Re: [Server-devel] XO1.5 as Access Point using thinfirm

2015-06-16 Thread James Cameron
On Tue, Jun 16, 2015 at 02:45:58PM -0400, George Hunt wrote:
> Thanks to James Cameron's work on FC22 kernel,

Just to clarify, my work was on porting the latest kernel to the
XO-1.5, not on Fedora 22.  I've done no tests of Fedora 22.

> I have an image of XSCE running in an SD card on an XO1.5.
> 
> The regular libertas driver works as a client.
> 
> There is documentation for using a special driver, and special
> firmware at
> 
> http://wiki.laptop.org/go/Libertas_Thinfirmware_HOWTO:
> http://wiki.laptop.org/go/Thinfirm_1.5
> http://wiki.laptop.org/go/Test_Report

On the XO-1.5, XO-1.75 and XO-4 version 9.0.7.p2 of the thin firmware
is embedded in the Open Firmware dropin filesystem, in case you ever
need it and don't have internet handy;

ok copy rom:sd8686.bin u:\lbtf_sdio.bin

It is used by Open Firmware for NANDblaster and wireless access.

You can test this firmware and the hardware by typing;

ok select /wlan:force
ok d# 11 " xoap" start-ap

A network xoap should then be visible on other laptops.

The test network has no associate, authenticate, or DHCP service, so
it is not particularly useful alone.

The purpose of this test network is to make sure your hardware and
firmware is working.

You can add associate and authenticate support by rebooting and typing:

ok select /wlan:force
ok do-ap

This kind of access point is useful for antenna and packet testing.
See http://wiki.laptop.org/go/Antenna_testing

You can also test the later firmware by setting an environment
variable before the select command;

ok setenv wlan-fw u:\p3.bin

Once you have verified working hardware, firmware, and both antenna,
you're all set to test in the operating system.  ;-)

(The second antenna becomes way more critical when using an XO as
access point or NANDblaster transmitter.  The coax can be damaged
without visible evidence.)

> Which I have attempted to follow. I have added config items(below)
> and created a new kernel.
> Questions;
> 
>  1. The libertas_tf module loads via modprobe (after rmmod libertas
> cfg80211) Does this mean that it has found the firmware?

Don't know.  Look at the interrupt count for the device in
/proc/interrupts; if there are lots of interrupts, I'd say the module
has communicated with the wireless card.  After that it's a matter of
looking at the module source and enabling debug modes.

>  2. After blacklisting libertas, and a reboot, there is a new device
> sit0, which may indicate that the proper network driver is not
> being found/ loaded.(dmesg is quiet about libertastf)

I agree.  It may be that the kernel support for this isn't as tested
in 4.1 as it was in previous versions.  Thanks for investigating.

>  3. Are there incompatabilities between libertas_sdio and
> libertas_usb -- should it be one or the other?

The design of the kernel modules supports both the USB8388 wireless
card on the XO-1, and the SD8686 wireless card on the XO-1.5.

Unless you plan to use the (deprecated, unavailable) external USB83833
active antenna devices, you can omit the USB support.

I doubt it will have any effect.

-- 
James Cameron
http://quozl.linux.org.au/
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel


[Server-devel] XO1.5 as Access Point using thinfirm

2015-06-16 Thread George Hunt
Thanks to James Cameron's work on FC22 kernel, I have an image of XSCE
running in an SD card on an XO1.5.

The regular libertas driver works as a client.

There is documentation for using a special driver, and special firmware at

http://wiki.laptop.org/go/Libertas_Thinfirmware_HOWTO:
http://wiki.laptop.org/go/Thinfirm_1.5
http://wiki.laptop.org/go/Test_Report

Which I have attempted to follow. I have added config items(below) and
created a new kernel.
Questions;

   1. The libertas_tf module loads via modprobe (after rmmod libertas
   cfg80211) Does this mean that it has found the firmware?
   2. After blacklisting libertas, and a reboot, there is a new device
   sit0, which may indicate that the proper network driver is not being
   found/loaded.(dmesg is quiet about libertastf)
   3. Are there incompatabilities between libertas_sdio and libertas_usb --
   should it be one or the other?


CONFIG_LIBERTAS_THINFIRM=m
CONFIG_LIBERTAS=m
CONFIG_LIBERTAS_USB=m
CONFIG_LIBERTAS_SDIO=m
CONFIG_LIBERTAS_DEBUG=y
CONFIG_LIBERTAS_MESH=y
CONFIG_FW_LOADER=y
CONFIG_MAC80211=m
CONFIG_MAC80211_HAS_RC=y
CONFIG_MAC80211_RC_MINSTREL=y
CONFIG_MAC80211_RC_MINSTREL_HT=y
CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y
CONFIG_MAC80211_RC_DEFAULT="minstrel_ht"
CONFIG_MAC80211_LEDS=y
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel


Re: [Server-devel] Trying to access a school server from the outside world

2015-06-16 Thread Gonzalo Odiard
I would need access 'lascahobas' server, because the new server is not
available yet.
Could you provide me the client information needed?
Sorry to bother, I didn't used openvpn before.

Gonzalo


On Tue, Jun 16, 2015 at 12:51 PM, George Hunt  wrote:

> I thought I had already set you up for using the Amazon passthrough. But
> here are the steps:
>
>
>1. There is a user at the https://50.17.210.12:943/admin/ port with
>username:gonzalo and a password I will send separately.
>2. Sign on there and change your password. You can use this sign on at
>any time to see if the "sora server" client connection is available at the
>passthrough.
>3. Then you will need to create a new user without administrative
>privileges that will become the server's client connection to the vpn. The
>generation of the keys for the "sora server" is triggered by accessing
>https://50.17.210.12:943/ (without admin), and logging on with the
>credentials you created when you set up the "sora server" user.
>4. When you make this https:// access, the amazon openvpn application
>will offer to let you download the openvpn client application.  I have
>usually "yum installed" openvpn already. Hit refresh, and you will be given
>a choice to download an unattended access key file.
>5. Download the "cient.ovpn" file and change it so something similar
>to the username you created. Place it in the /etc/openvpn/ directory of
>"sora server"
>
> Sorry I missed your request when it came 3 days ago.
>
>
> On Sat, Jun 13, 2015 at 7:54 PM, Gonzalo Odiard 
> wrote:
>
>> Could I use your passthrough server to access Sora server?
>> What we should do setup it?
>>
>> Gonzalo
>>
>> On Sat, Jun 13, 2015 at 4:16 PM, George Hunt 
>> wrote:
>>
>>> Typically a server is behind some sort of NAT device, and some sort of
>>> firewall, and most likely has a variable ip address assigned by the ISP's
>>> dhcpd.  The trick is to have the server initiate an outgoing conversation
>>> to a device on the internet that is always on.  I purchased a micro
>>> instance on amazon cloud for the purpose.
>>>
>>> The amazon instance generates keys for clients which permits passthrough
>>> conversations between any clients. There's two levels of authentication --
>>> 1. need a vpn key to connect to the amazon instance, and 2. need
>>> authentication at the ssh port of the target (preferably a public key in
>>> .ssh/authorized_keys on the target -making dictionary attacks less likely).
>>>
>>> But I'm becoming a fan of teamviewer. You need to install Xorg, and I
>>> usually install XFCE because it's pretty light weight. Up until now, I've
>>> resisted a GUI for servers.
>>>
>>>
>>>
>>> On Sat, Jun 13, 2015 at 2:25 PM, Tim Moody  wrote:
>>>
 I should also have mentioned that we have started using TeamViewer on
 some of the servers which allows a session on the server without using the
 vpn hub.

 ___
 Server-devel mailing list
 Server-devel@lists.laptop.org
 http://lists.laptop.org/listinfo/server-devel

>>>
>>>
>>> ___
>>> Server-devel mailing list
>>> Server-devel@lists.laptop.org
>>> http://lists.laptop.org/listinfo/server-devel
>>>
>>>
>>
>>
>> --
>> Gonzalo Odiard
>>
>> SugarLabs - Software for children learning
>>
>
>


-- 
Gonzalo Odiard

SugarLabs - Software for children learning
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel


Re: [Server-devel] Trying to access a school server from the outside world

2015-06-16 Thread Gonzalo Odiard
Thanks!

On Tue, Jun 16, 2015 at 12:51 PM, George Hunt  wrote:

> I thought I had already set you up for using the Amazon passthrough. But
> here are the steps:
>
>
>1. There is a user at the https://50.17.210.12:943/admin/ port with
>username:gonzalo and a password I will send separately.
>2. Sign on there and change your password. You can use this sign on at
>any time to see if the "sora server" client connection is available at the
>passthrough.
>3. Then you will need to create a new user without administrative
>privileges that will become the server's client connection to the vpn. The
>generation of the keys for the "sora server" is triggered by accessing
>https://50.17.210.12:943/ (without admin), and logging on with the
>credentials you created when you set up the "sora server" user.
>4. When you make this https:// access, the amazon openvpn application
>will offer to let you download the openvpn client application.  I have
>usually "yum installed" openvpn already. Hit refresh, and you will be given
>a choice to download an unattended access key file.
>5. Download the "cient.ovpn" file and change it so something similar
>to the username you created. Place it in the /etc/openvpn/ directory of
>"sora server"
>
> Sorry I missed your request when it came 3 days ago.
>
>
> On Sat, Jun 13, 2015 at 7:54 PM, Gonzalo Odiard 
> wrote:
>
>> Could I use your passthrough server to access Sora server?
>> What we should do setup it?
>>
>> Gonzalo
>>
>> On Sat, Jun 13, 2015 at 4:16 PM, George Hunt 
>> wrote:
>>
>>> Typically a server is behind some sort of NAT device, and some sort of
>>> firewall, and most likely has a variable ip address assigned by the ISP's
>>> dhcpd.  The trick is to have the server initiate an outgoing conversation
>>> to a device on the internet that is always on.  I purchased a micro
>>> instance on amazon cloud for the purpose.
>>>
>>> The amazon instance generates keys for clients which permits passthrough
>>> conversations between any clients. There's two levels of authentication --
>>> 1. need a vpn key to connect to the amazon instance, and 2. need
>>> authentication at the ssh port of the target (preferably a public key in
>>> .ssh/authorized_keys on the target -making dictionary attacks less likely).
>>>
>>> But I'm becoming a fan of teamviewer. You need to install Xorg, and I
>>> usually install XFCE because it's pretty light weight. Up until now, I've
>>> resisted a GUI for servers.
>>>
>>>
>>>
>>> On Sat, Jun 13, 2015 at 2:25 PM, Tim Moody  wrote:
>>>
 I should also have mentioned that we have started using TeamViewer on
 some of the servers which allows a session on the server without using the
 vpn hub.

 ___
 Server-devel mailing list
 Server-devel@lists.laptop.org
 http://lists.laptop.org/listinfo/server-devel

>>>
>>>
>>> ___
>>> Server-devel mailing list
>>> Server-devel@lists.laptop.org
>>> http://lists.laptop.org/listinfo/server-devel
>>>
>>>
>>
>>
>> --
>> Gonzalo Odiard
>>
>> SugarLabs - Software for children learning
>>
>
>


-- 
Gonzalo Odiard

SugarLabs - Software for children learning
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel


Re: [Server-devel] Trying to access a school server from the outside world

2015-06-16 Thread George Hunt
I thought I had already set you up for using the Amazon passthrough. But
here are the steps:


   1. There is a user at the https://50.17.210.12:943/admin/ port with
   username:gonzalo and a password I will send separately.
   2. Sign on there and change your password. You can use this sign on at
   any time to see if the "sora server" client connection is available at the
   passthrough.
   3. Then you will need to create a new user without administrative
   privileges that will become the server's client connection to the vpn. The
   generation of the keys for the "sora server" is triggered by accessing
   https://50.17.210.12:943/ (without admin), and logging on with the
   credentials you created when you set up the "sora server" user.
   4. When you make this https:// access, the amazon openvpn application
   will offer to let you download the openvpn client application.  I have
   usually "yum installed" openvpn already. Hit refresh, and you will be given
   a choice to download an unattended access key file.
   5. Download the "cient.ovpn" file and change it so something similar to
   the username you created. Place it in the /etc/openvpn/ directory of "sora
   server"

Sorry I missed your request when it came 3 days ago.


On Sat, Jun 13, 2015 at 7:54 PM, Gonzalo Odiard 
wrote:

> Could I use your passthrough server to access Sora server?
> What we should do setup it?
>
> Gonzalo
>
> On Sat, Jun 13, 2015 at 4:16 PM, George Hunt 
> wrote:
>
>> Typically a server is behind some sort of NAT device, and some sort of
>> firewall, and most likely has a variable ip address assigned by the ISP's
>> dhcpd.  The trick is to have the server initiate an outgoing conversation
>> to a device on the internet that is always on.  I purchased a micro
>> instance on amazon cloud for the purpose.
>>
>> The amazon instance generates keys for clients which permits passthrough
>> conversations between any clients. There's two levels of authentication --
>> 1. need a vpn key to connect to the amazon instance, and 2. need
>> authentication at the ssh port of the target (preferably a public key in
>> .ssh/authorized_keys on the target -making dictionary attacks less likely).
>>
>> But I'm becoming a fan of teamviewer. You need to install Xorg, and I
>> usually install XFCE because it's pretty light weight. Up until now, I've
>> resisted a GUI for servers.
>>
>>
>>
>> On Sat, Jun 13, 2015 at 2:25 PM, Tim Moody  wrote:
>>
>>> I should also have mentioned that we have started using TeamViewer on
>>> some of the servers which allows a session on the server without using the
>>> vpn hub.
>>>
>>> ___
>>> Server-devel mailing list
>>> Server-devel@lists.laptop.org
>>> http://lists.laptop.org/listinfo/server-devel
>>>
>>
>>
>> ___
>> Server-devel mailing list
>> Server-devel@lists.laptop.org
>> http://lists.laptop.org/listinfo/server-devel
>>
>>
>
>
> --
> Gonzalo Odiard
>
> SugarLabs - Software for children learning
>
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel