Search~# ip addr | grep -A 5 wlan10: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
IP configuration of your Wifi Stick for systemd-networkd
/etc/systemd/network/hostapd.network
[Match]
Name=wlan0
[Network]
Address=192.168.0.1/24
DHCPServer=yes
IPMasquerade=true
IPForward=true
[DHCPServer]
PoolOffset=100
PoolSize=20
EmitDNS=yes
DNS=your_dns_server
Autostart of hostapd
/etc/systemd/system/hostapd.service.d/override.conf
[Unit]
Requires=sys-subsystem-net-devices-wlan0.device systemd-networkd.service
After=sys-subsystem-net-devices-wlan0.device
BindsTo=sys-subsystem-net-devices-wlan0.device
[Install]
WantedBy=sys-subsystem-net-devices-wlan0.device
~# systemctl enable hostapdAutostop of hostapd
/etc/system/systemd-networkd.service.d/override.conf
[Unit]
After=hostapd.service
BindsTo=hostapd.service
[ view entry ] ( 9107 views ) | print article
iptables -t nat -A PREROUTING -p tcp -d THISIP --dport 80 -j DNAT --to-destination OTHERIP:80
iptables -t nat -A POSTROUTING -p tcp -d OTHERIP --dport 80 -j MASQUERADE
iptables -I FORWARD -p tcp -d OTHERIP --dport 80 -j ACCEPT
[ view entry ] ( 2816 views ) | print article
Install oathtool.
sudo apt-get install oathtool libpam-oath
Generate a secret.
export HEX_SECRET=$(head -10 /dev/urandom | md5sum | cut -b 1-30)
Generate the TOTP details, 6 digits long.
oathtool --verbose --totp $HEX_SECRET
Enter the base32 secret in Android FreeOTP.
Create and populate the /etc/security/users.oath file.
sudo bash -c "echo HOTP/T30 $USER - $HEX_SECRET >> /etc/security/users.oath"
sudo chmod 0600 /etc/security/users.oath
Forget the secret!
unset HEX_SECRET
prefix /etc/pam.d/sshd with
auth sufficient pam_oath.so usersfile=/etc/security/users.oath window=10 digits=6
Allow this in sshd and restart.
sudo sed -Ei -e 's/(ChallengeResponseAuthentication) no/\1 yes/' /etc/ssh/sshd_config
sudo service ssh restart
Test with
ssh localhost
You should see:
One-time password (OATH) for `USER':
To avoid otp for some users prefix /etc/pam.d/sshd with
auth [success=1 default=ignore] pam_succeed_if.so user in user1:user2
[ view entry ] ( 2052 views ) | print article
After plug in of a wifi usb stick linux act's as a hostap.
apt-get install isc-dhcp-server hostapd
changes in /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=MYSSID
country_code=AT
ieee80211d=1
hw_mode=g
channel=11
beacon_int=1000
dtim_period=20
ieee80211n=1
wpa=2
wpa_passphrase=MYPASSPHRASE
wpa_pairwise=TKIP CCMP
/etc/network/interfaces
iface wlan0 inet static
address 192.168.9.1
netmask 255.255.255.0
hostapd /etc/hostapd/hostapd.conf
up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
up /etc/init.d/isc-dhcp-server restart
down iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
down killall hostapd
first check vendor and product id with lsusb:
/etc/udev/rules.d/local.rules
ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="148f", ATTRS{idProduct}=="3070", \
RUN+="/sbin/ifup wlan0"
ACTION=="remove", SUBSYSTEM=="net", KERNEL=="wlan0", RUN+="/sbin/ifdown wlan0"On booting this does not work for me so i started the hostap by
/etc/rc.local
lsusb | grep -q "148f:3070" && /sbin/ifup wlan0
[ view entry ] ( 1531 views ) | print article
To minimize bandwidth for video streaming i have to transcode mjpeg to h264.
To do this on demand ffserver is no option for me.
Therefore a small cgi script on the webserver with ffmpeg did the trick:
#!/bin/bash
echo -e "Content-type: video/avi\n"
#ffmpeg -an -analyzeduration 0 -f mjpeg -r 8 -i http://IP_CAM:PORT \
# -c:v libx264 -preset ultrafast -r 8 -threads 2 -b:v 150k -f avi - 2>/dev/null &
avconv -an -analyzeduration 0 -f mjpeg -r 8 -i http://IP_CAM:PORT \
-c:v libx264 -pre ultrafast -r 8 -threads 2 -b:v 150k -f avi - 2>/dev/null &
pid=$!
trap "kill $pid" SIGTERM SIGPIPE
wait
[ view entry ] ( 2601 views ) | print article
<Back | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Next> Last>>