Setting up Synergy 1.8.8 with SSL on OS X El Capitan as the server and Ubuntu 16.04 as the client

Synergy is a free and open source software (licensed under GPLv2) for sharing one keyboard and mouse between multiple computers. The source is hosted here on GitHub and the Synergy website provides compiled, installable releases with support for SSL encryption for a fee.

At work, I have a Macbook Pro laptop running OS X El Capitan and an Ubuntu 16.04 desktop connected to a monitor which I use daily. Working on two separate computers at the same time is laborious and thanks to Hiemanshu, I came to know about Synergy.

Eager to try it out, I built it from source after patching (to use the Qt installed on my Macbook using Macports) and with minimal configuration, I was able to get it to work. But since my computers were connected to the corporate network, I did not want my keystrokes to be sent through the network in plaintext. So till today, I used an SSH tunnel between my Macbook acting as the server and the Ubuntu desktop acting as a client. It was a little bit inconvenient having to setup the SSH tunnels every time and I didn’t want to use something like autossh.

Imho, in the post-Snowden era, any software sending sensitive plaintext data through the network is broken by design. Since Synergy is free software, I was hoping to patch it to allow SSL communication without requiring a license. With some help from the comments and pull requests on the Synergy GitHub repository and some additional tweaking, I was able to build Synergy 1.8.8 with support for SSL irrespective of the licensing status.

The following details of how I managed to do it are primarily for my reference and I am sharing it on my blog in the hope that it might be useful for others as well. That said, Synergy is a very useful free/libre software and I recommend purchasing a license to support the development. One of the Synergy developers has committed to enable SSL communication by default in the 2.0 version.

Steps to be followed on OS X El Capitan

  • Clone the Synergy GitHub repository from  and checkout the 1.8.8-stable branch
  • Apply this patch to fix the Qt related paths and also to enable SSL without license check. For Qt installed without using Macports, tweak the frameworkRootDir variable in the patch to point to the correct directory. Also tweak the path to the Info.plist to point to a valid path.
  • If the Mac OS X 10.11 SDK is not present under the /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs directory, Download it from this GitHub repository and copy it to that directory.
  • Install the dependencies of Synergy (cmake, qt5) using Macports.
  • Navigate to the top-level directory of the repository and run ./hm.sh conf -g2 --mac-sdk 10.12 --mac-identity ElCapitan where the current OS is El Capitan and the available default Mac OS X SDK is 10.12. Modify the parameters based on the available SDKs and the OS version.
  • After the previous command completes without errors, run ./hm.sh build to start the build process.
  • To create a Mac app, run ./hm.sh dist mac.
  • The Synergy.app is available under bin/Release/Synergy directory. Drag and drop it to the /Applications directory.
  • Create the SSL certificate needed by the Synergy server by running the following commands
    mkdir -p ~/.synergy/SSL/Fingerprints
    openssl req -x509 -nodes -days 365 -subj /CN=Synergy -newkey rsa:1024 -keyout ~/.synergy/SSL/Synergy.pem -out ~/.synergy/SSL/Synergy.pem
    openssl x509 -fingerprint -sha1 -noout -in ~/.synergy/SSL/Synergy.pem > ~/.synergy/SSL/Fingerprints/Local.txt
    mkdir -p ~/Library/Synergy/SSL/.
    cp ~/.synergy/SSL/Synergy.pem ~/Library/Synergy/SSL/.
    sed -e "s/.*=//" -i ~/.synergy/SSL/Fingerprints/Local.txt
    
  • Enable Accessibility permissions for the Synergy app from the Security and Privacy dialog under System Preferences.
  • Start the Synergy app and run it as a server. The app window should indicate that SSL is turned on and the logs should not have any errors.

Steps to be followed on Ubuntu 16.04

  • Clone the Synergy GitHub repository from  and checkout the 1.8.8-stable branch.
  • Apply this patch to fix the Qt related paths (not needed on Ubuntu) and also to enable SSL without license check.
  • Install the dependencies by running the following command
    sudo apt-get install cmake make g++ xorg-dev libqt4-dev libcurl4-openssl-dev libavahi-compat-libdnssd-dev libssl-dev libx11-dev
    
  • Navigate to the top-level synergy repository directory and run
    ./hm.sh conf -g1; ./hm.sh build; ./hm.sh; ./hm package deb
    

    This builds Synergy and creates a .deb package file under the bin directory.

  • Install the .deb file using dpkg.
  • Start the Synergy app from the Unity launcher (or alternatively using its full path).
  • Configure it as a client and set the server address to that of the computer running the server.
  • The app will display the server’s certificate fingerprint with a prompt to trust or reject it. Trust the fingerprint after carefully verifying it. If there are any errors with the server fingerprint or trusting it, copy the Local.txt file generated on the server and save it under ~/.synergy/SSL/Fingerprints and restart the client.

References:

Getting rid of Truecaller from Cyanogen OS 12.1

Cyngn has struck a deal with TrueCaller to integrate it with the default dialer app on Cyanogen OS 12.1. For a privacy-conscious person like me, it was totally unacceptable given the notorious reputation of TrueCaller. Read this post on XDA-Developers for more details.

Cyngn Logo

TrueCaller Logo

 

 

 

 

Here is how I got rid of TrueCaller. Before installing the OTA on my OnePlus One, I turned off mobile data and Wi-Fi so that I could prevent any internet access till I removed TrueCaller. The phone rebooted after installing the Cyanogen OS 12.1 OTA update (which has been pulled due to some issues at the time of writing this). Immediately after that, I opened the dialer and was prompted to enable TrueCaller. I refused it by selecting Not Now.

TrueCaller opt-in dialog

I also went into the settings menu of the dialer app to make sure there was nothing related to TrueCaller enabled by default. All this just disables TrueCaller but does not remove it entirely. Read on if you want to completely remove it.

Since the TrueCaller app does not show up in the App Drawer, go to Settings ? Apps ? All and scroll down to the TrueCaller Service app. Tap on it and uninstall it from the App Info page that shows up.

Uninstall TrueCaller App

Now your phone should be free of TrueCaller and its privacy issues. If you go to the settings menu of the dialer app, you can verify that there are no settings related to TrueCaller.

This should work for any device for which Cyanogen OS 12.1 is released.

In case you have a change of mind after doing this and want to reinstall TrueCaller, you can do that by navigating to /system/vendor/bundled-app/TrueCaller folder using the File Explorer app and installing the APK that is there. The /system/vendor/bundled-app/ folder contains the APK files for all the other pre-loaded (but removable) apps like Boxer, Browser as well.

Hope this helps 🙂

Enabling captive portal detection in GNOME 3.14 on Debian Jessie

GNOME 3.14 supports captive portal handling but it is not enabled by default in Debian Jessie probably due to the privacy concerns. To enable it, create a file /etc/NetworkManager/conf.d/20-connectivity-debian.conf with the following content:

[connectivity]
uri=http://network-test.debian.org/nm
response=NetworkManager is online
interval=300

Then restart NetworkManager using the command service network-manager restart as root user (or use sudo if your non-root user has sudo privileges). Once this is done, whenever you connect to a network with a captive portal, GNOME will automatically open the captive portal login page where you can login to get access to the internet. Please note that the requests to the connectivity test URL could be logged and be aware of its privacy implications though no personally identifiable information is sent.

This is very helpful for me since my ISP ACT Fibernet requires its users to login to its captive portal before allowing internet access. Hope this is helpful for others. The configuration given above tries to reach the specified URL once every 300 seconds and tries to open the captive portal login page if it is not reachable. This could cause the NetworkManager applet to try opening the login page if there are any issues with the internet connectivity. So feel free to tweak the interval according to your needs.

Disabling automatic download of software updates in GNOME 3.14 on Debian Jessie

GNOME Software application automatically downloads the packages to be updated and presents a notification in the notification area. It might be a good idea to disable it avoid excessive data usage on metered internet connections.

To do it from the command-line

$ gsettings set org.gnome.software download-updates false

Or open dconf-editor and navigate to

org -> gnome -> software

and unselect this key

download-updates

My contributions to Mozilla Input

 

Apart from writing Free/Libre Open Source Software, I have tried to contribute to existing ones whenever I can – mainly in the form reporting bugs, fixing documentation errors and so on. But I have always had the dream of making non-trivial contributions in addition to what I have been doing. In pursuit of that dream, I have been searching websites like OpenHatch for projects to contribute to, without finding a good starting point.

A few months back, I read somewhere (could be Hacker News, Planet Python or one of the many open source Planet feeds that I am subscribed to) about how the author made his first contribution to a Mozilla project. That inspired me to try and do something similar. So I went to the Bugs Ahoy website linked to from that article.

These days, almost all the code I write has been in Python and more often than not involves web development with Django. So I filtered the bugs using the criteria “Python” and “Simple bugs”. I looked at the summary of the listed bugs and tried to assess if I could fix any of them. There was a bug related to improving the 404 error page in a project called Input. I had never heard of the project before and only knew the popular Mozilla projects like Firefox, Thunderbird, Firefox OS. Still I decided to give it a try since the project was built using the Django web framework which I have used for my projects.

Firefox Input

I read the bug report and the comments and could see from the history that a lot of people took up the bug to work on, but never completed it. It was a mentored bug and Will Kahn-Greene, working for Mozilla, (whom I had known earlier as the person behind pyvideo.org) was the mentor. He had requested interested developers to contact him on #input channel on Mozilla’s IRC network.

Will Kahn-Greene
Will Kahn-Greene

I contacted him only to find that someone else had started working on the same bug a few days back. Will told me more about mentored bugs and how to find them. With his help, I browsed through the list of mentored and simple bugs in the Input project and picked up a bug that appeared easy to solve.

At that point, I didn’t even know what the project was about and hadn’t read its wonderful documentation. Once Will pointed me to it, I started reading immediately. I came to know that ‘Fjord’ is the software that runs Mozilla Input (that collects actionable feedback from various Mozilla products in different states of development and offers a set of analysis methods for looking at the resulting data). I had to setup the dev environment virtual machine using Vagrant (which I had only heard about before). I read the steps mentioned in the ‘Getting Started’ section of the docs and completed the setup, understanding each step in detail.

firefox-happy-sadWhen I was about to start assessing the code changes to be made, I saw that the VM was running Ubuntu 13.10 which had already reached end-of-life. I informed Will that I will fix it to use the LTS version of Ubuntu which is supported for 5 years from the time of its release. After reading up a little bit on Vagrant and with Will’s help, I made the fix and verified it. Will immediately reviewed my pull request and merged my first non-trivial contribution to any open source software that I had not developed.

Will encouraged me to help with other dev environment related bugs which some times involved just testing if things work. Slowly I was able to fix more issues surrounding the dev environment and even provide Will a few ideas in resolving some longstanding ones. Despite the encouraging beginning, I got distracted after about a fortnight and drifted off. It wasn’t until the beginning of this month that I regained some focus and wanted to contribute again to Fjord.

Will, as welcoming and encouraging as ever, helped me with fixing more bugs related to the development environment. Though Python and Django were the reasons that led me to Fjord, it wasn’t until 10+ merged commits that I even wrote a single line of Python 🙂 In the past week, I hung out on #input every night and informed Will regarding the things I wanted to work on. Then I did the code changes and sent pull requests. Will patiently reviewed all my changes and merged them. Whenever there were issues with my code, he helpfully suggested ways to fix them.

I wanted to continue doing this every day for as long as I could, but with Will’s year-end vacation coming up, I had to pause my contributions till the beginning of the next year. So I am eagerly waiting for the new year! 🙂

I have the annual year-end vacation from Christmas to New year and I intend to use some time to plan the work to be done in Fjord and also my own Xpens.

Whatever contributions that I have been able to make, I have to thank Will for being a tireless and enthusiastic mentor in spite of having his plate full. He has always encouraged and mentored me. He has nothing but praise for those who want to contribute to Fjord (case in point – see this and this). Without him, none of this would have been possible. I am glad and grateful to have such a great mentor! I hope to continue in the same vein and do much more and make a difference.

I hope my story inspires many more people to contribute to open source projects!

Moving away from Ubuntu after 5 years

Ubuntu’s Amazon search “feature” fiasco (Probably I have enough in my mind to write another big post) was the last thread in the straw for me. Switched to Debian Testing with GNOME 3. Surprisingly, GNOME 3 isn’t that bad at all and not much different from Unity. Yeah having to install extensions to achieve some functionality expected to be out of the box, is a bit weird, but is something you can live with.

One thing that isn’t quite up to the mark is the notifications system. Most of the commonly used applications in Ubuntu, like Pidgin, Thunderbird, Gwibber, Transmission, Empathy, make use of the notification system created by Ubuntu. In GNOME 3, that sadly isn’t the case. A lot of work still needs to be done in integrating the applications with the notification system.

Since I have a 8 mbps internet connection at home, installing the proprietary drivers for my NVIDIA GeForce 8600M GS graphics card and proprietary firmware for my Intel® PRO/Wireless 3945ABG wifi adapter was a breeze and went without any issues. I even tweaked GRUB’s resolution and enabled a cool bootsplash screen featuring the Joy theme.

All these years of using my laptop, a couple of times, I did try to move out of Ubuntu, but there was always something that made me come back to Ubuntu in no time. But this time I am having a good experience with Debian Wheezy and GNOME 3 and it’s highly unlikely I will come back to Ubuntu any time soon. Ciao Ubuntu, without doubt you were very good and worked without issues for me ever since I started with Feisty Fawn and I am very happy about that. But now it is time to go.

You have root? I have Debian!

P.S. It’s been a while since I wrote a blog post and to insert this image, I was struggling for minutes together to find the button to do it. It was on the top of the editor and not as a button in the toolbar as I was expecting 🙂

Welcome Ubuntu Oneiric Ocelot!

Ubuntu Oneiric Ocelot is out! I have used Ubuntu on my laptop since the 7.10 Gutsy Gibbon release and every release would get me excited like a kid would on seeing new toys. I would try to do a dist-upgrade or download the ISO image to install it using my USB drive. Ubuntu repositories would be under heavy load and I would egging my package manager to download all the packages faster and faster and it would be well past midnight by the time when I go to bod after I am done with the installation and setup.

This time things are way better. I already have Ubuntu Oneiric installed on my laptop! 🙂 I am spared of the downloads and the midnight tussles that I had to go through so that my laptop will have a spanking new Ubuntu to use the next day. But all this luxury didn’t come without pain.

Oneiric Ocelot

 

When I installed Oneiric Ocelot beta 1 release, the Unity port to Gnome 3 was totally broken and unusable. Most actions done on the desktop would cause Unity, Compiz or some GNOME 3 component to crash. There was also a serious issue of focus change between open windows and the desktop wherein switching between windows was not possible at all.  All I could do with the desktop was to report bugs. There started a marathon of non-stop bug reports and daily updates which were often more than 50 MB in size. I cursed Ubuntu like anything on social networks and had lengthy arguments with my friends over there. I reported more than 50 bugs most of which were centered on Unity and Compiz. There was a provision to install a Classic GNOME fallback mode, but it was more of an emulation layer on top of GNOME 3.x and not a full-fledge GNOME 2.x environment. When I decided to try GNOME shell, I found that it had too many rough edges and wasn’t integrated properly with Ubuntu.

All this led to a stage where I almost decided to quit Ubuntu for good. But wait, did I have an alternative distro that I could switch to? Nope. Debian and Fedora were the only candidates that I was considering. Being used to the Debian world for so long, Fedora didn’t excite me enough. Debian? Debian would be good, but a lot of effort would be required to get it working with my nVidia graphics card by installing the proprietary drivers. Nouveau is a promising project that aims to provide libre drivers for nVidia, but isn’t fully mature yet and has its share of issues. Also with Debian stable, I would be lagging behind the latest releases of most of the software. I could install “testing” or “sid” if I wanted to live on the bleeding edge, but the experience with Ubuntu Oneiric Ocelot beta left me hesitant to proceed in that direction though Debian would be way more stable. So I just decided to wait a bit for the bugs to get fixed and things to improve. Things did improve gradually with the daily updates which some times introduced new bugs. That the Ubuntu team was working in full swing towards a release free of critical and usability bugs was obviously visible while observing the bug transitions and updates. About 2-3 days back, the updates stopped as expected and Oneiric Ocelot was ready to gallop towards today’s grand release. And with today’s release, Ubuntu has succeeded in bringing a very good release that sets an exciting road-map for the upcoming LTS release aptly named “Precise Pangolin” due for release next April. My hearty congratulations to all those who made awesome release possible, contributing in myriad ways.

Will I try Precise Pangolin in its beta stage? Of course I will 🙂

Tremendous growth of GNU/Linux

I have been GNU/Linux user for the past couple of years and when I look back to see how much it has progressed, I can only gape in awe. I use Ubuntu in my laptop and Debian elsewhere and am familiar with these distros ( I badly want to try RedHat-based distros too! ), still when I came across this page http://bit.ly/6DUUBk which shows the wide range of nice software tools available for Ubuntu 9.10, I was surprised I didn’t know about most of the stuff though I have used Ubuntu for a long time, that too now I was using the latest Ubuntu Karmic Koala. I realized yet again of how little I knew though I often thought too much of myself.

Whatever software is there for the Windows platform, there are abundant equivalents that are at least as good in FLOSS and GNU/Linux world. There are also software for doing things which are impossible in a Windows environment which is GNU ecosystem’s niche. So am really glad that I got into FLOSS ecosystem and without doubt am benefiting hugely from its tremendous growth.

FStival’07!

Today we celebrated Software Freedom Day in our college. We had a talk on FOSS and GNU/Linux by Mr.Praveen Krishnamoorthy, a FOSS enthusiast and a distinguished alumnus of our college. There was also a demonstration on the installation of Ubuntu Linux by Mahesh of 3rd year and the features of Ubuntu were demonstrated by Mr.Subramani, another alumnus, who along with Mr.Senthil, answered the queries of the audience. We had a T-Shirt designed for this year’s FStival and almost all of the guys involved, wore it.

Then a lot of students from schools in Madurai and the students from the other department visited the halls in the CSE department where there were demo stalls on various GNU/Linux tools. I, alongwith Venkatachalam and Raju, hosted a stall on LaTeX, a powerful typesetting language. It was fun demoing stalls to the visitors. The other stalls were GIMP by J.Aravind, Krishnakumar, Content Management System by K.Manikandan, Vi by S.Anugraha and co., Blender by Deepika and co., Emacs by M.P.Aravinth and co., and so on. The demo stalls were open for about 2 1/2 hours and then we closed them. My only regret was that I couldn’t visit other stalls.I visited the Blender stall i the midst of an explantion and it was very attractive to me as I was already very much interested in 3d animation and 3Ds max.Even when Blessings came to near my stall, it was about to be closed and I was explaining seriously to seniors visiting my stall and when I was done with it, Blessings was nowhere to be found there.

When I went to the Microprocessor Lab, Blessings and co., had closed their stall and were leaving. All the other stalls i visited thereafter were closed and I was a bit disappointed as I had thought that the stalls would’ve been open till evening.

Then we brought back all the computers to the PP lab and connected them. Then we had a photo session with Senthil anna, Bala anna and Ravishankar anna shooting pics with their camera. Then we walked our way out of the college, as a group with a lot of cheerful talking. Today has been an unforgettable day in my life.