Category Archives: Command-Line

How to install Privoxy and combine it with Tor

In this post I’ll show you how you can improve your privacy and anonymity while you are browsing on some websites. For this purpose I’ll use Privoxy and Tor. Privoxy is a non-caching web-proxy with filtering capabilities for enhancing privacy. Tor uses an overlay network of volunteers and relays your traffic through the Tor network to it’s destination. It also encrypts your data, so no Tor node (except the exit node) can read your data.

This is not a high-security setup, but it should improve your privacy and anonymity.

1. Privoxy
2. Tor
3. Combine Privoxy and Tor
4. Appendix
Read the rest of this entry

How to set up a stateful firewall with iptables

My old post to set up a small rules set for iptables is deprecated so I decided to update this post and improve some rules.
This time I tested this iptables setup on my Raspberry Pi. I connected to my Pi via SSH and the first time I tested the rules order I locked myself out and I had to connect the monitor and keyboard to fix this. The rule order in this post worked for me to set everything up via SSH.

I also tried this setup on a virtual machine and made a screencast of it. You can find the video at the end of this post.

1. Kernel modules
2. Important Rules
3. Chain Policies
4. Port Rules
5. Logging
6. Saving Rules
7. Appendix (Script and video)
Read the rest of this entry

How to install a CalDav and CardDav server using Radicale

During my time at the university I had lots of meetings, events and I couldn’t remember all these events, so I had to write them down. But we’re living in a digital world, so I wanted to keep all my appointments digitally. I tried Thunderbird Lightning and it is a great Add On. But I also wanted to synchronize all these events with my smartphone without using an external cloud, e.g. Google Calendar.

I wanted a small program with minimal dependencies to act as a server which is able to run on a Raspberry Pi. It doesn’t have to provide a web interface, because I can use Thunderbird or my smartphone to add, change or delete events. I found Radicale which is written in Python and has no dependencies. It supports the CalDav and CardDav protocol. That’s all I wanted so I gave it a try. My first impression was very good and it works great. Here are all steps I did to set up my own CalDav server with Radicale.

1. Installation of Radicale
2. Adding bcrypt support to Radicale (optional step)
3. Configure Radicale
4. Configure Thunderbird Lightning
5. Configure Android Calendar
Read the rest of this entry

How to extract video URLs from YouTube

I know there are many tools out there that allow you to download videos from YouTube, like the Video Download Helper for Firefox, even online tools that convert the audio to mp3. The reasons I’m writing this article are a) because sometimes you just need the URL, for example to watch a video with a much less ressource consuming player like VLC or ffplay, b) because sometimes you just want to listen to the audio and save up even more ressources by not decoding the video and c) because I can ūüėČ
Read the rest of this entry

How to make diffs of SVN and Git files with vimdiff

Version control systems like Git or SVN have lots of advantages. One can easily fork a project or create a new branch to test new code. I use Git for all my programs, reports and for my thesis. But sometimes it is necessary to see the difference of two versions of a file. One can use git diff or svn diff but in my opinion the output of these tools are not very nice and it is not easy to see the difference of the files.
In this post I will show you how you can display the difference of two versions of a (SVN or Git) file. The tool I’ll use for this purpose is vimdiff. It’s also possible to use gvimdiff for graphical vim, just replace vimdiff with gvimdiff.
Read the rest of this entry

How to create your own PKI with openssl

Today certificates are widely used to verify, authenticate a client/user or server, to encrypt or sign emails or to sign other types of objects (e.g. source code). You are using a certificate at the moment, due to the secure http (https) connection.
In this post I will show you how to create your own Root Certificate Authority (CA).

1. Create a self signed root certificate
2. Create a sub ca certificate
3. Create a server certificate
4. Create a user certificate
5. Generate a certificate revocation list
6. Revoke a certificate
7. Export a certificate to PKCS#12 format
8. Bash script to manage your own CA

I recommend to configure your openssl.cnf (located at /etc/ssl/openssl.cnf). This is the most annoying part, but it simplifies the next steps. You can find an example of an openssl.cnf I’ll use at the end of this post. Be careful at the policy_match section, this can be a problem while signing a certificate signing request.
Read the rest of this entry

How to make daily backups with rsync and cronjobs

It’s always a good idea to make backups of important data (documents, images, music, etc.), e.g. the worst case for students is to lose data of written reports or theses.
I wanted to make backups of my documents and source codes every day. The backup should be stored on a usb flash drive. But I also wanted to keep deleted files for a couple of days, in case of accidentally deleted files. There are many ways to complete this task, but I decided to use rsync and cronjobs for this purpose. Both tools make the backup process very flexible. It’s very easy to manage the time of the backup process with cronjobs and rsync makes it easy to change the destination (e.g. another folder, device or remote host).
My idea was to add a cronjob to start a bash script which uses rsync to copy the directories and files to the flash drive. But the device names of flash drives changes, if you plug them in a different order. To avoid this problem, I added a udev rule to create a symbolic link every time the flash drive is plugged.
Read the rest of this entry

How to trim strings with bash

If you want to trim a string from or to a certain pattern, you don’t have to invoke cut, sed or awk. You can use the % operator to trim a string from the first or last occurrence of a pattern to the end or the # operator to trim from the beginning to the first or last occurrence of it.
Read the rest of this entry

How to install Slackware ARM on a Raspberry Pi

A few days ago I got my Raspberry Pi and I had to decide which OS I install. I like Slackware and decided to give Slackware ARM (formerly ArmedSlack) a try. It was surprisingly easy to install it.
The first step was to download the Slackware ARM installer and copy it to the SD card.
Download installer:

$ wget http://www.daves-collective.co.uk/raspi/images/raspi-slack-installer_01Aug12.img.xz

Write the installer to SD card:

$ xz -dc raspi-slack-installer_01Aug12.img.xz | dd of=[device] bs=65536
Read the rest of this entry

How to migrate from initscripts to systemd on Archlinux

In this how to I will describe how to migrate from initscripts to the “new” systemd init system on Archlinux. Initscripts will still work, but it is recommended to switch completely to systemd.

1. Update and installation
2. Migration and configuration
3. Optional improvements
4. Useful commands
5. Troubleshooting
Read the rest of this entry