Archive for the ‘Webtechnology’ Category

No Comments

Using Krusader with Ubuntu 18.04

Thursday, June 7th, 2018

Krusader is a very fine two pane file-manager that comes with many powerful inbuild features, while Nautilus or the Mate fork (Caja) lack many of those important features: two panes, open folder in terminal (with keyboard shortcut), a useful bookmark manager, password manager (for remote sites like (S)FTP, configurable user-actions, and its highly configurable (with a lot of keyboard shortcuts).

Once you’ve experienced Krusader from the keyboard, Caja or Nautilus is simply inferior in daily usage. It seems that Gnome’s choice to embrace touch screen devices comes with a cost for heavy keyboard desktop users.

This doesn’t mean I don’t use Nautilus, I do! I simply use both file managers. Remember, everything is a file in the Unix philosophy. So the file-manager, next to the editor, is the most important tool in Linux.

Browsing two panes in Krusader is easy, searching, copying, moving files, or synchronizing panes, browsing archives, it’s all supported, with nice keyboard support.

Some of Krusader’s powerful features:

  • remote mounts (SFTP/SSH/FTP)
  • compare by content
  • batch multi rename
  • synchronize panes
  • split/ combine files
  • verify files checksum
  • visual tool to show folder usage/size
  • user-actions to easily setup  cli based actions for selected files, like resizing images, converting media-files etc, all with keyboard shortcut support.
  • mirror mode, traversing trees

Krusader does need some additional tools to show real power, like krename, kate (for internal viewer), and the some icons are missing with a default install in Ubuntu 18.04. We will fix that.

Start with installing Krusader:

sudo apt install krusader

# and some tools
# krename powerfull batch rename tool)
# kate (editor)
# bookmark manager
sudo apt install keditbookmarks
# saving passwords
sudo apt install kwalletmanager
# PGP encryption for kwallet
sudo apt install kpgp
# support for (s)ftp mounts
sudo apt install kio-extras
# kde terminal, not needed if you tweak the Krusader settings to use gnome-terminal or mate-terminal
sudo apt install konsole
# for visual diff and merge tool
sudo apt install kompare
sudo apt install meld

Now you could start-up Krusader, it will ask you about some path for tools for packing and unpacking, you can install them later if you need them (rar/unrar etc).

Now you will probably notice, Krusader looks weird, it’s missing icons. By default Krusader is using breeze-icons. Unfortunately installing the breeze deb package will not do the trick. It’s a long story how to fix that, but the easiest method I came along was this:

Extract the binary icon-theme from the icon-package (breeze-icon-theme-rcc_5.46.0-1_all.deb), rename it  and place it in the Krusader config folder.

Download the deb, and open the deb with your archive manager and extra this file /usr/share/icons/breeze/breeze-icons.rcc.

Rename and copy it to the Krusader config map:

~/.local/share/krusader/icontheme.rcc

Restart Krusader, and icons are in place.

If you want  Krusader to  save passwords: Setup a new wallet with kwalletmanager, and Krusader will use that default wallet. Probably you will need a logout/reboot.

No Comments

Security by design: following the right principle

Friday, April 6th, 2018

Since there was some attention to a CSS driven keylogger, it’s good again to point out the security risks of third party content. That risk is huge.

When a third party CSS Stylesheet can steal your password, it would be a piece of cake for any Javascript script to do the same.

If you follow this blog, it will not surprise you that we’re skeptical to all the JavaScript driven frameworks that are fashionable. In general Javascript is bad for security, privacy, and the planet 🙂 : battery usage. It’s good for tracking, fingerprinting and advertisements, and visual eye-candy.

Yes, JavaScript can be nice, but please adhere to these old principles: graceful degradation and progressive enhancement. And it’s fashionable not to follow those principles.

Don’t force JavaScript, because you’re trying to sell adds, or track users.

Don’t overdo JavaScript: an URL with your contact info should have your contact info (in HTML). Otherwise you should point to another URL. Don’t hide this information behind Javascript and in JSON somewhere. You’re breaking the internet. Keep information accessible.

It’s important to underline again. Every script that is loaded with <script> has access to the DOM, and if the page is a login page, it has access to the password and username.

So a simple principle can be deducted, and it’s a shame that we have to repeat it here.

Never add any (third party) script to a login page. NEVER.

Nobody should be authorized to have access to a plain password, except for the user. Nobody. Limit access by design, not by trust.

(more…)

16 Comments

How to run or boot Raspbian on a Raspberry Pi Zero without an SD-card.

Thursday, March 22nd, 2018

In an earlier post I explained how you can run and connect to a Raspberry Pi Zero with just an USB cable. Still the RPI Zero was using a micro SD card.

Luckily the great minds of the Raspberry Pi Foundation developed new boot modes: ethernet boot and USB Mass Storage Device (MSD) boot for the Raspberry Pi 3.

Now they came up with USBBoot, a tiny program that pushes the bootcode over the USB to the Raspberry Pi Zero (Raspberry Pi model A, Compute Module, Compute module 3 and Raspberry Pi Zero and Raspberry Pi Zero W), so it can boot without a micro SD-card.

Boot a RPI Zero from your laptop without SD card

In this post we will boot the Zero with the latest Raspbian Stretch (lite) from an common Ubuntu laptop, running 16.04LTS. It is surprisingly comfortable once you’ve set it up. And remember we’re running the Zero without any SD card, which costs are higher then a Raspberry Pi Zero. You do not need an SD card at all.

Yes, we use a standard USB cable to power,  connect, provide internet-access, an OS and storage for the Pi Zero.

So we gonna run the poor Raspberry Pi headless (=no monitor), armless (=no keyboard or mouse) and brainless (=no memorycard). And you know what? Back to the basics make the little gem shine!!

(more…)

No Comments

How to load an image in HTML/CSS

Tuesday, March 6th, 2018

Using an IMG tag

<img src="path/to/image.jpg" alt="">

Setting a background

<div style="background-image:url(path/to/image.jpg)" ></div>

Using the picture tag

<picture> <source srcset="path/to/mage.webp" type="image/webp" > <img src="path/to/image.jpg" alt=""> </picture>

This will load a webp format in browser that suppport it, and a jpg image as fallback. Webp is a format that offer better compression than jpg combined with transparancy. Unfortunately it is not supported yet by Firefox or Safari.

An IMG tag is needed, the picture tag will not show anything, it will just let you set several `url` choices for image type or media selector.

Setting the background in a pseudo-element

div::before{
 background-image: url(path/to/image.jpg);
 }

Using an IMAGE tag

<image src="path/to/image.jpg" alt="">

Yes, you can use an image tag as well, this will be interpreted as `img` tag in the DOM.

Using the picture tag with an image tag

<picture>
 <source srcset="path/to/mage.webp" type="image/webp" >
 <image src="path/to/image.jpg" alt="">
 </picture>

Setting the content in a pseudo-element

div::before{
 content: url(path/to/image.jpg);
}

Yes, you can load in image in HTML by setting to content property to an URL.

2 Comments

Laptop Power Connector Plug Size

Thursday, November 2nd, 2017

My good old Acer laptop started to smoke sitting on the couch yesterday evening.

Growing old, in cat years my laptop is an old gray tomcat, but with a SSD and some good memory, you can grow old rather vividly these laptop days. A mouse a day keeps the doctor away.

But it wasn’t smoking a cigar; the wire near the plug was short-circuited, probably all the bending a lifetime  was suddenly to much this particular evening.

I saw it starting to smoke, so I unplugged it immediately. The adapter was, like any good house-cat, lying on the newspaper. Wow, my house could end up in a fire, taking a piss.

Then I started to look for a new adapter, old laptops work fine, but old batteries are suffering from age, and I couldn’t find a good fit.

All brands seems to have a specific adapter size, so I made a table with power connector plug sizes for different laptop brands:

Brand Plug Size Volt Ampere
Acer 5.5mm x 1.7mm 19V 2.0A – 4.74A
Asus 5.5mm x 2.5mm 19V 3.42A – 4.74A
Asus Netbook 2.35mm x 0.7mm 19V 2.1A
Dell 7.4mm x 5.0mm 19.5V 3.34A – 4.5A
Fujitsu 6.3mm x 3.0mm 16V 4.7A
HP 4.8mm x 1.7mm 18.5V 3.5A
IBM / Lenovo Thinkpad 7.9mm x 5.5mm 20V 3.5A – 4.5A
Lenovo 5.5mm x 2.5mm 19V 3.42A – 4.74A
Sony 6.3mm x 3.0mm 16V 4.7A
Toshiba 5.5mm x 2.5mm 19V 3.0A – 4.74A

These are the most common ones, please let me know any mistakes or omissions.

2 Comments

openVPN on Ubuntu, fixing import errors

Sunday, October 22nd, 2017

You can run into trouble importing an .ovpn config file in Ubuntu, while the same file is imported without any problem in Android.

Somehow when there are unknown or not-supported sections in the config file, importing in Ubuntu will fail with this rather obscure error:

The file 'vpn.ovpn' could not be read or does not contain recognized VPN connection information

Error: the plugin does not support import capability.

The solution is to manually edit the openvpn.ovpn file in a text editor and fix it.

In my case the openvpn.ovpn config file suffered from 2 problems:

  • connections were double defined
  • a <dh> tag was includes, which shouldn’t be in a client file

Fixing the openvpn.ovpn file import

Following these steps will fix the import of openvpn.ovpn config files in Ubuntu 16.04 LTS. Open the openvp.ovpn in a text-editor.

  1. Delete the complete <dh> tag.
  2. When you have multiple <connection> tags, it won’t import. Remove the TCP connection tag completely:
    <connection>
    remote <ip> 443 tcp-client
    </connection
  3. The edit the remaining connection tag by removing the surrounding tags, simply unXML it.
    <connection>
    remote <ip> 1194 udp
    </connection>
    to
    remote <ip> 1194 udp

Save your file and import it.

  1. Edit connections
  2. Add
  3. Scroll down
  4. Import a saved vpn connection
  5. create
  6. Select the edited openvpn.ovpn file
  7. Done!

Explanation

The Diffie Hellman Parameters are only needed for the server, so this is a bug in  the openvpn server that creates the client config file. Still the import script should skip this setting instead of choking on it.

Then the multiple connection issue: Most openvpn servers will accept connections over UPD (preferred setting), but will offer a fallback over TCP when the client is behind a firewall that doesn’t allow UDP. This will happen now and then. The TCP port is the same as the https port, so that port is always open. It seems the network manager doesn’t allow multiple connection setup, although it can use a TCP connection. If you need TCP as a fallback just setup two connections:

  1. OpenVPN UDP
  2. OpenVPN TCP

And choose what you need in your network settings, this is probably the best solution. And actually easier then changing method inside the the profile settings, like you should do in Android.

You probably need to replace tcp-client with tcp, and remove the connection tag:

remote <ip> 443 tcp

Happy and safe networking!