Simple VPN setup

No Gravatar

Up until today, I have had to make important files from the shares of my home Linux server available as Windows Offline files to have them readily available on the road. I could sftp to my home server and fetch the files, but with the overhead of having to remember to actively upload the files again if they have been updated. I had a hunch that SSH tunnels could help me out, but today I finally made everything work, enabling me to map drives to the Samba shares of my home server through a secure SSH tunnel. Here’s how..

Background info

I am creating this setup using my home Linux server connected to my ADSL connection at home. I want to connect my laptop to my Linux server in order to map the Samba shares as drives on my laptop, when I am connected to the internet at the office or at a client. The Linux server is running OpenSSH which enables me to make regular SSH terminal connections using a client such as Putty, SFTP file transfers using WinSCP AND tunnels – also using Putty.

Uninstall File and Printer sharing for Microsoft NetworksA tunnel through SSH works like this: A service is listening for connection requests on some port on the server -A Samba server listens on port 139 (like any Windows machine that has “File and printer sharing” installed does). When you create a tunnel like this one, you are “rewiring” the network of your workstation telling it to forward all connection attempts to the local port 139 to port 139 of the remote server through a the secure connection supplied by SSH. As only one service can listen on one port at a time, you need to uninstall “File and printer sharing” for your network connections. Please note that when you do this, any folder or printer shared by your computer will no longer be available to other users on your network.

Do it

If you have Samba shares and OpenSSH running on your server and you can connect to it using an SSH client, you only need to change the setup of your client pc.

  1. Install Putty – which should be fairly straight forward.
  2. Uninstall “File and Printer sharing”. Note: If you merely disable the element, this will not work as the service will still listen on port 139 and block Putty from listening on the same port. A complete Uninstall is necessary.

  3. If you already have a terminal connection set up for your server in Putty, it can be reused and you can merely add a tunnel to the connection. To make your initial connection in Putty, simply supply your internet IP address (or domain name if you have one) for your home server, and make sure the standard port 22 is NAT’ed in your router to your server. You may choose to increase security by having OpenSSH run on a port other than 22 – but that is a outside the scope of this post.
  4. Open the Tunnels configuration and enter:
    • 139 in the Source port field
    • The internal IP adress of your server followed by :139 to indicate that you wish to connect to port 139 on the server. In the example below, the internal IP adress of the server is 10.0.0.150

Putty Configuration

Apply your changes and open the connection. Once you have succesfully logged on in the terminal window the tunnel will be established and you should be able to start mapping drives to \\127.0.0.1\remotesharenames.

Open Source time registration and tracking

No Gravatar

I am in the middle of a project with a client – a project to improve their time usage registration procedures. They had been looking at several commercial solutions – all requiring customizations – most of them costing “an arm and a leg”.

They actually started a project with one vendor who thought they could deliver, but apparently forgot to listen for client needs and forgot to set client expectations correctly – the project ran for six months and finally they had to retreat and stop the project in progress because they could not deliver.

Achievo 1.3I got a second chance to present my idea which is now running and in further development. It is based on the Open Source project Achievo, originally developed and opened up by the cool guys at iBuildings in the Netherlands.

The advancements of the processes around time registration and tracking is usually “evolutionary” for companies like my client. They know they need to register time in order to bill the client at the end of the month. In this case, the consultants would initially share an Excel sheet in which they would register their hours. It worked, but apart from being limited to only one person entering hourly usage at a time, it was very difficult to verify that everybody had remembered to register all billable hours. And that may or may not be quite expensive in the end – they actually didn’t know.

Achievo is based on modules and it has a billing module which I guess is used by more or less anyone running the system. It will be included as a standard module in the next release. My main task has been to integrate with my clients CRM system (regularly import customers and create dummy projects for them). Also I created a few reports to ease the actual billing, as my client cannot use the billing module as-is. They have a somewhat special price matrix, which I needed to get Achievo in tune with. It was also necessary to build some tidbits that would enable handling of prepaying clients bying a predefined number of hours at special rates. I hope that I will dig up some time to feed some business process documentation and project templates back to the Achievo community.

Achievo runs on a LAMP stack (Linux, Apache, MySQL and PHP). Check out the demo sites running version 1.2.1 (the current release) and the nightly builds for the upcoming version 1.3. My one-man company can use Achievo 100% as is. My client – a 25 person consultancy firm – has been running Achievo since the beginning of this year and we are just now entering phase two, where we will add quite a few more “need” and “nice” features.

Internet Explorer on Linux

No Gravatar

IEs4LinuxThis post is written from Internet Explorer 6. In itself that is not so strange – I have a large client that exclusively run Internet Explorer 6 throughout the entire enterprise, so my work needs to be 100% tested on this browser. On my Windows XP installation i am running IE7 which cannot coexist with version 6 and i didn’t feel like downgrading. Installing Windows XP as a virtual machine is not an option – as I don’t want the expense of another Windows license.

Wine was apparently not able to run Internet Explorer out-of-the-box, but a bit of Googling gave me what I need: EIs4Linux – a package that can install any (also simultaneously) of IE 5, 5.5 or 6. I used this step-by-step guide to get everything running.

IE7 is currently not supported (by Wine according to the EIs4Linux guys), but it is work in progress.

Feisty Fawn screen resolution issues

No Gravatar

Important: Before you begin, back up your xorg.conf file – a misconfiguration may leave you without a GUI.

Apparently Ubuntu 7.04 does not know either my graphics card (Intel 810) and/or monitor (Dell FP1701). The monitor – one of Dell’s first flat panels – only supports 1280×1024 @ 60Hz, or for some reason 1024×768 @ 75Hz. Ubuntu plays it safe and sets the default resolution to the latter – and choosing 1280×1024 in the GUI is not an option.

To remedy I tried adding 1280×1024 to my /etc/X11/xorg.conf like so:

SubSection "Display"

Depth 24
Modes "1280x1024" "1024x768" "800x600" "720x400" "640x480"

EndSubSection

But booting X makes my monitor sorry – as it probably tries to display “1280×1024 @ 75Hz” which is not supported. I eventually fixed this with this modeline tool. Set resolution to 1280×1024 and the vertical frequency to 60Hz which returned:

Modeline "1280x1024" 109.62 1280 1336 1472 1720 1024 1024 1026 1062

Which i pasted into my xorg.conf like this:

Section "Monitor"

Identifier "DELL 1701FP"
Option "DPMS"
Modeline "1280x1024" 109.62 1280 1336 1472 1720 1024 1024 1026 1062

EndSection


“Boom goes the dynamite” – and I had the optimum resolution at 60Hz.

UPDATE: A few necessary additions

1) You must use the specifications of your own monitor and display adapter to ensure that everything works

2) Back up your xorg.conf file before you begin

Focus focus

No Gravatar

Ubuntu logoI like to keep stuff separated, so this blog will contain observations and hopefully conversations about IT, geeky stuff and social software. As I am writing this, I have just completed downloading Ubuntu Linux 7.04 which was released today. Their site still have symptoms of quite a heavy load, as the most of the (geeky) world is probably reading about or downloading version 7.04 of this great Linux distribution.

I was actually about to rant a bit about the pet names they give their releases (this list was nicked from Wikipedia) – I have yet to figure out why animals with distinctions make better release names.

  • 4.10 The Warty Warthog
  • 5.04 The Hoary Hedgehog
  • 5.10 The Breezy Badger
  • 6.06 The Dapper Drake LTS (Long Term Support)
  • 6.10 The Edgy Eft
  • 7.04 Feisty Fawn

In October of this year Gutsy Gibbon (of course referring to version 7.10 of Ubuntu Linux) should once again start an extra fan or two on the Ubuntu download mirrors.