KW1701 – Morning Geekspresso Episode 1

Morning geekspresso 1

Back for the first episode of 2023, Knightwise is joined by a couple of guest hosts this week to talk technology challenges, and working in a world of ubiquitous data availability.

LINKS

DISCORD

The action is happening over at our Discord server: Join by clicking this link

CREDITS

Related Posts

KW1608 – Tunneling with Tailscale

Tunneling with tailscale artwork.

After a summer hiatus Knightwise is back with a bit of a deep dive into creating your own interconnected network with Tailscale.

LINKS

DISCORD

The action is happening over at our Discord server: Join by clicking this link

CREDITS

Related Posts

KW1202 – One Linux to Rule Them All

One Linux

Sometimes the way to achieve “less” is to make more use of the things you already have. If the thing you already have is a fairly powerful old laptop, what you may find is that it makes the perfect home server. This week Knightwise tells us all about the laptop with the new lease on life.

Credits

Episode produced by Keith Murray
Home screen picture courtesy of PixaBay

 

Related Posts

KW1108 Protecting your Privacy at Work

With all the news lately about the risks to your online privacy and personal information knowing how to look after your data has become an essential skill. It’s not too difficult to do this at home where you have full control of your environment, but what do you do when you’re at work?

Links

Music

  • Борисов Евгений– Trance [Jamendo]

Credits

Related Posts

Connect your Chromebook to your home network over SSH.

This week i’m testing out my new Acer A730 to see just what it can do and how far we can take it. One of the frustrations I bumped in earlier this week was that there were limited options when it came to “Phoning home”. Setting up encrypted tunnels to your home network over the internet using VPN or Proxy connections is something we should consider when using public Wifi hotspots.

With the Chromebook relying completely on some wifi connection on a (perhaps foreign) network I was disappointed to find that the only protocols that were supported were L2TP and OpenVpn. Not a bad set to choose from but not something that I had setup on my home network.

Previously I used an SSH server and the SSHuttle app to tunnel my internet, dns and even network traffic over a Socks5 proxy to my home network. I wondered if this would be possible with the Chromebook. Turns out it is ! Let’s start cooking.

To get this little piece of magic working you need 3 things. A : One SSH server (A linux machine) on your home network that has at least one port open to the internet. B : The Secure Shell app from the Chrome store. C : The Switchy-Sharp extension.

Setting it up is quite easy. Lets say we opened up port 8800 of our SSH server to the internet. Setup Secure Shell to connect to the your home SSH server with the additional option to create a port forwarding tunnel on lets say port 8800 with the option -D 8800

img_546b9a0a17c9d

Next we setup Switchy Sharp as to use the SSH connection (and port 8800) as a socks 5 proxy.
switchy

All you need to do next is Connect to your home SSH server and use the Switchy Sharp extention in your browser to use the connection. The Chromebook will tunnel all http and https requests AND the DNS queries through the tunnel. That way 95% of your Chromebooks traffic (we aren”t a 100 percent sure about what protocols any other apps you have might use) are piped through a secure tunnel. You don’t only get to connect to your home network (to open up any web-interface to any device or server you have) but also you get to do it all ‘in private’

Links.

Related Posts

Take your Chromebook to work day. : Can you do your job on Chrome ?

Last weekend I bought a Chromebook. A somewhat controversial device that sits between a laptop and a thin client. A laptop that hardly cost me 249 euro’s and is basically an network card with a screen. A device that is almost useless without an internet connection. And I challenged myself : Could I survive on the Chromebook alone… for a week ? Here is my Day to day rapport.

The second day : Out to the races.

Monday morning marked the end of the honeymoon weekend with my Chromebook. Sitting at home on the couch, playing around and getting to know the machine… it was fun ! But now its time for the serious work. Since I was going to survive on the Chromebook alone for a week, this meant that the Chromebook was going to be a major part of my workflow. Aside from being a cross-platform internet blogger-podcaster-superstar I’m also a freelance IT Consultant. So taking along the Chromebook meant that it was going to have to earn its keep.

That and we had several things on the To-Do list that needed to be done : A blogpost for Knightwise.com, Checking emails, Updating some online job-profile sites, a conference call and a visit to a client. Just some of the things we needed to do.

Writing the Blogpost.

The days of Dreamweaver are far behind me. Both blogs I write for are WordPress blogs so I didn’t think the Chromebook was going to give me any trouble connecting to the web interfaces. Before I just “surfed over” I did check out a couple of Chrome Apps/Extentions in the store that were WordPress related but .. to no avail. Most of the apps/extentions (very confusing) were mostly just shortcuts to the WordPress backend page. No offline love there. No matter, I never write my blogposts in WordPress directly anyway. “Writebox for chrome” is a great app that lets you punch out simple text files in a clutter free environment. Available offline I lets me write up a Blogpost that gets synced over to my Google Drive. You can play with the colors (I went for green letters on a black background) and felt like Doogie Houser writing his dairy. To add some comfort I propped up the Chromebook on a notebook riser and plugged in my external Logitech keyboard. Thing works like a charm. Write blogpost, copy over to wordpress, publish. Ding ! Chromebook wins.

Before I left for my client I needed to take a long a couple of multimedia files to show them. How was I going to connect to my NAS ? One of the great things about owning a Synology Nas is that it comes with a pretty powerful web interface. This allowed me to select and download the files I wanted to the Chromebooks (tiny) harddrive. Chromebook Wins.

Arriving at the client I was unsure that I could connect to their wireless guest network which gave me some trouble the last time when hooking up my Macbook Pro. The Chromebook connected ok and it was great to have this simple ‘instant on’ experience while waiting for the meeting to start. Just like whipping out your phone and checking Facebook, you whip out your Chromebook, open it up and start surfing. No boot times .. no restore. However : During the meeting I suddenly noticed that I had forgotten ONE FILE at home on my server. How was I going to get to it ? VPN ? The Chromebook DOES have the option to use VPN but not all protocols are supported. Luckily I was able to pull a copy off the file from Dropbox and all was good. The HDMI connector on the back allowed me to connect to the big TV in the meeting room and the “Subtitle Videoplayer app” was up for the job. The sound was a little tiny .. but my client was impressed with the tricks my little 249 euro machine could do.

When I got back home it was time do do some more work. One of the tasks that needed to be done was to print out our Christmas cards. Printing with the Chromebook is pretty easy for me since I have our home printer setup as a network connected “Cloud printer’ allowing me to print documents from any Chrome browser.
Printing 2 copies of our Christmas card on ONE page proved to be beyond what Google Print (and the Chromebook) can do. Its a functionality that is not supported : Fail for the Chromebook. I had to do this from my Mac.

The rest of the day went off without a hitch.

Doing Emails, Visiting websites, downloading and forwarding attachments and even hosting a Google Hangout was easy. I was getting impressed by the little machine AND the fact that most of my workflows don’t need some expensive device to get stuff done. At 9Pm (!) the little machine beeped to remind me that its battery was running low. I had been working away on it all day long .. and still it had some juice to spare.

Use-Chromebook-for-business

So can you take your Chromebook to work  ? 

The question if the Chromebook is right for you (and suitable for work) is not a matter of what the Chromebook can or can not do. Its a matter of how your workflows are organised. If you can get stuff done in a browser .. there is hardly anything the Chromebook cant pull off (its just a browser in a box) The device is nice, cheap and simple and buying a Chromebook is easy. But tweaking your workflows to be device independent is what makes you a Cross Platform Jedi Master.

Related Posts

Privacy Week : Tunnel traffic through your home network with Sshuttle.

Today’s tip in our “Privacy week” is geared a little bit towards the more advanced geek .. (Who am I kidding, you are ALL advanced Geeks here). In our every lasting quest to ensure our privacy when surfing on “foreign networks” like the one at work, the one at your dorm or the free wifi hotspot at Starbucks , we try to find more ways to make sure all your web traffic is encrypted and your privacy is kept safe.

kirk-and-spock-with-the-galileo

Enter SSHuttle ( NOOO , not the STAR TREK Shuttle) , A brilliant little transparent proxy application that directs ALL or PART of the network traffic from your trusty Linux or Mac machine (the laptop you use on the road) through an SSH tunnel to an SSH server of your choice (perhaps your own server at home). That way your traffic is completely (or partially) obscured from whoever is trying to sniff your traffic on an untrusted network. An added bonus is however that it is a transparent proxy ! This means your computer will actually think it is directly connected to the network where the SSH server is running. It is like running a very very very long cable through the internet straight from your machine to the network where your SSH server is located. 

So let’s start cooking.

Ingredients.

How to install SSHuttle on your client machine.

  • Install SSHuttle on your Linux machine using the command :  sudo apt-get install sshuttle
  • Install SSHuttle on your Mac by first installing HOMEBREW APP. (Installation instructions) and then typing brew install sshuttle

Shuttle is simple but VERY powerful.  It will create an encrypted tunnel between your laptop and the SSH server you setup at home. Depending on what kind of traffic you want to shove through that tunnel you can do different things like :

  • Just tunnel your browser traffic through the tunnel,
  • Shove all of your web traffic through the tunnel (including dns requests),
  • Shove ALL of your traffic through the tunnel.
  • Set up a “site 2 site” VPN  between the network you are working on and your network at home.
  • … and more crazy stuff.

So how does it work ? 

Once installed using SSHuttle is pretty simple. SSHuttle works from the command line and depending on the “switches” it will do different things for you. So on your client laptop , fire up your terminal and start typing.

  • sshuttle --dns -r username@yourremoteserver.com:2222 0/0

Enter the command above to push ALL of your traffic through the SSH tunnel towards your server at home. This is the example of running a virtual network cable THROUGH the internet towards your switch at home. All of your traffic is sent through this encrypted tunnel. USERNAME = A user you have created on your SSH server at home. YOURREMOTESERVER.COM = The external ip address (or Dynamic DNS name) of your home router. 2222 = The port on which you have your SSH server running. In this example I took a non-default port.

  • sshuttle  -r username@yourremoteserver.com:2222 192.168.0.0/24

With this command you can create a site to site VPN. Instead of typing 0/0 is going to send ALL the traffic through the tunnel. Typing the network range of your home network (in this case 192.168.0.0) tells SShuttle to send all the traffic that needs to go to the 192.168.0.0 domain through the tunnel, while sending out the rest of your traffic through  whatever network gateway you are connected to.  The /24 is your subnet mask ( you know , the 255.255.255.0 subnet number of your network).

There are a lot of other switches that you can use , but if you use the two commands we mentioned above you will have a LOT of power at your fingertips. I love using the second command. It allows me to connect to the exchange server at work for my work stuff, but also lets me quickly open up the web interface of my home router (on the LAN SIDE) to do some tinkering. SSHuttle is a very very nice tool that keeps you connected .. and keeps your privacy .. private.

Find out more about SSHUTTLE in this HAK5 episode.

Related Posts

Privacy Week : Surf anonymously on your phone with Hotspot Shield.

Who do you trust ! That is of course the main question in most of the topics of this weeks “Privacy Week” on our blog. When you connect to the internet on your tablet or mobile phone, you have a choice between different networks and carriers.  You can go directly via your mobile phone’s dataplan (if you have one) or connect via Wifi. In both cases “somebody” is going to connect you to your internet. For your cell connection that will be your Telco, for your Wifi connection that will be your ISP or the kind person/company who set up the wifi hotspot you are using. The question is : Do you trust them ?  As we told you in our first post : Sniffing unencrypted traffic is very very easy on a network. So when it comes to those open networks in a coffee shop, you never know who is watching. So why not “tunnel” your mobile traffic too. 

Hotspot Shield VPN is my FREE application of choice. It allows you to tunnel all your traffic through their VPN tunnel and lets it emerge somewhere in the US. So anyone who wants to sniff you (either your telco, your local ISP or the dingy kid in the corner with his laptop running Wireshark) won’t be able to make out what you are doing. But because you “exit” to the internet on AnchorFree’s network (they make the app) , THEY will. 

hotspot20shield20box-11344105

Hotspot shield VPN is free and easy to use. Its not always fast and it comes with adds. Opinions about this service might be mixed, but I regularly use it when I take my IOS or Android mobile device onto an open wifi network that I do not trust. Hotspot Shield also comes with a paid plan with “Monthly and Annual subscriptions available for faster connection, better cost savings and enhanced security. All subscriptions provide unlimited VPN bandwidth and NO ADS” So you can even pay if you want to. Keep stuff safe in a simple way, but remember that every connection (no matter if its through your ISP, the hotspot or these guys) requires ‘trust’ in whoever is carrying your data.

Get Hotspotshield VPN for : ANDROID and IOS

Related Posts

From Pad to paper with Printopia.

I recently got a question from a friend of the show that he would like to know how to print from his iPad. A fairly common question that did require some thinking on my behalf. The problem for me is : I’ve stopped ‘printing’ things out all together since we have the iPads lying around the house and seldom need to use a sheet of ground-up tree to write things down. Apps like notability let me easily take screenshots (or pictures) of documents where I digitally “scribble” on.

But for those who DO need to print for their iPads Apple has of course come up with “AirPrint” that lets you print FROM your iPad to any “AirPrint approved printers” Great when you haven”t bought a printer yet, bummer if you have. However : There is a cool solution. It does require a mac and its not free but for 19.95$ its quite a cute little app. Printopia lets you print from your iPad to any printer connected to your Mac or export to a pdf file that gets stored on your mac. You can even “print” your document or screenshot to Evernote. It gets REALY interesting if you combine this with a VPN. Out and about on the road ? Need to make a pdf of the booking you just made ? Or need to pop it off at home ? Why not use Printopia to “dump” a paper copy out of your printer while you continue on your digital voyage.   Or perhaps you want to install it on one of your office machines and hook up the multifunctional printer so your co-workers can stop putting their iPad screens on the copier.  20 bucks may be a little bit on the steep side, but hey : at least you don’t need to buy a new printer.

Related Posts