Wednesday, July 20, 2016

Phone As Raspberry Pi Screen

I usually have to work on a cluster in the college and all I need is a client to connect to that cluster. The Raspberry Pi is a great alternative to my laptop which has recently started to die of old age.

The problem I face with the PI is however quiet a different one. I usually don't have a projector / display around to see what I'm typing in. This is a workaround to that problem. Since I almost always have my phone around, I decided to use that as a display. 

Do note that this does not mean that you will have full graphics. It just let's you see what you are typing on a terminal in the Pi. For full graphics you would need some sort of VNC setup.

Let's get started.
  1. Hardware Required
    1. Raspberry Pi
    2. Wifi Dongle
    3. Keyboard
    4. Mobile Phone (Android / iPhone etc)
    5. Working internet connection (For setup purposes)
  2. Software required
    1. On Raspberry pi
      1. ssh-daemon (This is preinstalled if you are using NOOBS). Otherwise use sudo apt-get install sshd
      2. Tmux ( can be installed via sudo apt-get install tmux)
      3. In case you don't like tmux for some reason, you may be able to use screen in a similar fashion as described.
    2. On phone
      1. Some sort of SSH client. I use Juice SSH but you are free to use any one.
      2. Since I have never used Apple, I'm going to leave finding an SSH client there to you. comment below if you find one that you have used.
  3. Other requirements
    1. A keyboard for the PI would be nice, though you can use your laptop too in case you do not have one.
    2. The Raspberry pi needs to be able to connect with a network beforehand. See this resource.
    3. In case you have a router lying around, connect the Pi, phone (and laptop if needed) to the same router. Otherwise set up a WiFi hotspot in your phone and connect everything to that.
  4. Steps
    1. Power on the Pi
      1. Switch on the Pi.
      2. Plug in the wireless dongle.
      3. Let the Pi connect to the network
    2. Power on the laptop
      1. SSH into the raspberry pi
        1. ssh
        2. Windows users can use Putty
        3. Install Tmux via sudo apt-get install tmux
        4. use raspi-config command to make sure that the login procedure is login to command line
        5. exit the ssh session (Ctrl + d)
    3. Reboot the Pi
      1. Connect a keyboard
      2. You will be logged in to the PI user automatically as per the last config.
      3. type tmux new-session -s main
        1. This opens a new tmux session.
    4. SSH into the Pi using your phone (Juice SSH)
    5. Using your phone type in tmux attach -t main to the terminal you have just opened.

You can now see the same tmux session which is running on your PI. Whatever you type in the keyboard appears on your phone. This allows you to use your phone as a temporary display for the Raspberry pi terminal.

Here's a demo video.

Tuesday, July 12, 2016

A layman's Introduction to Passwords

When the internet first experienced the pains of identification over the web, the simplest solution was the password system. At it's heart this system pairs two pieces of information together to identify people over the internet.

The first is your name/email/userid or any other thing which is generally publicly available. The other is your password. A piece of information which only you and the website knows. The entire security of this system rests on the premise that your password cannot be easily known unless you tell it to someone else.

Along came humans and broke this perfectly sane system. They choose bad passwords. Period. That paired with the fact that computers are amazingly fast, makes for a good run of old school brute force.

Here's the breakdown of how things are:

  • Access to your account is given to anyone who can present the correct name-password combination.
  • The password is kept secret only because it is assumed that there is no other way for an attacker to know it.
  • In essence, if your password is easily guessable, well it can be guessed so it's not really a secret anymore is it?
  • The only way to make passwords which result in a really secure system is to make them hard to guess.
To do those things, we need to understand how an attacker works.

  • Brute force
    • Let's say that the password field is limited to alphabets and numbers and can only be 20 characters long.
    • That means that there are (26+10=36) unique characters available which can be typed in. Also, any of the 20 places can take those characters. Thus there are 36 ^ 20 possible passwords.
    • That number is actually big. 13367494538843734067838845976576 to be exact.
    • You chosen password is bound to be contained within one of those combinations.
    • An attacker simply tries out one combination at a time and waits till he finds the one which matches your account.
  • Ordered brute force / dictionary
    • Instead of trying all of those passwords in a random order, the attacker makes assumptions on what password you are likely to chose.
    • For example a password `dog` is more likely than `odg` simply because it occurs in the English language.
    • You are also more likely to have passwords containing your name/ your children's name/ date of births and other special dates.
    • An attacker tries these out first.
The solution

We simply need to increase the magnitude of that number further and make sure that the attacker has a hard time guessing which ones you are more likely to type into your password.

There is only one way to do this properly and that is to use a password manager. I recommend KeepassX since I've been using it for years now and it has given me no problems.

The way they work is:

  • They generate passwords for you, making sure that they are hard to guess and pretty long. (I usually have 100 character passwords)
  • You can test your password's strength using this nifty service.
  • Once your passwords are generated, they store them in a database file which you can carry around / upload to Dropbox or Google Drive
  • All those passwords are encrypted using a single Master Password which needs to be pretty strong.
  • I usually choose the master based on a something which is transitory and in front of me. For example one of my past master passwords was "aredcarhonkinglikemadinfrontofmewhenthereisnobodyinfrontofhim".
  • This master password is all you need to remember.
  • Now whenever you want to log in to say, Facebook:
    • Open the Facebook login page
    • Type in your username
    • You open your password manager using your master password
    • Select the Facebook entry
    • Copy the password (Crtl + C for KeepassX)
    • paste it into the password field of Facebook's login page
    • Close the password manager.
That is all there is to it. This makes sure that all your passwords are nice and secure. Using password managers also comes with nice services like reminding you when you have not changed your password since a long time and so on.

Here are some nice tutorials for KeepassX:

Saturday, July 9, 2016

Nested Tmux Sessions

I use Tmux on my local machine and also prefer to use it once I'm logged in to remote machines. This posed a problem as commands intended for the remote Tmux were intercepted by the local Tmux.

A solution was found here:

I'm not going to be repeating good advice again so here's my tmux.conf with the necessary changes.

set -g status-bg colour40
setw -g window-status-current-bg colour40

bind -n C-t new-window -a
bind -n S-left  prev
bind -n S-right next
bind -n S-C-left  swap-window -t -1
bind -n S-C-right swap-window -t +1

bind -n M-F11 set -qg status-bg colour25
bind -n M-F12 set -qg status-bg colour40
bind -n S-up \
 send-keys M-F12 \; \
 set -qg status-bg colour25 \; \
 unbind -n S-left \; \
 unbind -n S-right \; \
 unbind -n S-C-left \; \
 unbind -n S-C-right \; \
 unbind -n C-t \; \
 set -qg prefix C-a
bind -n S-down \
 send-keys M-F11 \; \
 set -qg status-bg colour40 \; \
 bind -n S-left  prev \; \
 bind -n S-right next \; \
 bind -n S-C-left swap-window -t -1 \; \
 bind -n S-C-right swap-window -t +1 \; \
 bind -n C-t new-window -a -c "#{pane_current_path}" \; \
 set -qg prefix C-b