sign in sign up
<<
Home , Awesome (window manager), Bluefish (software), Code folding, Dwm, Fluxbox, Geany

The content of this magazine is released under the Creative Commons Attribution-Share Alike 3.0 Unported license. For more information visit user http://creativecommons.org/licenses/by-sa/3.0

TM

Issue #1 - April 2009 EDITORS DESK ...... 2 COMMUNITY NEWS ...... 3 CHOOSING A DE/WM ...... 4 HARDENING SSH IN 60 SECONDS ...... 6 GAMERS CORNER ...... 9 TIPS & TRICKS ...... 10 PIMP MY ARCH ...... 11 SOFTWARE REVIEW ...... 12 Q&A ...... 14 EEDDIITTOORRSS DDEESSKK

Welcome to the first issue of Arch User Magazine! ARCH USER STAFF Daniel Griffiths (Ghost1227) ...... Editor ello, and thank you for picking up issue #1 of Arch User Magazine! While David Crouse (Crouse) ...... Contributor the vast majority of you probably know me (or have at least seen me H around the forums), I feel that I should take a moment to introduce myself.

My name is Daniel Griffiths, and I am a 26-year-old independent contractor in Delaware, US. Throughout my life, I have wandered through various / systems including (but not limited to) MINIX, RedHat, Mandrake, Slackware, Gentoo, , and even two home made distributions based on Linux From Scratch. I finally found Arch in 2007 and instantly fell in love with its elegant simplicity.

Some of our more attentive readers may note that Arch already has a monthly newsletter. With the existence of the aformentioned newsletter, what is the point of adding another news medium to the mix? Fear not, newsletter readers, I have no intention of letting Arch User Magazine take the place of the newsletter. In fact, Arch User Magazine and the newsletter are intended to fill two very different needs in the Arch community. While the newsletter gives you a glimpse into the of WHAT IS ? the Developers and the status of the distribution itself, Arch User is designed to Arch Linux is a lightweight, flexible Linux® showcase the community itself. distribution that tries to Keep It Simple.

As this is our first issue, I give you no assurances as to the continued release of Our strong community is diverse and Arch User Magazine. However, I do promise that as long as you, the community, helpful, and we pride ourselves on the continue to express interest, I will continue to write. range of skillsets and uses for Arch that stem from it. Please check out our forums Daniel Griffiths (Ghost1227) and mailing lists to get your feet wet. Also Editor, Arch User Magazine glance through our wiki if you want to [email protected] learn more about Arch.

2 NEWS CCOOMMMMUUNNIITTYY NNEEWWSS

Become a CLI black-belt line-fu is a community-driven site that been proven that Ada's program for allows users and administrators alike to calculating a sequence of Bernoulli Whether you are a struggling newbie or a share their favorite command line gems numbers would have run correctly, had it veteran CLI aficionado, most everyone and have them ranked by the community. If been given the chance. would agree that knowing the command you're looking to expand your knowledge of line is an important part of being a Linux the command line, this would be an The contributions of women in the field of user. But just how well do you really know excellent place to start! technology all too frequently remain forever it? Hopefully, every Arch user knows the unacknowledged. However, the ranks of "cd" command. Even the youngest users Source: female developers, designers, tech quickly learn that typing "cd ~" returns you http://www.commandlinefu.com journalists and consultants is steadily to your home directory. But how many of growing. A prime example of this you knew that the similar command "cd -" unfortunate oversight is the well known will return you to your previous working blog Lifehacker (http://lifehacker.com). directory? Ada Lovelace Day Lifehacker has quickly gained recognition and has been praised by several Most experienced users will recognize that For those of you who hadn't heard, March publications including TIME, Wired and PC prefacing a command with "!" will recall the 24th was Ada Lovelace Day. But what is Magazine. But did you know that last used instance of the referenced Ada Lovelace Day? It is an international Lifehacker was developed by female command. For example executing "!echo" day of blogging to draw attention to women Gina Trapani? I didn't. will retrieve the last time "echo" was used excelling in technology. Typically, Linux and rerun it. This is a wonderful trick, but users (as well as developers in general) Source: some users may be hesitant to use it for are know to be predominantly male. But http://www.findingada.com fear of accidentally running the wrong did you know that the first computer command and damaging their precious programmer was actually female? During system. Thankfully, there is an easy way the early 1840s (yes, I said the 1840s) the around this! Simply by affixing ":p" to the Lady Lovelace began writing programs for end of the command it will simply be her husbands proposed invention, the printed to the screen rather than actually Analytical Engine. run. What a lifesaver! Although Charles Babbage's Analytical Do I have your attention yet? Command- Engine was never actually built, it has since 3 CCHHOOOOSSIINNGG AA DDEE//WWMM BY DANIIEL J GRIIFFIITHS

At some point in time in the life of every Based on the toolkit, KDE (or designed to be a minimalistic alternative to Linux user, you will inevitably come across the K ) is KDE or GNOME. Weighing in at a tiny a situation in which you become probably the single most complete 15MB, is designed for productivity disillusioned with whichever Desktop DE available for Linux today. while also giving low memory systems all Environment or you are However, its complexity comes at a price. the advantages of a full DE without the using. Maybe you have been using KDE With a minimum install size of 210MB, cost. and want to slim your system down, or KDE weighs in as the largest mainstream maybe you use and are missing DE out there. Unlike Windows, that size While it is technically a window the pretty 3D effects that some of the isn't all unnecessary bloat. With its manager rather than a desktop bulkier options offer. Regardless of your on ease of use and outstanding graphic environment, another full featured situation, you may find yourself asking the design, not to mention a well supported option is . age-old question, 'which option is the best and complete suite of prepackaged Enlightenment features advanced graphics for me?' The recommended way to applications, KDE is an ideal system for libraries (read plenty of eye-candy) and an determine your best fit is to try them and beginners or users who impressive install size of only 15MB. decide for yourself, but there are a lot of prefer eye-candy to simplicity. Unfortunately, it also relies on a proprietary options out there and it can be a daunting toolkit, requiring you to additionally install (and time consuming) task. Henceforth, I If you like the idea of a full DE, but GTK or QT to use most of your favorite am going to try to help you narrow down not having such a large install, programs. Another downside is a very long your list of candidates. GNOME might be more to your release cycle and occasional stability liking. At roughly 180MB for a minimum issues. If you want something that doesn't The first step in deciding what best suits install, GNOME still packs a punch but is require much you is determining what you need. Are you definitely a step in the right direction for the tinkering, stay away from this one. looking for fancy graphics and space-conscious. Based on the GTK compositing? A Windows-like feel? Or are toolkit, GNOME shares a similar goal with In the category of floating window you trying for something more KDE, allowing a fully-featured interface managers, none is more popular minimalistic? If you want a little help with lots of eye-candy yet keeping a slightly than the *box family. Built off of the slimming down .your options, please read slimmer footprint and requiring less RAM to framework, the most popular on. run smoothly. variations today include and . While the default installation of A third option among the ranks of Blackbox and its derivatives skips things fully featured DEs is XFCE. Based that many users are accustomed to (such 4 CCHHOOOOSSIINNGG AA DDEE//WWMM BY DANIIEL J GRIIFFIITHS oversights are easily correctable through a Similarly to XMonad, the plethora of available extensions, addons, window manager was originally a and scripts. If you are looking for a fork of . Also like XMonad, it minimalistic system without losing the has far superseded its predecessor. floating window manager feel, the *box Although its ever-changing lua-based family may well fit the bill. configuration Awesome can be frustrating for new users, Awesome boasts a few firsts DWM is probably the smallest among tiling window managers (use of the window manager available, XCB to communicate with the X boasting less than 2000 lines server, support for the markup of code. Unfortunately, it's miniscule size language and -Bus) and a very dedicated comes at a cost. All user configuration is user base. done through the modification of a single header file. What does this mean? It So what is the best solution for you? You means that the slightest change in tell me! Decide what is most important to configuration requires a recompile of the you, try out the available options, and WM, making this an unlikely option for all maybe even learn a little bit along the way. but the most dedicated tinkerers. Of course, if you want to be really hardcore, get rid of the graphical interface Among the ranks of tiling window altogether and rely solely on screen and managers, XMonad is probably the the CLI interface. What's screen, you ask? most popular. Originally based on Check back with us next month for an DWM, XMonad has far outdone its article on the wonders of GNU screen and predecessor, allowing advanced just what it can do! configuration and dynamic extensibility through the Daniel Griffiths is Editor of Arch User language Haskell. While its dependancy on Magazine, a dedicated Arch user himself, Haskell makes XMonad the largest of the and uses the Awesome WM. For more info, tiling window managers, its relative stability head over to his website at and extensibility make it an excellent http://ghost1227.com choice for someone new to tiling. 5 HHAARRDDEENNIINNGG SSSSHH IINN 6600 SSEECCOONNDDSS BY DAVIID CROUSE

Before we even get started, it should be on the installation of OpenSSH at your machine, and exponentially decrease known that the number one security http://wiki.archlinux.org/index.php/SSH. If the chances you will ever have your measure you can have in place is a good you are totally unfamiliar with OpenSSH, system compromised by crackers. How username and password. read the wiki page to become more familiar easy is that? Edit one configuration file, with what it is and what it does. There are a harden your machine to the point of From the OpenSSH website: couple more files to configure in order to making it a useless target, all in less than "OpenSSH is a FREE version of the SSH make OpenSSH behave as expected, most 60 seconds. Sound too good to be true? suite of network connectivity tools that notably /etc/hosts.allow. This configuration Ok, so maybe 60 seconds is a stretch if increasing numbers of people on the file has the power to limit who can and can you have never edited this file before, but it Internet are coming to rely on. Many users not access your system via ssh, but for this really can take less than 60 seconds to of telnet, rlogin, ftp, and other such article we will concentrate on configuring make the changes. Now that you have programs might not realize that their one file, /etc/ssh/sshd_config. your goal set for you, read on. password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts Some of us live in a command line world, Here is an example that will be an eye all traffic (including passwords) to some don't. As an Arch user you are opener for some of you. effectively eliminate eavesdropping, probably at least somewhat familiar with connection hijacking, and other network- the command line, as it is almost a less /var/log/auth.log | grep fail level attacks." prerequisite for this distribution. Sometimes or things do get overlooked though, even by a lastb Installation of OpenSSH on Arch Linux is command line junkie. Security of your extremely simple. As root, issue the OpenSSH server is one of those things If your machine is connected to the net and command pacman -S openssh. that doesn't always get quite as much not behind a firewall, you're in for quite a attention as it probably should. Let's face it, surprise. I did a clean install once and let it Open the /etc/rc.conf file and in the there are just too many other fun things to run for five days without a firewall. Below daemon section add sshd to start the do with your machine. So in this article, we are the results. OpenSSH server daemon at boot time. offer some very simple suggestions for Now issue the command /etc/rc.d/sshd hardening OpenSSH. It doesn't take very wtmp begins Thu Jul 17 21:57:08 2008 start to start the daemon immediately. You much effort, or time, on your part to make a [root@VistaCrusher1 ~]# lastb | wc -l now have OpenSSH installed and running, huge difference in the security of your Arch 25349 but you should take the time to secure it as Linux system. In fact, making a few simple well! The Arch Linux wiki has a good page changes can greatly improve the security of This means that there were 25,349 failed 6 HHAARRDDEENNIINNGG SSSSHH IINN 6600 SSEECCOONNDDSS BY DAVIID CROUSE login attempts on my machine. No one #Port 22 anyone. Authentication requires both a ever got in, but it was very interesting to Port 20044 valid username and valid password. If they view the logs and grep the most used IP to can log in as root, half the battle is over for see who was doing what. Every port scanner on the planet knows them and they just have to find a correct that port 22 is the standard ssh port. In match on a password. Make them guess Your best friend when locking down fact, changing this one line will stop 99% of both, and if they manage to get in as a OpenSSH is the default sshd_config file. the port scans and hacking attempts user they still don't have root permissions. This file is normally located at through ssh. Yea, I sort of made up that Don't make it easy. Remember everyone /etc/ssh/sshd_config on Arch Linux number, but I know I'm close. Changing the preaching about "don't run as root?" Well machines. Before you do ANYTHING else, default port to a five or six digit port can don't login via ssh as root either. Setting it is suggested that you backup your take you from 25,000+ failed login attempts this line explicitly prevents this. configuration file. This can be done quite in five days, to zero in over two years. This simply by issuing the command doesn't affect the usefulness of your ssh SSH TWEAK #3 - MaxAuthTries 3 cp /etc/ssh/ssh_config{,-bak}. This server at all, and about the only thing it Look for the line that says "#MaxAuthTries makes quick work of starting over if might require is for you to forward a router 6." Uncomment it and set it to 3. something goes horribly wrong. Hey, it port to that machine. In fact, I do this happens to the best of us, and it is better to intentionally so that I can login to my three #MaxAuthTries 6 be overly cautious than to be reckless and machines easily. I set the port numbers for MaxAuthTries 3 lose time and data trying to recover the file ssh to three different numbers and have you just screwed up. So now that we have my router forward that port to the correct After three unsuccessful login attempts... our configuration file backed up, let's start machine. well, you get the idea. If you don't get it editing the /etc/ssh/sshd_config file! right in three attempts, you're out of luck. SSH TWEAK #2 - PermitRootLogin no Stopwatches please... Look for the line that says SSH TWEAK #4 - MaxSessions 10 "PermitRootLogin yes". Uncomment this Look for the line that says "#MaxSessions SSH TWEAK #1 - Port line and change it to no! 10" and uncomment that as well. ...and in my humble opinion, the very first thing you should change. #PermitRootLogin yes #MaxSessions 10 PermitRootLogin no MaxSessions 10 Change the port number from 22 to something else. There is no sense in making it easy for This option limits the maximum number of 7 HHAARRDDEENNIINNGG SSSSHH IINN 6600 SSEECCOONNDDSS BY DAVIID CROUSE

unauthenticated sessions. This will help So there are a few simple configuration keep someone from attempting to DDOS changes that are guaranteed to make your the server via ssh. box much safer. And that took what, 60 seconds to change those lines in 2009.02 ISO SSH TWEAK #5 - AllowUsers sshd_config? This is by no means the Set this. This one isn't in the sshd_config extent to which you can configure your RELEASED! file by default, but it's one of the better OpenSSH server. First, read man things to look at setting explicitly. Setting it sshd_config. I know, a big "duh," but I only allows listed users to login via ssh. would be remiss if I didn't include that Features: statement. There are lots of other cool AllowUsers johnsmith things you can do in there, but I'll leave that - Kernel 2.6.28 for you to discover. Just read the . This will allow ONLY johnsmith to login via - Full ext4 support ssh. Everyone else is denied access. Hopefully this article has provided you with - ISOLINUX version AllowUsers is a list of username patterns, some useful tips in securing your separated by spaces. So, if you have OpenSSH server. In all reality, it probably - Updated documentation multiple users, the config file would look took you longer to read this than it will to something like: edit your configuration file, so get to it! - Next generation installer Arch installation CDs are for new installations only. AllowUsers johnsmith user3 admin To upgrade an existing installation, use pacman -Syu. David Crouse is the founder of the USA SSH TWEAK #6 - Protocol 2 Linux Users Group (http://usalug.org) as Find and uncomment the protocol line and well as setting up the archlinux.us webmail GET IT NOW! set it to 2. service for Arch users. Keep an eye on AUM for more articles by David in the #Protocol 2,1 series "Living at the Command Line". Protocol 2

This means that only protocol 2 will be used, since protocol 1 is considered somewhat insecure. 8 GGAAMMEERRSS CCOORRNNEERR

One of the first things that every new Linux bit of a name for yourself user asks is "where are the games?" (through gunfighting, Unfortunately, the gaming industry has obviously) you will be able always been the single greatest stumbling to obtain new equipment block for the Linux community. Sure, we've through the in-game always had our share of games, but with purchasing system. One the plethora of 3D games available on of the first things you will Windows, somehow classics like abuse probably want to pick up and nethack just aren't cutting it any more. is a good boiler plate. And yet, there is hope! The Gamers Corner While it isn't modern body section of Arch User Magazine will be used armor, a boiler plate will to showcase some of the incredible games keep a few torso shots that are starting to appear on the Linux from hitting you, and in horizon. this game that can make a huge difference as there For Issue 1, we will be reviewing the first- are no health packs to be person shooter Smokin Guns. Based on found in the Wild West. the Quake 3 engine, Smokin Guns is a remarkable simulation of the old west. Six- Aside from the traditional shooters, long rifles, stagecoaches and the single player mode is little more than a deathmatch and team bank robberies are all faithfully recreated in deathmatch game. deathmatch game modes, Smokin Guns three dimensions. One of the most unique includes a bank robbery mode and a duel aspects of this game is a money system Thankfully, Smokin Guns more than mode which ensure that the gameplay is that allows for equipment purchase with redeems itself with an outstanding multi- plenty varied. reward money. player mode. After logging in (or starting a new game server), you will find yourself at Smokin Guns weapons, maps, models and Like most games of its type, Smokin Guns some random location on the map. sounds all contribute to an incredible features both single and multiplayer Regardless of what team you are playing gaming experience. Whether you are a fan gameplay. Unfortunately, the single player on, or which map has been selected, you of classic westerns, or are simply looking mode has been severely neglected. always start with a Remingon 58 six- for a new challenge, this game is definitely Lacking any sort of plot or any real quests, shooter and knife. Once you have made a worth a look! 9 TTIIPPSS && TTRRIICCKKSS

CREATING SECURE PASSWORDS remember, convertible password without password, it's just a matter of putting them sacrificing security? Here is one possible together to come up with a password that So everyone knows that passwords like option; build each password from two parts. is both easy to remember and secure! "bgAitb;Wgft!" or "[email protected]" are fairly safe, but who can remember them? PART 1 - STATIC COMPONENT Finally, don't forget to regularly change the You can! But how you ask? Your static component of your password. Using passwords are crucial to maintaining the You can make your password more secure this method, there are a virtually infinite integrity of your system and private data. by mixing different types of characters. A pool of possibilities from which to draw so Unfortunately, all too often users forget jumble of uppercase and lowercase, there should never be a need to re-use a their passwords. As a result, many people numbers and special characters can make password. Just be creative! use simple passwords such as a birthday, a password exceedingly difficult to figure address, pet name or similar. out. One way to accomplish this while making it easy to remember is pick a Got a useful tip or trick you'd like to share To anyone who might wish to gain access sentance and use the first letter of each with the community? How about an idea for to your system, this is akin to leaving the word to create your static component. an article or a particularly nifty screenshot? key under the welcome mat. Without any Drop us a line! real effort, a hacker can discover your "This password is for my account at information and try each of these archlinux.us" Gamers Corner potential passwords. becomes [email protected] "[email protected]" A second problem that affects even secure Pimp My Arch passwords is that users frequently use the [email protected] same password for everything. This means PART 2 - DYNAMIC COMPONENT that if someone does gain access to one Tips & Tricks piece of the puzzle, whether it be the This component can be easily defined by [email protected] actual computer, an email account, blog, or what the specific account is used for. In whatever, the rest of the pieces just fall into other words, for an email account, you General Submissions place and suddenly your life is an open might use something like "em" or "mail", a [email protected] book. bank account could be "bk" and a blog could be "bl". You get the idea. Now that Corrections So how does one come up with an easy to you have the two components of your [email protected] 10 PPIIMMPP MMYY AARRCCHH

I use Gnome with the -Darklime GTK and Oxygen- Refit 2 icons. Also in use are Gnome-Do, Docky, , and Screenlets. I use Awesome 3.1 with the standard Gnome iconset (sad, I know). Matt Runion (mrunion) The wallpaper is one of mine called "Awesome Arch" and is available from my website (http://ghost1227.com). All of my configs are available from (http://github.com/ghost1227).

Daniel Griffiths (Ghost1227)

11 SSOOFFTTWWAARREE RREEVVIIEEWW:: TTEEXXTT EEDDIITTOORRSS

SCITE http://www.scintilla.org/SciTE.html http://bluefish.openoffice.nl http://geany.org

This based editor was originally Bluefish is a powerful editor designed for Geany is a lightweight Integrated built solely to demonstrate SCIntilla. Since developers and web designers. Featuring Development Environment designed to its humble beginnings it has grown to be a for an incredible array provide a small and fast IDE with minimal generally useful editor with development of languages, Bluefish strives to be a lean dependencies. Featuring syntax support for building and running programs and clean editor and boasts that it uses 55- highlighting, , auto-closing as well as detailed syntax highlighting. Built 70% less memory than comparible editors. tags, code navigation, a built-in project on the GTK+ toolkit, SciTE is built to be Bluefish employs a multiple document manager and a complete build system, cross-platform, functioning well on both interface, project support, tag auto- Geany somehow manages to fit an various Linux distributions and Windows. completion and built-in support for remote impressive array of features into a Having virtually no dependencies and editing through -vfs. For those of us relatively small package. Extendable featuring an incredibly useful tabbed who constantly like to tinker, Bluefish through plugins, Geany ships with plugins interface, SciTE is the perfect option if you allows the user to specify custom dialogs that provide a classbuilder, export are looking for a full-featured, yet and keybinding to speed up the functionality, a sidebar filebrowser, HTML minimalistic . development process. External compiler characters, and window splitting. If that integration and a built-in function reference isn't enough, several additional plugins are To install SciTE, use the `` package in browser make this a formidable editor. If easily available through their website. [community]. you're looking for simplicity, this definitely Known to run under Linux, BSD, MacOS X, isn't it. However, if you need a full-featured AIX, Solaris and Windows, Geany is said development environment (or just want to to run on every platform that supports the try something different), than Bluefish just standard GTK libraries. might be right for you! To install Geany, use the `geany` package To install Bluefish, use the `bluefish` in [community]. Several plugins are also package in [extra]. available in the AUR.

12 SSOOFFTTWWAARREE RREEVVIIEEWW:: TTEEXXTT EEDDIITTOORRSS

GEDIT http://projects.gnome.org/gedit http://kate-editor.org/kate http://www.vim.org

As the official text editor of the GNOME Kate is a multi-document editor based on a Although we have focused thus far on GUI desktop, most users should recognize this rewritten version of kwrite. Now an official editors, this review would be incomplete one. Aimed at simplicity and ease of use, part of KDE, Kate offers all the features of without mentioning Vim. Vim ( IMproved) gedit is a powerful general purpose text its predecessor plus a slew of new ones. is the de-facto favorite text editor for editor. Its feature set currently includes Featuring window splitting and tabbing, developers and *nix users. Although it is configurable syntax highlighting, remote syntax highlighting, code folding, block notorious for its steep learning curve and editing, auto indentation, line numbers and selection, auto indentation and completion less-than-friendly , vim font support, although it is extendable and an integrated command line, Kate maintains a radically loyal fanbase due to through the use of a flexible plugin system. packs quite a punch. Like many other its efficiency, customization, and editors, Kate features a built-in plugin extensibility. If you are looking for features To install gedit, use the `gedit` package in architecture, so users can extend the more commonly found in a word processor [extra]. A set of plugins is also available for already impressive feature set to suit their like font support or WYSIWYG editing, gedit through the official repositories. You individual needs. If you are using GNOME steer clear of this one. On the flip side, can install them by using the `gedit- or a similar DE, or if you are looking for users might want to keep this one on hand plugins` and `gedit-plugins-extra` something minimalistic, this is definitely not to aid in the occasional system SNAFU. packages in [community]. Additional the editor for you. On the other hand, if you Among the ranks of console editors, vim is plugins may be available through the AUR. are already a KDE user, you probably won't definitely the best. need to look further than this for your editing needs. To install vim, use the `vim` package in [extra]. Numerous plugins are available If you use KDE, Kate is installed by default. through [extra], [community] and the AUR. If not, you will have to install the `kdesdk` package in [extra]. Several plugins are available through the AUR.

13 QQ&&AA

WHY AREN'T THERE ANY QUESTIONS HERE? DOESN'T THAT DEFEAT THE PURPOSE OF A QUESTION AND ANSWER SECTION?

Why yes! It does defeat the purpose of a question and answer section! However, given that this is the first issue and no questions have been asked, we have nothing to answer! If you have an Arch THIS SPACE FOR RENT related question (or Arch unrelated for that matter) feel free to ask! No, this space isn't really for rent. However, given the lack of questions (or submissions in general for that matter... what did you expect? Issue 1 is expected to be small) I had a nice, big space to fill. I figured ONLY FOURTEEN PAGES? ISN'T that at the very least, this would catch your attention and show you just how important your support is to THAT A BIT SHORT FOR A the continuation of Arch User Magazine. Please! Contribute! MAGAZINE?

Once again, as this is our first issue, we don't have a lot of content. As of now, Arch User is working with a bit of a skeleton staff. If you think you'd like to contribute (as a regular contributor or just passing along an idea) please feel free to contact us!

14