headless server fun

 Linux  Comments Off on headless server fun
Oct 172013
 

A new Ubuntu based server I have set up recently had a power failure which unexpectedly resulted in the box not booting again. There were actually two problems:

  • fsck failed on the data mount because one of the data drives apparently had failed. It took forever but eventually prompted for user input “S” to skip or “M” to fix manually.
  • The first time this happened I just tried powercycling the computer again hoping it would just come up. Unfortunately Grub detected a failure and disabled the timeout for the boot menu. So the box was sitting there in the Grub boot menu.

Unfortunately this server is supposed to be headless (and is mounted to the wall 4m above ground), so there was not even a keyboard where somebody could blindly press one of these keys or press return to select an option in the Grub menu. But sshd wasn’t started yet, so I could ping the server (the IP stack was working) but not ssh into it to fix the problem. So I got myself a really long VGA cable and an USB extension cable to connect a monitor and a keyboard to look at the actual console.

The second issue can be solved easily:

In /etc/default/grub add an the following entry:

GRUB_RECORDFAIL_TIMEOUT=5

This lets Grub show the boot menu for 5 seconds and then tries to boot normally. I used 5 seconds rather than 0 so I could actually use that menu if need arises.

The first issue is a bit more involved. I want the box to at least boot to the state where I can access it through ssh even if the data drives fail. That means I have to remove the mount point from /etc/fstab but have to put the mount command somewhere later into the boot process. One option is to mount it in /etc/rc.local like this (suggested here):


fsck -n UUID=...
if [[ $? != 0 ]]; then
logger -p user.warning "/etc/rc.local: fsck fail $?"
else mount ....
fi

I’ll not be going that way because the system is not that critical. If it doesn’t come up, we will notice and just ssh into it and fsck and mount the data volume manually.

 Posted by on 2013-10-17 at 12:23

Bittorrent Sync, a secure DropBox alternative

 Linux  Comments Off on Bittorrent Sync, a secure DropBox alternative
Oct 092013
 

The company I work for recently had the requirement to securely exchange files between several computers, some on site, several others off site. This data consisted in part of sensitive data which is covered by the German Bundesdatenschutzgesetz. Somebody suggested using DropBox because it is so simple to use. I had to deny this request because DropBox stores the data "in the cloud" and we have no control where. Also, the data would not have been backup-ed.

One option would have been to use DropBox with e.g. BoxCryptor encryption but that was too complex to set up (for some mostly computer illiterate people). This also assumes I had to trust the company who produces this, but if that’s a problem, why should I trust Microsoft? (In fact, I don’t trust them, but I don’t have a choice.)

After looking into several alternatives (Strato’s HiDrive is not an alternative in my book), I found BitTorrent Sync. This is a simple to install program which uses the BitTorrent protocol through an encrypted connection to synchronize files between several computers. Setup is as easy as DropBox or other file sync software. It features also the option to not only sync one folder but several. It comes in variants for Windows 32/64 bit, Linux, FreeBSD, Max OSX, Android and iOS.

When installed on Windows it can be configured to automatically start and then sit in the icon tray doing its job without getting into your hair. It just works.

BitTorrentSync

The Linux version comes with a simple web server for configuring the folders to sync and some settings. To sync with other computers all you have to do is transmit a “secret” which is a long string of characters. If you want to sync with mobile devices, it can also generate a QR code which you can then scan with the mobile app on that device (No, I am not going to show you a screenshot 😉 ).

There is only one drawback in my opinion: By default there is no central place to store the files. If a new computer wants to join into the folder sharing, one of the existing ones must be on line for the synchronization to work. (With DropBox the cloud storage is always available.). I worked around this issue by installing the Linux application on our server which is always available. This has the positive side effect, that the shared folders are automatically included in the daily backups. (If you don’t have a server there is also the option to install it on a Raspberry Pi which is connected to the Internet.)

Of course there is the trust issue again. Do I trust BitTorrent Labs? They could of course add a back door to their software which, despite claiming otherwise copied all shared files to a central server somewhere. The source code is not available, so there is no way to actually be sure. Do I trust them? Do I have a choice? Is there any alternative? I found none.

 Posted by on 2013-10-09 at 17:53