Squoggle
Mac's tech blog
Category Archives: Linux Mint
Install VirtualBox 7.0 on Linux Mint 21.x
Posted by on March 11, 2023
This is what I did to install VirtualBox 7.0 on my new Linux Mint 21.1 workstation.
See the VirtualBox Wiki for the deets on VirtualBox 7.0
- Ensure your system has been updated:
$ sudo apt update && sudo apt upgrade -y - Download the VirtualBox GPG Keys:
$ curl https://www.virtualbox.org/download/oracle_vbox_2016.asc | gpg --dearmor > oracle_vbox_2016.gpg
$ curl https://www.virtualbox.org/download/oracle_vbox.asc | gpg --dearmor > oracle_vbox.gpg - Import the VirtualBox GPG Keys:
$ sudo install -o root -g root -m 644 oracle_vbox_2016.gpg /etc/apt/trusted.gpg.d/
$ sudo install -o root -g root -m 644 oracle_vbox.gpg /etc/apt/trusted.gpg.d/ - There does not appear to be an official repository for Linux Mint, but Linux Mint is derived from Ubuntu 22.04 which is code named ‘Jammy’. Add the Jammy VirtualBox Repository to the system:
$ echo "deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian \jammy contrib" | sudo tee /etc/apt/sources.list.d/virtualbox.list - Update the Repositories:
$ sudo apt update - Install Linux Headers:
$ sudo apt install linux-headers-$(uname -r) dkms - Install VirtualBox:
$ sudo apt install virtualbox-7.0 - Download the VirtualBox Extension Pack:
$ cd ~/Downloads
$ VER=$(curl -s https://download.virtualbox.org/virtualbox/LATEST.TXT)
$ wget https://download.virtualbox.org/virtualbox/$VER/Oracle_VM_VirtualBox_Extension_Pack-$VER.vbox-extpack - Install the Extension Pack:
$ sudo VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-*.vbox-extpack - You can now launch VirtualBox from the Desktop menu.
Linux Mint 21.x
Posted by on January 3, 2023
These are my notes on configuring Linux Mint 21.x.
If you find this and think it is useful, leave a comment and say what you like or don’t like. Keep in mind these are my own notes and are not intended to be a HowTo for the general public.
This installation was done on an Dell Optiplex 7050. I’m also installing on Oracle Virtual Box so I will add some additional steps for that which will be noted as extra steps for Virtual Box.
Disable Secure Boot
I configured the Dell BIOS to have Secure Boot Disabled. It is possible to install this and have Secure Boot Enabled but for my purposes this is simply a hassle that I don’t need and the benefits are negligible for a home computer.
Install Linux Mint 21.x.
As of this writing it is Mint 21.1. I may update these instructions as newer versions come out. Without going into lots of detail on how to install Linux Mint which has been covered in many other HowTos I am just focusing on what I do to configure it to my liking. I am installing on a fresh new disk. I did install multimedia codecs. If you have turned off Secure Boot as mentioned earlier you will not have any additional prompts in this area.
I did select Advanced Features in the Installation Type window and selected to use LVM with the new installation. I did choose to erase disk because this is a new disk and a fresh install. I did choose to encrypt my home directory. Maybe not? Testing without encrypting.
The installation is pretty straight forward and not complicated.
Up and Running
Virtual Box Guest Additions
For Virtual Box Virtual Machine you will need to install Guest Additions
- Click Devices
- Insert Guest Additions CD image
- Click ‘Run’
- Type your password
This will install guest additions and allow you to resize your screen on the fly.
First Steps
When you first run Mint you will get a Welcome Screen. On the left click First Steps.
Panel Layout. I like Traditional Panel Layout.
Launch the Update Manager and update everything. You may need to reboot at this point.
Launch Driver Manager and see if you need any drivers. I did not need any.
I’ll talk about System Snapshots a little later.
I will address Firewall a little later as well.
The other items on First Steps are pretty much self explanatory.
Firmware
I get a message when I did the updates that the firmware was outdated. I was able to resolve the issue by doing the following:
$ sudo apt install fwupd
$ fwupdmgr get-updates
$ fwupdmgr update
Then follow the prompts to update. The system will reboot and do the updates then reboot again.
Synergy
I’m putting Synergy first. For me it makes it easier to set up my new machine alongside my old one and use the single keyboard and mouse. That way I don’t have to switch back and forth on the keyboard.
Linux Mint 21 is based on Ubuntu 22.04 LTS. See: https://en.wikipedia.org/wiki/Linux_Mint
Go to https://symless.com/account and sign in. Go to the download page and get the package for Synergy 1. Synergy 2 is no longer supported and is not backwards compatible. Synergy 3 is in beta if interested. Download the Ubuntu 22 package and save it to ~/Downloads.
Install it on both the Server and Client computer. Make sure the same version is on both computers.:
$ cd ~/Downloads $ sudo apt install ./synergy_1.14.6-snapshot.88fdd263_ubuntu22_amd64.deb
Now from the desktop menu select Synergy and run it.
- You will be prompted to name the computer. If your computer already has a name then it will suggest the name for you. Click ‘Apply’.
- You will be prompted to enter your serial key. This can be found on the Account page on the Synergy web site.
- You will be prompted to select to either ‘Use this computer’s keyboard and mouse…’ or ‘Use another computer’s keyboard and mouse…’. In this case I am using another computer’s keyboard and mouse. Select the appropriate response.
- Type in the IP address of the Server. Click ‘Connect’
- You will get a ‘Security Question’ about the Server’s fingerprint. Read that and click ‘Yes’.
- On the Server side you need to click the ‘Configure Server’ button to configure the layout.
- If you run into trouble you should go into preferences and un-check ‘Enable TLS encryption’ on both Server and Client and get it working without TLS. Then once it is working switch to TLS.
- From the new computer’s startup menu find ‘Startup Application’ and add Synergy to startup list. I’ve added a startup delay of about 30 seconds.
- Once you have everything working correctly you should go to Preferences in both Server and Client and click both ‘Hide on startup’ and ‘Minimize to system tray’. Now you can minimize and not have it open in your task bar.
Sudoers
Edit the /etc/sudoers file so you don’t have to put your password in each time:
$ sudo visudo
There will be a line that looks like this:
%sudo ALL=(ALL:ALL) ALL
Comment out that line and make it look like this:
%sudo ALL=(ALL) NOPASSWD: ALL
Now when you use sudo you will not have to enter your password.
Install OpenSSH Server
Install SSH Server so you can ssh to the host:
$ sudo apt install openssh-server -y
Test ssh to the new host. You may during this process encounter an error regarding an “Offending ECDSA key in ~/.ssh/known_hosts”. This is easily resolved by deleting the referenced line in ~/.ssh/known_hosts.
I’ve also experienced an issue where when attempting to ssh to this new host via name it does not work. SSH via IP address does work. DNS resolution is correct. I even have the host in /etc/hosts. No dice.
I was finally able to resolve the issue by putting an entry into the ssh config file on my SSH from host in the ~/.ssh/config.d/LocalHosts.conf file. The entry in this file looks like this:
Host pop
Hostname 192.168.20.34
ForwardX11 yes
ForwardX11Trusted yes
This seems to have solved the problem. I suspect I have some other conflicting entry in my ssh config files that are preventing this, but I can’t find it.
SSH Keys:
Now that you can ssh to your new host you will want to be able to ssh using your ssh key instead of password. From the remote host do this:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [newhostname]
You will be prompted to enter the password for the New Host. It will copy over your public ssh key from ~/.ssh/id_rsa.pub. This assumes your public ssh key is indeed ~/.ssh/id_rsa.pub.
You should be able to ssh to the new host now without entering your password.
(Optional) Now copy all the ~/.ssh directory contents from your old host into this new host so you have the keys, the known hosts and authorized keys files from your user on the old host and now have them on your new host.
From the old host:
$ cd ~/.ssh
$ scp -r * [new-host-name]:~/.ssh
Hosts file:
Copy the Home Network section of your /etc/hosts file from the old host to the /etc/hosts file on the new host
Dropbox
Install Dropbox and python3-gpg packages
$ sudo apt install dropbox python3-gpg
Then go to start menu and find Dropbox and run it.
You will get a message that says in order to use Dropbox you must download the proprietary daemon. Click OK
A Web Page will pop up where you enter your credentials. Do so. You can now open the DropBox client in the toolbar.
Install KeepassXC
Keepass XC is the greatest Password Safe in my humble opinion.
Install it:
$ sudo apt install keepassxc -y
Install Chrome
You’ll need Chrome as well
Go to https://www.google.com/chrome/
Click the Download Chrome button. Mine automatically downloaded into ~/Downloads. The 64 bit version was automatically selected.
Install it like this:
$ cd ~/Downloads
$ sudo apt install ./google-chrome-stable_current_amd64.deb
This will automatically install a repository as well for future updates.
Install Signal
Go to https://signal.org/en/download/
Click on Download for Linux and follow the instructions that pop up.
After you install Signal edit the startup line in /usr/share/applications/signal-desktop.desktop to look like this:
Exec=/opt/Signal/signal-desktop --use-tray-icon --no-sandbox %U
Additional Software
There are other software packages I need. I’ll do them one at a time because I don’t want to confuse error message between one package or another:
$ sudo apt install kwrite -y $ sudo apt install kate -y $ sudo apt install terminator -y $ sudo apt install sshuttle -y $ sudo apt install vim -y $ sudo apt install sshpass -y $ sudo apt install nfs-common -y $ sudo apt install gparted -y $ sudo apt install imagemagick -y $ sudo apt install whois -y $ sudo apt install lsscsi -y
Mount NFS Share
Create a mount point:
$ cd ~
$ mkdir -p mnt/[nfs-server-host-name]
Edit /etc/fstab and add these lines:
# External Mounts [nfs-server-host-name]:[path-to-nfs-export] /home/[your-user]/mnt/[nfs-server-host-name] nfs rw,soft,noauto 0 0
Edit /etc/hosts and add the IP address of Serenity.
Then mount the NFS share:
$ sudo mount [nfs-server-host-name]:[path-to-nfs-export]
You will need to modify the firewall rule on the NFS server to allow connections from your new host before this will work.
https://squoggle.wordpress.com/2020/05/04/iptables/
Mount External Hard Drive
See what device your External USB device shows up as:
$ lsscsi
[0:0:0:0] disk ATA Samsung SSD 860 4B6Q /dev/sda
[1:0:0:0] cd/dvd HL-DT-ST DVD+-RW GU90N A1C2 /dev/sr0
[4:0:0:0] disk WD Elements 25A1 1018 /dev/sdb
In my case it shows up as /dev/sdb
Edit your /etc/fstab file and make an entry like this:
# Western Digital Elements Backup Drive /dev/sdb1 /home/mac/mnt/WD ntfs rw,relatime,user_id=0,group_id=0,allow_other 0 0
Create a mount point for the External Hard Drive
$ mkdir -p ~/mnt/WD
Then mount
$ sudo mount -a
Something else here.
Install Slack:
Go to https://slack.com/downloads/linux
Download the .deb 64 bit package into your ~/Downloads directory.
Then install it:
$ cd ~/Downloads $ sudo apt install ./slack-desktop-4.29.149-amd64.deb
Crossover
Get the most recent version of Crossover here:
https://www.codeweavers.com/crossover
Get the free trial and download to your machine.
Then install like this:
$ sudo apt install ./crossover_[version-number].deb
Before you attempt to run any bottle you will need to install this library:
$ sudo apt-get install liblcms2-2:i386
This will install a bunch of other dependencies as well.
To export a bottle from one machine to another, in this case Quicken, which is the only reason for running Crossover, do this:
- Open Crossover
- Right Click on the Quicken Bottle.
- Choose ‘Export Quicken 2017 to Archive’
- Choose a location to save it. It is a good idea to time stamp the file to not overwrite a previous working bottle export.
- On the new machine go to Menu > Bottle > Import Bottle Archive
- Browse to where you stored the archive, click it and click ‘Restore’.
- I get a message that CrossOver needs to install several Linux packages in order to run Windows applications. Click Yes. This will install a butt load of libraries and dependencies.
- You may actually think it is stuck but when it seems to stop doing something see if the ‘Continue’ button is active and if so, click it.
- The process will sit there for a bit acting like it is stuck. Just be patient.
- Finally your bottle should be imported.
- Make your symlinks to your datafiles to your home directory because Crossover has issues with finding files that are deep.
- Crossover only needs your email address and login password to register. There is no serial number.
Surprisingly this was the first time importing a bottle worked flawlessly. This is a new version on new machine so maybe they worked the kinks out of it.
VueScan
Get the latest version here:
https://www.hamrick.com/alternate-versions.html
Profile
Modify your profile.
Edit ~/.bashrc and change
alias ll='ls -alF'
to
alias ll='ls -lF'
Set your $PATH to include ~/bin
# Set your path to inclue $HOME/bin
PATH="$HOME/bin:$PATH"
Save the file and then source it like this:
$ source ~/.bashrc
Additional Packages
Here’s a way you can see what packages you have on your old machine and compare to what you have on your new machine.
On the old machine do:
$ sudo apt list --installed | cut -f1 -d/ | sort > installed.[old-hostname]
Then on the new machine do:
$ sudo apt list --installed | cut -f1 -d/ | sort > installed.[new-hostname]
Then SCP the installed.[new-hostname] file to the old host and then compare them like this:
$ diff installed.gob installed.pop | grep ‘<‘
This will give you a list of packages that are installed on the old host but not on the new host. It turns out I had quite a few. Go thru the list and see what you need on the new.
The majority of the packages you find will probably be dependencies for some other package you installed. If you don’t know what a package is for you can easily check information about it with:
$ apt show [package-name]
The majority of the packages I found this way are libraries that are dependencies for other packages I have installed over time.
I found a few packages that I think are useful and should probably be installed:
alien
gimp
gparted
git
mlocate
nmap
traceroute
This is a short list of many.
Other Must See Pages
At this point you should be up and running and ready to work. However there are a lot more things that I typically use on a day to day basis when using Linux Mint.
This list is not an extensive list but may be of help:
Install VirtualBox 7.0 on Linux Mint 21.x
Installing ZenMap in UBUNTU 22.04
How to Install Zenmap on Ubuntu 22.04
How to install Proton VPN on Linux Mint
How to use the Proton VPN Linux app
Install JetBrains Toolbox App Then use the Toolbox to install PyCharm and DataGrip
Certificate Revocation List (CRL)
Posted by on December 15, 2022
Certificate Revocation Lists (CRLs) are used in public key infrastructure (PKI) to identify digital certificates that have been revoked by the certificate authority (CA) before their expiration date.
When a CA revokes a digital certificate, it adds the certificate’s serial number to the CRL. The CRL is then distributed to users who rely on the PKI, such as web browsers and other software that verify digital certificates.
When a user encounters a digital certificate that has been revoked, their software checks the CRL to confirm that the certificate is no longer valid. If the certificate’s serial number is listed on the CRL, the software will reject the certificate and prevent the user from accessing the website or resource protected by the certificate.
CRL Expiration
The client typically gets a new Certificate Revocation List (CRL) from the Certificate Authority (CA) when the existing CRL expires or when there have been changes to the status of certificates that have been revoked.
When a CA revokes a digital certificate, it adds the certificate’s serial number to the CRL. The CRL contains a list of all the revoked certificates, along with their revocation status and the reason for revocation.
The CRL has an expiration date and time, after which it is no longer considered valid. The expiration date is typically set by the CA when the CRL is issued, and it is usually a few days to a few weeks after the issue date. When the CRL is about to expire, the client will check with the CA to obtain a new CRL that is valid for the next period.
In addition to the expiration date, the client may also obtain a new CRL if there are changes to the revocation status of certificates that have been previously listed in the CRL. This can happen if a certificate that was previously revoked is now reinstated, or if a certificate that was previously valid is now revoked.
The client can obtain a new CRL from the CA via various means, such as through online updates or downloads. Some PKIs also use alternative methods of certificate revocation, such as Online Certificate Status Protocol (OCSP), which can provide real-time updates on the status of certificates.
The Good about CRL
- Offline validation: CRLs can be downloaded and stored offline, allowing users to validate certificates even when they are not connected to the network.
- No single point of failure: Unlike OCSP, CRLs don’t rely on a single server for validation, so they are less susceptible to single points of failure.
- Better reliability: CRLs may be more reliable than OCSP in certain situations, such as when the CA’s OCSP server or network connectivity is experiencing issues.
- Can cover multiple certificates: A single CRL can cover multiple certificates, reducing the amount of data that needs to be downloaded and parsed.
The Bad about CRL
- Larger size: CRLs can become large and unwieldy as the number of revoked certificates increases, leading to longer download times and increased storage requirements.
- Increased latency: CRLs can introduce latency into the certificate validation process, as users must download and parse the entire CRL before they can validate a certificate.
- May be outdated: CRLs are typically updated on a periodic basis, so there is a risk that a certificate may have been revoked between updates and the user may not be aware of it.
- May present a privacy risk: CRLs can potentially expose information about revoked certificates, which could be used by attackers to gather information about a PKI.
Overall, CRLs can be an effective means of validating certificates in a PKI, especially in situations where offline validation is important or when the number of revoked certificates is relatively small. However, they also have some drawbacks that should be considered, such as larger size, increased latency, and potential privacy risks.
Delta CRL
A Delta Certificate Revocation List (CRL) is a type of CRL that contains only the revoked certificates that have been added or changed since the previous CRL was issued. The Delta CRL is meant to be used in conjunction with the base CRL, which contains the complete list of revoked certificates.
The Delta CRL is a more efficient way of distributing certificate revocation information, as it contains only the changes to the previous CRL, rather than the entire list of revoked certificates. This can significantly reduce the size of the CRL and the time it takes to download and process it.
To use a Delta CRL, the client first downloads the base CRL, which contains the complete list of revoked certificates. The client then downloads the Delta CRL, which contains only the changes since the previous CRL. The client then merges the Delta CRL with the base CRL to obtain a complete and up-to-date list of revoked certificates.
The use of Delta CRLs can help to improve the efficiency of certificate revocation in large PKIs, especially when the number of revoked certificates is high and changes occur frequently. However, the use of Delta CRLs also requires additional management and coordination between the CA and the client, as both parties must ensure that the Delta CRL is properly applied and merged with the base CRL.
Troubleshooting CRL
Sometimes you may need to troubleshoot certificate issues by examining a CRL (Certificate Revocation List)
Download a CRL
These instructions show how you can easily download a CRL from a website. I’ll use https://duckduckgo.com/ in this example.
- Open Google Chrome. Navigate to https://duckduckgo.com/. Notice the padlock in the address bar.
- Right click on the padlock in the address bar. Click Connection is secure to see the connection details.
- Click Certificate is valid to open the certificate details box. Click the Details tab.
- In the Certificate Fields box, scroll down and click on CRL Distribution Points. In the Field Value box you will see any URLs associated with the CRL for the Certificate Authority or the Signing Certificate.
- Copy and paste the URL into a new window of the browser. You will be prompted to save the file. In my case I downloaded a file named DigiCertTLSRSASHA2562020CA1-4.crl.
Parse the CRL
- Open a terminal in the directory where you saved the CRL.
- Check to see if the CRL is in DER format or PEM format. Most CRLs are in DER format. If you do a simple head command on the CRL file you will see if it is a DER (binary) file or a PEM file. If it is binary you will see gibberish. If it is a PEM formatted file you will see ,“BEGIN X509 CRL—–”.
- Parse the CRL. If the CRL is in DER format use this syntax:
openssl crl -inform DER -text -noout -in [crl-file] | less
If the CRL is in PEM format use this syntax:openssl crl -inform PEM -text -noout -in [crl-file] | less - You will see a list of all the revoked certificates that were issued by the Issuing Certificate.
OpenSSL CRL Commands Documentation
The OpenSSL CRL commands official documentation:
Linux Convert Command
Posted by on September 27, 2020
This command requires that the imagemagick package be installed.
sudo apt install imagemagick
To combine two single page pdf files into one multi-page pdf:
convert file1.pdf file2.pdf merged.pdf
More to come
Create a UEFI Linux Mint USB Installation Flash Drive
Posted by on June 7, 2020
What you will need:
- A USB flash drive big enough. A 4GB flash drive should be big enough.
- The latest Linux Mint ISO image downloaded to your Windows box. I’m using version 19.3 for this.
- Rufus. Preferably the latest version. As of this writing it is version 3.10.
- Since Rufus is Windows software you will need a PC running Windows.
How to do it:
- Insert the USB drive. Determine what drive letter it is.
- Open Rufus. In the Device field choose your USB drive.
- In the Boot selection field select the ISO image for Linux Mint.
- For Partition scheme choose GPT.
- Choose NTFS for File System.
- Click the START button.
- You may see a pop up that asks you what mode to write. I have had better luck using DD image mode.
- You should then see a warning about overwriting the USB drive. If you are sure you can proceed.
To use the USB flash drive, insert it into the slot, reboot. When you see the splash screen hit F12 to get into boot options.
In my Dell PC I see a section that looks like this:
UEFI Boot: UEFI: SanDisk
Choose that to boot the Linux Mint installer OS.
Mount OneDrive from Linux Mint
Posted by on December 5, 2019
How to Mount OneDrive from Linux Mint
Don’t install Rclone from the standard repository. That version is too old.
Install Rclone:
cd ~/Downloads wget https://downloads.rclone.org/rclone-current-linux-amd64.deb sudo apt install ./rclone-current-linux-amd64.deb
Run the Rclone wizard:
rclone config
Select n to create a new remote:
$ rclone config 2019/12/04 20:47:41 NOTICE: Config file "/home/mac/.config/rclone/rclone.conf" not found - using defaults No remotes found - make a new one n) New remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config n/r/c/s/q>
Name is something meaningful like ‘onedrive’:
name> onedrive
Select 22 for Microsoft OneDrive:
22 / Microsoft OneDrive \ "onedrive"
You will be asked for a Microsoft App Client Id. Just hit Enter to accept the default and leave blank.
You will be asked for a Microsoft App Client Secret. Hit Enter to accept the default and leave blank.
You will be asked to edit advanced config. Type N
You will be asked to use auto config. Type y :
Use auto config? * Say Y if not sure * Say N if you are working on a remote or headless machine y) Yes n) No y/n> y
Your browser should open now and ask you to sign into OneDrive. Put in your email address. Hit next then your password and check the box to keep signed in then the sign in button.
At this point I seem to be locked out of OneDrive as my sign in did not work on this computer.
I tried again and instead of doing auto config I did N to not do auto config.
Use auto config? * Say Y if not sure * Say N if you are working on a remote or headless machine y) Yes n) No y/n> n For this to work, you will need rclone available on a machine that has a web browser available. Execute the following on your machine: rclone authorize "onedrive" Then paste the result below: result>
I did the above and got a very long “token” that I was able to copy and paste into this machine.
It then asked me to choose a number from below. I selected 1 for OneDrive
Then it said it found 2 drives. Not sure why. I selected drive 0
Then I was able to exit Rclone by typing q:
Current remotes: Name Type ==== ==== onedrive onedrive e) Edit existing remote n) New remote d) Delete remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config e/n/d/r/c/s/q> q
Now create a new directory:
mkdir ~/OneDrive
Now mount OneDrive:
rclone --vfs-cache-mode writes mount onedrive: ~/OneDrive
This will appear to hang your session but you can stop it by doing CTRL C
Now to start at boot up you can open Startup Applications, and in Startup Applications click Add.
After clicking Add, use the following:
Name: Mount OneDrive Command: sh -c "rclone --vfs-cache-mode writes mount onedrive: ~/OneDrive"
Linux Mint 19.x
Posted by on November 1, 2019
Linux Mint 19.x
These are my notes on Linux Mint 19.x. If you find this and think it is useful, leave a comment and say what you like or don’t like. Keep in mind these are my own notes and are not intended to be a HowTo for the general public.
Install the OS from the USB Flash Drive. I chose to simply overwrite the existing version of Mint (19.1) that had already been installed on my laptop. I also chose to encrypt my home directory.
My first order of business is to make the native monitor and external monitor both set to the same resolution of 1920×1080 (16:9). The native laptop monitor supports a higher resolution of 2560×1440 but the screen is so small that it is very hard to see at that resolution so I’m standardizing both monitors at 1920×1080.
Get up and Running:
Here’s what I did to get up and running and customized the way I like it:
Update Everything:
-
- The first thing to do is open the Update Manager and update everything. The Update Manager is the little shield icon in the task bar down in the right hand corner. Open that up and click OK to dismiss the initial startup screen.
- You will be presented with a prompt to take a System Snapshot. I’m going to put this off until I have updated everything.
- You will see a message that a new version of Update Manager is available. Click the ‘Apply the Update’ button to install it.
- Once that is installed you will be presented with a list of updates that can be applied.
- Apply all the updates. It is a good idea to reboot after all the updates.
Video Drivers:
After I rebooted I got a pop up box that said to “Check your video drivers”. I launched the Driver Manager and entered my password. My software cache was updated. Then an NVIDIA Driver Manager opened up. It showed that the nouveau driver was installed, but the recommended driver was nvidia-driver-435 which I checked then “Apply Changes”. You will need to reboot after this.
System Reports:
Down in the bottom right corner of the desktop you may see a little triangular warning icon. This is the ‘System Reports’ application. Go ahead an open this up. You should see a list of detected problems that need to be addressed. Go ahead and resolve the issues. The last item in ‘System Reports’ is to configure the System Snapshot tool Timeshift. See the next section for this.
System Snapshot:
You will be asked to choose between RSYNC and BTRFS. Typically this is going to be RSYNC.
A blurb about BTRFS.
- First you have to have had installed the base OS with BTRFS file system for this to even be an option. In my case I did not want to use the BTRFS file system.
- Second the snapshot can only be installed on the same disk from which they are created. If your drive goes bad you’re screwed. Choose RSYNC.
A blurb about RSYNC:
- RSYNC snapshots are created by creating copies of system files using rsync and hard-linking unchanged files from previous versions.
- All files are copied when the first snapshot is created. Subsequent snapshots are incremental.
- Snapshots can be saved to any disk formatted with a Linux File system which means the snapshot can be external. In my case an attached USB memory stick.
I’m using a USB 3.0 Flash Stick.
When you run the setup wizard you will be asked to select your snapshot levels. I checked off Monthly, Weekly, Daily, Hourly & Boot and kept the default keep levels on each one.
I also included root and my user’s home directories and selected “Include All”.
Sudoers:
Edit the /etc/sudoers file so you don’t have to put your password in each time:
$ sudo visudo
There’s a line that looks like this:
%sudo ALL=(ALL:ALL) ALL
Comment out that line and replace it with a line that looks like this:
%sudo ALL=(ALL) NOPASSWD: ALL
Install openssh server:
Install SSH Server so you can ssh to the host:
$ sudo apt install openssh-server -y
Test ssh to the new host. You may during this process encounter an error regarding an “Offending ECDSA key in ~/.ssh/known_hosts”. This is easily resolved by deleting the referenced line in ~/.ssh/known_hosts.
SSH Keys:
Now that you can ssh to your new host you will want to be able to ssh using your ssh key instead of password. From the remote host do this:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [newhostname]
The above assumes the user name on the new host is the same as the user on the remote host. If not you can do the command like this:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [user]@[newhostname]
You will be prompted to enter the password for the New Host. It will copy over your public ssh key from ~/.ssh/id_rsa.pub. This assumes your public ssh key is indeed ~/.ssh/id_rsa.pub.
You should be able to ssh to the new host now without entering your password.
(Optional) Now copy all the ~/.ssh directory contents from your remote host into this host so you have the keys, the known hosts and authorized keys files from your user on the old remote host and now have them on your new host.
From the remote host:
$ cd ~/.ssh
$ scp -r * [new-host-name]:~/.ssh
Copy /etc/hosts to new host:
Now copy the /etc/hosts file from old host to new host. From the old host:
$ sudo scp /etc/hosts [new-host-name]:~
On the new host edit the file and change the local host name on line 2 to the name of your new host.
Now copy the file into place:
$ sudo mv hosts /etc/hosts
Check it like this:
$ cat /etc/hosts
Install Dropbox:
Install Dropbox:
sudo apt install dropbox
Then go to start menu and find Dropbox and run it.
You will get a message that says in order to use Dropbox you must download the proprietary daemon. Click OK
A Web Page will pop up where you enter your credentials. Do so.
Install Insync:
Don’t use this. It does not work and sync of files does not happen. Tired of using it.
I want to sync my Google Drive locally. To do that I’m using Insync.
First, add Insync’s public GPG key to allow apt to authenticate the Insync repository:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ACCAF35C
You should see something like this that shows that it was successful:
gpg: key A684470CACCAF35C: public key "Insynchq Inc <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
If the previous command did not work, use this instead:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ACCAF35C
Now create a file /etc/apt/sources.list.d/insync.list with the following content:
deb http://apt.insync.io/mint [CODENAME] non-free contrib
Replace [CODENAME] with the Linux Mint distro codename.
To get the codename of your distro you can find it in the /etc/apt/sources.list.d/official-package-repositories.list file. You can view it like this:
$ grep mint /etc/apt/sources.list.d/official-package-repositories.list | awk '{print $3}'
This is what I see when I run the above command:
tricia
So ‘tricia’ is the codename of this version of Linux Mint. That means the line I need to insert into /etc/apt/sources.list.d/insync.list would be:
deb http://apt.insync.io/mint tricia non-free contrib
Update the apt repository:
$ sudo apt-get update
Install Insync:
$ sudo apt-get install insync
You should see a pop up that says Insync installation has finished and if you want to start it. Go ahead and start it. A wizard will pop up to walk you through setting up Insync to sync your Google Drive to a directory on your host.
Install KeePassXC:
Install KeePassXC:
$ sudo apt install keepassxc -y
Install Chrome:
You’ll need Chrome for certain things.
Go to https://www.google.com/chrome/
Click the Download Chrome button. Mine automatically downloaded into ~/Downloads. The 64 bit version was automatically selected.
Install it like this:
$ cd ~/Downloads
$ sudo gdebi google-chrome-stable_current_amd64.deb
This will automatically install a repository as well for future updates.
Install Brave
Brave is a browser that automatically blocks trackers and Spam Ads. It is very buggy. I’d probably pass on this but if you insist…
$ sudo apt install apt-transport-https curl $ curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add - $ echo "deb [arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | sudo tee /etc/apt/sources.list.d/brave-browser-release.list $ sudo apt update $ sudo apt install brave-browser
Install Signal:
Go to https://signal.org/en/download/
Click on Download for Linux and follow the instructions that pop up.
Additional Software:
There are other software packages I need. I’ll do them one at a time because I don’t want to confuse error message between one package or another:
$ sudo apt install kwrite -y
$ sudo apt install kate -y
$ sudo apt install terminator -y
$ sudo apt install sshuttle -y
$ sudo apt install vim -y
$ sudo apt install sshpass -y
$ sudo apt install whatsapp-desktop -y
$ sudo apt install nfs-common -y
$ sudo apt install rofi -y
$ sudo apt install gparted -y
$ sudo apt install imagemagick -y
$ sudo apt install whois -y
For Mint 20:
$ sudo apt install warpinator -y
Spoof Mac Address:
Mac Address:
Set your custom mac address to get the IP address you want.
Go to start, search for ‘Network Connections’
Click on Wired connection 1
Click Edit
Put your custom mac address in the ‘Cloned MAC address’ box.
##:##:##:FF:FF:FE
Click Save. You should now get the IP address you are expecting.
You may need to reboot. You should get your IP address.
Mount NFS share:
Create a mount point:
$ cd ~
$ mkdir -p mnt/[nfs-server-host-name]
Edit /etc/fstab and add these lines:
# External Mounts
[nfs-server-host-name]:[path-to-nfs-export] /home/[your-user]/mnt/[nfs-server-host-name] nfs rw,soft,noauto 0 0
Edit /etc/hosts and add the IP address of Serenity
Then mount the NFS share:
$ sudo mount [nfs-server-host-name]:[path-to-nfs-export]
You will need to modify the firewall rule on the NFS server to allow connections from your new host before this will work.
https://squoggle.wordpress.com/2020/05/04/iptables/
Install Slack:
Go to https://slack.com/downloads/linux
Download the .deb 64 bit package into your ~/Downloads directory.
Then install it:
$ cd ~/Downloads
$ sudo gdebi slack-desktop*.deb
I found a packagecloud.io repo but I have no way of knowing if it is secure. I’ll try to figure out how to create my own local repo for this.
Install Synergy:
Linux Mint 19.2 is based off of Ubuntu 18.04 LTS.
Go to https://symless.com/account and sign in. Go to the download page and get the package for Synergy 2 Beta for Ubuntu 16.04 LTS and save in ~/Downloads
Install it:
$ cd ~/Downloads
$ sudo gdebi synergy_2.*.deb
This is literally the best software in the world.
There’s a gotcha if you’re trying to install this on Mint 20. Mint 20 is based on Ubuntu 20.04. Ubuntu 20.04 has updated libssl from version 1.0.0 to version 1.1.
If you attempt to install with the above instructions you will get an error regarding a failed dependency. I was able fix the dependency issue by editing the deb package using these instructions:
cd ~/tmp
cp ~/Downloads/synergy_2.0.12.beta_b1705+e5daaeda_amd64.deb .
ar x synergy_2.0.12.beta_b1705+e5daaeda_amd64.deb
tar xzf control.tar.gz
Edit the control file and replace libssl1.0.0 with libssl1.1 and save the file.
Now repackage the tar file and the deb package:
tar --ignore-failed-read -cvzf control.tar.gz postinst postrm prerm md5sums control
ar rcs synergy_2.0.12.beta_b1705+patched_amd64.deb debian-binary control.tar.gz data.tar.xz
You should now have a “patched” version of synergy 2.0.12.beta. Save that in your software store so you don’t have to do this part again.
Now you can install it with the gdebi command listed above.
The package installed fine it just does not work. I get a “There was a problem connecting to the background service.” Error.
Look at this page:
https://members.symless.com/forums/topic/6465-ubuntu-2004-support/
Near the end of the post. There might be some stuff there that helps
Fix your Profile:
Edit ~/.bashrc and change
alias ll='ls -alF'
to
alias ll='ls -lF'
Directories:
Delete extra directories you don’t like
$ cd ~
$ rm -rf Videos Templates Public
Create a symlink for mount
$ ln -s /home/mac/mnt/Serenity/ mac
Fix up your bin dir:
Set up your ~/bin directory:
$ cd ~
$ mkdir bin
Copy your scripts over from your other system.
Set your $PATH to include ~/bin
Edit ~/.bashrc and change. Add this to the bottom of the file:
# Set your path to inclue $HOME/bin
PATH="$HOME/bin:$PATH"
Date & Time:
Click on the Date in the bottom right corner.
Turn off 24 hour clock
Turn on the date
Hot Keys:
Go to System Settings > Keyboard > Shortcuts
Set up your custom hot keys:
Launchers:
Launch Terminal = Super+T
Launch Nemo = Super+E
Close Window = Super+Shift+C
Log out = Super+Shift+Q
rofi -show run = Super+R
rofi -show window = Super+Tab
Squoggle 
Recent Comments