I just found a great guide to making the most efficient use of your bash history.  If you commonly find yourself scrolling through your bash history with your arrow keys, this guide is for you.  In case you were wondering, Ubuntu uses emacs mode for command editing by default.  The cheatsheet can be found at the bottom of the post.  Thanks Peteris!

Microsoft used it’s highly effective business strategies to gain an effective monopoly in the computer software industry in the early 1990’s.  Since then, businesses have had very little choice when making decisions about what software to use, as the Windows/Office combination has become an effective standard, as everyone is now locked into Microsoft’s proprietary formats.  This lack of choice has caused Microsoft’s high priced products to continue to sell, irregardless of the product’s actual quality.  Corporate competition has been made near impossible as Microsoft’s highly profitable products sell, not based on value, but out of inertia.  Unfortunately for Microsoft, this lack of competition has enabled Microsoft to produce products of reduced quality, without a disruption in sales figures to mandate internal changes.  With the high cost/low value release of Windows Vista, corporations are becoming more apt to consider alternatives.  IBM is stepping into that vacuum and offering a low cost/high value alternative solution to the business desktop model which has the potential to shatter Microsoft’s stranglehold on the market.

Yesterday, IBM issued a Press Release announcing their new desktop solution which utilizes a combination of Ubuntu, IBM’s Lotus Symphony, and server hosted virtual desktops using a solution called VERDE from Virtual Bridges.

Here are a few highlights:

Compared to Microsoft-based desktops, this virtual desktop solution, including industry-leading components from IBM, Virtual Bridges and Canonical, is estimated on average to deliver cost savings from:

  • Licensing: cost avoidance of $500 to $800 per user on software license for Microsoft Office, Windows and all related products
  • Hardware: cost avoidance of around $258 per user since there is no need to upgrade hardware to support Windows Vista and Office 2007
  • Power consumption: cost avoidance of $40 to $145 per user from reduced power to run the configuration and $20 to $73 per user from reduced air conditioning requirements from lower powered desktop devices annually
  • IT services: 90 percent savings of deskside PC support; 75 percent of security/user administration; 50 percent of help desk services such as password resets, and 50 percent for software installations, which are replaced by software publishing

Standard pricing for a 1,000-user VERDE deployment is $49 per user.

With the benefits of open standards over a proprietary platform come the freedom to select software in a heterogeneous environment,” said Malcolm Yates, vice president, Canonical. “Combining Ubuntu with IBM’s Open Client software applications we can break out of Microsoft dependencies completely and significantly reduce total cost of ownership.

Here is the full Press Release: IBM and Business Partners Introduce a Linux-Based, Virtual Desktop

When I consider the combination of the efforts of the Ubuntu community, the vision of Canonical guiding development, and the backing of companies like IBM, I have no doubt that widespread adoption of Ubuntu will soon reach a tipping point.  The infrastructure is in place, and the gears are turning; we just have to reach critical mass.  Having the word Ubuntu on a resume is feeling more and more valuable by the hour.

SSH, or Secure SHell, is probably the most useful tool I’ve discovered since I switched to Ubuntu.  SSH enables you to remotely access other computers over a network, or over the Internet.  It is a secure replacement for TELNET, which although useful, transmits passwords in plain text.

OpenSSH is the FOSS implementation of SSH available in Ubuntu, which also includes SCP for secure copying across a network, and SFTP, a secure implementation of FTP (FTP also sends passwords in plain text).  In Ubuntu, you can go to Places > Connect to Server… to connect to another computer graphically through SSH to move files back and forth, but if you want to get the most out of SSH, you’ll need to use the command line.

First, you’ll need to have the ‘ssh’ package installed (this meta-package includes the openssh-client and openssh-server packages).   Open up a terminal and start by typing:

sudo aptitude install ssh

You’ll need to do the same on the computer you want to connect to.  Once SSH is installed on both systems, you can login remotely like this:

ssh remoteuser@<remote IP address>

You will be prompted for remoteuser’s password on the remote computer (the server).  You can omit the username if the username and password match on the client (local) and the server (remote) computers.  From here you can browse the filesystem, edit configuration files, or even SSH into a third computer (the server becomes the client for the new connection).  Disconnect from an SSH session by typing “exit”.

You can also use SFTP and SCP for moving files back and forth between computers.  SFTP functions exactly the same as FTP.  Just type:

sftp remoteuser@<remote IP address>

At the prompt, type a ‘?’ for options.  “put” is used for uploading files, and “get” is used for downloading them.

Using SCP is similar to using the “cp” command in a terminal.

Download files from the remote computer:

scp remoteuser@<remote IP address>:/path/to/file /local/destination/

Or, upload files to the remote computer:

scp /local/path/to/file remoteuser@<remote IP address>:/remote/destination

Or, move files from one remote computer to another remote computer:

scp userA@<remote IP A>:/path/to/file userB@<remote IP B>:/path/to/destination

Just as you can use SSH to log in to a computer on a LAN, you can also use it to connect to a computer across the Internet.  This involves three additional steps:  Using secure authentication, getting the correct IP address, and setting up Port Forwarding.

Setting up your server for SSH access from any Internet connection is quite useful.  The bad news, is that you are also making your computer fully accessible to anyone with your password and to EVERYONE with the ability to crack it.  This should concern you, because even if there is nothing valuable on your computer, an attacker can use your network as a springboard to attack other computer systems, effectively leaving your fingerprints at the crime scene. The solution is to turn off password authentication, and log in automatically with an RSA key instead.  This step is essential for anyone who will be setting up port forwarding for SSH connections.

Very strong security using RSA Key based authentication is easy to set up and it only takes a few minutes.   You will be generating a RSA key on the computer you want to SSH from (the client), and passing the key to the computer you’ll be SSHing into (the server), which essentially makes your local computer the key to access your server.  After you’ve passed your key to the server you can turn off password authentication, keeping unwanted guests out of your server.  I’ve used this excellent post from Tombuntu.com as a quick reference for a while now, and I’m going to recommend you click the link for the instructions.

To connect to a computer running on your home network, you will also need to know your (external) IP address.  The problem lies in the reality that most ISP’s change the IP address of your Internet connection regularly.  Now, if there is someone at the remote computer, you can instruct them to go to http://www.whatsmyip.org/, and to instant message or email the IP address back to you, which makes things quite simple.  Obviously, this isn’t the most ideal system.  An easier way to set things up would be to use a Dynamic DNS service such as DynDNS.  This service attaches a static URL to your dynamic IP address.  The server keeps the URL up to date by listening to a device on your network which updates the server with your current IP address every minute or so.  Many home routers provide DynDNS support out of the box.  You can also set up a computer on your network to provide this service with these instructions.

The last requirement for enabling SSH connections over the Internet, is to have your home router (AKA residential gateway) forward the SSH port (port 22 by default) to the proper computer on your home network.  If you don’t already know, outsiders on the Internet see your entire network as one IP address:  The external address of your router, assigned by your ISP.  When you try to connect to this address, the router takes the incoming connection (a connection always comes in on a particular port) and forwards that port to the appropriate computer on your network.  You need to make sure this is set up to work correctly before hand.  Instructions for configuring your particular router, and further information about port forwarding can be found on the exceptionally useful website portforward.com.

So, now you can securely SSH into your server from elsewhere.  A problem you may experience, is that if you execute a time consuming command, such as compiling software or wget-ing an iso, and disconnect your session, the program stops immediately.  A great solution to this problem is GNU Screen (Thanks to Aaron Toponce for pointing out this great app).  Screen is a tool that starts a new, resumable command line inside the current one.  Once you are connected to the remote computer, type “screen” to start the program.  Inside screen, you can start downloading that iso with wget, and then press Ctrl+a, and then ‘d’ to disconnect the session.  You can type “exit” to disconnect from the SSH session, if you’d like.  The iso will keep downloading.  At a later point, you can SSH back in, and type “screen -r” to resume your previous session.

Well, that’s it for today.  Next time I’ll cover running GUI (graphical user interface) applications remotely with SSH and X11 forwarding, using compression, and some other useful stuff.

If you have any other useful SSH tips I haven’t mentioned here, feel free to comment.