Syntax Error - Press Play on Tape -

17Sep/130

sshfs and autofs – The perfect marriage

Creddz go to Thomas Jansson at http://www.tjansson.dk/?p=84.

What is sshfs and why is it so great?

sshfs is a file system in userspace (FUSE) and can be used to mount a remote ssh account locally in a folder. This is absolutely great – If I need to work on files from my server I can use the simple command:
sithson@dagobah:~$sshfs sithson@dagobah: sshfs/

which mounts the remote file system on bar.com over a encrypted connection to the folder sshfs/ – none of the programs is aware the files are remote and working on a file in the folder sshfs/ is the same as for local files – at least if the connection is fast enough.

What is autofs and what why is this even better than plain sshfs?

The great thing thing about autofs is that the line above is no longer needed. The mounting of the remote file system is done in the moment I try to access the folder by the autofs daemon. sshfs and autofs together makes a encrypted remote file system available to the user and the system in a totally transparent way. Once the setup is complete the user will never need to know that the files are actually on a remote server.

Installation of FUSE

The installation is pretty straight forward. First the packages needs to be loaded.
root@dagobah:~# apt-get install sshfs fuseutils autofs

Second the module needs to be loaded into the kernel:
root@dagobah:~# modprobe fuse

and since this module should be loaded on every startup of the computer the line:
fuse
should be added to the file /etc/modules. The last part of setting up FUSE is to add the users which should be able to use FUSE to the FUSE usergroup.
root@dagobah:~# usermod -a -G fuse sithson

This will work when logged out and in again.

Configuring ssh and autofs

First I need to create a set of ssh-keys so I don’t have to write my password every time the connection is established.
root@dagobah:~# ssh-keygen -t dsa

Next the public key needs to be transported to the remote server (bar.com) with the login "sithson".
root@dagobah:~#ssh-copy-id -i .ssh/id_rsa.pub sithson@dagobah

Now I need to create a folder where the remote folder should be mounted.
root@dagobah:~# mkdir /mnt/sshfs

The next thing is to add a line to the file /etc/auto.master but before this is done. I need to know the userid, so I run:
sithson@dagobah:~$cat /etc/passwd | grep sithson
sithson:x:1000:1000:sithson,,,:/home/sithson:/bin/bash

So my userid is 1000. The file in /etc/auto.master now needs the line:
/mnt/sshfs /etc/auto.sshfs uid=1000,gid=1000,--timeout=30,--ghost

And finally we need to create the file /etc/auto.sshfs and add lines similar to this:
bar -fstype=fuse,rw,nodev,nonempty,noatime,allow_other,max_read=65536 :sshfs\#sithson@dagobah\:

This will mount the remote system in the folder /mnt/sshfs/bar/ every time I access that folder. If I’m not using the folder for 30 seconds it will be unmounted. Absolutely amazing and very very useful.

Epilogue

If you have several servers you just need to add line for each in the file /etc/auto.sshfs. Finally it should also be stated that the are some security considerations to take into account. If this done on a laptop and the laptop is stolen the burglar could gain access to the remote systems.

References
http://www.mccambridge.org/blog/2007/05/totally-seamless-sshfs-under-linux-using-fuse-and-autofs/
http://www.tjansson.dk/?p=18 - In danish on sshfs, encfs and FUSE.

Tagged as: , , No Comments
17Feb/135

Asus Xonar DSX: Patching linux kernel v3.x driver to recognize sound card

Supposing you have the linux kernel source in /usr/src/linux.

1. Make changes to the following two files:

  • sound/pci/oxygen/virtuoso.c
  • sound/pci/oxygen/xonar_wm87x6.c

2. Compile kernel and modules

3. Install new kernel and modules and reboot using the recently installed kernel

4. Ét voila! =)

 

sound/pci/oxygen/virtuoso.c
static DEFINE_PCI_DEVICE_TABLE(xonar_ids) = {
Add this line if it does not exist: { OXYGEN_PCI_SUBID(0x1043, 0x8522) },

 

sound/pci/oxygen/xonar_wm87x6.c
static const struct oxygen_model model_xonar_hdav_slim
Locate and delete the line with the typo .adc_i2s_format = OXYGEN_I2S_FORMAT_LJUST,
There should already be a line with .dac_i2s_format = OXYGEN_I2S_FORMAT_LJUST,

 

sound/pci/oxygen/xonar_wm87x6.c

int __devinit get_xonar_wm87x6_model(struct oxygen *chip,
Add a new case right before the default case.
case 0x8522:
chip->model = model_xonar_dsx;
break;

 

Here is the full git diff file:


diff --git a/mirror/sound/pci/oxygen/virtuoso.c b/mirror/sound/pci/oxygen/virtuoso.c
index 3d71423..8104eab 100644
--- a/mirror/sound/pci/oxygen/virtuoso.c
+++ b/mirror/sound/pci/oxygen/virtuoso.c
@@ -52,6 +52,7 @@ static DEFINE_PCI_DEVICE_TABLE(xonar_ids) = {
{ OXYGEN_PCI_SUBID(0x1043, 0x835d) },
{ OXYGEN_PCI_SUBID(0x1043, 0x835e) },
{ OXYGEN_PCI_SUBID(0x1043, 0x838e) },
+ { OXYGEN_PCI_SUBID(0x1043, 0x8522) },
{ OXYGEN_PCI_SUBID_BROKEN_EEPROM },
{ }
};
diff --git a/mirror/sound/pci/oxygen/xonar_wm87x6.c b/mirror/sound/pci/oxygen/xonar_wm87x6.c
index 63cff90..af91016 100644
--- a/mirror/sound/pci/oxygen/xonar_wm87x6.c
+++ b/mirror/sound/pci/oxygen/xonar_wm87x6.c
@@ -1321,6 +1321,40 @@ static const struct oxygen_model model_xonar_hdav_slim = {
.adc_i2s_format = OXYGEN_I2S_FORMAT_LJUST,
};

int __devinit get_xonar_wm87x6_model(struct oxygen *chip,
const struct pci_device_id *id)
{
@@ -1331,6 +1365,9 @@ int __devinit get_xonar_wm87x6_model(struct oxygen *chip,
case 0x835e:
chip->model = model_xonar_hdav_slim;
break;
+ case 0x8522:
+ chip->model = model_xonar_dsx;
+ break;
default:
return -EINVAL;
}

22May/120

Debian 6.0: Encrypt /home post installation

Debian installer provides an easy way of creating encrypted disk volumes during installation, including encrypted root partition. However, if you skip this step and decide to encrypt a disk partition later, you need to perform manual setup.

Fortunately, it's not too difficult. The following steps cover creating an encrypted /home, so you need to have a separate disk partition for it. Encrypting root filesystem is more sophisticated and it's not covered by this tutorial.

  1. Install cryptsetup:
    apt-get install cryptsetup
  2. Backup current /home contents and unmount the partition
  3. Create encrypted LUKS partition:
    cryptsetup -y --cipher aes-cbc-essiv:sha256 --key-size 256 /dev/sdb2
    (replace sdb2 with your partion name)
  4. Open LUKS partition and map it to 'crhome' (this name can be arbitrary):
    cryptsetup luksOpen /dev/sda2 encHome
  5. Format encrypted partition, e.g.:
    mkfs.ext4 /dev/mapper/encHome
  6. Mount it:
    mount /dev/mapper/encHome /home
  7. Restore /home contents from the backup
  8. Recreate initrd:
    update-initramfs -u
  9. Create /etc/crypttab entry for encrypted volume:
    #
    encHome /dev/sda2 none luks
  10. Change /etc/fstab entry for /home, .e.g:
    /dev/mapper/encHome /home ext4 defaults 0 2
  11. Reboot!

During system startup you will be prompted for password to access LUKS volume. If you have Plymouth installed, you'll see a nice graphical password prompt.

For more documentation, including Debian-specific docs, got to /usr/share/doc/cryptsetup and cryptsetup/crypttab man pages.