November 22, 2014
In the beginning of October I have participated the ICT-Proposers’ Day in Florence, a H2020 networking event of the European commison.
Even though I spend only one night in Florence, I was able to get around the old town in the center of the city and made some valuable shots.
This was my first time in the Toskana area and it is defnitly worth going there again at some time for an extended stay.
September 29, 2014
I am having a huge problem with SPAM comments in the last weeks. Because of that my site was already disabled by my hoster because my database and traffic exceeded the limits. For this reason I have disabled commenting without user account. If you would like to get in contact with me, please use the contact form. Will see how I can solve the problem…
September 12, 2014
I have successfully configured a VPN connection to my home router, thus, I was able to access machines in my private LAN. Moreover, I wanted to tunnel my whole Internet traffic over this connection. Even a google search could not answer, how to solve this with the network-manager which is used in most Linux desktops.
Finally, I figured it out. You need to go into the configuration of the particular VPN, further into the tab IPv4-Configuration, click on button routes and there you have to remove the tick from box which is probably named in English something like “Use this connection only for resources of current network”. German screenshots are attached below.
January 1, 2014
Happy New Year everybody!
This follow up post to my last article about using Truecrypt on my ReadyNAS 102 (with two Seagate Pipeline HD ST2000VM003 – 2 TB – 5900 rpm RAID 1) (http://www.ceh-photo.de/blog/?p=809 ) will examine the transfer performance while using Truecrypt.
For comparison I have tested as well on my desktop PC:
My computer and the NAS are connected by a 100mbit Router only, unfortunately not by Gigabit-Ethernet. If someone could provide some test results using a 1Gbit router, I would be glad to get them.
The test container had a size of 2GB formatted with FAT32 and I used the default encryption settings with AES and RIPEMD-160 hashing. The test script first wrote 1GB of random data and read it afterwards.
See the test script below:
The Truecrypt performance results on my desktop computer are not very surprising. I am only wondering why the write performance with encryption is better than without. Maybe because the additional encryption layer from Truecrypt includes additional buffers or caches…
The performance tested directly on my ReadyNAS is not surprising at all. I have expected that the performance will suffer that much, because of the low performance CPU.
The last comparison shows different possible mounting situation to access the encrypted container on the ReadyNAS. Because for most of the test runs only the container file is used, all encryption/decryption is executed on my desktop computer. Some things are interesting. The performance with NFS and SMB without encryption is similar on my 100mbit network, but the write performance with NFS mount and encryption is much higher. As well as the read performance of the encrypted container with NFS and SMB. But like already mentioned, these results are not really trustable and a probably a result of caching. But anyway you will benefit from higher performance if you are importing or exporting mass data to an encrypted container on the NAS if you do the encryption/decryption computing on another machine. The performance you can get with encryption/decryption performed by the NAS itself is still enough for streaming data or similar tasks and do not suffer at all if you are using 100mbit only.
Let me know, if you consider this post interesting.
December 30, 2013
Since I own a Netgear ReadyNAS 102 I was wondering how I could use encryption for special content in a convenient way. Because the Netgear firmware does not provide an encryption feature inside its ReadyNAS OS wrapper on top of the underlying Debian Linux I decided to have a closer look on Truecrypt, which I already have in use on my other desktop and mobile computers.
Because Truecrypt binaries are not available for the used ARM architecture the first required step was building Truecrypt from source. During my research I came over a posting which explained the build process step by step.
If you really want to build it on your own, be aware of my comment inside the forum thread above. If you just want to go ahead, I have simplified the procedure for you with a prebuild binary available on my personal Debian-Dropbox-Repository:
1) Install some dependencies for https access
2) Add my repo to your /etc/apt/sources.list
3) Install truecrypt
Now you are able to use truecrypt. Some usage examples:
You can find the user and group id with the commands
Now we are able to use truecrypt on the ReadyNAS, but we will need to use SSH everytime we want to mount a volume. Of course this is not convenient, so my idea was to encrypt the container(s) with keyfile(s) instead of a password (you can also use a password and a keyfile) and mount the volume once my keyfile thumb drive is plugged into the NAS.
1) Create udev rules for automatic script execution once the keyfile thumb drive is attached or removed from the USB port
2) New udev rule:
3) With content below:
The udev rules are executed once the specified variables are matched by a device. I figured out the variable values for the new attached device with following command after I had already attached the thumb drive.
To gather the right environment variable to use I have used follwing command before I have unplugged my thumb drive.
Like you may have already mentioned, the udev rule is executing another script, which takes care of mounting and unmounting of the truecrypt container. Here comes the script, which I have stored on /data/Documents/automount.sh. Take a closer look onto the variables defined at the beginning, they specify the container, mountpoint, password(if you have one configured) and so on. The script uses all files from the thumb drive as key files for uncrypting the container. If you only want to use specific files, you will need to change the script accordingly. I just use “/media/USB_FLASH_1/” to access the thumb drive, because I do not have attached other devices usually. You may have to change this, if you have a more sophisticated environment.
In my case the container is formatted with NTFS (therefor the mounting options “–fs-options=locale=de_DE.utf8,umask=000″), this takes advantage of accessibility for direct mounting on Windows and Linux computers while being able to store files larger than 4GB. I have initialized and created my truecrypt container remotely from my PC. Another important thing to note is, I recommend to disable continous protection on the share where you store the truecrypt container, as long as you have a huge container of several GB.
You can check if the script is working proberly by manual execution with commands below
All outputs will be written to “/data/Documents/automount.log”
A last thing is missing, the udev rules seems not beeing proberly executed during boot, so the container is not mounted on boot while the key file thumb drive is attached. To solve this issue I have used an rc-script.
1) Create a new executable script
2) Here comes the script content:
3) Register the script with
November 30, 2013
I just realized that I forgot to change the timezone/time settings in my camera since I am back from Asia (~6month). In order to fix the timestamp on all my photos I made during this time period I used exiftool for doing this on the command-line.
Move all timestamps minus 6 hours for all picture files (JPG and RAW) in current directory.
Check if everything is like expected and delete the backup copies in current directory:
Because I am working with Corel AfterShot (former Bibble) I had another problem. AfterShot is dumping the timestamps for all adjusted files into the xmp file and is also using these timestamps as first choice for displaying inside the application. But I figured out, that this information in not required and I just deleted it from the xmp file with sed.
Delete timestamp lines from mentioned files for all xmp files in current directory:
Actually a simple operation, but maybe helpful for someone else.
April 30, 2013
It was a very, very awesome experience, even it was stressful for me to manage to give all the help the people needed.
But read more here:
I am proud to were part of this!