mobile Broadband and choose to edit your preferred network connection.

In Editing <Your Network Connection> dialog box,
[1] Choose IPv4 Settings tab
[2] Choose Automatic Addresses (ppp) Only in Methods Dropdown box.
[3] Set DNS Servers field to 127.0.0.1 (which refers to pdnsd in our case)

And obviously, Apply Changes :P .

If everything went fine, you are now ready to enjoy DNS cache goodness with pdnsd.

You can check how good is it with dig command.

ex:
$dig yahoo.com

run this command twice and compare Query time field.

Note: If you followed all the steps but still it doesn’t work, try restarting pdnsd. If you get following error refer this page

/etc/resolv.conf must be a symlink

Update: Added the global settings for config file.

SinhalenFOSS, Sri Lankas very first tech related podcast, the podcast that I proudly feature in, turned one year yesterday(9th April 2009). We didn’t have big plans for the day but it was truly a big milestone for me. I’m sure the story is same for the other two co-hosts Bud (geekaholic) & Seejay.

We had the episode 21 recorded on last sunday (5th April 2009) but due to my busy schedule I couldn’t finish editing & upload it. Finally there was a hope for uploading it on SinhalenFOSS birthday. But I’m really sorry that I couldn’t make it on time since my father was sick & I had to go to the doc with him. Added to that, I couldn’t stay up all night & finish it off since I was tired of fairly a long journy. Actually I tried to stay awake but failed. However my computer stood awake when I find it on my bed in mid night (Poor thing!).

Anyway I’ll try to finish things up & put the final product in our loving listeners hands As Soon As Possible!. The bits are running in to interwebz right now :) .

It was a pleasant year passed giving me lots of experience, introducing lots of nice people to me, taking my life to another level & best of all, making me very happy for being a part of. It’s all thanks to you dear SinhalenFOSS, I really love you. Wishing you a very happy birthday!

Update: SinhalenFOSS episode 21 is on interwebz now :)

Ok here comes early fruits of my dialog experience. You already know that I had too much of connection drops lately. The story is changed now. I don’t have that much of connection drops. NO I don’t have good connectivity either :P . I have this new problem. I get the bogus DNS address 10.11.12.13 & 10.11.12.14 assigned in err… every 10-15 minutes, or even less. Ah I have stats I guess :)

uptime – 1hr32mins
Connection dropouts 2
bogus DNS allocations – 15

This is at the time I checked. After that things turned even worse. I use OpenDNS since I’m not happy with Dialogs nameservers (Unfortunately I can’t use all the features of Open DNS coz Dialog don’t give us at least a dynamic unique IP). But since these annoying DNS allocations I had to manually set OpenDNS settings all the time. For that I wrote following bash script. This was so quick & is so dirty. And this might not be the best way to do that.

create a file called /etc/resolv.conf.odns & put OpenDNS settings in it.

nameserver 208.67.222.222
nameserver 208.67.220.220

And then put following code in setodns.sh, chmod 755 it  & run (as super user).


#!/bin/bash

## setodns.sh
## Override Dialogs fucking DNS settings with OpenDNS settings.

while true ; do
 cp /etc/resolv.conf.odns /etc/resolv.conf
 sleep 45
done

To get rid of this you have to press Ctrl-C , since it’s in an infinite loop.
That’s how I make the future less shitty, for now. I said that because Dialog says The Future. Today. Today is shitty, I fix it means I fix future ;) .