| DistroWatch Weekly
|DistroWatch Weekly, Issue 96, 18 April 2005
What is this "Linux" you speak of?
-- message in my inbox
Welcome to this year's 16th issue of DistroWatch Weekly! Everyone who visited last week is no doubt aware that the indefatigable Ladislav Bodnar was called away to Slovakia due to a family emergency, leaving me (Robert Storey) to write DWW, and Dr. Zhu posting the daily news.
Just to add a little more challenge to the job, I caught the flu about two days ago. I'm sitting here in front of my computer, propped up with pillows and duct tape, sipping herbal tea and swallowing some pink tablets that my local pharmacist assures me can cure anything from bubonic plague to diaper rash. I don't want to know the ingredients. Duty calls. Come rain, hail, sleet or script kiddies, the DistroWatch Weekly News will be published!
Now let's see a show of hands...How many of you still want to be web administrators?...
...OK, for those of you who haven't already clicked to another page, here is the news.
If you've spent much time working with computers, chances are good that you've used products made by VIA Technologies - even if you've never heard of this company. Yet you won't see VIA branded computers on the shelf at your local nerd shop - unlike Dell, IBM and HP, VIA doesn't sell their own name-brand machines. Rather, this Taiwan-based company is a major manufacturer of motherboards, motherboard chip-sets, CPUs, and other "innards" that keep your computer purring.
Despite the low profile, VIA was very much in the news this week when the company announced that it was open-sourcing its Linux drivers. The story got Slashdotted, OSNews'd, and now DistroWatched. However, VIA has a lot more to offer the geek crowd than free hardware drivers.
VIA seems to be betting the farm on open source, even more so than IBM. But it wasn't always so. In the past, the company had ambitions of overtaking Intel in the Windows-compatible chip-set market. Perhaps VIA could have even pulled it off, but they forgot the old American corporate rallying cry - "those who can, do, those who can't, sue." VIA got dragged into court repeatedly by Intel (Note that they aren't the only ones - AMD has felt Intel's wrath in the courtroom).
Initially, VIA won a big victory over Intel in a patent infringement suit. Unfortunately, Intel didn't stop there, and hammered VIA with other lawsuits for such offenses as making chip-sets compatible with Intel processors. Although VIA initially fought these ridiculous legal shenanigans, the company eventually had to make a settlement after Intel started threatening VIA's customers (ie motherboard manufacturers). This has eaten significantly into VIA's profits, and made the company shy of trying to do anything too innovative with Intel's CPUs.
In the end, VIA seems to have found its niche by not competing directly head-to-head with Intel. VIA makes chip-sets for such things as Ethernet cards, video cards, and other assorted devices. But what really keeps Linux and BSD fans in thrall are VIA's mini-itx boards equipped with low-power processors. VIA first got into the CPU market when they purchased Cyrix in 1999 - since then they have taken their processors in an entirely different direction from Intel and AMD.
The Mighty Mini-ITX
Mini-ITX boards are small. Just how small depends on which model you buy. Also, the amount of power these boards draw will depend on which CPU you install - the Eden/C3 is so low-power (4 watts) that it doesn't require a fan. Furthermore, with the smaller boards no power supply is required - you can run directly off a 12-volt car battery if you want to.
Not surprisingly, these low-power processors are not terribly fast, though they are gradually gaining speed with each new model. Right now, most are in the Pentium-II class in terms of performance. However, just in the past week, VIA launched their EPIA DP-310 board which can accommodate two processors. These boards seem to be just made for Linux and the BSDs, which now support SMP.
Which is all very nice, but still not enough to deliver top-level performance. If it's speed you want, go for an AMD64 (or G5 if you're a PPC fan). Fans of mini-ITX aren't interested in setting speed records, they're interested in being able to run a computer in a car; in a remote location on solar cells; in a specialized application such as a home-built firewall; where a silent fanless machine is desired; or just about anywhere your imagination takes you. VIA is constantly being surprised by the uses their customers come up with for their hardware.
Now what I really want to see is a 64-bit Eden/C3 - it would be the greatest thing since microwave popcorn. I've already put it on my Christmas shopping list (the 64-bit Eden/C3, not the popcorn). With luck, maybe VIA will sell it giftwrapped.
As somebody once said, good things come in small packages.
* * * * *
Brazil - Domino Theory Revisited
"Do Not Think There Are No Crocodiles Because the Water is Calm"
-- Mayan Proverb
Andrew Tridgell (and friends) gave us Samba, but Brazil gave us the Samba. Brazil has also given us some fine food like feijoadas, pao de queijo and sago cream, but these days the country is giving Microsoft indigestion.
A recent New York Times article was entitled Brazil: Free Software's Biggest and Best Friend. Beyond the first paragraph, the article costs money to read online, but you needn't reach for the credit card - I'll summarize the plot. The author was writing about PC Conectado (Connected PC), a national scheme to bring low-cost computers to the masses. Under the plan, Brazilian consumers would be able to buy their first computer by making installment payments of approximately 55 reals (about US$20) per month for two years.
Nowadays, you can scrape together a basic desktop computer for less than US$500. Many Brazilian families could afford that with low monthly payments, but it would be a definite economic hardship if they had to shell out an additional US$200 for Windows and double that amount for Office. Even with the standard 50% discount one gets on bundled software, it's still a lot of cash for the working poor. The traditional solution is to use pirated software. However, the Business Software Alliance has other ideas, and (mostly through the US government) has been leaning hard on countries like Brazil, China and elsewhere to crack down on software piracy.
Which is where Linux comes in. Brazil is the home of a very popular Linux distro, Conectiva (now Mandriva after merging with Mandrake). Brazil's National Institute of Information Technology, which administers the PC Conectado project, has all but decided to install free software on the machines. Just think what a great slogan it would make: Help fight software piracy -- use Linux!
Not surprisingly, Microsoft is alarmed by this, and has been pressuring the Brazilian government to consider its proposals to bundle a cheaper, stripped down version of Windows with the machines. Officially, the government has not yet committed itself to Linux and is considering Microsoft's proposal. Privately, most Brazilians aware of the issue recognize that a Linux-based solution would save the country tons of money, and would also help develop a local software industry. However, one should not be overly optimistic that common sense will prevail. Remember the Golden Rule: Whoever has the gold, makes the rules.
Brazil is one of the world's largest countries, and Microsoft doesn't want to "lose" it. Among Microsofties, one hears whispers of the Domino Theory - the idea that if one country falls, others will topple like a row of dominos. Surely this thought is keeping some folks in Redmond awake at night.
* * * * *
When Ian Murdock speaks, geeks listen. After all, Ian earned his geek credentials by doing something most of us could only dream about - he created Debian. Indeed, the ian in Debian is named for him; the Deb part is for his wife, Debra.
Lately, Ian has had a lot to say about Ubuntu, and not all of it was warm and fuzzy.
"If anything, Ubuntu's popularity is a net negative for Debian," Ian said in an interview with InternetNews.com. "It's diverged so far from Sarge that packages built for Ubuntu often don't work on Sarge. And given the momentum behind Ubuntu, more and more packages are being built like this. The result is a potential compatibility nightmare."
It should be noted that Ubuntu is released completely under the GPL, so all the goodness from the Ubuntu developers can flow freely back to Debian. And vice versa. Unfortunately, Debian developers (nearly 1000 of them) are almost entirely unpaid volunteers, whereas Ubuntu has some money behind it thanks to the generosity of philanthropist geek Mark Shuttleworth who is funding Canonical. Thanks to a combination of cash, Mark's focus, and Debian's insistence on supporting 11 architectures, Ubuntu is developing faster than Debian. Whereas Debian releases "when it's ready", Ubuntu is committed to one release every six months. Which is why it isn't possible to simply take the Ubuntu package repositories and just load them into Debian Unstable.
Ian continued in his interview, "But what we really need right now as a community is for Sarge to be released. In that respect, Ubuntu's popularity is more harmful than helpful."
Harsh words, but Ian held out an olive branch when he published this on his weblog:
"Here's a suggestion on how we can avert the crisis before it becomes one: Provide a Debian compatibility runtime and development environment for Ubuntu, and make the development environment the default environment. That way, when developers build packages on Ubuntu, they can be installed as-is on Debian as well. Provide a Ubuntu-specific development environment too, so developers can take advantage of Ubuntu-specific features that aren't in Debian yet, but only use those features when you absolutely must. Everyone wins. If you're really interested in joining forces with UserLinux, this would be a great start. I'm sure Bruce would agree. You'd have my interest as well."
In an interview published this week in Linux Magazine, Branden Robinson (Debian Project Leader) put it succinctly. "I reiterate that this is a relatively minor problem. For the most part, I see high levels of cooperation, much friendliness and mutual respect, and good code flowing both ways. I think there are few challenges posed by Ubuntu that Debian can't meet with a Sarge release and a refactored release process."
|Released Last Week
Archie Live CD 0.4.1
Archie 0.4.1 has been released: "Archie - Arch Live project has replaced AL-AMLUG Live CD. The former live CD of Arch had the look but not the speed of native Arch Linux, so Archie is developed on a completely different technology. Also with new appearance... Archie is a complete live Arch Linux system (v0.7) to be run from a CD/USB, built with the KISS philosophy in mind." Read the full announcement. Download: archie-0.4.1-xfce.iso (325MB). The package list and a few screenshots can be found on this page.
Linux Caixa Mágica 10 Desktop
Linux Caixa Mágica 10 Desktop has been released. Linux Caixa Mágica is a Portuguese distribution based on SUSE LINUX; the latest release provides an improved installation method and many user-friendly enhancements designed for non-technical users. More information is available in the release announcement and the product features page (both links in Portuguese). A boxed edition of Caixa Mágica 10 can be obtained from the distribution's online store (€98); alternatively, an unsupported, single-CD edition can be downloaded from here: CMdesk10_final.iso.
SUSE LINUX 9.3 Live DVD
Novell has released a live DVD edition of SUSE LINUX 9.3: "For rich, reliable and secure home computing, there's no better choice than SUSE LINUX Professional 9.3. It provides everything today's Linux user needs for home computing and computing-on-the-go. This live DVD will boot directly from the DVD without modifying the hard disk. It enables users to learn about and test the functions and applications of this new system without installing it on the hard disk and consequently offers an easy and convenient way to review the operating system. In addition to English, German, Spanish, Italian, French, and Dutch, the live DVD supports a variety of other languages." See this readme file for more details. Download: SL-9.3-LiveDVD-i386.iso (1,412MB) or SL-9.3-LiveDVD-amd64.iso (1,416MB).
Damn Small Linux 1.0.1
Damn Small Linux 1.0.1 is released, soon after its 1.0 version. From the release notes: "md5sum options made compatible with both the default (busybox) and gnu versions; nfs fixed missing directory; changed frugal_instal.sh to use sfdisk instead of fdisk. Should help install on newer larger drives." Download: dsl-1.0.1.iso (49.1MB). Damn Small Linux is a very versatile 50MB mini desktop oriented Linux distribution. Other than a nearly complete desktop and many command line tools, it also has the ability to act as an SSH/FTP/HTTPD server right off of a live CD.
The NetBSD Project is pleased to announce that update 2.0.2 of the NetBSD operating system is now available: "NetBSD 2.0.2 is the second security/critical update of the NetBSD 2.0 release branch. This represents a selected subset of fixes deemed critical in nature for stability or security reasons. This is also the first binary security/critical update since NetBSD 2.0. NetBSD 2.0.1 was tagged within the CVS repository, and is available from there as a source update, but its full binary release was preempted by patches incorporated into 2.0.2 and build hardware issues." Read the full announcement and check the complete list of changes. Download (i386): i386cd.iso (171MB), also available via BitTorrent.
Mandriva Linux Limited Edition 2005
Mandriva Linux Limited Edition 2005 has been released: "Following the recent new roadmap announcement, Mandriva (pronounced "Man-dree-vah"!) Linux Limited Edition 2005 is a transitional release... built to increase and optimize performance: it has been designed with x86-64 technology in mind and has support for dual-core technology, allowing the use of the most powerful applications on advanced new processors. Special optimizations also enhance the overall speed delivered by the system. For instance, KDE is 10% faster." Other exciting features include better support for removable devices, full support for Adaptec Host RAID controllers, extended recognition for the most recent flat screen monitors, support of the XBox console, and DKMS which allows kernel modules to be dynamically built. It is based on kernel 126.96.36.199, KDE 3.3.2 plus backports from 3.4, GNOME 2.8.3, GCC 3.4.3, and OpenOffice.org 1.1.4. This dream-Linux distribution is immediately available for Mandriva Club members, and is also available for preorder as a DVD set. Read the announcement and visit the distribution's home page.
Damn Small Linux 1.0
Damn Small Linux 1.0 has been released. From the release notes: "added progress bar to mydsl download browser; added many more file associations to emelfm including: siag, wav, and ps; changed default font in firefox to Sans Serif; moved firefox into path; upgraded xpdf; fixed various bugs including: KNOPPIX ref in firefox mimeTypes, fluxter restart, uci unloading, and syslinux ver of hdinstall." Download: dsl-1.0.iso (30.0MB). Damn Small Linux is a minimalist, business card size live CD/live USB (with a hard disk installation option) designed for older computers.
Linux LiveCD Router 2.0.8
Linux LiveCD Router 2.0.8 has been released: "This version features a new kernel 2.4.29, minor default config changes, a new module for accounting of SIP call forwarding, an option to save the base configuration to hard disk or flash disk instead of floppy, and the option of using a USB flash disk instead of a hard disk." Iptables is also updated. Download: cdrouter208.iso (88.6MB). Linux LiveCD Router is a Linux distribution designed to share a broadband connection over WiFi; find out more on the distribution's web site.
Kate Linux 2.0
Kate Linux 2.0 has been released: "The new version contains many improvements and modifications over Kate 1.0. The system has been reconstructed from the ground up and is no longer based on Slackware. Kate 2.0 became much more comprehensive, now it contains greater set of programs and libraries." See release notes and the screenshots page for more information. Download: Kate_Linux_Install_CD1_2.0.iso (656MB), Kate_Linux_Install_CD2_2.0.iso (697MB).
Puppy Linux 1.0.1
Puppy Linux 1.0.1 has been released. Package managers PupGet and DotPup feature in this release, allowing very easy installation and removal of packages. Also included are the full Mozilla suite and lots of little bug fixes. To ensure a correct upgrade, "If you have been testing version 1.0.1rc1, please edit /etc/puppyversion and change it from "101" back to "100", without on end of line. Also, as a precaution, please uninstall any packages installed by PupGet and completely erase all files in /root/.usr." More information can be found in the release notes, such as obtaining the Opera flavour of Puppy. Download: puppy-1.0.1-mozilla.iso (60.2MB).
Development and unannounced releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
|Web Site News
FreeBSD 5.3 - Not So Gaga
Last week I wrote a mini-review of FreeBSD 5.4-RC1, which began with the sentence, "Here at DistroWatch we've gone gaga over FreeBSD." Well, gaga is slightly worse for the wear, as we had quite a major hiatus which we attribute to a FreeBSD bug.
Last week, a few of you noticed there was something funny going on. For one thing, the DistroWatch Weekly News icon was linking to the previous week's news. This wasn't a bug in itself - it's just that we couldn't update the "current" symbolic link because we couldn't log onto the server. This was also a problem with some readers' comments getting mangled - again, it wasn't FreeBSD itself that caused the problem, is that we couldn't log on to fix it. What happened was that sshd simply died, locking us out - thus we couldn't perform even the simplest system administration tasks. This was especially inconvenient since I had a hard time reaching Ladislav, and only he is able to contact our web hosting service in the USA.
Eventually things got fixed. The sysadmins at the hosting service told us that this seems to be happening frequently on many FreeBSD servers, and the only cure would be to reboot. They thought it was something to do with reaching the limit of ssh connections. A reboot did indeed fix the problem.
Later, I posted this experience on the FreeBSD mailing list, pointing out what our hosting service said. One user who had experienced the same problem several times came back with an alternative theory. He didn't think it was a physical connection limit, but rather that FreeBSD wasn't holding up well to a worm attack:
I think a safer bet is this worm that tries to compromise servers by ssh. Perhaps the ssh server isn't cleaning up the failed connections well enough, or maybe it's detecting an attack and simply shutting down. This worm can generate a thousand or more connection attempts in a single session, so I can see how a tiny memory leak could grow into a big problem in a hurry.
I should point out that our 5.3 server ran flawlessly for five months, and this was the first problem we encountered. We will report the bug, though it's conceivable - even likely - that the bug has already been squashed in 5.4. Those who have encountered this problem may want to consider upgrading to 5.4 when it is released.
|Mini-Review: Kanotix 2005-02
For those who haven't already discovered it, Kanotix is a live CD distro heavily influenced by Knoppix. Like Knoppix, it defaults to a KDE interface, but you can enter "cheatcodes" on the boot line to enable many other options (such as an IceWM or command-line interface, for example).
While running Kanotix as a live CD is almost nirvana, it really sparkles when you install it to your hard drive. Install, reboot, and you'll have a very up-to-date Debian, with a number of unique features you won't easily find elsewhere. The list of benefits Kanotix offers starts with amazing hardware detection, followed by a well thought-out selection of apps, plus a number of unique script files to polish the user experience.
I reviewed Kanotix on DistroWatch last October - you can read it here. Since then, Kanotix has done nothing but get better (if that could be possible!). I'm not exaggerating when I say that Kanotix is my favorite desktop distro (as opposed to a server distro, which is another story). Therefore, I didn't hesitate a moment when I learned that Kanotix 2005-02 was released - I headed straight for the (overburdened) download servers at once. It's now happily installed on my laptop, and I thought that this would be an opportune time to report on what's new.
Kanotix 2005-02 was released last week (2005-04-09). It should be noted that this is a 32-bit implementation (there is a Kanotix 64 2005-01, but not 2005-02 yet). Currently, there are no plans for a PPC version.
With this release, the complete distro is based on Debian/sid (even XFree). A number of WLAN drivers were added, or one can use NdisWrapper if necessary (which wraps Windows drivers).
I was a little disappointed to find that my favorite editor, Emacs, was replaced by a symbolic link. That is, /usr/bin/emacs is a symbolic link to /etc/alternatives/emacs, which in turn is a symbolic link to /usr/bin/e3em. I realize that Emacs is a huge program and takes up too much space for a live CD, but a better option might have been to use Zile which is a stripped-down Emacs look-alike. Except for this one little annoyance, I really couldn't find anything to complain about. Of course, if you install to a hard drive, you can do an apt-get install emacs21, or xemacs21. There are about 15 CDs worth of packages from the Debian unstable archives that will work on Kanotix - get the CDs, call the pizza delivery guy, and you'll never have to leave home again.
Kanotix is very easy to configure, and even newbies should not have much difficulty using it. However, for those who like a challenge, there is plenty of complex stuff to play around with if you drill down a little. In particular, propellerheads will enjoy two unusual features of this distro: the unionfs and scripts.
This experimental feature is also seen in Knoppix 3.8. However, the Kanotix implementation is different in that it is optional. Unionfs is an overlay filesystem which makes it possible to use apt-get live or install nvidia or radeon drivers in live mode. Kanotix's nvidia/radeon scripts detect the live mode and activate unionfs if needed. Otherwise, the way to enable unionfs is simply to type this cheatcode on the boot command line:
By using this cheatcode, file changes will be stored at /tmp/unionfs (which will be lost after poweroff).
If you do not use the cheatcode at bootup time, you can still activate unionfs in live mode by opening any browser and typing klik://unionfs. However, this sets the unionfs into the home directory (rather than /tmp/unionfs as occurs with the cheatcode). Files would be stored to the hard drive (or floppy, usb memory stick, etc) when being used in combination with a persistent /home.
There exists two additional options to make a more permanent unionfs: unionrw and unionro. The first can be created with this cheatcode:
The unionrw cheat can be used in several ways:
1) Point to a partition on the hard drive
2) Point to a loop file (like an ext2 loopback file)
3) Point to a directory
All three ways work to permanently store changes to a drive you designate - if you always use the same cheatcode you can have custom program selection at the place given by the user. This does not store the /home directly, you have to use the home cheat for that.
As already mentioned, there is a third cheatcode:
This is basically like unionrw, but you are not able to overwrite files in the place where you've stored them. However you could combine a new unionrw and the unionro cheatcode at the same time. Not everyone will find this useful, but remember, this is all experimental.
Note that none of these cheatcodes are mentioned in the help file that is visible when you press F1 when booting Kanotix.
For those who understand it, unionfs offers a number of interesting possibilities. For example, it would be even possible to erase packages in live mode and then install Kanotix to the hard drive (so that hd install has less packages than a full install). Users could provide kicklists (similar to Red Hat's kickstart) for special purposes.
Of course, all this will probably prove a little intimidating for first-time users - most people will just want to boot and shoot. So if you feel that unionfs is mind-boggling overkill, feel free to ignore it.
Kanotix - Not Just Another Pretty Face
A unique feature of Kanotix which I neglected to mention in my earlier review is that it comes with a large number of specialized scripts. Most of these were written by Joerg Schirottke (Kanotix's creator), but a few originated elsewhere. These scripts can all be found in /usr/local/bin, and there are currently 38 of them. They are not documented anywhere, so below I have included a brief description of each (thanks to Joerg for his assistance with this). So without further ado:
Sets current IP in apache config and starts it.
GUI for (AVM) Adapters for dial-in via ISDN and capi
Detects AVM FritzCards (runs at vt10 when CD is started)
Called automatically when specific Lucent Modem string is found to enable that winmodem.
Not Joerg's script. Purpose is to create devices for devicemapper/LVM.
Script executed with dvb-nexus load when card found would which could be a DVB card.
Same for PCTVSat DVB cards.
Like No. 2 above, but just for Eagle Chip-Set (AT-AR215) DSL adapters.
Like No. 2, just for DSL Mode.
After apt-get update and hd install, run this script to enable the two additional mouse buttons of a 5-button usb mouse (ps2 connected you need manual changes to /etc/X11/XF86Config-4). Then you can use BACK/FORWARD in a web browser just like Windows.
Sets preferred DPI setting for X. 72 is what is used from CD or by the installer. 100 is default of that script (useful for 1280x1024 tft displays). Use any number you want and restart X later.
Not Joerg's script and probably will be removed. It was used to switch between old and new dvb drivers.
Similar to No. 12, just for new drivers.
Changes the message of the day - updated kernel info.
Not really needed as the installer does it or ssh start, but creates the needed keys.
Connects to timeserver and sets time and sets startup links for ntpdate (usefull after tzsetup).
Special purpose script if you have xv problems with nvidia driver and apps like xawvt. Must not be executed as root but as standard user (local is the keyword for that).
Finds swap partitions which are bigger than 1.5 times ram size for usage with suspend (and suspend 2). Updates /boot/grub/menu.lst. Reboot required after change.
Demo script to update chkroot in live mode (not as root).
Live installer for f-prot. Even better, in a browser enter: klik://f-prot
Downloads and patches the kernel sources matching the current kernel. With manual changes you can use it for any kernel ever created for Kanotix.
Installs nvidia drivers. Use with sudo in live mode or login to vt1 (ctrl-alt-f1) after hd install.
Same as No. 22 but install radeon drivers for radoen 8500 and up. Required for 3D for 9500 and up.
Demo script that works as root + local to download + compile (x)mbmon with small patching.
Enters Kanotix irc channel (even in text mode).
Demo script to create deb packages automated (well right now the headers are removed, but could be installed using this list):
apt-get install $(<remove-devel.txt)
Sample script to enable NAT on ppp0, could be easily changed.
Like No. 2, for standard modems
Replacement for pppoeconf.
No script, it's a tool from the quickcam driver.
Internal use basically for removing bad links when mastering a CD.
Small script to remove gateway entry in /etc/network/interfaces - main cause of internet problems.
Removes all rests from not fully-removed tools.
One variant of speedtouch DSL GUI for dial-in (the preferrd one).
Older variant, if No. 34 does not work.
Keeps installed scripts up-to-date.
Not Joerg's script. A simple tool to get the hex key from a passphrase for WEP.
Starts xine with dvb as input. Useless now - as Kaffeine can use DVB directly - so it will be removed in the next release.
A special note: You can run the 3D driver install scripts directly in live mode:
However, if you would do a hard disk install later these will be inactive, the (same) script needs to be run again. That is to say, running it from the live CD doesn't mean the new driver will be installed when you do the hd install.
It's hard to improve on something this good, but Joerg keeps trying. On the horizon, there are plans to do an updated 2005-02 release for AMD64. There might also be a small bugfix update for 2005-02 32 bit with a different kernel (2.6.11 sata drivers and sk98lin created a few problems).
A related project is a smaller LITE edition with could fit on a 512MB usb memory stick. It's still experimental, and it will be a while before Kanotix LITE makes its debut on the standard servers. Currently it's only being distributed on magazine CDs.
Enough said. If you haven't got Kanotix, get it. And if you want to delve further into this very worthwhile distro, it should be noted that there is now a Kanotix Wiki page here. This is in addition the already excellent forum.
|Tips, Tricks and Hints
Gftp and Sftp - Like Peanut Butter and Jelly
File Transfer Protocol, or FTP, has been around since the Dark Ages. Other protocols have come and gone (remember Telnet?), but FTP has endured. However, the reason for FTP's longevity has less to do with its technical excellence than the fact that it's just damn useful.
How useful? As the name implies, FTP is all about transferring files. As you no doubt know, HTTP can also transfer files, but only in one direction (download) - FTP lets you upload as well. If you have your own web site parked on a server at a web hosting service, you'll almost certainly use FTP to upload your files. You can also use FTP to do some basic sysadmin tasks on the remote site, such as renaming files, deleting files and changing user permissions. If you want to know all the fabulous things that FTP can do, simply type "ftp" at the command line - you will then get a "ftp>" prompt. Type a question mark (?) and you'll get a list of commands. If you want to know what a particular command does, type "help" followed by the command name, for example:
ftp> help chmod
chmod change file permissions of remote file
You can then exit the ftp> prompt and end your session by typing "bye".
Of course, not everyone is thrilled with the command line. Fortunately, in the open source world there are several nice user-friendly GUI FTP clients. The perennial favorite is Gftp. Many Linux distros include it by default, but you can easily find RPMs or DEB binaries, or download the source tarball from http://www.gftp.org.
As useful as FTP is, it has some flaws. Over the years, there have been many FTP exploits. To address this problem, a number of FTP servers have made their debut, reached super-star status, and then faded just as quickly when serious security holes were discovered by uppity script kiddies. In the five years that I've been running Linux, I've used and scrapped WU-FTP and ProFTP. The current favorite among the open source community is VSFTP (Very Secure FTP), which is - as the name implies - very secure (we hope). However, even it suffers from one flaw which is nearly incurable - FTP sends passwords across the network in clear text. Another issue is that FTP requires two ports (20 and 21) to transfer files - this kludge can confuse firewalls and proxy servers. There is no doubt that if FTP were being redesigned today from scratch, it would be done very differently, but it's a standard and that makes it hard to change.
If you own two or more computers, you might be tempted to use FTP to transfer files between them. However, running a FTP server - or any kind of server - always entails a small element of risk. You can minimize the hazards if you know what you're doing, but quite a few users know nothing about network security and don't really want to know. And why should they bother when there is a safer, more secure alternative around.
Enter "ssh", the "secure shell". Unlike FTP, it encrypts everything - your password, any commands you issue, and the files you transfer. Furthermore, it does a lot more than merely transferring files - as the name implies, it gives you a shell on the remote machine, allowing you to run applications and (with the root password) perform all system administration tasks.
However, all the many wild and wonderful things you can do with ssh is not what interests us here - we simply want to transfer files. Which brings us to sftp. Ostensibly, "sftp" means "secure FTP", but in fact it only resembles FTP on the surface. True, it looks like FTP and it smells like FTP, but underneath it is in fact nothing but ssh with a FTP interface.
The best way to learn is by doing. First you need a network - if you have a laptop and desktop, that will do just fine. Explaining how to set up a network is also beyond the scope of this article. If you happen to have a remote server out there somewhere on the Internet, that will also work. Indeed, here at DistroWatch we often use Gftp (with Sftp) to transfer files to our server.
You should find ssh already installed on any Linux or BSD box. The machine that will receive the files must have sshd running. You'll need to have it running on both machines if you want to transfer files both ways. You can set up sshd to start at boot time, but that isn't absolutely necessary - you can always start it by typing (as root) "/usr/sbin/sshd", and you can stop it with a "killall sshd".
In order to run sftp-server, find out where file "sftp-server" is located. Usually it will be in /usr/lib/ or /usr/libexec. Then add the following line (if it is not already there) to /etc/ssh/sshd_config:
Subsystem sftp /usr/lib/sftp-server
Subsystem sftp /usr/libexec/sftp-server
If you made any changes you'll need to restart sshd. Then you can immediately start transferring files. The syntax for the "sftp" is very similar to the BSD ftp client. Log on to the remote machine like this:
You should find yourself logged onto the remote machine at a "sftp>" prompt. You can see all the available commands by typing "help". Exit from the session by typing "bye".
If you've gotten this far and everything is working, the only remaining hurdle is to configure Gftp so that it works with ssh rather than FTP. That happens to be dead easy. Fire up Gftp. Change the value of the right-most drop-down box from FTP to SSH2. Along the top menu bar, fill in the blank boxes (from left to right) with the relevant information:
With your cursor still in the password box, hit enter - you should be connected immediately. And the rest is so intuitive that you can do it with your eyes closed.
Gftp - As Good As It Gets
* * * * *
And that's the news for today. Thank you all for your patience, and with luck Ladislav will be back next week.
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|Linux Foundation Training
|• Issue 760 (2018-04-23): Chakra 2017.10, using systemd to hide files, Netrunner's ARM edition, Debian 10 roadmap, Microsoft develops Linux-based OS|
|• Issue 759 (2018-04-16): Neptune 5.0, building containers with Red Hat, antiX introduces Sid edition, fixing filenames on the command line|
|• Issue 758 (2018-04-09): Sortix 1.0, openSUSE's Transactional Updates, Fedora phasing out Python 2, locating portable packages|
|• Issue 757 (2018-04-02): Gatter Linux 0.8, the UNIX and Linux System Administration Handbook, Red Hat turns 25, super long term support kernels|
|• Issue 756 (2018-03-26): NuTyX 10.0, Neptune supplies Debian users with Plasma 5.12, SolydXK on a Raspberry Pi, SysV init development|
|• Issue 755 (2018-03-19): Learning with ArchMerge and Linux Academy, Librem 5 runs Plasma Mobile, Cinnamon gets performance boost|
|• Issue 754 (2018-03-12): Reviewing Sabayon and Antergos, the growing Linux kernel, BSDs getting CPU bug fixes, Manjaro builds for ARM devices|
|• Issue 753 (2018-03-05): Enso OS 0.2, KDE Plasma 5.12 features, MX Linux prepares new features, interview with MidnightBSD's founder|
|• Issue 752 (2018-02-26): OviOS 2.31, performing off-line upgrades, elementary OS's new installer, UBports gets test devices, Redcore team improves security|
|• Issue 751 (2018-02-19): DietPi 6.1, testing KDE's Plasma Mobile, Nitrux packages AppImage in default install, Solus experiments with Wayland|
|• Issue 750 (2018-02-12): Solus 3, getting Deb packages upstream to Debian, NetBSD security update, elementary OS explores AppCentre changes|
|• Issue 749 (2018-02-05): Freespire 3 and Linspire 7.0, misunderstandings about Wayland, Xorg and Mir, Korora slows release schedule, Red Hat purchases CoreOS|
|• Issue 748 (2018-01-29): siduction 2018.1.0, SolydXK 32-bit editions, building an Ubuntu robot, desktop-friendly Debian options|
|• Issue 747 (2018-01-22): Ubuntu MATE 17.10, recovering open files, creating a new distribution, KDE focusing on Wayland features|
|• Issue 746 (2018-01-15): deepin 15.5, openSUSE's YaST improvements, new Ubuntu 17.10 media, details on Spectre and Meltdown bugs|
|• Issue 745 (2018-01-08): GhostBSD 11.1, Linspire and Freespire return, wide-spread CPU bugs patched, adding AppImage launchers to the application menu|
|• Issue 744 (2018-01-01): MX Linux 17, Ubuntu pulls media over BIOS bug, PureOS gets endorsed by the FSF, openSUSE plays with kernel boot splash screens|
|• Issue 743 (2017-12-18): Daphile 17.09, tools for rescuing files, Fedora Modular Server delayed, Sparky adds ARM support, Slax to better support wireless networking|
|• Issue 742 (2017-12-11): heads 0.3.1, improvements coming to Tails, Void tutorials, Ubuntu phasing out Python 2, manipulating images from the command line|
|• Issue 741 (2017-12-04): Pop!_OS 17.10, openSUSE Tumbleweed snapshots, installing Q4OS on a Windows partition, using the at command|
|• Issue 740 (2017-11-27): Artix Linux, Unity spin of Ubuntu, Nitrux swaps Snaps for AppImage, getting better battery life on Linux|
|• Issue 739 (2017-11-20): Fedora 27, cross-distro software ports, Ubuntu on Samsung phones, Red Hat supports ARM, Parabola continues 32-bit support|
|• Issue 738 (2017-11-13): SparkyLinux 5.1, rumours about spyware, Slax considers init software, Arch drops 32-bit packages, overview of LineageOS|
|• Issue 737 (2017-11-06): BeeFree OS 18.1.2, quick tips to fix common problems, Slax returning, Solus plans MATE and software management improvements|
|• Issue 736 (2017-10-30): Ubuntu 17.10, "what if" security questions, Linux Mint to support Flatpak, NetBSD kernel memory protection|
|• Issue 735 (2017-10-23): ArchLabs Minimo, building software with Ravenports, WPA security patch, Parabola creates OpenRC spin|
|• Issue 734 (2017-10-16): Star 1.0.1, running the Linux-libre kernel, Ubuntu MATE experiments with snaps, Debian releases new install media, Purism reaches funding goal|
|• Issue 733 (2017-10-09): KaOS 2017.09, 32-bit prematurely obsoleted, Qubes security features, IPFire updates Apache|
|• Issue 732 (2017-10-02): ClonOS, reducing Snap package size, Ubuntu dropping 32-bit Desktop, partitioning disks for ZFS|
|• Issue 731 (2017-09-25): BackSlash Linux Olaf, W3C adding DRM to web standards, Wayland support arrives in Mir, Debian experimenting with AppArmor|
|• Issue 730 (2017-09-18): Mageia 6, running a completely free OS, HAMMER2 file system in DragonFly BSD's installer, Manjaro to ship pre-installed on laptops|
|• Issue 729 (2017-09-11): Parabola GNU/Linux-libre, running Plex Media Server on a Raspberry Pi, Tails feature roadmap, a cross-platform ports build system|
|• Issue 728 (2017-09-04): Nitrux 1.0.2, SUSE creates new community repository, remote desktop tools for GNOME on Wayland, using Void source packages|
|• Issue 727 (2017-08-28): Cucumber Linux 1.0, using Flatpak vs Snap, GNOME previews Settings panel, SUSE reaffirms commitment to Btrfs|
|• Issue 726 (2017-08-21): Redcore Linux 1706, Solus adds Snap support, KaOS getting hardened kernel, rolling releases and BSD|
|• Issue 725 (2017-08-14): openSUSE 42.3, Debian considers Flatpak for backports, changes coming to Ubuntu 17.10, the state of gaming on Linux|
|• Issue 724 (2017-08-07): SwagArch 2017.06, Myths about Unity, Mir and Ubuntu Touch, Manjaro OpenRC becomes its own distro, Debian debates future of live ISOs|
|• Issue 723 (2017-07-31): UBOS 11, transferring packages between systems, Ubuntu MATE's HUD, GNUstep releases first update in seven years|
|• Issue 722 (2017-07-24): Calculate Linux 17.6, logging sudo usage, Remix OS discontinued, interview with Chris Lamb, Debian 9.1 released|
|• Issue 721 (2017-07-17): Fedora 26, finding source based distributions, installing DragonFly BSD using Orca, Yunit packages ported to Ubuntu 16.04|
|• Issue 720 (2017-07-10): Peppermint OS 8, gathering system information with osquery, new features coming to openSUSE, Tails fixes networking bug|
|• Issue 719 (2017-07-03): Manjaro 17.0.2, tracking ISO files, Ubuntu MATE unveils new features, Qubes tests Admin API, Fedora's Atomic Host gets new life cycle|
|• Issue 718 (2017-06-26): Debian 9, support for older hardware, Debian updates live media, Ubuntu's new networking tool, openSUSE gains MP3 support|
|• Issue 717 (2017-06-19): SharkLinux, combining commands in the shell, Debian 9 flavours released, OpenBSD improving kernel security, UBports releases first OTA update|
|• Issue 716 (2017-06-12): Slackel 7.0, Ubuntu working with GNOME on HiDPI, openSUSE 42.3 using rolling development model, exploring kernel blobs|
|• Issue 715 (2017-06-05): Devuan 1.0.0, answering questions on systemd, Linux Mint plans 18.2 beta, Yunit/Unity 8 ported to Debian|
|• Issue 714 (2017-05-29): Void, enabling Wake-on-LAN, Solus packages KDE, Debian 9 release date, Ubuntu automated bug reports|
|• Issue 713 (2017-05-22): ROSA Fresh R9, Fedora's new networking features, FreeBSD's Quarterly Report, UBports opens app store, Parsix to shut down, SELinux overview|
|• Issue 712 (2017-05-15): NixOS 17.03, Alpha Litebook running elementary OS, Canonical considers going public, Solus improves Bluetooth support|
|• Issue 711 (2017-05-08): 4MLinux 21.0, checking file system fragmentation, new Mint and Haiku features, pfSense roadmap, OpenBSD offers first syspatch updates|
|• Issue 710 (2017-05-01): TrueOS 2017-02-22, Debian ported to RISC-V, Halium to unify mobile GNU/Linux, Anbox runs Android apps on GNU/Linux, using ZFS on the root file system|
|• Issue 709 (2017-04-24): Ubuntu 17.04, Korora testing new software manager, Ubuntu migrates to Wayland, running Nix package manager on alternative distributions|
|• Full list of all issues|
|Random Distribution |
EnGarde Secure Linux
EnGarde Secure Linux was a server-oriented open source operating system that provides services like web, DNS and email simply and securely while eliminating the need for time-consuming "hardening" by the user. EnGarde offers integrated intrusion detection, advanced kernel and network security features, and graphical auditing and reporting - all controlled through Guardian Digital WebTool, a simplified browser-based management system.