Create a Recovery USB Stick in Linux

A recovery USB stick is a bootable USB drive that can be used to rescue a system or perform critical maintenance. It’s a useful tool to have around. Typically, a system of interest is booted from the USB stick, maintenance is performed, then the repaired system is rebooted from its own disk. Below is a simple guide to creating a number of rescue USB sticks.

A Rescue stick can help fix many system problems, such as a system that won’t boot, a broken GRUB configuration, a disk or other hardware problem. By allowing the whole operating system to be taken offline, a rescue USB allows maintenance of a kind that cannot be performed any other way.

It is easy to create a bootable USB stick in Linux. In these examples, I used a Raspberry Pi, but any Linux PC would do equally well.

Continue reading

Redirecting Firewall Messages in Linux

The Linux firewall is a great way to secure a server, especially one that is Internet facing. Together with ipset and an appropriate blacklist, it can protect your server from the worst the Internet can throw at it. However, netfilter (aka iptables), can generate a lot of messages. By default they go to the kernel logging channel, flooding out log files such as messages, syslog and kern.log.

It is important to keep log files clear so that system issues are not missed. For example, a hardware or memory error message might be written to kern.log, but could be difficult to notice due to many thousands of firewall messages. Worse, over time, the important message will be moved into a historical log files due to the action of logrotate.

This article explains how to send firewall messages to their own log file, using the example of a Raspberry Pi running Raspbian 9 (Debian Stretch). After a small configuration change, netfilter messages go to their own file instead of clogging up the general logs.

Continue reading

Messing Around with Graphics.py

This article explains how to create some simple mathematical shapes with graphics.py, a popular graphics library for Python written by John Zelle. Graphics.py is a single file containing graphics functions such as Point, Line, Circle and Rectangle. In this article though, we are just going to use it to plot single points.

At the top of the page is a blancmange like shape. The program that drew it is at the bottom of the article, if you want to jump straight there.  Otherwise, a couple of simpler plots will be demonstrated first, just to show a couple of underlying principles. Continue reading

/tmp/sortXXXXXX files

A backup script that runs on several Linux systems recently produced the following error:

ls: cannot access '/tmp/sortrq9hq8': No such file or directory

It happens every time the backup runs. Other than the above message, there seems to be no ill effect on the backup, which completes successfully. The ls command did not find a file that it expected to be there.
This article explains how the missing file was created by the Linux sort command as a temporary storage area, how error messages about these files are likely to crop up from time to time, how to reproduce the error, and some background about the behaviour of the sort command on Linux and Solaris. Continue reading

How to Convert a Website from HTTP to HTTPS

An http website is not encrypted. That is to say, the data comprising the site is not encrypted as it flows from the web server to the device (pc, phone, tablet) on which the user is viewing the page. Anyone able to “listen in” on the network could read that data, which is a security risk. An https web site is different. Data is encrypted. The web server encrypts each web page before transmission, and the user’s browser decrypts it, providing end-to-end protection from eavesdropping.
This article explains how to convert an existing basic website to https by obtaining a free digital certificate from Let’s Encrypt. It is based on a Raspberry Pi running the “Apache” web server, but will also work on other Linux systems. It is intended for home users and people running small-scale web sites, and as a learning aid. Continue reading

Automatic Nextcloud Installation on Raspberry Pi

Nextcloud is an open source software package providing remote file sharing services. It is similar to Dropbox. But with Nextcloud, you retain ownership, security and control of the shared data. This procedure describes how to build a working Nexcloud service using just 3 commands.
Note: If you would rather do the installation manually, step-by-step, without the help of a script, please see my previous article Simple Nextcloud Installation on Raspberry Pi. It explains how to do the installation in detail, and provides more background information on Nextcloud. Both procedures achieve the same overall result, however. Continue reading

Set Up Your Own Link Shortening Service with a Raspberry Pi

“Link shortening” happens when a short URL, such as http://bit.ly/2bo3XYY, points to the same web page as a longer link, such as https://en.wikipedia.org/wiki/BBC.  Short links are often used where there are a limited number of characters available, such as an SMS text or a Twitter post.  Short links are also quicker to type and neater than the associated full length links.
Two of the main providers of short links are Bitly and Google (Goo.gl).  For example, I used Bitly to create the short link in the above paragraph.  However, if you have a Raspberry Pi (or any kind of Linux server), you don’t need to use a provider.  You can create your own short links.  This article explains how. Continue reading

Using a Domain Name with a Raspberry Pi Web Server

The Raspberry Pi’s low power consumption makes it well suited to the role of always-on web server. This post describes how to use a domain name with your Pi-based web site. Setting up a web site on the Pi is very easy and was explained in an earlier post of mine, just here.
This article explains how to set up a domain name with your web site, so that you can surf to http://your.domain.name instead of http://your.ip.address. It assumes that you have already have an Apache web site running. If not, please read the above post, before coming back here. Continue reading

Simple Nextcloud Installation on Raspberry Pi

This article explains how to install Nextcloud on the Raspberry Pi. It has been tested with the latest version of Nextcloud (13.0.4 at the time of writing), but should work for future versions too. Nextcloud is an open source software package providing remote file sharing services, similar to Dropbox. But with Nextcloud, you retain ownership, security and control of the shared data. Nextcloud works well on a Pi 2 and Pi 3 but will run very slowly on a Pi 1.

Note: This is a manual, step-by-step procedure. If you would rather do the installation automatically, please see my recent article Automatic Nextcloud Installation on Raspberry Pi, which explains how to install Nextcloud with 3 commands. It is the quickest and easiest way to get Nextcloud running. Both procedures achieve the same overall result, however.
Continue reading

How to Rename the Default Raspberry Pi User

UPDATED December 2017 for Rasbian Stretch. The Raspberry Pi comes with a default user called “pi”, whose initial password is also set to a well known default. While this makes it easy to use the system, it is not very secure. Anyone with physical access to your Pi could login with these widely known credentials. Furthermore, if you have enabled the SSH server, users on the local network could do the same.
Even if you have changed the “pi” user password, just having a user name that is universally known is still a security risk. The following article explains how to safely rename the “pi” user to something more secure. Continue reading