How to secure your SSH login with Google Two Step Authentication on Debian/Ubuntu based servers.

Most of us are in habit of SSHing to our linux machine on regular basis.So we obviously want to secure it from someone misusing it . Google provides Google Authenticator’s time-based one-time password (TOTP) system which is open source to secure your SSH session.

Warning:Unlike Google 2-Step Account Authentication Google will not phone or SMS your Authentication Code to you if you have deleted the app from your phone or have set it up without setting up Google Authenticator on your phone.All work happen on your ssh server and your phone.

Installing Google Authenticator on Server:

To implement multi stage Google Authentication we will need Google Authenticator PAM module . PAM stands for "pluggable authentication module"which helps plug different form of authentication on linux system.

Google Authenticator PAM can be installed in two ways
Method 1: Installing using official Ubuntu/Debian Repository (preferred for newbie)

• Type the below command in terminal

sudo apt-get install libpam-google-authenticator

Method 2: Installing latest commit using Git

• Clone the official Google Authenticator OpenSource repository

git clone https://github.com/google/google-authenticator.git

• Change Directory to google-authenticator/libpam/

cd google-authenticator/libpam/

• To build Google Authenticator we first need to install prerequisite software 

sudo apt-get install dh-autoreconf build-essential libpam0g-dev

• Then run following command to build libpam-google-authenticator.

./bootstrap.sh
./configure
make
sudo make install

Note:While running running "make install" you must be root.

• For making it  functional on debian/ubuntu we need create softlink in /lib/ directory.

ln -s /usr/local/lib/security/ /lib/

Note:This will only install Google Authenticator PAM module on your system.You will have to configure PAM manually to work with SSH

Run Google Authenticator:

• Login as user you want to use two-step authentication with.Open Terminal and type google-autheticator command to create a secret key for that user and follow the instruction given below

• Google Authenticator  will generate and display secret key and several emergency code , write down emergency code in case you lose your phone . Also emergency code is stored in  home directory of user under  ~/.google_authenticator

Setting up Google Authenticator on phone:

• Enter the secret key or scan QR code in Google Authenticator app on your phone (official application is available for Android, IOS and Blackberry)
  

• Windows Phone user can use Authenticator App from Windows Store , and scan QR code generated in application or enter secret key manually.

Note:If you want to remotely login as multiple user you need to run setup for each user separately

Setting up Google Authenticator on Linux:

Warning:Before continuing further  be sure that you have setup Google Authenicator app on your phone with the secret key generated for your user.

• You need to enable google authenticator for ssh by editing /etc/pam.d/sshd file on your system by running following command

sudo nano /etc/pam.d/sshd

• Then add following line at end of file 

auth required pam_google_authenticator.so nullok

• Save the file by pressing Ctrl+O and Ctrl+X
• Next,open /etc/sshd/sshd_config file by running following command

sudo nano /etc/ssh/sshd_config

• Then find the ChallengeResponseAuthentication and edit it as follow and save it

ChallengeResponseAuthentication yes

Note::If ChallengeResponseAuthentication doesn't  exist in your sshd_config file then add above line to sshd_config file

Alternate:Instead of follwing above steps you can just copy paste following steps in the terminal

sudo -s
echo -e "#Google Authenticator for SSH\nauth required pam_google_authenticator.so nullok" >> /etc/pam.d/sshd
sed -i.bak -E -e 's/(ChallengeResponseAuthentication) no/  yes/' /etc/ssh/sshd_config

• Finally restart SSH shell

sudo service ssh restart

• Then try to ssh into your system using different system , you will be presented with below screen 

OpenFOAM 2.4.x Installation and Update Script for Ubuntu

Greetings foamers;
I have made a script which make installation of OpenFOAM 2.4.x on any Ubuntu distribution;
installation process is fairly easy.
Tested on Kubuntu 14.04 x64 .
The script also has update function which will help you get latest git commit and automate your build for the latest commit
Current support for Ubuntu 12.04 , 14.04 , 14.10 and 15.04
Installation steps are shown in video

If there is any error faced during installation please post here

PS:This is my first screen cast so please bear with me ; also my microphone is giving hissing noise so no audio for now . 

Download

Tutorial 1:Lid Driven Cavity in OpenFOAM using SALOME and Freecad

Hello foamers;
I have created a tutorial to replicate OpenFOAM's well known lid driven cavity tutorial using Salome(Mesh) and Freecad (Geometry) instead of blockMesh ; since as geometry becomes complicated so is to work with blockMesh.
Below is the link to pdf on my drive and also setup file
PDF:
https://drive.google.com/file/d/0B_BleKvium2jLWNDMEpvVWVrUXM/view?usp=sharing
Setup-File:
https://drive.google.com/file/d/0B_BleKvium2jeHdFRF9uNWg0cm8/view?usp=sharing
If you like more tutorials like this please comment below .

(Update)OpenFOAM 2.3.x ,Paraview 4.2.0 and pyFoam quick installation for Ubuntu 14.04 X86_ 64

This is updated version of OpenFOAM installation script link
Changelog:

• End-User has choice to install only OpenFOAM or with pyFoam
• Updated to git build version 2.3.x-88effc40ded8

For new user follow this step:

• Open directory where you have downloaded  OpenFOAM-2.3.x-88effc40ded8.tar.gz
• Extract file in current work directory 
• Change to OpenFOAM-2.3.x-88effc40ded8 directory
• Open Terminal in OpenFOAM-2.3.x-88effc40ded8
• Type in your terminal

            ./OpenFOAM_install.sh

• If you want to install in root file system ; you need to run in terminal before running the script (Proceed with caution.I am not responsible for any harm that comes to your system )

          sudo -s

• Close your terminal and open new terminal and type your alias like of23x

For old user :

• You need to delete previous installation from where you installed 
• remove alias of of230 or custom alias from ./bashrc by typing in terminal

          nano ~/.bashrc  

or use your any of favorite editor .

•   And follow steps for new users and you are good to go 

Report any error in comment section.

Download Link

OpenFOAM 2.3.0 and Paraview 4.2.0 for Ubuntu 14.04 x64

Hello fellow foamers;
As you know it is take a long  time for compiling OpenFOAM from source. To save the time in compiling and configuring , then actually learning about it , I precompiled OpenFOAM  with Paraview 4.2.0 installation for Ubuntu and created a script to install it on your Ubuntu Machine , (tested with Kubuntu 14.04)
Following are the steps you need to follow
1.Extract OpenFOAM.tar.gz
2.Type in terminal

chmod +x OpenFOAM_install.sh

3.Run the script in terminal and follow on screen instruction

./OpenFOAM_install.sh

4.If you are installing in computer file system run the script in root terminal by typing (Proceed with caution.I am not responsible for any harm that comes to your system )

sudo -s

 5.Close your terminal and open new terminal and type your alias like of230
Report any error in comment section.I will be making monthly build from OpenFOAM git repo 
PS:I have built OpenFOAM from latest git repository and paraview 4.2.0 with python support .I have also installed OpenFOAM in my system dir /opt/OpenFOAM no error and it worked fine.
The Installation has been update please refer the next post  

Download Link

How to update Aircrack-ng On Pwnpad

Hello guys as you know aircrack-ng suite has been updated after long 3 years wait . It has many bugs fixed like most prominent -1 channel error .  You can read the whole changelog on Aircrack-ng site
As update of latest aircrack-ng is not available on pwnpad officially . You can update it manually . By following simple steps
1.Open Root Shell and enter following command

 wget http://download.aircrack-ng.org/aircrack-ng-1.2-beta1.tar.gz
 tar -zxvf aircrack-ng-1.2-beta1.tar.gz
 cd aircrack-ng-1.2-beta1
 #removes channel -1 error
 make libnl=true
 make libnl=true install
 airodump-ng-oui-update

3.Done

Now enjoy latest aircrack-ng suite on Nexus 7 pwnpad

 If you still get  channel -1 error use solution given on Aircrack-ng 

• Patch you driver like explained in the wiki (Caution :Before Patching take a backup just for safety)
• Get the latest version of Aircrack-ng (1.2 Beta 1 or from our subversion repository) and use the option --ignore-negative-one

Youtube Video Downloader and Convertor for Linux

Have wanted to have Youtube video that you watched to be stored on your pc , so you can view it when you are offline, or ever liked a rare song that you would like to have on your mp3 player. Then Downverter is excellent tools for you folks out there using Linux.

Downverter give variety of option for conversion option . It supports downloading video directly in HD an HQ format .
It also automatically coverts You tube video so you can use it with your  iPod, PSP, Pocket PC or Mobile Phone .
Install can be done in  3 easy steps : 

• Download from the site http://www.downverter.com/ the  .deb file (As shown in image above)
• Change directory to where you have saved the file 
• Use the code

dpkg -i downverter-32.deb  

dpkg -i downverter-64.deb

Caution: I Have tested for ubuntu and Linux Mint . It should work on other debian system You can use .deb to .rpm converter for fedora but I am not 100% sure it will work . You can use similar methods for other linux to work.