Guides

Jan 23 2009

Guide - How to Enable Concurrent Sessions in Windows 7

GUIDE REPLACED: JULY 22, 2009 - GO HERE FOR THE NEW GUIDE FOR WINDOWS 7 SP1 BUILD

Guide Updated: May 2, 2009 - Included support for 7100 RC Build of Windows7

One of the most popular articles ever at MissingRemote.com has been our guide on how to enable Concurrent Sessions for Windows Vista. For those unaware of what it is, Concurrent Sessions allows you to Remote Desktop into a system that someone else is on, under a different user account, and access the system without kicking the user off. I, for example, use the feature to have MCE running on my Television, and then I remote into my main user account to access all my files without interrupting my MCE session.

 

win7.jpg

 

All kudos go out to the fellas who made this possible so quickly--Pinobigbird, untermensch and cocoa. Way to go! Hopefully they can maintain an update if the release of Win7 changes things. As of May 2nd, the guy to thank is ShipIt, who posted his file originally at WinMatrix.com . Thanks to all who continue to support this amazing feature!!

 

***DISCLAIMER***

The following files and instructions are provided to you at your OWN RISK!! Understand that it is replacing important files, and as always, anything can happen. That being said, if you do have a problem, we have a fantastic community here to help you

 

rdp1

 

First, you will need to download the appropriate files which have been conveniently wrapped together by the aforementioned folks. For your convenience, I've re-compressed the files into a zip folder available for Download The Concurrent_RDP_Win7_Beta_7000.zip File Below (login required).

EDIT 5/2/09: If you are using RC Build of Windows7 (Build 7100), use "Win7RDP/Concurrent_RDP_Win7_7100_32_64.zip" available below (login required)

 

Once downloaded, extract that file into a directory. Right click on the Install.cmd file and select Run As Administrator

 

process2.jpg
 If you executed the command successfully, you should see this screen.

 

As of now, this has been tested and confirmed working on Windows 7 build 7000 that most of you probably have thanks to Microsoft, so Enjoy! If anyone gets a newer version that this does NOT work in, please let us know!

 

EXTRA ABILITIES

For 99.9% of folks, the above steps will be exactly what they are looking for. However, if you want to customize the abilities a bit, there are certain command strings you can run in addition. To do so, you will need to open a Command Prompt with Administrator Privileges (Start > Run > CMD > Right Click "Run As Administrator"). The other available options are: 

 

-?
 Show this help
help
 Save as -?
multi
 Enable multiple sessions per user
blank
 Enable remote log on for user accounts that are not password protected

 

So you would change to the folder where you extracted the zip and execute the command. For example, if you wanted to Enable multiple sessions per user, you would run the following:

C:\Concurrent_RDP_Win7_Beta_7000> install -multi

Digg It

Jan 16 2009

Guide - Build Your Own Digital TV Antenna

{mospagebreak_scroll title=Build}

What you'll need:

 

Assembly:

 

{mospagebreak_scroll title=Test}

Testing:

Jan 16 2009

Guide - Video: Programming your Logitech Harmony Remote

There has been discussion in the forums recently about how to properly setup a Harmony remote to drive all of those components sitting in your entertainment center.  Do you use the Devices?  Do you use the Activities?  Do you get up and push the buttons on the front of the devices?  Watch the video and find out!
Jan 16 2009

Guide - Choosing an antenna for your HDTV reception

In a recent article, we discussed how there is nothing special about an "HDTV" antenna.  So now the question becomes, which antenna is the right one for you?  Without going into details about specific antennas, this article will introduce you to the various types of antennas and some of their more imprtant characteristics.  We will also cover which antenna type is best for various situations.
Jan 14 2009

Guide - HTPC Basics: The Beginnings

The wonderful world of HTPC's can be very baffling to someone who has never dabbled in the confusing realm of codecs, drivers and programs. So I decided to dedicate part 2 of the HTPC basic series to helping people understand the wide world of HTPC's. I will briefly cover several topics including software, hardware, audio/video codecs and other.

 Digg It!

htpc_bascis.jpg

 

Jan 05 2009

Guide - HTPC Basics HArdware

Hardware

Building an HTPC is similar to building a personal computer with a few caveats. Keep in mind these are just talking points to get a beginner started in the right direction.

  1. An HTPC is typically in the living room and should be silent
  2. If you want to record TV you need a TV tuner device of some sort
  3. Required CPU speed is dependent on the functions you want to perform
  4. You can never have enough hard drive space

CPU/Video card

CPU requirements depend on a few different considerations that include what type of video card you have, if you plan on using it for an extender server and if you plan on transcoding videos on the fly for placeshifting.

If you plan on only playing back media files, any modern dual core CPU paired with a video card that decodes H.264 in hardware will work for you. For more information, see Matt's article on the basics of Video Card HD processing. Check his guide out before buying a vid card but you will find that the most recent generation of video cards fully decode most formats without using the CPU.

If your box is going to be a multi-tasking monster and perform other tasks watching media files, I would recommend a higher-end dual core CPU or faster quad CPU. The Network Topology section will describe more of what you might expect in a whole-home Media Center setup.

For what its worth, my recommendation for the sweet spot is a 4550.

TV Tuner

A good resource in what TV tuner you will need for your HTPC is this guide here . it is slightly outdated and does not inlcude Hauppauge's HD PVR. As well, read Matt's ATSC/NTSC tuner guide.

Here is a quick summary of the tuners available.

Analog TV cards - These cards are able to tune standard defintion signals such as an s-video output from a cable box or satellite box, or they can tune analog cable with the onboard tuner.

Combo tuner cards - These cards have an analog tuner and digital tuner. You are able to use each tuner independently of one another. The digital tuner is able to tune QAM and ATSC (broadcast digital TV) signals.

Hybrid tuner cards - These cards have an analog and digital tuner. However, you can only use one tuner at a time. They are typically lower in price than combo cards.

Digital tuner cards - More recently companies are releasing dual tuner cards that have two digital tuners onboard. These will work with QAM signals and ATSC (broadcast digital TV).

HD PVR -Hauppauge's HD PVR, see review here, is able to encode high definition output via component cables to H.264. This allows you to use a set top box to view high definition content from any source that has component out.

CableCard Tuners - Exclusive to OEM machines sporting Vista Media Center, CableCards tuners llow full tuning of all premium HD and SD cable content minus the two way communication for PPV.

Case/Cooling

Assuming your HTPC will be a stand-alone component, simply pick a case that looks good and is quiet. Alrighty, there is a little more than that :). Here are a few things to consider.

  • How quiet are the included fans?
  • How is the airflow? Will it be sufficient to cool two tuner cards, multiple hard drives etc?
  • Does it have enough hard drive space?
  • Does it look good?
  • Micro-atx versus full ATX

Here are a few of the well know vendors.

Memory

Memory is dirt cheap. Get as much as your OS and packetbook can afford.

Dec 31 2008

Guide - MissingRemote's 2008 Stars and Flops, Year in Review

Well folks, 2008 has come and gone. And along with MissingRemote.com's continuing growth, we wanted to take the time to take a look at the things that came about in our wacky world of home theater & pc components and remember what were some great things that came out, and what are some failures that should be learned from.

So in case you've been living in a cave for 2008, or you just have short term memory loss and enjoy recaps, here you go!

There are a lot more examples after the break :). 

arcsoft-thumb.jpg

Arcsoft Total Media Theater


Hard to argue that a niche previously dominated by Cyberlink for so many years, has now been overthrown in a matter of months with Arcsoft. They continue to demolish the competition in features, stability and performance, while Cyberlink continues to cut features such as HD-DVD support & ability to play ripped movies.


DirecTV in MCE


One in the same as the above, maybe? No, now that we've been told DirecTV's tuner for MCE is done, dead, finito, this gets a big fat thumbs down for 2008. We went from potentially getting DirecTV inside MCE with its own tuner, to now not even a glimmer of hope.

 hdpc20.jpg

Nov 07 2008

Guide - HTPC Basics: The EPG

The basics is a series of articles that I am going to do a regular basis to introduce readers new to the HTPC world about the features and benefits of Home Theater PCs. I guess you can compare this to the cheap free drugs before the true addiction :). The software I will be using for the articles is Vista Media Center, mainly because that is the platform I use throughout my house. When possible I will get screen captures of other programs for comparison purposes.

The first topic is the EPG otherwise known as the Electronic Programming Guide. I chose this topic to start because this is the familiar element you will want to replicate when moving from a cable or satellite set-top box \ service.

Oct 29 2008

Guide - High definition audio wiring guide

receiver.jpgSo folks you're sold on Blu-ray, and you want to connect your new Blu-ray enabled home theater PC to your killer sound system, but which way is best? what are the trade-offs? 

Let's chart the Blu-ray audio formats first so you get an idea of what formats are used on Blu-ray, which formats are mandatory, and so on. Then we'll discuss the ways to connect your HTPC's audio to your home theater. As you can guess there are pluses and minuses with each method, and some require a bit of discussion.

Sep 06 2008

Guide - An Introduction to Installing Ubuntu and Mythtv

ubuntulogo.jpgmythtv-logo.jpgFor those of you that want to get your feet wet with Linux but don't know where to start, this guide is for you.  Today I will be discussing the steps you need to go through in order to install Ubuntu Linux, based on version 8.04.1 desktop 386.  This guide will cover the steps performed to install Ubuntu, load the AMD/ATI closed souce graphics driver, get sound running, and install the Mythtv frontend.  This guide will not cover configuring the backend portion of Mythtv at this time.  So let's get started.

As always, if you have a comment or suggestion, please stop by the forums.

Jul 31 2008

Guide - SageTV 6 On CentOS 5

 

A while back I mentioned that I was in the process of possibly switching from MythTV to SageTV.  I want to keep the main server running Linux because I feel it is a more stable environment than Windows.  Plus, due to the low OS overhead, it allows me to continue using an older PC.  The down side to all of this is it seems there are far greater Windows SageTV users than Linux SageTV users.  As a result, just about all of the available help guides are geared toward a Windows based install.  Today, I'd like to help even things up a bit and cover the steps involved in getting a SageTV server up and running in Linux using CentOS 5.

SageTV CentOS 5 Install Guide

 

Jul 30 2008

Guide - Native QAM With SageTV / HDHomeRun

 

With the latest beta release of SageTV 6.4.6 along with a beta version of the HDHomeRun software and firmware, it is now possible to natively tune QAM channels.  This means that the artificial 68 channel limit imposed by the previous mapping method is no longer an issue.  For those with a HDHomeRun that would like to pursue native QAM tuning bliss in SageTV, read on.  Please bear in mind that this is all based on beta software at the moment, so your mileage may vary.  I would strongly encourage this testing be done on a non-production system or you may face the wrath of a plummeting WAF.

SageTV Title Pic
Jul 01 2008

Guide - Firewire Recording with your Cable Box and SageTV

This guide is a repost of my original guide over at HTPCNews.com. Broken links have been updated, no other real changes have been made. This repost is brought on by a resurgence of firewire related questions in my PM box so I thought I should bring this back up and also remind people that it's 2 years old. Some improvements have been made to the process that could streamline it (ie..I think you can avoid girder). But now it's here for people that want to discuss it. The link to the drivers has been updated and now many more cable boxes aside from the Moto 6200 are supported. 


Mini-Guide (1): How to install drivers for your Firewire-enabled cable box.
This step is necessary for all other funtionality

1) Download the drivers below. Extract the drivers to somewhere you'll remember.
2) Turn off your cable box and the PC
3) Connect the firewire from the cable box to the PC
3) Turn on the cable box
4) Turn on the PC
5) When Windows XP boots it should auto-detect some new hardware. Click 'Cancel' for all of them.
6) Open Device Manager...it can be found in the Control Panel -> System -> Hardware Tab -> Device Manager
7) You should now have some 'Unknown' Devices.  Double-click AV\C Tuner. Choose the 'Driver' Tab. Then select 'Install/Update Driver'.
8) This will open the Update Hardware Manager, select "Install from a specific location" and follow the steps to point it to the folder you extracted your drivers to.
9) This should successfully install the drivers for your cable box.
10) Back in 'Device Manger' right click on the other 'Unknown' Devices that appeared and Disable them. There are currently no drivers to support the functionality from them. Hopefully in the future there will be.


Mini-Guide (2): How to watch TV through your HTPC over a Firewire connection
Firewire viewing and recording requires Windows XP

1) Download VLC below. Now install the latest build of VLC that you downloaded. It may require installation or you might just need to unzip it.
2) Open VLC.
3) Goto File -> Open Capture Device
4) Click the 'Refresh List' button next to the drop down box for Video Device Name.
5) Now select your cable box from the Video Device Name drop down box.
6) Click 'OK'...Don't try to configure anything...this tends to just blue screen the computer since the drivers don't support configuration.
7) Video should start playing momentarily. You should be able to change channels on your cable box and see what options you have available to you!!!
8) Enjoy TV! Good Luck!

May 31 2008

Guide - S/PDIF FAQ

Here's an oldie but a goodie I brought over from the HTPCnews days, it's still relevant today because of the limitations of S/PDIF and the high resolution audio tracks found on the next generation formats (Blu-ray/HD DVD). So with that in mind there are some quick changes to modernize the information.


What is S/PDIF?
S/PDIF stands for Sony/Philips Digital Interface. It is a is a standard form of audio transport, S/PDIF allows the transfer of audio from the source to another piece of equipment while preserving the full quality of the audio signal. The alternative, transmitting analog and then converting back to digital at the receiver, could degrade signal quality.

History
S/PDIF has its roots in DAT (digital audio tape). A method of digital audio transport very similar to S/PDIF was used in recording studios. It carried the raw 2-channel stereo audio (PCM) for CD mastering.

The consumer friendly S/PDIF was born for use with Audio CD players as a way to send the digital PCM stereo in a pure digital state to a high-end stereo setup.

Later on manufacturers found that they could send more then 2-channels if they sent a compressed stream of audio, like Dolby Digital (AC3), down the S/PDIF connection. To a device it appears as if it is just passing PCM audio, but to a receiver at the other end that has Dolby Digital technology it will detect the compressed bitstream and start decoding it into multi-channel surround sound information. Later the DTS format was added as an optional format that could be sent. This is called "S/PDIF Passthrough" or "Bitstreaming."

What physical forms does one find S/PDIF?
There are two phyical layer standards for S/PDIF: Coax (75ohm RCA) and Optical (TOSlink). Many sound cards have a mini-jack on the back that does multiple functions including digital output. These are essentially coax S/PDIF connectors in mini-jack format. Quite often all that is needed is a mono mini-jack to RCA adapter to use it with a receiver.

What are the benefits of using S/PDIF?
Using S/PDIF has three main benefits:
1. You get a pure digital connection from your PC to your home theater surround sound receiver.
2. You can send the surround sound from HDTV and DVD (i.e.: Dolby Digital (AC3) and DTS) straight to your home theater surround sound receiver. No software decoding needed.
3. Your receiver has much better electrical components, DACs, etc. than a typical sound card. So it is in your interest to hand off the audio to your home theater.

What are the limitations of using S/PDIF?
Typically sound out the S/PDIF for anything that is not pre-encoded in AC3/DTS will not be multi-channel. Any other type of audio will be a raw 2-channel PCM output. This means that 3D sound from games (EAX, DS3D), 5.1 sound from WMV-HD files, any advanced audio formats [such as Dolby TrueHD] or multi-channel (5.1/7.1) LPCM sound tracks from Blu-ray/HD DVD discs will all be downsampled to stereo when sent via S/PDIF.

What can I do about the limitation?

There are a few ways to deal with the limitation:

The first method is just fine for handling gaming and other miscellaneous audio formats that aren't in need of super high resolution output -- 

Dolby Labs has a real-time encoding technique that can take common audio formats, including 3D sound from games, and encode into a Dolby Digital signal. This technology is known as a "Dolby Digital Live". This ability can be found in either a discrete sound card or in select motherboard audio chipsets.

The software implimentation of Dolby Digital Live is available with select Intel branded motherboards as part of Intel's Dolby Control Center suite. There are quite a few stand alone sound cards with Dolby Digital Live these include AuzenTech's product line, Diamond XS71DDL, ASUS Xonar family, HT Omega Claro and Striker, Razer Barracuda, bluegears b-Enspirer 7.1, and a few others.

Not to be out done DTS now has their own take on real-time encoding called "DTS Interactive", part of the "DTS Connect" suite of technologies. AuzenTech, the same people who brought us the first Dolby Digital Live sound card that addd DTS Interactive support called the X-Plosion 7.1 DTS Connect, also the ASUS Xonar D2, HT Omega Claro and Striker, bluegears b-Enspirer 7.1. Also the Gigabyte GA-MA78GM-S2H AMD 780G motherboard includes supports for DTS Connect.

The second method is more versatile and future proof, which is to switch to HDMI for your sound input and to invest in a new motherboard or video card that can properly pass 8-channel (7.1) LPCM over HDMI. These are rare but coming. Intel's G35 and G45 IGPs can do it, so can NVIDIA's GeForce 8200 IGP. For discrete add-in graphics cards AMD/ATI's Radeon HD 4000 series also has a proper 8-channel implementation. To date none of NVIDIA's add-in cards support full HDMI audio, they simply passthrough S/PDIF to HDMI.

May 06 2008

Guide - GRUB on USB

grub.png

I was recently looking at my development system and wanted to load Windows as a boot option to a system primarily running Linux.  This got me to thinking.  What if I did something that corrupted or overwrote the boot sector on my hard drive?  What if I could no longer boot into Linux as I had intended?  What if I just want to have an entire Linux installation on my USB drive?  Enter GRUB, a Linux boot loader.

Read more... 

Installation

Introduction 

The GRand Unified Boot loader, or GRUB, has all but replaced LInux LOader, or LILO as the default boot loader for most Linux distributions today.  The boot loader is what hands off control of the system from BIOS Power On Self Test, or POST, to the Operating System.  In this guide, we will be creating a boot loader on a USB flash drive that loads Linux kernels that reside on your primary hard drive.  Of course you are free to add whatever utilities or Operating Systems that you would like and have licenses for.  Some ideas would be virus scanners or system utilities.  It is also possible to load an entire operating system on the flash drive, but that is outside the scope of this guide (but might be seen in the future).

This guide assumes that you have a Linux distribution loaded on your system already with GRUB as the boot loader.  There are probably other ways to get GRUB onto your USB flash drive but they will not be covered in this guide.  Also, installation of a Linux OS will not be covered, but you can follow John's great CentOS installation guide to get to this point.

 

The Parts 

So lets get started.  Here's what you will need:

  • USB flash drive
  • A system that can boot from USB
  • A system with Linux loaded using GRUB
  • some time
  • this guide

 

Finding The USB Flash Drive 

The first thing that you will need to do is boot into Linux as you would normally.  At this point, you should connect the USB flash drive if it is not already connected.  On my system, the USB flash drive itself showed up as /dev/sdc with the single partition under /dev/sdc1.  It shows up as /dev/sdc because my other two hard drives are /dev/sda and /dev/sdb.  When the drive is inserted into the USB port, the data itself is mounted under /media/disk.  The directory name may be different for your system, but will likely be found under /media/<something>.  To find out for certain where your drive is mounted use the following command:

$ df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sda1               101086     19138     76729  20% /boot
/dev/sdb1             57483476   4784692  49731644   9% /
/dev/sdc1                63838       234     63604   1% /media/disk

This shows that /dev/sdc1 is 63,838 1k-blocks in size (64MB) and is mounted at /media/disk.  The commands in this guide assume that the drive is mounted at /media/disk from now on.

If the drive does not mount automatically, you can accomplish this by running the following commands:

$ mkdir /media/disk
$ mount /dev/sdc1 /media/disk 

The first command creates the /media/disk directory and the second command mounts the drive.  This guide will assume that it is mounted under /media/disk.  Also note that all commands beginning with $ are issued by the regular user, while commands starting with # are issued by root.  

 

USB Flash Drive Files And Directories 

The next step is to create the directory structure on the USB flash drive and copy the needed files to it.  On my installation, the Linux kernels and images under /boot and the GRUB files under /boot/grub.  So lets make the necessary directories on our drive.  Note that you will need to change the directory name to match the path to your USB drive.  Also, you can create a different directory structure but you will have to make sure that the correct path is used later on for files like menu.lst.  For ease of use, I suggest using the indicated file structure.  It is also important later to know that on my installation, the /boot directory is on a separate partition from the / directory.

$ mkdir /media/disk/boot
$ mkdir /media/disk/boot/grub

Now that we have that done, lets copy over the files that we need.  In order to copy over grub.conf and menu.lst, you will need to be root.

$ su -
Password:
# cp /boot/grub/* /media/disk/boot/grub/

The su - command changes you to SuperUser, or root, so that you can copy the necessary files.  The next command does the actual copying.  Again, if you used a different directory structure or your USB flash drive is mounted at a different location, you will have to adjust all of the commands accordingly.

 

Installation 

Now that you have the necessary files in place it's time to install GRUB into the Master Boot Record of the USB flash drive.  First let's make sure we're loading GRUB onto the the correct drive.

# grub
grub> find /boot/grub/stage1
 (hd2,0)
grub> find /grub/stage1
 (hd0,0)

As stated earlier, in my installation, the /boot directory is on its own partition.  This is what causes (hd0,0) to show up under the second find command while (hd2,0) shows up under the first find command.  If the /boot directory were included in the root (/) partition then it would have been included in the first find command.  So enough confusion.  (hd2,0) means that the /boot/grub/stage1 file is located on the first partition of the third hard drive (numbering starts at 0).  In this case this is referring to the main partition of the USB flash drive.  (hd0,0) is referring to the /boot partition on my main hard drive.

So now we know that we want to load GRUB on (hd2,0).  There are three basic commands needed to do this: root, setup and quit.

grub> root (hd2,0)
 Filesystem type is fat, partition is 0x6
grub> setup (hd2)
 Checking if "/boot/grub/stage1" exists... yes
 Checking if "/boot/grub/stage2" exists... yes
 Checking if "/boot/grub/fat_stage1_5" exists... yes
 Running "embed /boot/grub/fat_stage1_5 (hd2)"...  16 sectors are embedded.
succeeded
 Running "install /boot/grub/stage1 (hd2) (hd2)1+16 p (hd2,0)/boot/grub/stage2
/boot/grub/grub.conf"... succeeded
Done.
grub> quit

The first command, root (hd2,0) , sets the "root device" in GRUB to the partition on the USB flash drive containing the boot directory.  In our example, this is (hd2,0) meaning it is the first partition on the third "hard drive", or sdc1.  The setup (hd2) command installs the GRUB boot loader into the Master Boot Record (MBR) of the drive.  If you do not want it loaded in the MBR but would instead like it in a specific partition, you can use the command setup (hd2,0), which will load it into the first partition (in that example).  There is a note in the GRUB documentation stating that if you load the GRUB boot loader into a partition instead of the MBR, you must chain-load GRUB from another boot loader, meaning that you have to boot up with some other boot loader in the MBR and tell it to load the GRUB boot loader from there.  That is outside the scope of this guide.

Configuration

Configuration

So now we have GRUB installed on our USB flash drive.  What's next?  There are two options at this point.  You can either tell the GRUB installation on your flash drive to load kernels that are installed elsewhere, such as on the original hard drive, or you can copy the kernel and initialization files to the USB flash drive and boot them locally.  We are going to boot them directly from the hard drive for two reasons: 1) it will save space on the flash drive allowing you to add other applications to boot, and 2) each time you install a new kernel on your system you will not have to copy it to the USB drive, you will just need to update the menu.lst file which will be demonstrated shortly.

 

Drive Ordering And Other Stuff 

In just a moment, we will set GRUB up to load the kernels that are located on our hard drive.  But first, we are going to play a little game with GRUB to change the drive ordering.  This is needed because if you change the boot order in the BIOS to include the USB flash drive before the normal hard drive, then it changes the order of the drives as far as GRUB and Linux see them also.  In my case, in a standard boot from the hard drive, my drive order is:

  • Main OS boot drive: (hd0)
  • OS data drive: (hd1)
  • USB flash drive: (hd2)

Now, when booting from the USB drive, you must change the order in the BIOS to include the USB drive first, so the order becomes:

  • USB flash drive: (hd0)
  • Main OS boot drive: (hd1)
  • OS data drive: (hd2) 

In order to keep things simple,  we will use the map command to change the order back to what it was if we weren't booting from the USB drive.  To do this, open up the /media/disk/boot/grub/menu.lst file in your favorite text editor.  Before making any modifications, my menu.lst file looks like: 

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/sdb1
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.24.4-64.fc8)
    root (hd0,0)
    kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/sdb1 quiet
    initrd /initrd-2.6.24.4-64.fc8.img
title Fedora (2.6.24.3-50.fc8)
    root (hd0,0)
    kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/sdb1 quiet
    initrd /initrd-2.6.24.3-50.fc8.img

On my system, the original /boot partition was located on hard drive 0, partition 0 (hd0,0).  Since we are booting off of the USB flash drive now, the drive order will change to what is mentioned above.  We will add the map command to change the order back again.  Also note that we needed to modify the kernel and initrd lines to include /boot at the beginning of the first parameter since the /boot directory is not in its own partition on the USB flash drive.  The end result should look like this:

# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/sdb1
#          initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.24.4-64.fc8)
    map (hd2) (hd0)
    map (hd0) (hd1)
    map (hd1) (hd2)
    root (hd0,0)
    kernel /boot/vmlinuz-2.6.24.4-64.fc8 ro root=/dev/sdb1 quiet
    initrd /boot/initrd-2.6.24.4-64.fc8.img
title Fedora (2.6.24.3-50.fc8)
    map (hd2) (hd0)
    map (hd0) (hd1)
    map (hd1) (hd2)
    root (hd0,0)
    kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/sdb1 quiet
    initrd /initrd-2.6.24.3-50.fc8.img

 

Testing 

So now that we have things setup the way that we want, let's try it out.  At this point, you will need to reboot your system.  While it is booting up, you will need to enter the BIOS Setup Screen and change the boot order of the drives.  This is generally found under an Advanced BIOS setup screen.  Add USB-HDD or similar before the regular booting hard drive.  In my case, the order is CDROM, USB-HDD, hard drive.  Once this change is made, save the changes and let your system boot.  If all goes well, your USB flash drive will boot the system as though it were booting directly from the main hard drive.  If you want to be 100% certain that it is booting from the USB flash drive and not the hard drive, you can remove the hard drive from the boot order list.  I needed to do this the first time because the boot loader screen on the USB drive looked identical to the original so I had no idea that it was working correctly.  Once you have tested this, add the hard drive back to the boot sequence.  Now, whether you have the USB drive attached or not, you will be able to boot your system properly.

 

The End 

Congratulations, you're done.  You have now created a backup drive to boot your computer in case something were to happen to your main boot setup.  Later, we will expand on this setup with more interesting uses.

May 06 2008

Guide - HTPC Buying Guide: Audio

For some people, sound can make or break a home theater. For others, they just want to set it up, have it work and generally sound decent. Today I'm going to step through some of the critical factors in determining how to connect your Home Theater PC to your audio system. Hopefully the information will allow you to determine the right audio solution for you and whether or not you will be satisfied with onboard audio solutions or need to invest in a sound card.

Today I'll go though some of the connection possibilities to an A/V receiver, pre-processor, or amplifier. We will also briefly look at sampling rates and bit depth of audio solutions. Finally, we will wrap up with a review of surround sound scenarios and the considerations that should be addressed in each one. Click on for more.

bg-audio_01-01tn.jpg

Connections, Sampling Rates and Bit-Depth

Connections

How you plan to connect your sound card to other equipment is a driving factor in deciding whether or not to buy a sound card. Almost all motherboards sold today include connectors for a digital SPDIF-out and for analog 7.1 sound. HDMI connectors are slowly making their way onto the scene.

Digital Output (S/PDIF): If you have an A/V receiver and plan on connecting your HTPC to it the S/PDIF output on the motherboard is a great place to start. This should always be the first thing you try and will provide a baseline for any future improvements and comparisons. This connection is perfectly capable of passing Dolby Digital and DTS to your receiver for decoding and handling the needs of most users. Something I always recommend to people is to connect your motherboards' digital out to your A/V receiver, use it for a month, and see what features you feel you still need. Then research a sound card that helps you fill those gaps.

Digital Output (HDMI): Motherboards with integrated HDMI audio are starting to trickle onto the market. If you are building a new HTPC, you may want to wait a few months and see how this shapes up. Initial indications are that the solutions available this summer will properly support sending 8-channels of audio to your receiver after the audio is decoded in your software player. However, there don't seem to be any solutions yet that support bit streaming the Dolby TrueHD or DTS-HD Master Audio directly to your receiver. Hopefully, sound cards or motherboards will appear later this year to support this. Decoding these high resolution audio formats does take some CPU power and I'm sure there are some consumers that would like to offload all the work to their A/V receiver.

Analog Output: Compared to the digital out on a motherboard, the analog out is usually a poor choice. Motherboard manufacturers do not invest money in quality Digital-to-Analog Converters (DACs), good Operational Amplifiers (Op Amps), low noise capacitors or shielding of the circuitry. If you plan on connecting directly to an amplifier (or using the analog inputs on your A/V receiver) you'll likely want to purchase a sound card that improves on the motherboard in these areas. Some good suggestions for analog output sound cards are Creative X-Fi and Auzentech in the consumer space. Lynx and RME both have good offerings in the prosumer/pro space.

 

bg-audio_02-01tn.jpg

 

Sampling Rates / Bit Depth

Varying audio sources use varying sampling rates and bit depth combinations. In general you want to ensure that your sound card or motherboard's audio chip supports up to 96 kHz/24-bit audio. There are a few uses for even higher resolution, but if you are one of those users you're probably already aware of it.

Many audiophiles are concerned with preserving sampling rates, or doing very high quality resampling. This is a much bigger concern for users of XP than Vista. XP has a fairly poor quality sampler, called kmixer, that can lessen the quality of audio. Making sure that a sound card supported each and every discrete sampling rate for your audio sources was very important. This was replaced in Vista with a reportedly very high quality sampler that seems to be satisfying audio enthusiasts and doing a quality job of converting from one sampling rate to another. People have spent countless hours working on sampling issues in XP. If you're using Vista, be happy that Microsoft got this about as right as possible and just enjoy not worrying about it. If you have XP, I'd be happy to discuss this at length in the forums with anybody trying to improve quality and manage sampling rates properly.

 

Surround Sound Scenarios

Surround Sound

Movies: For movie playback the different connection setups support different types of output.

S/PDIF-Out: Supports Dolby Digital and DTS surround sound formats. 

HDMI: Supports all surround sound formats. (Be careful of motherboards & video cards that just tie the S/PDIF output to the audio on the HDMI port. These are not a full implementation of HDMI audio and are limited to same formats noted above.)

Analog: Supports all surround sound formats.

*** Protected HD DVD and Blu-ray content is currently downsampled to 48 kHz/16-bit. However all movie tracks are already at 48 kHz, with only a select few concert titles in 96 kHz audio. There are more tracks that support 24-bit audio and these are being dithered down to 16-bit due to the restrictions. Anywhow, the audio still sounds much better than the older surround sound formats, and there seem to be few folks that can hear the difference between 48kHz/24-bit and 48kHz/16-bit so I wouldn't lose sleep over it.

bg-audio_03-01tn.jpg
bg-audio_03-02tn.jpg
Some of the surround sound technologies in common use

 

Music: Surround sound music is a serious PITA on the HTPC, sorry. The best option seems to be the Dolby Digital off of the video layer of a DVD-Audio disc. Sadly, the DVD-A library is much smaller than the SACD library. You just playback the DVD-A like a regular DVD in your DVD player software. Sony hasn't allowed the development of SACD drives for the PC, so you're completely out of luck there.

 

Gaming: Many video games use a standard called EAX by Creative Labs for creating 3D sound. If you are playing a lot of games that use the EAX standard for surround sound audio you may want to consider a sound card that supports all the varying tiers of EAX. The other major standard for creating 3D sound in video games is OpenAL. When it comes to gaming, if 3D sound is important to you, you will want to narrow your search to X-Fi based sound cards available from Creative and Auzentech or other cards that support EAX and OpenAL in the future.

S/PDIF-Out: If you want to use /SPDIF to transfer multi-channel audio from games, you'll need a sound card that has either Dolby Digital Live or DTS Connect. These sound cards will be capable of taking the audio from the game and encoding it to either Dolby Digital or DTS for transfer over S/PDIF. Otherwise you will only get 2-channel audio.

HDMI: Should be capable of transferring multi-channel audio from games just fine. (Be careful of motherboards & video cards that just tie the S/PDIF output to the audio on the HDMI port. These are not a full implementation of HDMI audio and are limited to 2-channel audio from games.)

Analog: Capable of transferring multi-channel audio from games without problems.

bg-audio_03-03tn.jpg
Some of the available PC based surround sound technologies

 

Drivers

Prior to purchasing any sound card, you should peruse any online forums that discuss it or ask others for their impressions from using it. Drivers can make or break a sound card, and may may look perfect from a specification point of view can actually be a piece of junk when you try to take advantage of its capabilities. All too often sound cards don't get the full driver support needed for everything to function properly. 

 

Conclusion

I hope that I have been able to shed some light on some of the concerns to be thought about when purchasing a sound card or selecting an integrated motherboard chipset. Hopefully the information here will help you make a better informed purchase and select the right sound card for your needs.

Apr 28 2008

Guide - MissingRemote.com HTPC Build Guide

Sometime ago, we had a few readers request an update to our build guides we published shortly after we started the site. I will remind our readers of a couple important points. Ultimately we pick a piece of hardware because we feel it offers the best bang for the buck. I would imagine that there will be a lot of people that disagree with our specific choices but we hope the guiding philosophy we lay out in our guide helps you build a successful HTPC. I simply won't pick a piece of hardware and say use this because I am damn smart. Instead, I hope to provide that reader with an understanding of what we are trying to do and he/she should be able to apply that to the hardware you are interested in.

As well, keep in mind there are a many configurations and uses an HTPC can take. As such, I am going to try and tackle a few different builds based on budget and network topology.

build_guide.jpg
Feb 28 2008

Guide - CentOS 5.1: Pimped

We've covered a slim CentOS install, converted to using a flash drive, and even enabled SSH and VNC remote administration.  Now it's time to do some optimization and customizing of your install.  We will learn about how to speed up the boot process, tweaking Xfce's start up time, and even some adjustments to Xfce's look and feel.  Interested?  Then let's hit it.

CentOS 5.1 Pimped

 

System Start Up

Thinning Services

We started this build by doing a stripped install which only allowed the bare essentials, but that does not mean there isn't more optimizing to be done.  In fact, there are a pile of services enabled by default which really serve to slow down the system boot time.  Let's walk through how to control a service and which to disable.

Service Utility Menu Location
Service Utility Menu Location
Service Manager
Service Manager

First, launch the "Service Configuration" manager from the "System" menu.  If you aren't logged in as root, you will be prompted for the root password as this is an administration tool.  Once the utility launches, it will show a list of services on the left and a brief description and status on the right.

Stopping A Service
Stopping A Service
Service Stopped
Service Stopped

Stopping a service is as simple as clicking on the service to highlight it and clicking the "Stop" button above.  To prevent it from automatically launching on restart, just clear the check box to the left of the service name.  Now that you know how to make changes, let's discuss which services are required and which are optional.

acpid - Listen and dispatch ACPI events from the kernel

apmd - Monitoring laptop battery status (Laptops only)

cpuspeed - Dynamic CPU speed manager (CPUs with throttling capability only)

crond - System scheduler

haldaemon - Collects and maintains hardware information

irqbalance - Distributes interrupts over multiple CPUs to reduce load (Multiple CPU cores only)

kudzu - Configures changed hardware on boot up (Frequent hardware changes)

messagebus - Broadcasts notifications of system events

microcode_ctl - Applies cpu microcode at boot up 

network - Manages all network interfaces during boot up

ntpd - Synchronizes local PC clock to an Internet time source

sshd - Secure remote shell daemon

syslog - System logging daemon

yum-updatesd - Periodically checks for system updates

All other services not listed above are optional for critical system operation.  In fact, the services which have notes in parenthesis are only helpful in the mentioned case.  If that doesn't apply to you, then those can be disabled as well.

Save Service Config
Save Service Config

Once all the required changes have been made, click the "Save" button and your changes will be made permanent.  If you wish to undo your changes since the last save, simply click "Revert".  Close the utility and reboot the PC to verify everything still works as advertised.  System boot up and shutdown should now be significantly faster.

 

Graphical Boot

While some like the concept of a graphical boot screen to give a user friendly look to system power up, the truth of the matter is it adds time to the boot process.  To save yourself another 5-8 seconds during boot, run this as root:

nano -w /etc/grub.conf

There will be one or more lines which start with "kernel" and will have "rhgb" toward the end.  Remove "rhgb" from the lines, press <control>-X to exit, "y" to save, and <enter> to acknowledge the file name.  Restart the system to see the difference in the start up methods.

 

Xfce Splash Screen

I'm one for alerting the user to what the underlying software is doing, but when it interferes with the application's main function it only serves to aggravate.  Xfce takes significantly longer to initialize when it shows a splash screen than without, so let's remove it.

Xfce Splash Screen Menu Location
Xfce Splash Screen Menu Location
Xfce Splash Screen Manager
Xfce Splash Screen Manager

Find and launch "Splash Screen Settings" in the "Settings" menu.  The "Mice" splash screen will be selected by default.  Click "None" and press the "Close" button to save the changes.  Xfce should now start quite rapidly.

 

Auto Login

If the PC will be in a physically secure location where you don't wish to type your user name and password to login, then this next mod is for you.

Login Manager Menu Location
Login Manager Menu Location
Login Manager
Login Manager

Press F10 while at the log in screen and select "Configure Login Manager...".  After entering the root password, you will be shown the utility above.

Login Manager - Users
Login Manager - Users
Username Prompt
Username Prompt

Click the "Users" tab at the top and click the "Add..." button below the "Include" list box.  Fill in your non-root user name and click "Add".  The user name will be verified to ensure it is valid.  Once that is complete, click the "Apply User Changes" button at the bottom of the window.

Login Manager - Security
Login Manager - Security

Click the "Security" tab at the top.  Check the "Enable Automatic Login" option and find your non-root user name in the drop-down list below.  Click "Close" to finalize the changes.  X will restart and show the login prompt.  It is important to remember that this auto login feature only works upon the initial boot up sequence.  Any time you log out of Xfce, you will be prompted to enter your user credentials to log back in.  This is to prevent a loop condition where a logout initiates an immediate login.  Because of this feature, a restart will be required to verify it works properly.

Package Manager Mods

Repository Madness

The package repositories which are installed by default have several programs available, but sometimes this isn't sufficient for your needs.  In this section, we will talk about enabling all official CentOS repositories along with adding a few additional 3rd party repos.  So, let's start off by enabling the CentOS-Plus repo.  As root, run:

cd /etc/yum.repos.d
nano -w CentOS-Base.repo

Scroll down toward the bottom and look for the line "enabled=0".  Change the "0" to a "1" to enable this repo.  Exit saving the changes.  Next, we will add a 3rd party repository which is been a popular source of Fedora and RHEL/CentOS RPMs for many years now.  Ensure that you are still in the "/etc/yum.repos.d" directory and run one of the following commands depending on your OS type.

For a 32-bit OS:

wget http://www.missingremote.com/images/stories/CentOS_5.1_Pimped/atrpms-i386.repo

For a 64-bit OS:

wget http://www.missingremote.com/images/stories/CentOS_5.1_Pimped/atrpms-x86_64.repo

Do not install both files as that will certainly cause issues.  Now that we have the necessary config files in place, we also need to install the atrpms repo key.  This will let us verify the origination of the packages.  As root, run:

rpm --import http://ATrpms.net/RPM-GPG-KEY.atrpms

Add/Remove Software Menu Location
Add/Remove Software Menu Location

You should now be able to browse the new packages using "Add/Remove Software" under the "System" menu.  After filling in the root password, the package manager will update its internal package list.  Clicking the "List" tab at the top will show all packages which are currently installed or are available for download.

Package Manager
Package Manager
Firefox Menu Location
Firefox Menu Location

As a demonstration, let's install the Firefox web browser.  Scroll down the list until you find "firefox".  Put a check in the checkbox and click "Apply".  The package manager will show a list of requested packages.  Continuing on, the package manager will satisfy any dependencies and proceed to download and install firefox.  Once installed, "Firefox Web Browser" now shows up in the "Network" menu.

 

Get Smart

The default package manager is handy in a pinch, but it is rather slow and can sometimes crash if a large number of dependencies are involved.  Let's move up to a something a little more robust.

Smart Packages
Smart Packages

Launch the "Add/Remove Software" application and again click on the "List" tab.  Once the list is populated, scroll down and check "smart", "smart-gui", and "smart-update".  Click "Apply" and wait for the packages to install.

"Smart" uses a different method for managing packages, so we need to ensure we have configured the repositories correctly.  By default, the atrpms repo ( /etc/smart/channels/atrpms.channel ) was added when we installed smart.  Now, let's add the CentOS repos.  Which file you grab will again depend on your flavor of OS.  As root, run:

cd /etc/smart/channels

For a 32-bit OS:

wget http://www.missingremote.com/images/stories/CentOS_5.1_Pimped/base-i386.channel

For a 64-bit OS:

wget http://www.missingremote.com/images/stories/CentOS_5.1_Pimped/base-x86_64.channel

Only grab one of these as having both will confuse the package manager.  Now that we have the repo files in place, let's launch smart.

Smart Package Manager Menu Location
Smart Package Manager Menu Location
Repo Include Dialog
Repo Include Dialog

"Smart Package Manager" is found in the "System" menu.  Again, because this is an administrator utility, it will prompt for your root password.  Before the utility displays its main window, it will detect the new repos and ask whether to include them.  Click "Yes" to them all.

Smart Package Manager
Smart Package Manager
Smart Tree Style Menu
Smart Tree Style Menu

This is the main window.  Packages are arranged by functionality by default.  To see them by name, choose "View", "Tree Style", and "None" from the application menus.  Let's add another common package to handle our email.

Packages Listed By Name
Packages Listed By Name
Install Thunderbird
Install Thunderbird

Click the left most button which looks like two circling arrows.  This will refresh Smart's internal list of what is available at the various repositories.  Always do this prior to selecting a package to install as it will ensure you have an up to date listing.  Once that has completed, scroll down to find "thunderbird".  Smart will show all versions of a package that are available, so look at the "Version" column to ensure you are picking the most recent.  Right click on the package and choose "Install".

Selected Packages
Selected Packages
Apply Package Changes
Apply Package Changes

Smart will now show which packages are required along with download package size how much drive space is required once installed.  Click "OK" and notice that the package has an arrow icon showing it is flagged to be installed.  To apply the requested changes, click the icon that looks like three interconnecting gears.  Smart will now show an overview of all the proposed packages and size requirements.  Click "OK" to start the downloads.  Notice that smart will download packages in parallel in order to speed things up.  This really comes in handy when performing a major upgrade.

Installation Progress
Installation Progress
Thunderbird Menu Location
Thunderbird Menu Location

Once the download is complete, the packages will be installed, internal cache updated, and the package list will again be shown.  Close the application and check that "Thunderbird Email" is located under the "Network" menu.

XFCE Your Way

Xfce Your Way

Xfce Settings Manager Menu Location
Xfce Settings Manager Menu Location
Xfce Settings Manager
Xfce Settings Manager

Like most GUIs, Xfce provides several "knobs" that a user can adjust to better suit their taste.  Most of these are located in the "Xfce Settings Manager" found in the "Settings" menu.  Launching the applet shows several basic categories.  Let's start with the "Panel" manager.

Panel Manager
Panel Manager
Setting Panel To Full Width
Setting Panel To Full Width

By default, Xfce is configured to have a panel at the top (Panel 1) and a centered panel at the bottom (Panel 2).  While this may suit some, I find myself constantly having to move my mouse from one panel to the other.  If you have plenty of screen width, then let's convert our panel to look more like what we are used to.  Ensure that "Panel 1" is selected from the drop-down list and click the minus button to remove it.  A dialog will pop-up to warn you.  Click "Remove" to confirm the action.  Now, only the bottom panel will be selected.  Choose "Full Width" to expand this panel across the entire width of the screen.  I also check "Autohide" because it provides a little more screen real estate.

Add Item To Panel
Add Item To Panel
Choosing Task List Applet
Choosing Task List Applet

Right click just to the left of the clock on the panel and choose "Add New Item".  A new dialog box will emerge listing the various items which can be added to the panel.  Scroll down and select "Task List" and press the "Add" button.

Task List Properties
Task List Properties
New Task List In Panel
New Task List In Panel

The task list applet has a few options which will be shown.  Click "Close" once you are done and the panel will now have a task list.  Removing items from the panel is as easy as right clicking on the item and choosing "Remove".  Moving an item is also fairly simple.  Just right click the item, choose "Move", and drag the mouse where you'd like the item to be.

Web Browser Launcher Properties Menu
Web Browser Launcher Properties Menu
Web Browser Program Launcher
Web Browser Program Launcher

Let's change the panel web browser icon to launch Firefox.  Right click on the web icon and choose "Properties".  The "Program Launcher" window will be shown.  Change the "Command" field to say "firefox" and click "Close" to save the changes.

Window Manager
Window Manager
Button Layout
Button Layout

Now, let's turn our attention to the "Window Manager" options in the "Xfce Settings Manager".  This application controls the window decorations in X.  Try clicking through the various styles to see an instant sample of how it would look.  It is possible to configure which buttons will be available in the window header by dragging the icons from "Active" to "Hidden" in the "Button layout" frame.  Browse through the other tabs in this application as there are other configuration goodies hidden there.  When you are satisfied, click "Close" to save the changes.

Window Manager Tweaks
Window Manager Tweaks
Desktop Preferences
Desktop Preferences

Some other uncommon window manager settings can be found in the "Window Manager Tweaks" applet.  Last but not least is the "Desktop Preferences" manager.  Here you can adjust the background colors or optionally choose a background image.  It is possible to remove the desktop drive icons by clicking the "Behavior" tab and selecting "None" in the "Desktop Icons" drop-down list.  If you are looking to free up some memory, disable the "Allow Xfce to manage the desktop" check-box.  This will cause Xfce to launch quicker and use a smaller RAM footprint.

Conclusion

Conclusion

Today, we have covered several ways to speed up boot times, reduce resource consumption, and customize Xfce to your liking.  So, what was the final boot time and RAM usage improvement?

  Processes RAM Used
Boot Time
Before 101
383,524 K
115 Seconds
After 68
222,940 K
75 Seconds

Admittedly, not all of these suggestions may be for you as this is a personal choice.  However, if you are looking to a way to speed up your media server or just cut some of the clutter, then it is definitely worth the time investment.

Maybe you are the eye-candy sort of user who wants to wow and amaze their friends.  In this case, read up on Beryl and Compiz-Fusion and catch the YouTube video below for a quick feature tour.  I apologize in advance for the music, but the effects speak for themselves.

 

I certainly wouldn't recommend installing this on a server, but if you have suitable hardware and are just looking to play around, then give it a shot.  Keep in mind that this clip is 9 months old as of the writing of this guide, so development has progressed.  If there is suitable interest, I'll put together a install / configuration guide.

As always, post your questions or thoughts by clicking the "Comments" link below.  Stay tuned for more guides to expand your CentOS knowledge.

Feb 25 2008

Guide - CentOS 5.1: Flashed

PCs = Noise.  No matter how you stack things up, it seems there is always something clicking, buzzing, humming, or whooshing in your ear.  Whether it is the fans keeping the system cool, the hard drive grinding away, or even the clicking of the keys and mouse, noise is ever present.  While there are many guides about reducing fan noise and how to best dampen hard drive grinding, there are not many that discuss the "no hard drive" option.  Today we are going to explore that avenue by using CentOS 5.1 and a compact flash card.

Digg It! 

CentOS 5.1 Flashed

Feb 20 2008

Guide - Making Cyberlink PowerDVD 7/8 Ultra play nice with Media Center

So you have a Blu-ray or HD DVD drive, and it comes with Power DVD, but how to make it integrate with Media Center? The process it two fold: 1. Have it launch from Media Center and 2. Make the MCE remote work properly with Blu-ray pop-up menus.

The first part is very easy now thanks to Media Center community member 'Armyb77' (Mike), he has very nicely created an installer that registers PowerDVD with Media Center and creates a button to a launcher that opens PowerDVD in fullscreen mode and once PowerDVD quits it correctly returns to Media Center. There are both Vista and MCE 2005 versions available on his site here.

The second part gets harder, PowerDVD natively has some support for the MCE remote, however it doesn't really have extensive enough support. A huge annoyance is that oddly Cyberlink has chosen to have the Blu-ray in movie menu function (called "pop-up menu") set to use a totally different key combination then DVD or HD DVD, so we need to find a way to get Blu-ray menus to pop-up over the playing movie like we can with HD DVD. Pressing the DVD Menu button on the MCE remote works, but it behaves like a legacy DVD which stops the movie and returns you to the main menu, which isn't the point of having the advanced interactivity in Blu-ray and HD DVD. With HD DVDs the menus simply pop-up when you hit the correct arrow button, so for example Univeral titles have a menu that slides out from the left side of the screen, so pushing the right arrow button makes the menu slide out. Likewise, Warner and Paramount titles have a menu that slides up from the bottom, pressing the up arrow makes them slide up. Blu-ray menus don't work this way with PowerDVD for some reason. So we need to make a button on the MCE remote trigger the Blu-ray in movie menu.
Digg It!

Read on for the full details...

The nitty-gritty of the MCE remote and PowerDVD Ultra:

PowerDVD Ultra has support natively for many buttons on the MCE remote, because of this, any 3rd party remote mapping software won't work properly. What this means is we need to find key on the MCE remote PowerDVD doesn't natively use. All the obvious ones such as DVD Menu, and Information are taken. PowerDVD doesn't use the Back button, nor does it use any of the number pad or the Clear button. So these can be remapped.

A simple and effective application that supports the Media Center remote is LM Remote KeyMap, it's small and unobtrusive, it just quietly hangs out in the system tray and puts a shortcut in the Start Up group. Uncheck the "show volume osd whenever volume change" otherwise you'll get an onscreen popup about volume changes (which happens whenever PowerDVD is opened). Double-clicking the icon brings up the simple configuration screen, right-clicking lets you exit the application.

So making sure that LM Remote KeyMap is closed, download the lm_profiles.zip from here at Missing Remote and extract the file into
\Documents and Settings\All Users\Application Data\LM Gestion\LM Remote KeyMap\ if you're on XP
or \ProgramData\LM Gestion\LM Remote KeyMap\ if you use Vista.

Replace the profiles.xml with the one provided. It is setup correctly, so now when you press the Back button on your MCE remote the Blu-ray menu should appear while playing a movie. Pressing the Clear button down in the numeric keypad section of the MCE remote will quit PowerDVD, when used in combination with the plugin in part 1 you will now be returned to Media Center. It's not seamless, but it works pretty darn well.

Feb 20 2008

Guide - CentOS 5.1: Stripped Install

CentOS is the community based clone of Red Hat Enterprise Linux.  Its stability and long release cycle make it perfect for building a home server or MythTV appliance.  Let's walk through the process of installing a stripped down but very functional version of CentOS 5.1 which can be the basis for your next Linux project.

CentOS Logo

Digg It!

History

 

History

Starting in March of 2000, Red Hat began rolling "enterprise" versions of their popular Linux distribution in an effort to increase income.  The idea was that individual users would continue using their standard Red Hat Linux product, but those wanting increased stability and enterprise centric features should transition to their new premium offering for a price.  Later in 2003, Red Hat stopped active support for their standard Red Hat Linux distro and instead turned it's attention toward their enterprise market.  Red Hat choose to give the project over to the community and the Fedora Project was born.  Even though the project was to be a "community" based project, Red Hat was still actively involved in its development.  They effectively used the Fedora Project as a breeding ground for their enterprise product.  It was a good match as those that wanted the bleeding edge drivers and features could use Fedora, and those that favored stability and support could purchase Red Hat Enterprise Linux (RHEL).

Because RHEL is based on open-source software, it is mandated that the source code be made available for review / download.  This is where the CentOS project comes in.  CentOS takes these source files, and compiles them into RPM packages exactly like Red Hat does when it creates it's package system.  The end result is any given RHEL or CentOS package is binary compatible.  The only things which are modified are Red Hat logos, and trademarks which are exchanged for CentOS logos.  In fact, CentOS never mentions "Red Hat" by name on its website, but instead refers to them as "the upstream provider".

What does one get for all this trouble?  A duplicate of RHEL without the costly support structure.  The user also gets a perfect platform for creating a home NAS server, firewall, or MythTV appliance.  Unlike the Fedora Project which releases a major version every 6 months, RHEL and CentOS are on a 2 year release cycle with several point releases in between.  This makes it much easier for a system administrator to stay current on bug fixes without requiring frequent complete system rebuilds.

Beginning The Install

Beginning The Install

To begin, grab the latest copy of CentOS 5.  As of the release of this guide, the latest version is 5.1, but this guide should be valid for subsequent point releases.  There are a few choices to make up front.  There are either 32-bit (i386) or 64-bit (x86_64) binary packages.  For the most part, both are equivalent in terms of speed and compatibility, but I still tend to use the 32-bit flavor out of old habit.  Visually, the install procedure is identical.

Next up is selecting the appropriate install media.  Either 6 CDs or a single DVD are available to choose from.  Again, I find the DVD to be simpler to keep track of, but if your hardware doesn't have a DVD drive, then at least there is a backup plan offered.  After selecting a reasonably close download mirror, there is yet another decision to be made: direct download or torrent.  From past experience, torrent downloads move much quicker, but this will be dependent on your ISP and their P2P filtering strategy.

Once the ISO has been downloaded, burn it to disk, and boot the disk in your chosen hardware.  Ensure that the hardware has at least 512 MB of RAM for a graphical based install (which we will be covering).  It is possible to install with less RAM, but it is advised to do a text based install instead.

Install Boot Option Screen
Install Boot Option Screen

Upon booting from the install media, the user will be presented with the text based prompt shown above.  To continue with a graphical based install, either press <enter> or simply wait for the timeout.  If the user wishes to use the text mode install, type "linux text" and press <enter>.  This disk can also be used as a rescue disk buy typing "linux rescue" and <enter>.

Install Media Test
Install Media Test

As we all know, downloads can sometimes be corrupted or media scratched, so the install process offers a feature to test the media prior to the install.  If it passes the test, the user can be sure that any install failure is probably not due to a corrupt media file.

GUI Install Splash Screen
GUI Install Splash Screen

If all goes well and your hardware is supported, you will be executing the graphical installer and shown the CentOS 5 install splash screen above.  If for some reason the graphical installer failed, all is not lost.  Usually an error is shown which can be searched on via Google.  If that fails then there is always the text mode install to fall back on.

Locale And Drive Partitioning

Locale And Drive Partitioning

Install Language Selection Keyboard Selection
Install Language Selection
Keyboard Selection

The first part of the install defines your language and keyboard configuration as shown above.

New Hard Drive Warning
New Hard Drive Warning

If the hard drive is completely void of partition table information, the user will be prompted to verify that it is OK to initialize the drive.  The install writers tend to lean on the side of caution whenever there may be doubt as to the next step.  Click "Yes" to continue.

Drive Partition Layout
Drive Partition Layout

I don't know about you, but I don't like things happening without my knowledge, so I always select "Create custom layout" from the drop down list.  This gives the user complete control over how the disk will be partitioned.

Partition Editor
Partition Editor

Partitioning schemes for Linux are as varied as the users themselves.   Dual-booting, RAID, or LVM present their own challenges.  For the sake of simplicity, we will assume a clean single drive system.  As can be seen above, this install was done within VMware where 2 GB of drive space was provided.  Obviously, this is quite small by today's standards, but it will serve the purpose of this guide.

Add New Partition
Add New Partition

Adding a partition is as simple as highlighting the free space on the drive and clicking the "New" button.  The install routine will prompt for the mount point, file system type, and size among other things.  In this case, we want to define a single root partition, so we configure the dialog as shown.  Note that although the size has "100" MB in the field, enabling "Fill to maximum allowable size" will tell it to fill the whole drive.

Partition Added
Partition Added

Clicking "OK" will show the above screen with "/" or root partition consuming the entire drive.  Also, note how drives are denoted in Linux.  If you are familiar with Windows, then you are probably used to thinking in terms of drive C or drive D.  As with other things in Linux, it gives the user a bit more info regarding what is happening behind the scenes.  In our case, "/dev/sda" is our first SATA or SCSI hard drive.  If we had a "/dev/sdb" in the list then that would be the second SATA or SCSI hard drive.  Partitions are simply an extension of this nomenclature.  For instance, the first primary partition on the first drive is labeled "/dev/sda1".  Due to historical reasons, IDE drives are denoted as "/dev/hda" or "/dev/hdb" along with their partitions such as "/dev/hdb2".

Most Linux users will want to add a swap partition to this configuration.  Just like Windows, Linux can make use of a swap partition to hold data which has been swapped out of RAM.  It is possible to make Linux use a file based swap like Windows.  However, Linux prefers to have the swap occupy its own partition as it can be better optimized.  Choosing the size of the swap space is also a bit of an art form, where there are many opinions.  If you plan to perform a suspend to disk on this PC, then you will need to ensure the swap is at least as big as the system RAM.

Swap Partition Warning
Swap Partition Warning

I have specifically decided not to create a swap partition (more on this in the CentOS 5.1: Flashed Guide ), so the installer is again warning me of my impending doom.  This is handy for the novice user, but I choose to ignore it.

Boot Loader, Network, Time Zone, And Root Password

Boot Loader, Network, Time Zone, And Root Password

Boot Loader Configuration
Boot Loader Configuration

Because we are using a single drive system which will only be running CentOS, the boot loader configuration is relatively simple.  The boot loader will be installed in the Master Boot Record on the first drive and the CentOS install found on /dev/sda1 will be the default OS to boot.

Network Configuration
Network Configuration

With this hardware, there is only a single network card which will be configured automatically via a DHCP server on the network, so the network setup is fairly simple as well.  Because I haven't switched over to IPv6, I have disabled IPv6 under the "Edit" button.  This isn't necessary, but it does release some resources.  Because we build HTPCs around here, we are going to give this a hostname of "HTPC".

Timezone Selection
Timezone Selection

Next up is the timezone selection.  Simply pick a city in your timezone which is closest to you.  Selecting "System clock uses UTC" will enable your PC to seamlessly deal with daylight savings time.  Enabling this feature on a dual-boot PC with Windows will cause the clock to display the wrong time.

Root Password
Root Password

Here is the most important password you will create.  It is the root or administrative password for the system.  Whoever can provide this password will have complete access to the system.  Because of this, it is wise to not only pick a strong password, but one which is easily remembered without requiring sticky notes.

Package Selection

Package Selection And Install

Here we will see how flexible the CentOS install routine can be in regards to package selection.  For our project, we are going for a slim, fast, and functional install, so we will be disabling several packages which are installed by default.  I have found that after an install is completed, it is much easier to add packages to a minimalist setup than it is to rip packages out of a bloated setup.

General Task Selection
General Task Selection

This screen allows the user to choose what general categories to install.  In our case, disable everything in the upper list.  CentOS comes with a standard set of software by default and we want to hand customize this in the following screen, so select the "Customize now" option at the bottom.  Ensure that the PC has an Internet connection and check the "Packages from CentOS Extras" option.

Extras Network Configuration
Extras Network Configuration

The install routine will now probe for the network card to determine the required driver.  It needs a network connection as it will pull the CentOS Extras packages over the Internet.

Base Package Selection
Base Package Selection

There are several packages which are enabled by default.  For our purposes, only enable "Base" and "X Window System" under "Base System".  Make sure to select each category on the left and disable any other package groups on the right.

Xfce Package Selection
Xfce Package Selection

Because using a GUI is a little more handy than fiddling with the console, enable "XFCE-4.4" under the "CentOS Extras" category.  Gnome and KDE are the GUI managers that most users typically associate with Linux.  As of late, I have found that they both have increasingly traded speed and a small footprint for candy graphics and dancing icons.  Xfce aims to keep the functionality bar high while not requiring a Cray Supercomputer to keep things moving.

To slim this package down a bit, ensure that "XFCE-4.4" is highlighted and click "Optional Packages".

Xfce Specific Package Selection
Xfce Specific Package Selection

Scroll through the list and disable everything.  Upon closing the package list, ensure the installer says "0 of 36 optional packages selected" for "XFCE-4.4".

Checking Package Dependencies Ready To Install
Checking Package Dependencies Ready To Install

CentOS is now analyzing the selected package choices and determining if additional packages need to be added to satisfy any dependency issues.  Once that is complete, CentOS will announce that it is in fact ready to go ahead with the install.  From this point on, the hard drive will be modified.

Formatting Root Partition Package Installation
Formatting Root Partition Package Installation

First, the hard drive will be partitioned and formatted to match the user's requests.  Next, all the selected packages and their dependencies will be installed onto the hard drive.

Post Install Config Install Complete
Post Install Config Install Complete

Lastly, it will write several configuration files to the hard drive and prompt the user to reboot.  Next up, CentOS nirvana.

Initial Boot

Initial Boot

Boot Manager GUI Boot Progress
Boot Manager GUI Boot Progress

Upon reboot, the boot manager, GRUB, will briefly display the installed CentOS kernel version.  After a few items scroll by in text mode, the boot sequence will switch to a GUI where it will outline the remainder of the start up sequence.

First Boot Welcome Screen
First Boot Welcome Screen

Now the user is presented with the first boot welcome screen.  This is a short setup wizard which is run to customize the CentOS install further.

Firewall Config Firewall Warning
Firewall Config Firewall Warning

Because this PC will be sitting behind a router/firewall and will not be receiving any direct Internet traffic it is safe to disable the firewall.  Of course, the CentOS install gurus will question your sanity and give you an option to change your mind.

SELinux Config SELinux Warning
SELinux Config SELinux Warning

SELinux is a great application which gives the administrator exceptional control over what users and programs are allowed to do.  In this case, it is a nuisance, so it has been disabled.

Date And Time Config
Date And Time Config

Here, the user can indicate the local time and date.  There is also the option to use the network time protocol to keep the PC in sync.  Be sure to drop down the advanced options and disable "Use Local Time Source" as most people don't have an atomic clock attached to their PC.

Create Non-Root User
Create Non-Root User

Because it is not a good habit to directly log in with your root account, CentOS prompts the user to create a standard user account.  Again, ensure to use a reasonably secure password.

Sound Card Config Sound Card Test
Sound Card Config Sound Card Test

CentOS will now attempt to detect the sound card.  If it finds one, play the sample sound to verify its selection.

Additional CDs Reboot Warning
Additional CDs Reboot Warning

The installer now allows the user to install additional software.  In this case, it is not required.  Because of our changes to the SELinux sub-system, the PC must now be rebooted.

Xfce And Updates

Xfce And Updates

Initial Login
Initial Login

After the system restarts, CentOS will now show its login screen.

Session Selection Default Session Verification
Session Selection Default Session Verification

Before logging in, click the "Session" option at the bottom and choose "XFce 4" from the session list.  Once "Change Session" is pressed, CentOS will want to know if this session should be made the default.  Click "Make Default" to lock in Xfce.

Xfce Startup Splash Screen Xfce Desktop
Xfce Startup Splash Screen Xfce Desktop

Once the user has logged in using the non-root username and password they created during the initial boot set up, the Xfce splash screen will start and shortly thereafter the Xfce desktop will be displayed.

Package Update Icon Root Password Prompt
Package Update Icon Root Password Prompt

If an active internet connection is available, the package updater icon will be shown in the system tray in the upper right corner of the screen.  Right clicking on this icon and selecting "View Updates..." will prompt the user for the root password.  Any time a non-root user tries to run an administrative application, CentOS will prompt for the root password.

Retrieving Update Information Updated Package List
Retrieving Update Information Updated Package List

Once the application is launched, it will search for available update packages.  By default, all updates will be selected.  Accept this list by clicking "Apply updates".

Downloading Packages CentOS Repository Key
Downloading Packages CentOS Repository Key

Now, Package Updater will download the packages.  Once that is completed, it will prompt the user to import the requested package key.  Package repositories can choose to sign their packages with a special key which authenticates their validity.  In this case, the software wants the user to import the key used by CentOS's repositories.  Click "Import key" to continue.

Updating Software Reboot Request
Updating Software Reboot Request

With the key imported, the updated packages can now be installed.  Because one of the updated packages was a new kernel, the updater asks if the user would like to reboot now.  Choose "Reboot now".

New Kernel
New Kernel

Now that the new kernel is installed, GRUB will report a newer version.  Don't be alarmed if your version is different as new kernels are released regularly.

Conclusion

Conclusion

At this point, the PC has a minimalistic but functional install of CentOS which occupies only 1.3GB on the hard drive.  Where things go from here is up to the user.  In a following guide, we will further refine and optimize this install.  We will also explore some of the methods for its personalization.  For now, become familiar with the OS and GUI and how it operates.

If you have any questions or comments regarding your install,  post them in our forums by following the "Comments" link below.  Also, check out our SSH guide as well as our VNC guide for alternate ways to connect to your CentOS PC.  Both provide various ways to expand the Linux experience.

Feb 12 2008

Guide - VNC: Window To A Remote GUI

If a Windows user wants remote access to another Windows GUI it's as simple as configuring Windows Remote Desktop and initiating a session.  That's all fine and good, but let's say the remote GUI is a Linux based PC or perhaps the Windows user wants to use something other than Remote Desktop.  How then is this trick to be accomplished?  Read on to find out.

History

 

History

Since the beginning, *nix server users have been connecting remotely to do administration tasks or to simply check their email.  For the most part, this was all done via the command line and it was not very user friendly.  Then came the GUI explosion.  There is no denying the simplicity that the mouse, windows, and icons have brought to the computing world, so it was only natural to desire to have this same functionality remotely.  Early on, this need was met by enabling remote X sessions.  Unfortunately, settings weren't universal, and the configuration was complex and problematic, but the demand for remote GUI access only heightened.  What was needed was a platform independent means for transferring mouse and keyboard inputs along with screen updates without all the hassles.  Enter VNC or Virtual Network Computing.

VNC is a simple protocol that answers many of the needs of the remote GUI user.  Both clients and servers are available for all major operating systems, it has rudimentary security in the form of encrypted authentication, it automatically scales the graphics data stream to match the available user bandwidth, and it allows for console GUI and virtual console GUI access.

Windows Server Configuration

 

Windows Server Configuration

Configuring a Windows VNC server is fairly straight forward.  First we need to select a software package which supports our needs and budget.  I have used UltraVNC for several years now and I have found it to be robust, stable, feature rich, and not to mention free.  As of this writing, the latest stable version is 1.0.2 and can be found here.  Download the file and run the setup routine choosing the full installation.  During the setup, it will prompt for the user to "Select Additional Tasks".  Select "Register UltraVNC Server as a system service" and "Start or restart UltraVNC service" as that will get the server configured and running out right of the gate.

While the files are installing, a somewhat misleading "error" message will pop up warning that no default password has been set.  Click "OK" and the setup program will display the server configuration dialog box shown below.

Windows Server Configuration Dialog
Windows Server Configuration Dialog

In the middle left of the dialog, there is a box labeled "Authentication".  Type a suitable password in the "VNC Password:" field.  VNC has no user names, so this password is the only mechanism by which your GUI is protected from unauthorized access.  The upper left box labeled "Incoming Connections" gives the user some options on what type of connections to allow.  Typically I only want the console GUI to be available, so I select the "Display" radio button and ensure there is only a "1" in the "N*" field.  I also never connect over the web, so I have no need to run the JavaViewer, so I uncheck "Enable JavaViewer".  The defaults on the remaining options are usually sufficient for most needs, so click "OK" to close the dialog.  Continue through the installation and reboot your PC.  Upon reboot, there will be a small blue icon in the system tray showing that the VNC service is running in the background and is waiting for connections.

Linux Server Configuration

Linux Server Configuration

Installing the VNC server on a Linux PC is slightly more complex, but it shouldn't give most users any difficulty.  First, I am making the assumption that we are using either CentOS or Fedora and that the GUI is already running properly.  Other distributions will work, but the instructions may need to be modified to suit their needs.  First we need to install the VNC server package.  As root, run:

yum install vnc-server

If it responds "Nothing to do" then it may mean that you already have the package installed.  Once the software is installed, edit the Xorg configuration file like this:

nano -w /etc/X11/xorg.conf

Scroll down to the "Screen" section and insert a few lines:

Option      "5900"
Option      "rfbauth" "/root/.vnc/passwd"
Option      "dontdisconnect"
Option      "usevnc"

These select the console GUI to be on port 5900, that the password can be found in a file in the root folder, not to disconnect if a new connection interrupts the existing session, and finally to enable the VNC service.

Scroll to the "Module" section and add the following:

Load        "vnc"

This loads the VNC module when Xorg first launches.  Now exit the editor by pressing <control>-x, say "y" to approve the changes, and press <enter> to approve the file name.  Next, we want to create that file to hold the password.  As root, run this:

vncpasswd

This will prompt the user to enter and verify a password.  Again, pick something that is difficult to guess.  Unfortunately, only the first 8 characters will be used.  If this computer will be on a secure network and it is determined that there is no need for passwords, the user can remove this line from xorg.conf:

Option      "rfbauth" "/root/.vnc/passwd"

And instead use this:

Option      "SecurityTypes" "none"

After a quick reboot, the VNC service should be up and ready for remote connections.  Next up, configuring the client and connecting.

Client Configuration

Windows Client Configuration

Fortunately, the client side of the connection requires very little in the way of configuration to get a basic connection established.  In the Windows realm, you have two choices.  You can either install the complete package as described on the server configuration page, or you can simply download and extract only the UltraVNC Viewer.  Either way, launch the client once it is installed and it will present the dialog found below.

Windows Client Dialog
Windows Client Dialog

There are several knobs to adjust here, but for most purposes simply type in the IP address of the VNC server with which you wish to connect and press the "Connect" button.  You will be prompted for a password if that is how the remote server is configured.  Once the password is verified, you will be presented with a window displaying the remote GUI.

 

Linux Client Configuration

In the land of Linux, we need to install the VNC client package.  As root, run:

yum install vnc

Again, if you get a response of "Nothing to do" then the package may already be installed.  After launching the VNC client from the "Accessories" menu, the user is presented with a simple dialog.  Enter the remote VNC server into the "VNC server:" field and click "OK".  There are several configuration parameters under the "Options..." dialog, but the defaults should be sufficient.  Again, the user will be prompted for a password if the remote VNC server is configured to ask for one.  Once the credentials are verified, the user is shown a windowed GUI of the remote server.

Linux Client Dialog
Linux Client Dialog

Secure That GUI

Secure That GUI

Let's take the scenario where you have a MythTV box at home and you are at work.  Your significant other has called to say that the "MythTV thingy is messed up".  You now have 3 options:

  1. Ignore the problem until you get home.
  2. Try to walk your significant other through the debug and repair process over the phone.
  3. Connect remotely via VNC and see/fix the problem first hand.

If the remote VNC server also happens to be running a SSH server, then option #3 becomes a reality.  Due to VNC's somewhat insecure nature, I would never allow direct access to it (firewall or otherwise) from the Internet.  However, if you have been following my SSH guide, you know all about SSH tunnels and their advantages.  Let's configure a SSH tunnel to allow GUI access to your home computer from work.

PuTTY VNC Tunnel
PuTTY With VNC Tunnel

First, I'm going to assume that you have read the SSH guide and you already have a working SSH session to your home PC.  Launch PuTTY, expand "Connection", and "SSH" in the left tree, and select "Tunnels".  Because our VNC sessions use port 5900, enter "5900" in the "Source port" field and "localhost:5900" in the "Destination" field and click "Add".  Now, fill in your home's public IP and port number under the "Session" screen and click "Open".  PuTTY should now be showing your remote PC's command prompt.  Launch your VNC client and use "localhost" for the IP.  If all went well, PuTTY should tunnel the VNC request to your remote server protecting it from possible prying eyes.  If the refresh is too sluggish, try scaling back the color depth in the client to reduce the bandwidth requirements.

Conclusion

Conclusion

Today, we have gained yet another tool in our remote user's arsenal of tricks.  Whether it is used to administer servers across the globe, or a finicky PC across the network, VNC has proven itself to be extremely handy.  While we have learned how to deploy this strategy in both Windows and Linux based environments, there are many other options as well including a JAVA based server which can be viewed from a web browser.  The configurations are nearly endless.  Just remember to keep the security implications in mind before rolling it out on a server with confidential information.

Have a question or comment about a specific configuration?   Please feel free to talk about it in our forums by following the link below.

Feb 12 2008

Guide - SSH: Secure Console Access From Afar

There comes a time in every Linux user's life where it would be quite handy to administer the box remotely. Whether it is to tweak some Linux settings from a Windows box or to fiddle with the Linux server in the basement from the comfort of your desktop system upstairs, SSH (Secure SHell) can make your dreams come true. Today, we are going to talk about some of the tricks this protocol can do and how to best secure it. Click on for more.

A Brief History

A Brief History

Back in the day, if you wanted to remotely connect to a *nix computer you used a protocol called "telnet".  It provided a command prompt after the user properly authenticated with a login and password.  However, all the traffic between the server and remote client was sent unencrypted including the login name and password.  Fortunately, those were the days when people could be trusted, and networks were rarely attacked.  As people with the capability to "sniff" network traffic became more common, the need to keep such information from them increased.  Thus, from this need the SSH protocol was born.  SSH still provides a remote command prompt, but it encrypts everything including the initial login and password exchange.  A third party can capture all the session packets and still not be able to determine a user's credentials.

Now, I can hear you saying, "But John, why would I deploy this in my own home where I'm the only user and I have a firewall to keep the riff-raff out?"  Actually, most Linux distributions come with the SSH service already configured and running on the server, so that takes care of half of the "deploy" part.  Second, there are some rather cool tricks that can be done with SSH once a connection has been established, but more on that later.

Simple Install And Configuration

Simple Install And Configuration

Let's start off with a common scenario.  A Linux distribution (CentOS/Fedora in this case) was just installed on a PC, but it's in a rather unhandy location of the house and the user would rather sit at their Windows PC upstairs to finish tweaking the install.  Before moving upstairs to the easy chair, do a couple quick checks on the Linux box.  As root, run:

netstat -n -a -A inet

Look for the line:

tcp        0      0 0.0.0.0:22         0.0.0.0:*        LISTEN

This means that the SSH service is up and running and listening for a connection.  If nothing is listening on port 22, then perhaps the service just needs to be started:

/etc/init.d/sshd start

After that, re-run the "netstat" command above and verify the above response.  Now it's time to determine what IP address the server has acquired by running:

ifconfig

There will be a listing of various network devices.  If your network card has been configured properly, "eth0" should be one of those listed.  Within that block of info should be a string like:

inet addr:192.168.10.1

In your case, the IP will be a different number, but in any case, write that number down as that's what will be needed to connect remotely.  If there are multiple "eth" devices, then you have a more complicated setup.  But I'm guessing if you knew enough to get that working, then you are sharp enough to figure out which IP to use.

Now we are ready to move to the remote PC to set up the client side of the connection.  As mentioned above, in this case the client PC will be Windows based, so we need to find a suitable SSH client.  While there are several commercial applications available, I have used PuTTY for some time now.  Why?  Because it is free, fast, and has all the functionality that I require.  So, go over to the download page and grab putty.exe.  There is no install as everything is contained within that executable.  Go ahead and launch PuTTY.  The first screen you come to will ask for a "Host Name".  Just type in the Linux server's IP that was found above.  Leave the port at "22" and leave "SSH" selected as the connection type and click "Open".  PuTTY will likely show a "Security Alert" stating the server's RSA2 key fingerprint and asking if you want to trust this server.  Go ahead and click "Yes" and there will be a login prompt presented.  Enter your user name and password.  Once the credentials are accepted, a shell prompt is provided and you are good to go.  Everything that is typed is encrypted, and the user has the luxury of not having to be in front of the Linux box. 

Pump Up The Security

Pump Up The Security 

Assume that the user is no longer within their own network, but instead has their laptop at work or at a friend's house.  For some reason they suddenly have a need to connect to their home server.  No problem.  Just configure the router/firewall to forward TCP port 22 traffic to the Linux server.  Next, you need to determine what your public IP address is on the router/firewall, so you know what IP to connect to.  Some ISPs change the IPs regularly, so it may be handy to utilize the services of DDNS which makes life easier.  Now, it is possible to access your Linux server from anywhere on the planet.  This can be pretty useful at times.  It can also be very useful for those looking to crack a server for their own purposes, so let's harden this up a bit.

Some Linux distributions come pre-configured to allow root to login remotely over SSH.  Why is this bad you ask?  Usually a potential cracker has two pieces of information that they need to acquire a SSH connection; login name and password.  In the case of the root account, they already know the name as it is universal.  They only need to guess at the password and they are in.  I have seen hundreds of attempts in a day to get in via this method.  There are software programs which are designed to do dictionary attacks on the root account via SSH.  Eventually, if your password is weak enough, they will get in.  Let's close this hole by disabling the SSH root login.

First, make sure you have remembered to create a non-root user.  If you haven't, then do that now (without the brackets):

adduser <username>
passwd <username>

Start up a new PuTTY SSH connection and use the new user credentials to login verifying that everything works as advertised.  It's quite simple to get root privileges from this user account by typing:

su -

You will be asked for the root password and then given a root shell prompt.  Now, that you can get in as a non-root user, let's lock down the SSH service to deny root access.

nano -w /etc/ssh/sshd_config

Scroll down until you see the line:

#PermitRootLogin yes

Remove the "#" to uncomment it and change the "yes" to a "no".  Save the changes by pressing Control-x, "y" to confirm the changes, and <enter> to confirm the file name.  Now restart the SSH service by typing:

/etc/init.d/sshd restart

At this point, verify that it is still possible to login giving the non-root user credentials, and that giving root credentials fails.  Congratulations, you are now slightly more secure.  Any hopeful cracker now has to determine your non-root user name and its password to successfully login.  A daunting task, but still possible if given enough time.  What else can be done?  Well, it is possible to run the SSH service on a non-standard port other than 22.  Re-open the sshd_config file using the command above and uncomment and change the following to a different port number:

#Port 22

Save the file and restart the service and it should now be listening on the new port.  Remember to change to the same port on the client side or you won't connect.  Also, the route/firewall forwarding rules will need to be updated to match this change.  This is a nice "security through obscurity" trick, but anyone with a port scanner can make short work of this.  What we need is a way to automatically authenticate our identity, but at the same time use ridiculously long keys that we don't have to remember.

Break Out The Keys

Break Out The Keys

What we are describing is public/private key authentication.  It is a way of distributing a "public" key to a SSH server you wish to connect and a "private" key which is kept secret on the client PC.  During the login process, both keys are compared to determine if they are correct.  If they are OK, then the server allows the client to connect.  Once this is configured and working, the old method of user names and passwords can be disabled forever blocking those looking to dictionary guess their way into your server.

First, download the puttygen.exe program which is used to create the key pair.  Like the main PuTTY application, this does not need to be installed.  After launching the PuTTY key generator, click on the "Generate" button.  The application needs a source of "random" data to ensure that the keys are strong.  There are several ways to go about this, but in this case it uses input from your mouse, so move the mouse pointer around the window until the progress bar fills completely.  Once that is complete, it will run the progress bar one more time while it completes the key creation process.

Once the keys are created, launch PuTTY, connect to your Linux server as the non-root user, and type the following commands:

mkdir -p ~/.ssh
chmod 700 ~/.ssh
nano -w ~/.ssh/authorized_keys

At this point, copy/paste the contents of the "Public key for pasting into OpenSSH authorized_keys file" window in the PuTTY key gen software into the authorized_keys file that is open in the PuTTY client.  This should be a bunch of random characters which starts with "ssh-rsa".  In the PuTTY client, save the file and exit the nano editor.  In the PuTTY key gen, press the "Save private key" button and save this key somewhere safe.  Remember, this is your private key which grants you access to your server.  Whoever holds it can get in.

Close out the PuTTY key generator and launch a new instance of PuTTY and fill in the appropriate IP address and port number for the Linux server.  On the left in the "Category" tree menu, expand "Connection" then "SSH" and finally select "Auth".  Click the "Browse..." button and find the private key file that was just saved.  Click "Open" and type in the name of the non-root user when prompted.  If all went well, it should not ask for a password, but instead exchange keys and automatically log you in.

Once things are connecting smoothly by using keys, let's configure the SSH service to refuse password authentication.

nano -w /etc/ssh/sshd_config

Scroll down until you find "PasswordAuthentication yes" and change that to "no".  Exit nano and save the file.  Restart the SSH service by running:

/etc/init.d/sshd restart

The SSH service should now refuse any password style authentication, but continue to accept key authentication.  At this point, SSH is locked down pretty tight.  There are other things which can increase security further, but at the expense of increased aggravation for the end user.

Tunnel Me This

Tunnel Me This

So, what tricks can this SSH protocol do for us?  Let's consider this scenario:  Your Linux server has been configured as a MythTV appliance complete with a web interface which can be used to schedule recordings amongst other things.  You've gone to work only to discover that you forgot to schedule a show which will air while you are still at work.  You don't want to forward web connections on your router/firewall to your MythTV server because then anyone could change your recordings.  However, this kind of remote access would be extremely handy at times like this.  What is one to do?  SSH tunnels to the rescue!

A SSH tunnel is a way of routing traffic through the encrypted connection between your PuTTY client and the remote Linux server.  To configure a tunnel to handle the proposed scenario, launch PuTTY and fill in the IP and port number.  On the left, expand "Connection" then "SSH" and finally select "Tunnels".  Type "80" in the "Source port" field, "localhost:80" in the "Destination" field, and ensure that "Local" and "Auto" are selected.  Now click the "Add" button to lock in these options.  Port 80 is the port which is used to access web content (HTTP), so this in effect sets up a tunnel from port 80 on the client PC which will come out at port 80 on the Linux server.  Click "Open" and proceed to log into the Linux server.  Launch a web browser and type "localhost" into the web page address field.  If all went well, it should display the web page from the Linux server.  Remember, this will only work while PuTTY is connected to the Linux server.  If PuTTY is closed, then the SSH tunnel is broken.

SSH tunneling can be used for almost any application which communicates via the network.  Some of the more popular choices are VNC, MySQL database administration, NFS shares, Samba Windows shares, and POP3/IMAP/SMTP email traffic to name a few.  In fact, the remote destination doesn't need to be the Linux server at all.  In a pinch, it can be used to remotely administer your home router/firewall.  Just change the ports to be the same as those used to administer the router/firewall locally and change the destination to be the internal IP of the router/firewall.  A single SSH session can support many simultaneous tunnels.  In fact, it is mainly limited to the bandwidth of the connection between the client and the server.  This can be improved upon by enabling SSH compression under "Connection" and "SSH".  Some CPU power is used on both ends, but it can improve transfer rates.

SCP/FTP To The Rescue

 

SCP/FTP To The Rescue

One last capability of the SSH protocol is to transfer files between the connected computers.  There are two methods to accomplish this: SCP and SFTP.  SCP is a encrypted version of the insecure *NIX remote copy command "rcp".  As you might guess, SFTP is an encrypted FTP session.  Both transfer files, but SCP seems to transfer faster over a given network link due to its smaller protocol overhead, while SFTP supports all of the typical directory listing commands.  Some SCP clients get around this limitation by gathering the extra information via a shell account.

The remote Linux server should be configured to accept either transfer protocol by default, so we only need to find a Windows client.  Going on the fast, functional, and free method of software selection, we come across WinSCPDownload the latest version and install it.  When you launch WinSCP, it will prompt for an IP, username, password, and port.  If you are using private/public keys for authentication in PuTTY, then simply point WinSCP to the same private key file.  WinSCP uses PuTTY in the background to perform encryption and authentication, so both packages naturally work well together.

Once you have connected using WinSCP, it will present a directory listing of the remote folder.  Moving around the folders is similar to navigating in Windows Explorer.  WinSCP also supports full drag and drop features.  Keep in mind that you have logged in with your non-root user account meaning that you will be limited to what that user is allowed to view, copy, and write.

Conclusion

 

Conclusion

I hope that this has provided a good overview of all the features and benefits of the SSH protocol.  Its various levels of security give the user the flexibility to choose the correct balance of user convenience and piece of mind for any application.  SSH tunnels provide a mechanism for a poor man's VPN access enabling functionality which is usually only available locally.  The SCP & SFTP protocols give a handy means for transferring files without the complicated configuration or security issues of the more popular FTP, NFS, or Samba protocols.

Perhaps you've used SSH in another way than what is mentioned above.  If so, give us shout in the forums.  Maybe you are having issues with an aspect of its configuration.  Your questions are of course welcome as well.

Jan 01 2008

Guide - Planning Your Media Center PC: Choosing Your TV Source

The first step in planning your build should be figuring out what source you want to work with. Their are advantages and disadvantages to each and after reading this article you may decide it easier to switch providers. In this guide, we will review the different TV providers and how best to integrate each into your Media Center PC. This guide is geared mainly towards US sources. If we have any volunteers, I would love to add country specific details to this guide.
Nov 27 2007

Guide - HTPC Buying Guide: Graphics Cards

Matt, with some help from the rest of us, dives into what makes a good graphics card for your HTPC. This guide is a part of a series of articles that will help newcomers and enthusiasts alike buy the best parts for their HTPC builds. As mentioned in the CPU article guide , this is a series of articles that will be refreshed as technology changes.

Buying a graphics card for video playback only 

Buying anything below the midrange line of the current AMD/ATI and NVIDIA GPUs is asking for trouble and certainly shutting you out of the best handling of high definition, as the low-end GPUs are underpowered for handling high quality 1080i deinterlacing and decoding HD DVD or Blu-ray content. This means you want to look at the NVIDIA GeForce 8600GT or GTS and the AMD/ATI Radeon HD 2600 Pro or XT, both companies have vendors that offer passively or quietly cooled models. These cards range from $90 to $150. Vendors that offer passive models include MSI, Gigabyte, and ASUS.

Buying a graphics card for gaming and video playback

Just a few short months ago, buying a gaming card meant you missed out on all the video features the mid-ranged cards offered. Two launches in the last month have changed this playing field dramatically.

First out of the gate was Nvidia's launch of the 8800GT. This is a new GPU with the 3D Horespower of the GeForce 8800 series for HD resolution gaming and has the new VP2 video processir silicon the GeFroce 8600 series first introduced. The price point for the 8800GT was meant to be below $250 but due to demand, you can expect to pay $275 plus until the supply catches up. The VP2 hardware decodes h.264 and accelerates VC-1.

Secondly, AMD recently released the 3850 and 3870 which offers very similar 3D horesepower at a competitive price point to the 8800GT. The 3850 has a MSRP of $179 and the 3870 has a MSRP of $219. Both models have ATI's UVD and as such hardware decodes H.264 and VC-1. Once again, demand has outstripped supply and we are getting gouged. Though the 3850's are much closer to MSRP and more frequently in stock.

Cooling

The theme you may be sensing here is passive, and yes here too passive tends to be desirable. Video cards can get hot, and with the motherboard also being passive, you may want to consider one of the large slow moving heatsink and fan options which exhaust out the back in a double-wide slot configuration, these can be found on some specialty models from vendors such as ASUS and HiS.

Driver Notes

An issue for NVIDIA cards to keep in mind is that currently only acceleration of the HD formats is enabled in Windows XP, any form of advanced post-processing such as proper 1080i deinterlacing and noise reduction are not working as of this writing in the Windows XP display drivers. Windows Vista users won’t have any problems, and really if you’re building a new High Definition ready HTPC, Windows Vista Home Premium or Ultimate should be your OS of choice anyway. AMD/ATI Radeon cards don’t have any such limitations in Windows XP.

Syndicate content
Website design by Yammm Software
Powered by Drupal