Author Archives: Loune

ext4 encryption, multiple filesystems and salt

Recently, I started to play around with ext4 transparent encryption. Following basic instructions from Arch Linux wiki, it was really easy to get it up and running. However, when using it with two ext4 filesystems, things get a little more complicated.

How to get the ext4 filesystem salt?

Each encryption enabled ext4 filesystem has a randomised salt. Salt is added to your key to thwart rainbow table attacks, especially with weak passwords. The salt for an ext4 filesystem is stored in the superblock and can be obtained with the dumpe2fs command:

# sudo dumpe2fs /dev/sdb2 | grep Salt
Encryption PW Salt: d24c7f08-5092-4b3a-9180-6ed8244513e8

Which key descriptor corresponds with which filesystem?

When using e4crypt add_key, you will get a separate descriptor for each mounted ext4 encryption enabled filesystem for the same password, due to different filesystems having different salt. Unfortunately it doesn’t say which descriptor was generated from which FS. However, you can determine this by providing the salt (obtained in the previous step) manually to the e4crypt command:

$ /usr/sbin/e4crypt add_key -S d24c7f08-5092-4b3a-9180-6ed8244513e8
Enter passphrase (echo disabled):
Added key with descriptor [9b9cf8b934f6d7bc]

It is important to know which key descriptor corresponds with which filesystem as if you used a descriptor with salt from filesystem 1 on filesystem 2, the descriptor will only ever be there if you add_key while filesystem 1 is mounted. Worse yet, if you reformat filesystem 1 and lose the salt, your filesystem 2 data will be gone forever.

To be safe, when you have multiple mounted filesystems with encryption, I would recommend always providing the salt when add_key.

Decoding the Oregon Scientific Remote Weather Temperature Sensor

A while ago, I bought a set of Oregon Scientific weather station on special. The package came with the clock and temperature display unit (BAR283) and a remote temperature sensor (RTHR328N), which is normally put outside of the house. The remote sensor then regularly sends temperature and humidity wirelessly to the display indoors. It has been a dream of mine to tap into the temperature data sent over the air and log it in database. Fortunately, there are a few tutorials online (jeelabs instructables) online and blog posts of people who have done the exact thing successfully.

Continue reading

Running shell (bash) commands in .NET Core C#

In a lot of languages and platforms, you can easily execute shell or bash commands – like using back tick for example in PHP:

`echo hello`;

In the .NET Core world, it’s a little bit more involved – so I wrote a helper class:

using System;
using System.Diagnostics;

    public static class ShellHelper
    {
        public static string Bash(this string cmd)
        {
            var escapedArgs = cmd.Replace("\"", "\\\"");
            
            var process = new Process()
            {
                StartInfo = new ProcessStartInfo
                {
                    FileName = "/bin/bash",
                    Arguments = $"-c \"{escapedArgs}\"",
                    RedirectStandardOutput = true,
                    UseShellExecute = false,
                    CreateNoWindow = true,
                }
            };

            process.Start();
            string result = process.StandardOutput.ReadToEnd();
            process.WaitForExit();

            return result;
        }
    }

It’s an extension method, so after importing the namespace (if different), you can use it like this:

var output = "ps aux".Bash();

output will contain the STDOUT of the result. Currently STDERR is not captured, but the above could easily be modified to do just that by changing the property RedirectStandardOutput and reading process.StandardError.

BLEduino for Arduino 1.6

For the past year or so, my BLEduino laid dormant in the cupboard. Yesterday, I decided to break it out for a new project. While I used Arduino 1.0.x for the BLEduino previously, I now have Arduino 1.6. Unfortunately, I discovered that BLEduino isn’t compatible with it – The hardware core files were for 1.0.x only. I tried to use 1.0.6 on my Mac OS X 10.11, but every time I tried uploading a sketch, the following error occurs:


processing.app.SerialException: Error touching serial port '/dev/tty.usbmodem1421'.
at processing.app.Serial.touchPort(Serial.java:123)
at processing.app.debug.AvrdudeUploader.uploadViaBootloader(AvrdudeUploader.java:203)
at processing.app.debug.AvrdudeUploader.uploadUsingPreferences(AvrdudeUploader.java:67)
at processing.app.Sketch.upload(Sketch.java:1666)
at processing.app.Sketch.exportApplet(Sketch.java:1622)
at processing.app.Sketch.exportApplet(Sketch.java:1594)
at processing.app.Editor$DefaultExportHandler.run(Editor.java:2382)
at java.lang.Thread.run(Thread.java:695)
Caused by: gnu.io.UnsupportedCommOperationException: Invalid Parameter
at gnu.io.RXTXPort.setSerialPortParams(RXTXPort.java:171)
at processing.app.Serial.touchPort(Serial.java:113)
... 7 more

A search on the internet seems to indicated that this was a bug in the Arduino IDE, fixed in 1.5 later versions. I decided the only way to resolve this issue is if I port the hardware core files from 1.0 to 1.6. Luckily enough, Arduino wiki provides a handy migration guide. Within half an hour, I got BLEduino working on Arduino 1.6. I’ve posted my changes on GitHub, for anybody interested: BLEduino Arduino 1.6 hardware files. Hopefully, someone finds this useful.

Using log4j2 (2.3) with Android

The versatile log4j is a popular logging framework for Java. Log4j 2 brings new advanced features and extensibility. Unfortunately, out of the box, it’s not very Android friendly. I spent a good day trying to perfect the usage and integration. Given the difficulties and workarounds required, I would hesitate to use Log4j2 for any Android project. This blog post is part commentary, part guide. If you really want to use it, check out my log4j2-android github for an example project. Hopefully this helps somebody out there.

Continue reading

Building an Android phone connected Door Bell with Light Blue Bean’s iBeacon

The Light Blue Bean built by Punch Through Design is a versatile Arduino device with Bluetooth Low Energy (BLE) built in. The Bean’s default 3v battery could typically last a month when running a minimal sketch. A door bell button is possibly the simplest arduino device you could possibly build. A press of the button would notify an android device through BLE that someone is at the door. This post will provide an idea on how this could be built using minimal power (on the Bean) and minimal code.

Continue reading

Issue with Xaml Designer – An error occurred loading this property page

So after installing Visual Studio 2015 Update 2, my Xaml Designer decided to stop working. Every time I open the designer by clicking on a xaml file, it would show an error dialog that says “Visual Studio has encountered an unexpected error.” – not very helpful. Going to the menu, Options > Xaml Designer > General property page would yield an error “An error occurred loading this property page”.

I then tried re-installing Visual Studio 2015. Same issue. I then tried opening Expression Blend, it doesn’t work, but I got a some more interesting clues – it tells me to check ActivityLog.xml – In it, there was a telling error:

SetSite failed for package [XamlDesignerPackage][This access control list is not in canonical form and therefore cannot be modified.

Basically my permissions were corrupted somewhere in some file. I had a hunch. A test by logging on to a fresh Windows user account and opening VS xaml editor confirmed that the issue was limited to my profile account. I tried remove all traces of Visual Studio from profile but removing the obvious AppData folder didn’t fix the issue. There were just too many places it hides files. As a last resort, I reset all permissions on my profile folder such that I was the owner and had write access and surprise! it works!! Now I know what to try next time.

Let’s Encrypt with Exim and Dovecot

Following my post on setting up Let’s Encrypt with nginx, I experimented with installing the certificates from letsencrypt on my mail server. It was surprisingly straightforward. The key was that the verification of the domain, which requires port 80 or port 443 to be accessible on the host of the mail server. I run a secure mail server with Dovecot and Exim. Since on the server, nothing was hosted on port 80, I used the standalone plugin that runs a temporary standalone HTTP server for letsencrypt / certbot to access:

Continue reading