Amahi Wiki - User contributions [en]

PhpSysInfo

2011-06-06T05:18:43Z

Crxtasy12: show log in as root

[[Category:Apps]]
== Getting More Info ==
After the one click install of phpsysinfo in Amahi 6.0, you need to do some modifications to get all system information displayed.

open a terminal session and login as root or if you have sudo configured use sudo in front of all commands.

type
{{Code| su -}}
at the prompt enter your root password

then type
{{Code|yum install lm_sensors
sensors-detect}}

keep pressing enter for default answers.

{{Code|cd /var/hda/web-apps/phpsysinfo/html
cp config.php config.php_bak}}

to make a backup of your original config file

{{Code|nano config.php}}

Change define('PSI_SENSOR_PROGRAM', ''); to define('PSI_SENSOR_PROGRAM', 'LMsensors'); This tells phpsysinfo to use lm_sensors to obtain and display sensor information.

Other optional changes:
define('PSI_HIDE_MOUNTS', '/boot,/dev/shm'); - hides /boot and /dev/shm in mounted filesystems
define('PSI_HIDE_FS_TYPES', 'tmpfs'); - hides tmpfs filesystems
define('PSI_HDD_TEMP', 'tcp'); - tells PSI to obtain current hdd temp
define('PSI_LOAD_BAR', true);
define('PSI_UPS_PROGRAM', 'Apcupsd'); - use apcupsd to show APC info from APC UPS's

after saving config.php phpsysinfo will provide voltage, fan and temperature data.

PhpSysInfo

2011-06-06T05:12:21Z

Crxtasy12: Updated page for Amahi 6 and PSI 3.11

[[Category:Apps]]
== Getting More Info ==
After the one click install of phpsysinfo in Amahi 6.0, I needed to do some modifications to get all system information displayed.
For other users, this is what I did.

first open a terminal session and login as root
from another computer
in windows with putty
or in linux: ssh root@hda

type

{{Code|yum install lm_sensors
sensors-detect}}

keep pressing enter for default answers.

{{Code|cd /var/hda/web-apps/phpsysinfo/html
cp config.php config.php_bak}}

to make a backup of your original config file

{{Code|nano config.php}}

Change define('PSI_SENSOR_PROGRAM', ''); to define('PSI_SENSOR_PROGRAM', 'LMsensors'); This tells phpsysinfo to use lm_sensors to obtain and display sensor information.

Other optional changes:
define('PSI_HIDE_MOUNTS', '/boot,/dev/shm'); - hides /boot and /dev/shm in mounted filesystems
define('PSI_HIDE_FS_TYPES', 'tmpfs'); - hides tmpfs filesystems
define('PSI_HDD_TEMP', 'tcp'); - tells PSI to obtain current hdd temp
define('PSI_LOAD_BAR', true);
define('PSI_UPS_PROGRAM', 'Apcupsd'); - use apcupsd to show APC info from APC UPS's

after saving config.php phpsysinfo will provide voltage, fan and temperature data.

Key-Based SSH Logins

2011-03-01T02:44:08Z

Crxtasy12: Changed /etc/sshd to /etc/ssh

'''This page shows how to create a key based SSH login to your server using the Windows PuTTY client, Mac OS X Terminal.app or Linux.'''

This will allow you to safely login using SSH onto your HDA without having to provide a password every time.

=Windows - PuTTY=

==Install Putty and PuttyGen==
Download the following files from the [http://www.chiark.greenend.org.uk/%7Esgtatham/putty/download.html PuTTY download] page and save them on your Windows system, e.g. on the desktop:

[http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe]

[http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe]

Both files are self contained executables. That is: they do not install anything but run from where they are saved.

==Create a profile for use with your Amahi HDA==
In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.

Now we will create a profile for our 192.168.1.67 server. Start PuTTY by double-clicking its executable file. You are now in the category Session (see the tree on the left side of the screenshot). Enter 192.168.1.67 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol.

[[Image:Red-S01.png]]

Now select '''Connection >> Data'' in the Category box and in the Auto-login box enter the username you wish to login to your HDA with. In this example 'sue'.

[[Image:Red-S02.png]]

Once this is done return to your Sessions and give your profile a meaningful name and press save. Anytime in the future you can click on your profile name a ''Open'' and your session is opened. You will appreciate this more later.

==Connecting to your HDA using SSH==

Now you are on your 'Sessions' screen lets open our session by pressing open. You should see:

[[Image:Red-S03.png]]

Type in the users password and you have your ssh xterm ready to go. Now this was the normal way of logging in but being a password system it is open to brute force attacks.

==Generating a public/private key pair==

Here we can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:

[[Image:Red-S04.png]]

Move your mouse about randomly to generate the randomness.

[[Image:Red-S05.png]]

Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S05a.png]]

Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S06.png]]

Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be '''''.ppk''''':

[[Image:Red-S07.png]]

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server. Copy the key from the PuttyGEN window:

[[Image:Red-S08.png]]

Using ''putty'' logon to our Amahi HDA using the profile you created earlier.

We must now create a directory and file in which to store our public key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">mkdir ~/.ssh<br />
chmod 700 ~/.ssh</div>

And open our file that will store our key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">vi ~/.ssh/authorized_keys2</div>
Type '''''I''''' to enter insert mode. Paste your copied key (just a right click of the mouse was enough for me. Then '''''<Escape> :wq''''' to exit edit mode, write the file and quit. This file may already exist if you have used ssh before.

[[Image:Red-S09.png]]

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

==Configure PuTTY to use the private key==

Close down your shell to your HDA and restart ''putty'' and load your ''192.168.1.67'' profile

[[Image:Red-S01.png]]

Go to '''''SSH >> Auth''''' and click on '''''Browse'''''

[[Image:Red-S10.png]]

Browse to the folder where you saved your keys and select the private key. The one with the '''''ppk''''' suffix.

[[Image:Red-S11.png]]

Go back to your Session tab and click save.

[[Image:Red-S01.png]]

Our private key is now attached to our profile

==Our key-based logon==

Now on our PuTTY sessions screen load your '''192.168.1.67''' profile and press ''Open''. You should get:

[[Image:Red-S12.png]]

Enter your passphrase that you created when generating your keys.

[[Image:Red-S12a.png]]

=Mac OS X - Terminal.app=

==Open Terminal.app==
You can find Terminal.app in your Applications > Utilities folder.

==Generating a public/private key pair==
Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
ssh-keygen -t rsa</div>

Accept all the defaults values (by hitting ENTER) to the questions you'll be asked.

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server.

Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
scp ~/.ssh/id_rsa.pub your_username@hda:.</div>

Replace ''your_username'' with the username you created on Fedora.<br/>
If your HDA is not yet setup, you might have to replace ''hda'' by your HDA' IP address too.<br/>
When prompted, enter the associated password.

Then, we must copy that public key into the ''authorized_keys'' file.

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">ssh your_username@hda<br />
mkdir ~/.ssh<br />
chmod 700 ~/.ssh<br />
mv id_rsa.pub .ssh/authorized_keys2</div>

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

=Linux=

Follow the [[#Mac_OS_X_-_Terminal.app|Mac OS X instructions]], but use a standard terminal (Applications > System Tools > Terminal in Fedora).

=Making it that tad more secure=

Up to now, you can log in with your private/public key pair and still with username/password logins, so if someone doesn't attach a private key to his PuTTY session, he will be asked for a username and password. So to achieve a better security, we must disable the username/password logins (you should do this only when you know that your key-based logins are working, because if they aren't and you disable username/password logins, then you have a problem...).

To disable the username/password logins, we must modify the sshd configuration file. On our Fedora based Amahi system, it's /etc/ssh/sshd_config. You should set Protocol to 2 (1 is insecure and should not be used!), PasswordAuthentication to no.

Login as root:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">su -<br />

vi /etc/ssh/sshd_config</div>

[[Image:Red-S13.png]]

You will now need to restart you SSH server
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
service sshd restart</div>

Fedora 14

2011-01-21T23:13:08Z

Crxtasy12: Fixed misspelling

[[File:F14release.png]]<br />
__NOTOC__

<big>'''ETA''': End of Jan 2011, plus/minus a few weeks for release of Amahi for Fedora 14. We are in still in the [http://forums.amahi.org/viewtopic.php?f=34&t=1975 development/testing] phase.

'''WARNING:''' There are '''NO''' applications publicly available in Amahi for Fedora 14 at this time.</big>

= Development Notes =
'''DISCLAIMER:''' These notes are for development of Amahi with Fedora 14. These notes are not by any means anything for users to follow. Please continue to install Fedora 12 for new Amahi installs. Fedora 14 is not '''OFFICIALLY''' supported yet by Amahi.

The following '''ARE NOT''' Amahi ready with Fedora 14 at this time:
* ExpressCD: estimate late Feb 2011
* Plug: depends on Fedora 14 ARM release

== Fedora 14 DVD Downloads ==
{|
|+
|-
| 32-Bit (3.4GB):
|[http://download.fedoraproject.org/pub/fedora/linux/releases/14/Fedora/i386/iso/Fedora-14-i386-DVD.iso Http]
|[http://torrent.fedoraproject.org/torrents/Fedora-14-i386-DVD.torrent Torrent]
|-
| 64-Bit (3.3GB):
|[http://download.fedoraproject.org/pub/fedora/linux/releases/14/Fedora/x86_64/iso/Fedora-14-x86_64-DVD.iso Http]
|[http://torrent.fedoraproject.org/torrents/Fedora-14-x86_64-DVD.torrent Torrent]
|}

== Amahi Repo ==
* 32-bit and 64-bit is ready.
* Use '''<nowiki>http://f14.amahi.org</nowiki>''' for install.
* App store is not complete yet - there are '''NO''' apps publicly available.

== Amahi Install ==
* Web installer works.

* Open browser and navigate to '''<nowiki>http://localhost:2000</nowiki>'''
* Enter install code

== Known Issues ==
* Fedora creates small root (/) and large home (/home) partition. See [[Install_without_LVM|Install without LVM]] to change.
* [http://www.amahi.org/support/instructions Installation instructions] are not updated for Fedora 14.
# Ensure '''Graphical Desktop''' is checked.

# Add '''Amahi''' repo as noted above.
# Then continue with install as documented.

* There is a problem with setting the timezone in PHP. A workaround is in place to allow the install process to continue. This will affect some apps.

== Application Testing ==
===Working Apps: NOT publicly available yet in Amahi for Fedora 14===
{| style="color:black; background-color:#ffffcc;" cellpadding="10" cellspacing="0" border="1"
|+
|-
| phpRecipeBook
| WebCalendar
| eyeOS
| Transmission
| phpYahtzee
|-
| php Address Book
| Home Inventory
| MindTerm
| Gallery 3
| LogAnalyzer
|-
| Webmin
| RPM Fusion (Non-Free)
| RPM Fusion (Free)
| Scientific Calculator
| Sheeva Theme
|-
| phpMyAdmin
| webERP
| Family Connections
| Torrentflux b4rt
| Drupal
|-
| Rnews
| Gregarius
| iCalendar
| Wordpress
| Clipperz
|-
| MediaWiki
| osTicket
| ArcademSX
| ArcademSX Game Pack 1
| ArcademSX Game Pack 2
|-
| eXtplorer
| PHP Navigator
| phpMan
| Adminer
| Fantasy Football League
|-
| openSIS
| clearBudget
| DokuWiki
| WikkaWiki
| TheAddressBook
|-
| vTiger
| phplist
| LinPHA
| phpMyBackup
| portaNEO
|-
| Joomla
| Gallery 2
| Piwik
| Blog
| Jinzora
|-
| Torrentflux
| vnStat
| Ampache
| Maps
| VCD-db
|-
| Speedtest.net Mini
| MyPhpMoney
| Redmine *
| Tiny Tiny RSS
| Feng Office
|-
| phpSysInfo
| OpenVPN ALS
| Web KeePass
| AjaXplorer
| WebChess
|-
| CrashPlan
|
|
|
|
|}

'''NOTE:''' <nowiki>*</nowiki> denotes BETA application.

=== Broken Apps: NOT publicly available yet in Amahi for Fedora 14 ===
* phpBB: Works, but has [phpBB Debug] PHP Notice: in file /index.php on line 86: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/Chicago' for 'CDT/-5.0/DST' instead
* Mantis: Works, but has SYSTEM WARNING: date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/Chicago' for 'CDT/-5.0/DST' instead
* ajaxterm: Installed, but but says 'Service Termporarily Unavailable'
* Horde: Installed, but does not work. Login screen missing Login options.
* CoolSmile: Installed, but does not work.
* SABnzbd: Installed and works, but unrar does not install. RPMFusion public keys not available.
* DLNA: Does not install. It gets stuck at "Preparing to install..."

====Last Update====
'''Current As of Jan 19, 2011/4:00 PM CST'''

Key-Based SSH Logins

2011-01-15T19:55:24Z

Crxtasy12: Fixed more typos

'''This page shows how to create a key based SSH login to your server using the Windows PuTTY client, Mac OS X Terminal.app or Linux.'''

This will allow you to safely login using SSH onto your HDA without having to provide a password every time.

=Windows - PuTTY=

==Install Putty and PuttyGen==
Download the following files from the [http://www.chiark.greenend.org.uk/%7Esgtatham/putty/download.html PuTTY download] page and save them on your Windows system, e.g. on the desktop:

[http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe]

[http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe]

Both files are self contained executables. That is: they do not install anything but run from where they are saved.

==Create a profile for use with your Amahi HDA==
In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.

Now we will create a profile for our 192.168.1.67 server. Start PuTTY by double-clicking its executable file. You are now in the category Session (see the tree on the left side of the screenshot). Enter 192.168.1.67 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol.

[[Image:Red-S01.png]]

Now select '''Connection >> Data'' in the Category box and in the Auto-login box enter the username you wish to login to your HDA with. In this example 'sue'.

[[Image:Red-S02.png]]

Once this is done return to your Sessions and give your profile a meaningful name and press save. Anytime in the future you can click on your profile name a ''Open'' and your session is opened. You will appreciate this more later.

==Connecting to your HDA using SSH==

Now you are on your 'Sessions' screen lets open our session by pressing open. You should see:

[[Image:Red-S03.png]]

Type in the users password and you have your ssh xterm ready to go. Now this was the normal way of logging in but being a password system it is open to brute force attacks.

==Generating a public/private key pair==

Here we can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:

[[Image:Red-S04.png]]

Move your mouse about randomly to generate the randomness.

[[Image:Red-S05.png]]

Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S05a.png]]

Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S06.png]]

Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be '''''.ppk''''':

[[Image:Red-S07.png]]

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server. Copy the key from the PuttyGEN window:

[[Image:Red-S08.png]]

Using ''putty'' logon to our Amahi HDA using the profile you created earlier.

We must now create a directory and file in which to store our public key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">mkdir ~/.ssh<br />
chmod 700 ~/.ssh</div>

And open our file that will store our key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">vi ~/.ssh/authorized_keys2</div>
Type '''''I''''' to enter insert mode. Paste your copied key (just a right click of the mouse was enough for me. Then '''''<Escape> :wq''''' to exit edit mode, write the file and quit. This file may already exist if you have used ssh before.

[[Image:Red-S09.png]]

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

==Configure PuTTY to use the private key==

Close down your shell to your HDA and restart ''putty'' and load your ''192.168.1.67'' profile

[[Image:Red-S01.png]]

Go to '''''SSH >> Auth''''' and click on '''''Browse'''''

[[Image:Red-S10.png]]

Browse to the folder where you saved your keys and select the private key. The one with the '''''ppk''''' suffix.

[[Image:Red-S11.png]]

Go back to your Session tab and click save.

[[Image:Red-S01.png]]

Our private key is now attached to our profile

==Our key-based logon==

Now on our PuTTY sessions screen load your '''192.168.1.67''' profile and press ''Open''. You should get:

[[Image:Red-S12.png]]

Enter your passphrase that you created when generating your keys.

[[Image:Red-S12a.png]]

=Mac OS X - Terminal.app=

==Open Terminal.app==
You can find Terminal.app in your Applications > Utilities folder.

==Generating a public/private key pair==
Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
ssh-keygen -t rsa</div>

Accept all the defaults values (by hitting ENTER) to the questions you'll be asked.

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server.

Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
scp ~/.ssh/id_rsa.pub your_username@hda:.</div>

Replace ''your_username'' with the username you created on Fedora.<br/>
If your HDA is not yet setup, you might have to replace ''hda'' by your HDA' IP address too.<br/>
When prompted, enter the associated password.

Then, we must copy that public key into the ''authorized_keys'' file.

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">ssh your_username@hda<br />
mkdir ~/.ssh<br />
chmod 700 ~/.ssh<br />
mv id_rsa.pub .ssh/authorized_keys2</div>

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

=Linux=

Follow the [[#Mac_OS_X_-_Terminal.app|Mac OS X instructions]], but use a standard terminal (Applications > System Tools > Terminal in Fedora).

=Making it that tad more secure=

Up to now, you can log in with your private/public key pair and still with username/password logins, so if someone doesn't attach a private key to his PuTTY session, he will be asked for a username and password. So to achieve a better security, we must disable the username/password logins (you should do this only when you know that your key-based logins are working, because if they aren't and you disable username/password logins, then you have a problem...).

To disable the username/password logins, we must modify the sshd configuration file. On our Fedora based Amahi system, it's /etc/ssh/sshd_config. You should set Protocol to 2 (1 is insecure and should not be used!), PasswordAuthentication to no.

Login as root:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">su -<br />

vi /etc/sshd/sshd_config</div>

[[Image:Red-S13.png]]

You will now need to restart you SSH server
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
service sshd restart</div>

Key-Based SSH Logins

2011-01-15T19:52:11Z

Crxtasy12: Fixed typos

'''This page shows how to create a key based SSH login to your server using the Windows PuTTY client, Mac OS X Terminal.app or Linux.'''

This will allow you to safely login using SSH onto your HDA without having to provide a password every time.

=Windows - PuTTY=

==Install Putty and PuttyGen==
Download the following files from the [http://www.chiark.greenend.org.uk/%7Esgtatham/putty/download.html PuTTY download] page and save them on your Windows system, e.g. on the desktop:

[http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe]

[http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe]

Both files are self contained executables. That is: they do not install anything but run from where they are saved.

==Create a profile for use with your Amahi HDA==
In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.

Now we will create a profile for our 192.168.1.67 server. Start PuTTY by double-clicking its executable file. You are now in the category Session (see the tree on the left side of the screenshot). Enter 192.168.1.67 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol.

[[Image:Red-S01.png]]

Now select '''Connection >> Data'' in the Category box and in the Auto-login box enter the username you wish to login to your HDA with. In this example 'sue'.

[[Image:Red-S02.png]]

Once this is done return to your Sessions and give your profile a meaningful name and press save. Anytime in the future you can click on your profile name a ''Open'' and your session is opened. You will appreciate this more later.

==Connecting to your HDA using SSH==

Now you are on your 'Sessions' screen lets open our session by pressing open. You should see:

[[Image:Red-S03.png]]

Type in the users password and you have your ssh xterm ready to go. Now this was the normal way of logging in but being a password system it is open to brute force attacks.

==Generating a public/private key pair==

Here we can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:

[[Image:Red-S04.png]]

Move your mouse about randomly to generate the randomness.

[[Image:Red-S05.png]]

Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S05a.png]]

Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S06.png]]

Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be '''''.ppk''''':

[[Image:Red-S07.png]]

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server. Copy the key from the PuttyGEN window:

[[Image:Red-S08.png]]

Using ''putty'' logon to our Amahi HDA using the profile you created earlier.

We must now create a directory and file in which to store our public key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">mkdir ~/.ssh<br />
chmod 700 ~/.ssh</div>

And open our file that will store our key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">vi ~/.ssh/authorized_keys2</div>
Type '''''I''''' to enter insert mode. Paste your copied key (just a right click of the mouse was enough for me. Then '''''<Escape> :wq''''' to exit edit mode, write the file and quit. This file may already exist if you have used ssh before.

[[Image:Red-S09.png]]

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

==Configure PuTTY to use the private key==

Close down your shell to your HDA and restart ''putty'' and load your ''192.168.1.67'' profile

[[Image:Red-S01.png]]

Go to '''''SSH >> Auth''''' and click on '''''Browse'''''

[[Image:Red-S10.png]]

Browse to the folder where you saved your keys and select the private key. The one with the '''''ppk''''' suffix.

[[Image:Red-S11.png]]

Go back to your Session tab and click save.

[[Image:Red-S01.png]]

Our private key is now attached to our profile

==Our key-based logon==

Now on our PuTTY sessions screen load your '''192.168.1.67''' profile and press ''Open''. You should get:

[[Image:Red-S12.png]]

Enter you passphrase that you input when generating your keys.

[[Image:Red-S12a.png]]

=Mac OS X - Terminal.app=

==Open Terminal.app==
You can find Terminal.app in your Applications > Utilities folder.

==Generating a public/private key pair==
Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
ssh-keygen -t rsa</div>

Accept all the defaults values (by hitting ENTER) to the questions you'll be asked.

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server.

Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
scp ~/.ssh/id_rsa.pub your_username@hda:.</div>

Replace ''your_username'' with the username you created on Fedora.<br/>
If your HDA is not yet setup, you might have to replace ''hda'' by your HDA' IP address too.<br/>
When prompted, enter the associated password.

Then, we must copy that public key into the ''authorized_keys'' file.

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">ssh your_username@hda<br />
mkdir ~/.ssh<br />
chmod 700 ~/.ssh<br />
mv id_rsa.pub .ssh/authorized_keys2</div>

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

=Linux=

Follow the [[#Mac_OS_X_-_Terminal.app|Mac OS X instructions]], but use a standard terminal (Applications > System Tools > Terminal in Fedora).

=Making it that tad more secure=

Up to now, you can log in with your private/public key pair and still with username/password logins, so if someone doesn't attach a private key to his PuTTY session, he will be asked for a username and password. So to achieve a better security, we must disable the username/password logins (you should do this only when you know that your key-based logins are working, because if they aren't and you disable username/password logins, then you have a problem...).

To disable the username/password logins, we must modify the sshd configuration file. On our Fedora based Amahi system, it's /etc/ssh/sshd_config. You should set Protocol to 2 (1 is insecure and should not be used!), PasswordAuthentication to no.

Login as root:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">su -<br />

vi /etc/sshd/sshd_config</div>

[[Image:Red-S13.png]]

You will now need to restart you SSH server
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
service sshd restart</div>

Greyhole

2011-01-15T19:27:59Z

Crxtasy12: Fixed typo

[[Category:apps]]
<div style="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;">
'''NEW:''' [http://code.google.com/p/greyhole/wiki/MigrateFromWHS Widows Home Server Drive Extender Migration Guide]

'''NEW:''' [[Greyhole troubleshooting]] guide
</div>

== What is Greyhole ==

A new feature in Amahi is [[Storage pooling]] using [http://greyhole.pommepause.com/ Greyhole]. Storage Pooling is a technology to pool disk drives and make them look as if they were all part of a single pool of disk space.

This feature is installed by default, but requires a few simple steps to begin utilizing the features.

You can add additional drives to your hda and prepare them for use in Greyhole by following [[Adding a second hard drive to your HDA|this tutorial]].

To add a drive to your Greyhole storage pool. First open your dashboard and navigate to the Shares tab. Then click on the Storage Pool sub-category. You will see a page similar to the one below.

== Important Warnings ==
<div style="color:darkred">You should '''never''' change or delete files in the shared directories (''/var/hda/files/*'' by default) directly on the HDA, using the terminal, or the Gnome file browser, for the shares for which you checked the ''Uses pool'' option in the Amahi dashboard. If you want to work with files on Greyhole shares on the HDA, you should [[Mount Shares Locally]].<br/>
You should be safe reading existing files directly, or adding new files directly, as long as don't care that your new files will only be moved into the storage pool during the next check, which runs automatically at midnight (or manually using ''greyhole --fsck''). Until then, your new files will be stored in your shared directories (normally ''/var/hda/files/share_name/'').

Also, touching anything inside the '''gh''' directories that Greyhole creates at the root of your partitions is a recipe for disaster.

We [[Greyhole not on root | strongly discourage you from using the root partition in a drive pool]].
</div><br/><br/>

== First things first ==

You need to go in the Settings tab, and enable '''Advanced Settings'''.<br/>
Without Advanced Settings enabled, you won't see the following page and options.

== For Storage Pool (Partitions) ==

[[File:Storage_Pool_1.png|600px|thumb|left]]

Select the drives you want available for your storage pool.

== Greyhole options ==

The next step is to select the share you want to replicate across the pool.

From the Shares tab, select the Shares sub-catagory. We chose the Pictures share for this tutorial.

[[File:Greyhole_Options_1.png|600px|thumb|left]]

Check the option for "Uses pool" and choose the number of drives to replicate this share. In this instance we have chosen to use all drives available to the greyhole pool.

Note: Greyhole is not a backup solution. If a file is removed, all copies are removed.

== Greyhole advanced options ==

You can further configure Greyhole by manually editing the following file:<br/>
'''/var/hda/platform/html/config/greyhole.yml'''

To see what options are available, and what they do, refer to the [http://greyhole.googlecode.com/svn/trunk/greyhole.example.conf sample greyhole.conf] provided with Greyhole.

greyhole.yml is in in YAML format. Most of it should be easy enough to modify. The only exception would be the sticky_files (and optional sticky_into) options.<br/>
Here's an example of how those should appear:

To specify the following to Greyhole in greyhole.conf:

sticky_files = Music/
sticky_files = Videos/Movies/
stick_into = /mnt/hdd1/gh
stick_into = /mnt/hdd5/gh
sticky_files = Backups/CrashPlan/
stick_into = /mnt/hdd0/gh

one should specify this in the greyhole.yml file, where '''precise indentation matters''':

sticky_files:
- - Music/
- - Videos/Movies/
- - /mnt/hdd1/gh
- /mnt/hdd5/gh
- - Backups/CrashPlan/
- - /mnt/hdd0/gh

For your changes to be effective, you'll need to force Amahi to regenerate the greyhole.conf file. You can do so by editing a share, clicking it's path, and just clicking the Save button without actually changing the path.

== Copying your data into Greyhole shares the first time ==

When you start using Greyhole, you might want to copy or move all your exiting files into your new shares that use the storage pool.

Note: This is not necessary if your files are already in Amahi shares. If they are there, and you enable the ''Uses pool'' option in the Amahi dashboard, the files will start getting moved around into the drives in your storage pool during the night (starting at midnight), when the nightly storage pool check starts.<br/>
The instructions below are for users who have more data to copy into the Greyhole shares than their currently free space in the /var/hda/files/ folder.

One way to do that is to mount the shares that use the Greyhole storage pool, either on the HDA itself, or on a client computer on your local network, and copy your data from their existing location into the mounted shares.
This can be time consuming, but it is the safest way to use Greyhole.

Another way to move your files from their current location into the storage pool is to share their current location using an Amahi share that ''Uses pool'', then let Greyhole nightly check move the files from there into the pool.

Here's a more detailed walkthrough for this method:

# Setup the Greyhole Storage Pool in the Amahi dashboard, Shares > Storage Pool page.
# Go in the Shares > Shares page. In there, make sure you have an existing share for each share you have data for. Create new ones if you need, remove the ones you don't need.
# Edit the ''path'' of each of those shares, and enter the current location of your existing data. For example, the Movies share could have a path = ''/media/External Drive/Movies''
# Enable the ''Uses pool'' option for each of your shares, and select the number of extra copies you'd like, if any.
# Now, you either need to wait for Greyhole'S nightly check to start, or you can start it manually from a terminal, as root, using this command: greyhole --fsck
# Monitor /var/log/greyhole.log to see when the ''fsck'' operation is done.
# Once ''fsck'' is done, your data has now been moved into the Greyhole storage pool (in the drives you selected in Shares > Storage Pool). All that should be left in the previous location of your data (''/media/External Drive/Movies'' from the previous example) should be symbolic links pointing to the new file copies. If the previous location is just empty directories (no symlinks), do not panic. This is normal if your previous location is an NTFS or FAT partition (drive).
# Move all those directories / symlinks from there into the correct folders in /var/hda/files/share_name
# Back in the Amahi dashboard, edit the path of the shares once again, and put back ''/var/hda/files/share_name'' (i.e. the folders where you moved the symbolic links).
# If you used an NTFS or FAT partition for the previous location, you'll need another fsck to create the symlinks where they should be. Either wait for midnight, or launch it manually, from a command line, as root: ''greyhole --fsck''

You're done. All your existing data is now stored in the various drives included in your storage pool, and are accessible via the Samba shares you have defined in the Amahi dashboard.

== /media ==
Including any drive mounted as /media/Something in your storage pool is usually a bad idea.<br/>
Those mounts are created by the ''gnome-automounter'', which requires you to be logged in into X (Gnome) to become available.<br/>
This will create issues with Greyhole, which expects drives to always be available, and will take action when some of them are missing.

Follow this guide to [[Adding a second hard drive to your HDA|permanently mount your drives]], before you include them in your storage pool.

== Monitoring Greyhole ==
Sometimes you might want to monitor what Greyhole is doing, for example when writing data to your greyhole shares for the first time. Here are a few commands you can type in a terminal to follow along.

'''Scrolling view of total Greyhole operations queue:'''
while [ 1 == 1 ]; do greyhole --view-queue | grep Total; sleep 60; done

'''Scrolling log of what files Greyhole is working on right now:'''
tail -f /var/log/greyhole.log

== Convert Greyhole from SQLite to MySQL ==
Greyhole is at the time of writing using SQLite as the default database for queueing up tasks on Amahi. This is unqie to Amahi as Greyhole was originally designed to use MySQL for this task.

There are some major performance benefits to using MySQL over SQLite when writing large amounts of files. Switching can be especially useful when moving data to greyhole shares for the first time. For now there is a script you can run if you want to switch over. This script has been tested to be safe while greyhole is working but should be used with discresion.

''To Convert to MySQL, run as root:''

/usr/share/greyhole/db_migration-sqlite2mysql.sh

To see what DB engine is Greyhole using, do this:

grep db_engine /etc/greyhole.conf

== Disable Greyhole ==
For those who do not use Greyhole, you can disable it. This is based on the fact you never have used it by enabling 'Uses pool' on any share. Recommend using extreme caution as this could have unpredictable results.

Perform the following steps as user '''root''':

chkconfig greyhole off
rm /etc/monit.d/greyhole.conf
service monit restart
service greyhole stop

'''DO NOT''' attempt to remove the Greyhole package as it is a dependency of the HDA software. Doing so will break your HDA.

= Testing and Reliability =

Check out the [[Greyhole grinder]] to help make Greyhole rock solid.

= Greyhole Troubleshooting =

[[Greyhole troubleshooting]] guide

Key-Based SSH Logins

2010-05-02T22:35:17Z

Crxtasy12:

'''This page shows how to create a key based SSH login to your server using the Windows PuTTY client, Mac OS X Terminal.app or Linux.'''

This will allow you to safely login using SSH onto your HDA without having to provide a password every time.

=Windows - PuTTY=

==Install Putty and PuttyGen==
Download the following files from the [http://www.chiark.greenend.org.uk/%7Esgtatham/putty/download.html PuTTY download] page and save them on your Windows system, e.g. on the desktop:

[http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe]

[http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe]

Both files are self contained executables. That is: they do not install anything but run from where they are saved.

==Create a profile for use with your Amahi HDA==
In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.

Now we will create a profile for our 192.168.1.67 server. Start PuTTY by double-clicking its executable file. You are now in the category Session (see the tree on the left side of the screenshot). Enter 192.168.1.67 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol.

[[Image:Red-S01.png]]

Now select '''Connection >> Data'' in the Catagory box and in the Auto-login box enter the username you wish to login to your HDA with. In this example 'sue'.

[[Image:Red-S02.png]]

Once this is done return to your Sessions and give your profile a meaningful name and press save. Anytime in the future you can click on your profile name a ''Open'' and your session is opened. You will appreciate this more later.

==Connecting to your HDA using SSH==

Now you are on your 'Sessions' screen lets open our session by pressing open. You should see:

[[Image:Red-S03.png]]

Type in the users password and you have your ssh xterm ready to go. Now this was the normal way of logging in but being a password system it is open to brute force attacks.

==Generating a public/private key pair==

Here we can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:

[[Image:Red-S04.png]]

Move your mouse about randomly to generate the randomness.

[[Image:Red-S05.png]]

Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S05a.png]]

Then click on Save public key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.

[[Image:Red-S06.png]]

Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be '''''.ppk''''':

[[Image:Red-S07.png]]

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server. Copy the key from the PuttyGEN window:

[[Image:Red-S08.png]]

Using ''putty'' logon to our Amahi HDA using the profile you created earlier.

We must now create a directory and file in which to store our public key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">mkdir ~/.ssh<br />
chmod 700 ~/.ssh</div>

And open our file that will store our key

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">vi ~/.ssh/authorized_keys2</div>
Type '''''I''''' to enter insert mode. Paste your copied key (just a right click of the mouse was enough for me. Then '''''<Escape> :wq''''' to exit edit mode, write the file and quit. This file may already exist if you have used ssh before.

[[Image:Red-S09.png]]

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

==Configure PuTTY to use the private key==

Close down your shell to your HDA and restart ''putty'' and load your ''192.168.1.67'' profile

[[Image:Red-S01.png]]

Go to '''''SSH >> Auth''''' and click on '''''Browse'''''

[[Image:Red-S10.png]]

Broswe to the folder where you saved your keys and select the private key. The one with the '''''ppk''''' suffix.

[[Image:Red-S11.png]]

Go back to your Session tab and click save.

[[Image:Red-S01.png]]

Our private key is now attached to our profile

==Our key-based logon==

Now on our PuTTY sessions screen load your '''192.168.1.67''' profile and press ''Open''. You should get:

[[Image:Red-S12.png]]

Enter you passphrase that you input when generating your keys.

[[Image:Red-S12a.png]]

=Mac OS X - Terminal.app=

==Open Terminal.app==
You can find Terminal.app in your Applications > Utilities folder.

==Generating a public/private key pair==
Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
ssh-keygen -t rsa</div>

Accept all the defaults values (by hitting ENTER) to the questions you'll be asked.

==Save the public key on our Amahi server==

Now we must transfer the public key to our Amahi HDA server.

Execute the following command, in Terminal.app:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
scp ~/.ssh/id_rsa.pub your_username@hda:.</div>

Replace ''your_username'' with the username you created on Fedora.<br/>
If your HDA is not yet setup, you might have to replace ''hda'' by your HDA' IP address too.<br/>
When prompted, enter the associated password.

Then, we must copy that public key into the ''authorized_keys'' file.

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">ssh your_username@hda<br />
mkdir ~/.ssh<br />
chmod 700 ~/.ssh<br />
mv id_rsa.pub .ssh/authorized_keys2</div>

Now to make that file accessible by only the user

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>

=Linux=

Follow the [[#Mac_OS_X_-_Terminal.app|Mac OS X instructions]], but use a standard terminal (Applications > System Tools > Terminal in Fedora).

=Making it that tad more secure=

Up to now, you can log in with your private/public key pair and still with username/password logins, so if someone doesn't attach a private key to his PuTTY session, he will be asked for a username and password. So to achieve a better security, we must disable the username/password logins (you should do this only when you know that your key-based logins are working, because if they aren't and you disable username/password logins, then you have a problem...).

To disable the username/password logins, we must modify the sshd configuration file. On our Fedora based Amahi system, it's /etc/ssh/sshd_config. You should set Protocol to 2 (1 is insecure and should not be used!), PasswordAuthentication to no.

Login as root:

<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">su -<br />

vi /etc/sshd/sshd_config</div>

[[Image:Red-S13.png]]

You will now need to restart you SSH server
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
service sshd restart</div>