Wednesday, June 10, 2009

Changing Evolution's SMTP server configuration with a script

Evolution is my favorite e-mail client and I am quite satisfied with it. However, there is a pitfall of switching networks with Evolution.

SMTP servers used for sending e-mails are often configured to accept request from the internal network only. It is due to various spammers not to flood the service. If you want to send e-mails from each network you are actually connected to (as me), you come very soon to a problem: you have to change your Evolution's SMTP server configuration always after switching the network.

This post presents a workaround: a script that does the setting change for you, automatically. Creating some button at your desktop that uses such script is then a matter of seconds. Here is the source code of changeEvolutionSmtp:

#!/bin/bash
SMTP=${1?'Specify the SMTP server name as the first parameter!'}
SETUP=`gconftool-2 --get /apps/evolution/mail/accounts | sed "s/\(smtp:\/\/\)[^;]*/\1${SMTP}\//g"`
gconftool-2 --unset /apps/evolution/mail/accounts
gconftool-2 --type=list --list-type=string --set /apps/evolution/mail/accounts "$SETUP"

If you run that script with a parameter specifying the new SMTP server name, all your Evolution's e-mail accounts get changed SMTP server:

changeEvolutionSmtp smtp.myprovider.com

Enjoy!
Posted by Beerda at 9:25 PM 0 comments
Labels: ,

Remote access to encrypted directory at Linux server

This post describes how to configure remote access to an encrypted directory. I wanted to create a personal directory on a Linux server:
  • accessible as a mountable network filesystem;
  • with the content being encrypted;
  • easily configurable.
For the sake of simplicity, I selected SSHFS instead of NFS because:
  • SSHFS does not need to perform any configuration on the server, it lasts the SSH connection to be configured (that is often done already);
  • SSHFS does not need any new special ports to be open on the firewall (SSH port is sufficient).
The disadvantage of SSHFS is that the connection may be slower because of communication encryption. However, I want to use it for personal purposes only. Data encryption will be performed with EncFS. Both the server and client are Ubuntu Linux systems.

The desired configuration is as follows:
  • On the server, I want an encrypted directory available over the SSHFS. Thus, the shared directory would be /home/user/shared that would contain encrypted directory /home/user/shared/encrypted.
  • On the client a remote directory would exist,
    /home/user/.remotedir, that would contain encrypted subdirectory encrypted, which I want to mount to the decrypted directory /home/user/Remote.
  • Only the /home/user/Remote directory would be used by me and EncFS will encrypt all the content into /home/user/.remotedir/encryped, which in turn would be remotely stored via SSHFS on the server.

Server configuration

  1. Make sure SSH is up and running.
  2. Create shared directory:
    mkdir /home/user/shared
  3. Inside of the shared directory create encrypted directory:
    mkdir /home/user/shared/encrypted
  4. Update permissions:
    chmod -R o-rwx /home/user/shared

Client configuration

  1. Install SSHFS and EncFS:
    sudo apt-get install sshfs encfs
  2. Create directory for mounting the remote directory
    mkdir /home/user/.remotedir
  3. Create directory for mounting the encrypted remote directory:
    mkdir /home/user/Remote
  4. Mount the remote directory using SSHFS (insert SSH password to the server):
    sshfs user@myserver.org:/home/user/shared /home/user/.remotedir
  5. Enable encryption:
    encfs /home/user/.remotedir/encrypted /home/user/Remote
    The computer would ask you the type of instalation. Hit ENTER to select "standard". Then insert password for the encrypted content.
  6. To unmount everything, you should first unmount the encrypted volume and then the SSHFS:
    fusermount -u /home/user/Remote
    fusermount -u /home/user/.remotedir
  7. That's all.
For the sake of simplicity, I have created two simple scripts: mountRemote and umountRemote:
  • mountRemote:
    #!/bin/bash
    sshfs user@myserver.org:/home/user/shared /home/user/.remotedir
    encfs /home/user/.remotedir-hucak/encrypted /home/user/Remote
  • umountRemote:
    #!/bin/bash
    fusermount -u ~/Remote
    fusermount -u ~/.remotedir-hucak
Posted by Beerda at 9:42 AM 0 comments
Labels: ,

Friday, June 5, 2009

Setting up EDUROAM network connection (at OSU.cz) on Ubuntu 9.04

This is how I configured the EDUROAM network connection on my Ubuntu 9.04. My home university is the University of Ostrava (OSU).
  1. First of all, there was a problem with certificates. I have downloaded University's CA Certificates (osu-ca.pem, cesnet-ca.pem) from the OSU's website. We are going to install the certificates as trustworthy.
  2. Determine the directory where all the certificates are stored:
    openssl version -d
  3. Create an executable script file CreateSymLinks:
    #!/bin/bash
    for CERTFILE in $*; do
    # make sure file exists and is a valid cert
    test -f "$CERTFILE" || continue
    HASH=$(openssl x509 -noout -hash -in "$CERTFILE")
    test -n "$HASH" || continue

    # use lowest available iterator for symlink
    for ITER in 0 1 2 3 4 5 6 7 8 9; do
    test -f "${HASH}.${ITER}" && continue
    ln -s "$CERTFILE" "${HASH}.${ITER}"
    test -L "${HASH}.${ITER}" && break
    done
    done
  4. Run
    ./CreateSymLinks *.pem
    This will create symbolic links to the certificate files.
  5. Copy all *.pem files together with all created symbolic links to the path obtained in step 2.
  6. Setup EDUROAM connection in Network Manager: WPA/WPA2 Enterprise, Tunelled TLS (TTLS), osu-ca.pem as CA certificate, MSCHAP, your identity (my was XXX@osu.cz), password.
The connection should be established and work properly.
Posted by Beerda at 8:52 PM 0 comments
Labels: ,

Thursday, June 4, 2009

Installing IEs4Linux on Ubuntu 9.04

IEs4Linux is an easy way of running various versions of Microsoft Internet Explorer under Linux. Recently, I have installed it on Ubuntu 9.04 Jaunty Jackalope and went to some problems. The official documentation was not up-to-date, so I was forced to improvize. Here is workaround:
  1. sudo gedit /etc/apt/sources.list
  2. add this line to the file or uncomment:
    deb http://us.archive.ubuntu.com/ubuntu jaunty universe
  3. add this line to the file:
    deb http://wine.budgetdedicated.com/apt jaunty main
  4. wget -q http://wine.budgetdedicated.com/apt/387EE263.gpg -O- | sudo apt-key add -
  5. sudo apt-get update
  6. sudo apt-get install wine cabextract
  7. wget http://www.tatanka.com.br/ies4linux/downloads/ies4linux-latest.tar.gz
  8. tar zxvf ies4linux-latest.tar.gz
  9. cd ies4linux-*
  10. run no GUI installation (since GUI makes all the troubles):
    ./ies4linux --no-gui --no-desktop-icon --install-ie55 --install-ie5 --install-corefonts
Enjoy!
Posted by Beerda at 12:54 PM 1 comments
Labels: ,
Subscribe to: Posts (Atom)