Tuesday, June 1, 2010

NX on fedora 13

After upgraded to Fedora 13, freenx stopped working. Tried various ways, but failed. Random web surfing and picked up a tip.

Simple solution:
in sshd configuration file,  /etc/ssh/sshd_config commented out this line
#AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysFile /usr/NX/home/nx/.ssh/authorized_keys2

restart sshd

sudo /sbin/service sshd restart

NX login from a remote is working.

Saturday, May 29, 2010

Stewed Chestnuts

Alternative to Roasted Chestnuts, Stewed Chestnuts

Winter in Armidale is a season for chestnuts. That refreshed my memory of roasted chestnut in Lanzhou. Today (05/29/10), after visited Bunnings' grant opening in Armidale, we bought a bout 1 kg of chestnuts, looks like good quality, as there were fatty round and big.

I can't make roasted chestnuts here. Instead I cooked it as boiled chestnuts. The finished product is not bad.
1st Cut chestnut halfway through. This is an important step, to peal shell after cooked.

2nd pour into pan and add water, just cover the nut. Put on oven and boiling for 30 minutes.

this is the finished product. taste great!

Wednesday, May 26, 2010

Fedora 13 first hand on

I started red hat linux from RH2? FC1 .. Fedora 12. Yesterday, I noticed some discussion on fedora list on Fedora 13 (Goddard). I was curious about others' experiences. In last versions, I normally started upgrading after about 3-6 months since the release. After through some posts, my hands started itching, couldn't help to start it.

After a few backup, starting preupgrate. hope it is a smooth run.

YES, It was a smooth run. All steps went well. I am happy Fedora 13 user. gthumb photo import and category management seems much improved. GOOD Work!

There is a long list of features of fedora 13, as reviewed here. A few things interesting to me:

Gnome 2.30

Fedora 13 would include GENOME 2.30. This will ensure that Fedora ships with the current version of Genome desktop. It would stay in sync with upstream. nice applications as evolution, gthumb etc

NetworkManager Mobile Status

ModemManager already has D-Bus methods to get the required information from various cards, but user needs to add some nm-applet icons for better cellular signal strength. They must compel  nm-applet/NM listen for signal strength changes, or poll modem-manager for such changes while connected. With the feature it would be easier to use mobile broadband. Users would know know when their device has a signal and if they are roaming or not.

Thursday, May 20, 2010

evince view chinese pdf

Evince, as document viewer in linux. It can display chinese characters. I posted a question online, "Evince is unbale to display Chinese pdf file? how to fix it? my system is 2.6.18-1.2239.fc5 and evince is 0.5.1", clearly, when I used FC5. Later I found a fix myslef " install xpdf". This fix does nit owrk this time. I will keep looking for solution.

Here is another post online:

upgrade from gutsy to hardy, does not get the problem in gutsy.
The pdf file that include chinese could not display, just echoed as some squares, but some of them displayed correctly.
I have installed poppler-data and xpdf-chinese-
simplified packages, and xpdf and adobe reader can display the pdf file without any problem.

Wednesday, April 28, 2010

Evolution on Fedora 12 CAN connect to Exchange 2007

As I stated previously "I was eager to upgrade my Fedora 11 to Fedora 12. I expect the F12 will make evolution work with MS exchange 2007. Since working place switched mail server  to Exchange 2007. The evolution on Fedora 11 became useless. There were reports on successful connections from evolution 2.28 to M$ exchange 2007." Well, evolution on F12 is 2.28.0, connection to echange 2007 via evo-mapi crahsed every time. Some guys from Ubuntu claimed good connection with evo 2.28.1. But this is not avaliable for F12. I looked at  
It is there, why not departed to F12?? 
Now, evolution-mapi is working. 
Using DavMail as a bridge, edit account, receive server as 
localhost:1110 etc, works well. It retrieves mails in inbox. 
Some suggests that imap will get new mail from all folders. 
I got a error. Back to pop at the time being.

Friday, February 26, 2010

tip connect to PC behind firewall

This is a very nice tip on this topic from

Comfortable SSH Access to a Computer Behind a Firewall


Sometimes your university takes security serious and firewalls every computer on their intranet, even if you are interested to access it from outside. The following steps enable a comfortable, nearly transparent SSH tunnel to penetrate the firewall. All that is needed is a computer outside with SSH access that can operate as a relay.
The software needed should be already installed on any current unix system: secure shell client/server and netcat (nc).

Server Configuration

Login to the computer behind the firewall.
  1. Generate a new ssh private key that is to be used as the authentication for the tunnel. It will have no password to enable automatic login.
    ssh-keygen -f ~/.ssh/tunnel-id -t rsa -N ""
  2. Create a new entry in your ~/.ssh/config that will be used to initiate the tunnel. Set the Host entry to an uncommon name so that you will also be able to login to the relay computer normally. It will establish a connection from port 11111 on the loopback interface on the relay computer to the ssh port on the loopback interface on the server.
    Host relay
    HostName relay.hostname.com
    RemoteForward 11111 localhost:22
    IdentityFile  ~/.ssh/tunnel-id
  3. Copy the public key to the relay server:
    ssh-copy-id -i .ssh/tunnel-id relay.hostname.com
  4. To make it easy to start the tunnel, create a script in ~/bin/setup-tunnel.sh:
    while true; do 
        /usr/bin/ssh relay
        sleep 1
    done < /dev/null & disown

Relay Configuration

Login to the relay computer.
  1. The ssh-copy-id appended the public key to the ~/.ssh/authorized_keys file. Because we want to limit the havoc that can be caused by the key, change the entry that was just created
    ssh-rsa AAAAB3...= user@server.domain.com
    command="sleep 604800" ssh-rsa AAAAB3...= user@server.domain.com
    This will give the tunnel a livetime of a week, make it work without a local terminal on the server side (we used < /dev/null) and limit the commands that can be executed with this key.

Client Configuration

Login to the client computer.
  1. To make it possible to transparently connect to the server through the tunnel, we use netcat on the relay computer and a ProxyCommand in the ~/.ssh/config file on the client. Add a new entry with
    Host server
    HostName server.hostname.com
    ProxyCommand ssh relay.hostname.com bin/nc localhost 11111


Whenever you want to have the tunnel enabled, start ~/bin/setup-tunnel.sh on the server. Afterwards you will be able to connect from the client with ssh server. You will be asked for a password two times, once for the relay and once for the server.
The following diagram shows the general idea of the created tunnel:

+--------+       (          )      +----------------------+
| Client |------(  Internet  )---->|  relay.hostname.com  |
+--------+       (          )      +----------------------+
    :                                         /|\          
    :                                          |           
    :                                        [ X ]         
    :                                          |           
    : Forwarded ssh connection      +-------------------+  
    :..............................>| server.domain.com |  
      over "server" ssh alias       +-------------------+  
--- real connection                                        
... virtual connection                                     
[X] switch