Lindqvist -- a blog about Linux and Science. Mostly.: linux

Showing posts with label linux. Show all posts

02 October 2012

251. Isotopic pattern and molecular weight calculator in Python for Linux

UPDATE: I've moved this code to https://sourceforge.net/projects/pyisocalc/

I'm not answering questions about this code -- it's a work in progress (updated every other day) and if you can't figure out how to use it on your own, you're not the (currently) intended audience. For example, I've only had time to add a small subsection of the elements.

I originally implemented a very different solution -- a very exact and shiny one. The problem is that the number of permutations increases too rapidly, so that anything larger than e.g. B3(NO3)4 would use up 8 GB of RAM or more. 'Easy' molecules like C18 didn't use that much RAM, but still introduced a noticeable delay. Trimming the list of permutations introduces errors (small, hopefully) but speeds things up orders of magnitude.

In other words: this calculator is moderately fast (python), and very accurate (as far as I can tell). As I keep on looking at more and more complex examples for validation I find that I need to introduce various trimming functions to keep the matrices small.

Having said that, it's still kind of neat. Here's RuCl5^2- by my program and Matt Monroe's calculator (which I trust):

Monroe's output:

And plotting on top (scaled Monroe's by 1.08 to compensate for the error in scaling in Monroe's program which gives 108% abundance):

I removed the figures of W6O19^- since the error in the y axis scale in Monroe's program (went to 120%) made it a less good example, and the list of peaks is too long for easy comparison.
Here's another figure:

A hypothetical W6^- molecule

Anyway, here are a couple of syntax examples:

  Usage:
 ./isocalc 'Al2(NO3)3'
 ./isocalc 'Al2(NO3)3' -1
 ./isocalc 'Al2(NO3)3' -1 output.dat
 ./isocalc Al2N3O9 
  ./isocalc Al(NO3)3(OH)1
  ./isocalc Al(NO3)3(OH)
./isocalc Al

See here for the source code:
https://sourceforge.net/projects/pyisocalc/

28 September 2012

248. Matt Monroe's Molecular Weight Calculator under Wine on Linux

I've downloaded the source code to Matt Monroe's molecular weight calculator in the past, and having replaced wsearch32 (+wine) with OpenChrom I figured I'd go online, download it and see what Mono can do for me. I had a vague recollection that the source code was only freely available online for a short while, and as it turns out I couldn't find it this time.

Anyway, not finding the source code I decided to update my Molecular Weight calculator from version 6.46 to 6.49 which (finally) allows you to set the charge of an ion WITHOUT having the mass of a H+ added for each charge. It's not difficult to compensate for, but it's always confusing to new students.

1. Install Wine and winetricks, add dlls
You can either install wine from the repos (old version)
sudo apt-get install wine-bin

Or you can download a newer, unstable version from dev.carbon-project.org:
http://verahill.blogspot.com.au/2012/01/debian-testingwheezy-64-bit-installing.html

Or you can compile your own:
http://verahill.blogspot.com.au/2013/01/308-compiling-wine-1521-on-debian.html

The mono step was a right headache and would fail unless I nuked everything winetricks and wine knew about each other/

To get winetricks and set everything up:


sudo apt-get install cabextract

wget http://winetricks.org/winetricks
sudo mv winetricks /usr/local/bin/
sudo chmod +x /usr/local/bin/winetricks
wget http://downloads.sourceforge.net/project/wine/Wine%20Mono/0.0.4/wine-mono-0.0.4.msi
wine msiexec /i wine-mono-0.0.4.msi

You're now asked whether to download and install mono...sigh...more often that not this has failed in the past.

winetricks vcrun6sp6

Download the file from the browser window that just opened

cd ~/.cache/winetricks/vcrun6sp6

mv ~/Downloads/Vs6sp6.exe .
winetricks vcrun6sp6
winetricks corefonts
winetricks riched30
wine uninstaller --remove '{E45D8920-A758-4088-B6C6-31DBB276992E}'
winetricks dotnet20
cd ~/.cache/winetricks/dotnet20/
mv ~/Downloads/dotnetfx.exe .
winetricks dotnet20

Ignore this error. Installation will take a while after that. Have patience. Like 10 minutes kind of patience.

And finally:

winetricks wsh57

2. Download the molecular weight calculator and install
If you go to http://www.alchemistmatt.com/mwtwin.html
you get redirected to here: http://omics.pnl.gov/software/MWCalculator.php

cd ~/tmp
mkdir molw
cd molw/
wget http://omics.pnl.gov/installers/MolecularWeightCalculator_Installer.zip
wget http://omics.pnl.gov/installers/MwtWinDll_SourceAndSupportingDLLs.zip
ls *.zip|xargs -I {} unzip {}
unzip MwtWinDll_Source_v3.4.4518.zip

You'll get some warning about Revisionhistory.txt etc. being overwritten. That's fine.

Launch the install with
wine msiexec /i MolecularWeightCalculator.msi

If you try to launch the mol weight calculator at this point you'll get an error about a missing MwtWinDLL.dll:

So sort that out:

cd ~/tmp/molw/bin
regsvr32 MwtWinDll.dll

Successfully registered DLL MwtWinDll.dll

[If I tried to copy the dll to the wine structure first and register that copy I got:

DllRegisterServer not implemented in DLL C:\windows\system\MwtWinDll.dll]

If it seems weird to install wine-mono and then remove it as is done above, it's to get around a bug which causes dotnet20 installation to fail/

Anyway, you're pretty much done:
wine ~/.wine/drive_c/Program\ Files/Molecular\ Weight\ Calculator/mwtwin.exe

Yay!

Comment:
Getting there was a bit of a trek, passing though a whole lot of different sets of dlls:
winetricks msflxgrd

winetricks vcrun2005
winetricks vb6run
winetricks mdac28
winetricks comctl32ocx

winetricks comctl32

The solution above should suffice though.

I even ended up installing mol weight calc on a windows box and using dependency walker, but not even that sorted it out -- googling for scrrun did it in the end.

In particular this last error was bloody annoying:

"Object doesn't support this action." What, saving?

"Error saving default options file. Use the /X switch at the command line to prevent this error."

But it was solved by doing winetricks wsh57

27 September 2012

247. Setting up Openchrom (and using it to open Agilent .D ESI-MS files on Linux)

I've been using Wsearch (http://www.wsearch.com.au/wsearch32/wsearch32.htm) to process agilent chemstation ESI-MS spectra for the past few years. It and Matt Monroe's Molecular Weight calculator (why, oh why is there no comparable molecular weight calculator for linux?) have been the only two reasons why I've bother with Wine under Linux. Openchrom is written in java and so will run on both Good (Linux) and Evil (OS X and Win) operating systems.

Having finally discovered openchrom (v 0.6 so still early days) I can now finally retire wsearch from my own computers (it's still a good piece of software, but it's crippled to encourage the purchasing of a 'full' version, and I've had no luck purchasing a license from the author in spite of having tried several times during the past couple of years). OpenChrom can export an entire agilent experiment as a '3D' csv file which makes processing a lot more fun.

As an aside: I hate proprietary file formats since they prevent me from using my own tools (cat, sed, gawk, gnuplot, octave) when processing -- or at a minimum make it more difficult. Most universities and grant agencies now add a provision regarding data management in their grant acceptance agreements/work conduct policies. In general these provisions state that the data shall be made available publicly and /or managed by a university repository. What is REALLY missing is a clause about using open formats -- and that should be taken into account when acquiring new instrumentation. All else being equal, an instrument which is 'open' will be a lot cheaper to manage in the long run since you won't have to feel locked in in terms of software. That's incidentally a reason why I like Metrohm since they provide details of their RS-232 interface allowing you to write your own software.

Anyway, here's how to get set up:

1. Install Java v1.7 (need > 1.6)
You can either use openjdk 7 or (Oracle) Java. See here for a general guide to installing Oracle/Sun Java.

As for openjdk, you can easily install it:
sudo apt-get install openjdk-7-jdk

(the openjdk-7-jre package is enough if you don't want the full developer's kit)

Anyway.

Make sure that you've selected the right version:

 sudo update-alternatives --config java
There are 7 choices for the alternative java (providing /usr/bin/java).

  Selection    Path                                            Priority   Status
------------------------------------------------------------
  0            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      auto mode
  1            /usr/bin/gij-4.4                                 1044      manual mode
  2            /usr/bin/gij-4.6                                 1046      manual mode
  3            /usr/bin/gij-4.7                                 1047      manual mode
  4            /usr/lib/jvm/j2re1.6-oracle/bin/java             314       manual mode
  5            /usr/lib/jvm/j2sdk1.6-oracle/jre/bin/java        315       manual mode
  6            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      manual mode
 *7            /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java   1051      manual mode

2. Get openchrom

cd ~/tmp

wget http://sourceforge.net/projects/openchrom/files/REL-0.6.0/openchrom_linux.gtk.x86_64_0.6.0.zip

unzip openchrom_linux.gtk.x86_64_0.6.0.zip

cd linux.gtk.x86_64/OpenChrom/

sudo mkdir /opt/openchrom

sudo chown $USER /opt/openchrom

cp * -R /opt/openchrom

chmod +x /opt/openchrom/openchrom

Stick

alias openchrom='/opt/openchrom/openchrom'

in your ~/.bashrc and source it.

3. Get plugins
On first boot you're asked whether you want to get additional plugins using the 'Openchrom marketplace'. Since I'm mainly processing data from an Agilent ESI-MS, I wanted the plugin for Agilent files. The website says that you need a license key for plugins BUT that it's free to register for one.

This is a 30-days trial version. Afterwards, you need a valid serial key.
You can get a free serial key after registration on http://www.openchrom.net.
You can use the converter for commercial or non-commercial purposes free of charge, but you are not allowed to redistribute this software without my permission.

Note, that clicking on links on the website didn't lead me to a link to download the plugin. Instead, in OpenChrom click on the Plug-ins menu:

As always, make sure you trust your suppliers.

And then you're done installing.

There's nothing odd about registering other than this: you will receive an email with a confirmation of your registration in clear text WITH YOUR PASSWORD. So...be aware of that.

4. You can now browse in the tree to the left and select your .D folder:

There's a bit of clever thinking when it comes to the functionality of the program. The upside of this I think will eventually be that it's easy to get a consistent experience for a set of users (not unimportant for a research group). The downside is that it's a bit clunky getting started. Play with it for an hour and you'll get the hang of it, so it's not really that much of a hurdle. Also, too many options seem to be context sensitive -- I am having real trouble finding various options under the 'Accurate' perspective which I can find under the 'default' perspective.

5. Some comments:

It's still early days for OpenChrom (v 0.6) , and there are a few minor issues which may or may not affect you:

* Registration keys. They are easy enough to get (register online, log in, click on the plug in online that you want and you'll see the key), but if you have installed a new plug in and open your first spectrum right after that you'll be asked for registration keys. It won't tell you for which plug in the dialogue you're seeing is though, so if you've just installed three different plug ins you'll have to do some trial-and-error. This is fixed in the upcoming version.

* Raw/gaussian plot of mass spectrum. This took a while to figure out, but you have to use perspectives. The default (heavily zoomed in) view looks like this:

This might be good enough for those organic types...us 108 element inorganic types want more detail

If you go to the top right corner, click on 'other' (perspectives)

and select accurate you get

Bingo!

And then there's the obligatory wish list:

* A good quality isotopic pattern calculator would be nice. Anyone who has compared the output from different pieces of software will have discovered that different calculators may yield very different patterns. I think some of it boils down to truncation rather than incorrect isotopic ratios, but that just highlights how difficult it can be to implement a seemingly simple concept. The only calculator which I trust AND find useful is Matt Monroe's calculator -- the predicted patterns look good, and you get proper Gaussian broadening which means that it looks 'right'. This would be perfect as a plug-in. If only I knew how to properly implement it...

* A good quality ion generator -- some pieces of software (Hi Matt) allow you to select a handful of elements or fragments, pick a range of charges, input an m/z value and based on that spits out a list over possible identities for your signal. It's a good thing to have by your side the first time you look at a complex mixture trying to figure out what products may be present. This would be perfect as a plug-in. I've written this type of programmes before, but in python using for-loops...a vectorized version should be faster and maybe even easier to write.

13 September 2012

234. CPMD with netlib lapack, blas and your own fftw on debian testing

This is a minor update to my previous post on CPMD. Back in the days I had issue linking to my Openblas libs (got a binary which would not run properly) but I've since had success with the netlib lapack and blas libs.

1. Compile the netlib lapack and blas libraries according to this post: http://verahill.blogspot.com.au/2012/09/compiling-netlibs-lapack-and-blas-on.html

2. Compile the fftw libraries according to this post (ignore the sections on Openblas and Gromacs):
http://verahill.blogspot.com.au/2012/05/gromacs-with-external-fftw3-and-blas-on.html

3. Compile CPMD. We'll be following this post in large parts.
Register with cpmd.org. Once you're approved download the cpmd source to ~/tmp.

sudo apt-get install libopenmpi-dev openmpi-bin

cd ~/tmp
tar -xvf cpmd-v3_15_3.tar.gz
cd CPMD/CONFIGURE

Create the file LINUX-x86_64-DEBIAN:

   
     IRAT=2
     CFLAGS='-c -O2 -Wall'
     CPP='/lib/cpp -P -C -traditional'
     CPPFLAGS='-D__Linux -D__PGI -D__GNU -DFFT_FFTW3 -DPARALLEL -DPOINTER8'
     FFLAGS='-c -O2 -fcray-pointer -fno-whole-file -fsecond-underscore'
     LFLAGS='-l:/opt/fftw/fftw-3.3.2/double/lib/libfftw3.a -l:/opt/fftw/fftw-3.3.2/double/lib/libfftw3_mpi.a -l:/opt/fftw/fftw-3.3.2/double/lib/libfftw3_threads.a -I/usr/include -l:/opt/netlib/blas/lib/libnetblas.so -l:/opt/netlib/lapack/lib/liblapack.so -lpthread -lmpi'
     FFLAGS_GROMOS='  $(FFLAGS)' 
      FC='mpif77 -fbounds-check'
      CC='mpicc'
      LD='mpif77 -fbounds-check'

Next edit ~/tmp/CPMD/wfnio.F and change the following lines:

 15       CHARACTER(len=*) TAG
 63         IF(TAG(1:2).EQ.'NI') THEN
201       IF(TAG(1:2).NE.'NI') THEN
271         IF(TAG(1:2).EQ.'NI') THEN

Now, in ~/tmp/CPMD, run

./mkconfig.sh LINUX-x86_64-DEBIAN > Makefile
make
sudo mkdir /opt/cpmd
sudo chown $USER /opt/cpmd
cp cpmd.x /opt/cpmd

And follow everything below 'Done! Almost.' in this post: http://verahill.blogspot.com.au/2012/07/not-solved-compiling-cpmd-on-debian.html

21 August 2012

223. Moving disks, devices from one box to another -- issues with network interfaces

Long story short: edit /etc/udev/rules.d/70-persistent-net.rules

Long story:
I have a very small beowulf cluster keeping my office warm in these antipodean winter months. For some silly reason I was using the front node, a six core + 8 Gb box, as my daily desktop. That of course meant I wasn't really using it for computations. In addition to the front node I have a four core i5-somethingorother with 8 Gb RAM (fast!) and a slovenly AMD X3 /4 Gb to actually run the jobs. They are connected via a gigabit switch (192.168.1.0/24) for nfs exports and a 10/100 router (192.168.2.0/24) for WAN access.

I finally decided that 1) I didn't need a six-core box to prepare latex documents, run octave jobs and make pretty gnuplot plots and that 2) having a slow 3-core AMD box to run heavy nwchem jobs was not fast enough. On the other hand, I didn't want to set up/reinstall/move all my stuff from one harddrive to another.

Linux is wonderful in that it's often just a case of ripping out a harddrive and moving it to a different physical. Windows will scream bloody murder, but linux normally does it pretty well. Same here.

The main issue was the three network cards that I wanted to set up (three separate subnets) and which I configure via /etc/network/interfaces. I simply couldn't call the networks cards what I wanted.

Well, as is obvious in hindsight, you should pay a visit to /etc/udev, and more specifically, /etc/udev/rules.d/70-persistent-net.rules

It looks something like this:

# This file was automatically generated by the /lib/udev/write_net_rules# program, run by the persistent-net-generator.rules rules file.## You can modify it, as long as you keep each rule on a single# line, and change only the value of the NAME= key.
# PCI device 0x10ec:0x8168 (r8169)SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:YY:XX:96:XX:32", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:XX:YY:83:0a:48", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:XX:YY:64:0b:46", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"
# PCI device 0x1814:0x3062 (rt2860)SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="c8:YY:XX:cf:1f:5d", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="ra*", NAME="ra0"
# USB device 0x:0x (rt2800usb)SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="c8:YY:XX:c8:91:e6", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*", NAME="wlan0"

Basically, make sure you can figure out the mac addresses of the different network cards (ip addr helped me more than ifconfig) you can simply go in and edit the ATTR{address}=="" statements and the NAME="" variables. Make sure that there are no conflicts, obviously.

After that, everything should be fine.

If you are using network-manager (i.e. stock GNOME setup) then you will want to pay attention to the /etc/NetworkManager/system-connections/ as well -- open and edit suspiciously named files like e.g. eth0.

They'll look like this:

[802-3-ethernet]
duplex=full
mac-address=00:YY:XX:96:93:32
[connection]
id=eth0
uuid=fa5YYYY-XXXX-43a3-8502-f8ba2d28ZZZZ
type=802-3-ethernet
timestamp=1326324509
[ipv6]
method=auto
[ipv4]
method=auto

19 July 2012

209. Quantum Espresso on Debian

Quantum Espresso seems to be a fairly capable software package for ab initio QM and MD calculations. In their own words:
"Quantum ESPRESSO is an integrated suite of Open-Source computer codes for electronic-structure calculations and materials modeling at the nanoscale.It is based on density-functional theory, plane waves, and pseudopotentials."

Reading between the lines it seems to be particularly geared towards solid state simulations, but given that I haven't used it much (I'm just an interested observer), you may take that statement with a grain of salt.

Anyway. Here's how to get it up and running.
Don't ask me how to USE these pieces of software though. For that, read the documentation at the Quantum Espresso website or look in /opt/QE/Doc

The download page can be found here: http://qe-forge.org/frs/?group_id=10. You won't need all the packages, since the espresso-5.0.tar.gz bundles most of them.

1. Housekeeping:
sudo mkdir /opt/QE
sudo chown $USER /opt/QE
mkdir ~/tmp/QE -p
cd ~/tmp/QE

2. Downloading:
wget http://qe-forge.org/frs/download.php/211/espresso-5.0.tar.gz
wget http://qe-forge.org/frs/download.php/214/PWgui-5.0.tgz
wget http://qe-forge.org/frs/download.php/204/xspectra-5.0.tar.gz

3. Extraction:
tar xvf espresso-5.0.tar.gz
tar xvf PWgui-5.0.tgz
tar xvf xspectra-5.0.tar.gz

4. Compilation:
cd espresso-5.0/

Edit environment_variables and set them to e.g.

PREFIX=/opt/QE
TMP_DIR=/scratch
PARA_PREFIX=" mpirun -n 3"

Don't know if any of those params are ever read though.

The following parameters will depend on your system. I tried compiling with openblas without luck. who knows? It might be due to mixing debian fftw3 and my own openblas.

Instead, install libblas-dev, libfftw3-dev, libopenmpi-dev etc.

./configure --prefix=/opt/QE/bin --exec-prefix=/opt/QE/bin/ FC=mpif90 BLAS_LIBS=-lblas LIBS="-lmpi -lopen-rte -lopen-pal -ldl -lmpi_f77 -lpthread" CPPFLAGS="-I/usr/lib/openmpi/include"
cd PW/
make

cd ../
make all -j5
echo 'export PATH=$PATH:/opt/QE/bin' >>~/.bashrc
echo 'export PSEUDO_DIR=/opt/QE/pseudo' >>~/.bashrc
(replace 5 with the number of cores you compile with +1)

cp * -R /opt/QE/
source ~/.bashrc

For some reason I had to move everything by hand. Oh well.

[It should be enough to set the env var PSEUDO_DIR to point at /opt/QE/pseudo, but it didn't work for me. Instead I symmlinked the entire /opt/QE to ~/espresso. Desperate? Sure...
ln -s /opt/QE/ /home/me/espresso]

5. Testing PW
Some examples are found in /opt/QE/PW/examples
cd /opt/QE/PW/examples/example01
./run_examples

/opt/QE/PW/examples/example01 : starting
This example shows how to use pw.x to calculate the total energy and
the band structure of four simple systems: Si, Al, Cu, Ni.
executables directory: /opt/QE/bin
pseudo directory: /opt/QE/pseudo
temporary directory: /scratch
checking that needed directories and files exist... done
running pw.x as: mpirun -n 3 /opt/QE/bin/pw.x
cleaning /scratch... done
running the scf calculation for Si... done
running the band-structure calculation for Si... done
cleaning /scratch... done
..
cleaning /scratch... done
running the scf calculation for Ni... done
running the band-structure calculation for Ni... done

Or you can try

cd /opt/QE/PW/tests/
./check-pw.x.j
A number of tests will now be executed. Most will pass.
IF YOU DON'T HAVE A vdw_kernel_table file one of the tests will fail.

6. Installing PWgui
Assuming you downloaded and extracted the PWgui-5.0.tgz file in step 2 above.
sudo apt-get install itk3 iwidgets4
cd ~/tmp/QE/
mv PWgui-5.0 /opt/QE/
cd /opt/QE/bin
ln -s /opt/QE/PWgui-5.0/pwgui /opt/QE/bin/pwgui

Start by typing
pwgui

settings

You can try e.g. opening /opt/QE/PW/examples/example01/results/al.scf.cg.in if you ran the test in step 5 above. Then run it.

7. Installing Xspectra
This assumes you downloaded and extracted as shown in steps 2-3 above.
cd ~/tmp/QE/
mv XSpectra/ espresso-5.0/
cd espresso-5.0/XSpectra/
make
cd ..
mv XSpectra/ /opt/QE/
cd /opt/QE/bin
ln -s /opt/QE/XSpectra/src/xspectra.x xspectra.x

Notes: in an ideal world the --prefix during configure should suffice in telling a program where to install. No luck for me here though. Also, I had to start the compile in the PW directory and only by using make without any switches, or there would be complaints about a missing libpw.a

22 May 2012

160. Compiling kernel 3.4 on debian

The steps are the usual ones. At this point compiling your kernel is perhaps more of a hobby than a necessity to most people, unless you happen to have some fancy piece of hardware that's about to become supported.

It's not difficult, so there's no reason not to give it a spin.

UPDATE 9/7: Works fine with 3.4.4 as well (as it should). Compile time with -j7 on AMD X6 1055 is

real 33m27.472s
user 84m7.295s
sys 15m58.668s

which is underwhelming.

-- Start Here --
sudo apt-get install kernel-package fakeroot build-essential

mkdir ~/tmp
cd ~/tmp
wget http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.4.tar.bz2
tar xvf linux-3.4.tar.bz2
cd linux-3.4/
cat /boot/config-`uname -r`>.config
make oldconfig

If your current kernel is 3.3.5 the questions that await are given at the bottom of this post with links to descriptions of the different options. As usual, if in doubt, just hit enter.

make-kpkg clean

Building takes ages (depending on number of cores committed), so don't launch it at 4 pm on a Friday if you need to shut down your computer before going home... As usual, use the -jX switch for parallel builds, where X is the number of cores+1 (i.e. 4 cores => -j5)

The following command goes on a single line
time fakeroot make-kpkg -j5 --initrd --revision=3.4.0 --append-to-version=-amd64 kernel_image kernel_headers

Once the build is done, move the .deb files out of the way and to your linux-3.4 directory for safe-keeping
mv ../*3.4.0*.deb .
sudo dpkg -i *.deb

Done.

The image weighs in at about 33 Mb and the headers at 7.6 Mb
And compile time with 4 out of 6 cores? Well, not too bad:

real 34m51.027s
user 73m35.644s
sys 15m9.169s

Questions:
Boottime Graphics Resource Table support (ACPI_BGRT) [N/m/y/?] (NEW)
Default ASPM policy
> 1. BIOS default (PCIEASPM_DEFAULT) (NEW)
2. Powersave (PCIEASPM_POWERSAVE) (NEW)
3. Performance (PCIEASPM_PERFORMANCE) (NEW)
choice[1-3]: 1
Enable PCI resource re-allocation detection (PCI_REALLOC_ENABLE_AUTO) [N/y/?] (NEW)
x32 ABI for 64-bit mode (EXPERIMENTAL) (X86_X32) [N/y/?] (NEW) See also cateee
Connection tracking timeout (NF_CONNTRACK_TIMEOUT) [N/y/?] (NEW)
Connection tracking timeout tuning via Netlink (NF_CT_NETLINK_TIMEOUT) [N/m/?] (NEW)
LOG target support (NETFILTER_XT_TARGET_LOG) [N/m/?] (NEW) M
Plug network traffic until release (PLUG) (NET_SCH_PLUG) [N/m/y/?] (NEW)
PEAK PCAN-PC Card (CAN_PEAK_PCMCIA) [N/m/?] (NEW)
PEAK PCAN-ExpressCard Cards (CAN_PEAK_PCIEC) [Y/n/?] (NEW)
PEAK PCAN-USB/USB Pro interfaces (CAN_PEAK_USB) [N/m/?] (NEW)
Support for DiskOnChip G4 (EXPERIMENTAL) (MTD_NAND_DOCG4) [N/m/?] (NEW)
Universal Flash Storage host controller driver (SCSI_UFSHCD) [N/m/?] (NEW)
virtio-scsi support (EXPERIMENTAL) (SCSI_VIRTIO) [N/m/?] (NEW)
Verity target support (EXPERIMENTAL) (DM_VERITY) [N/m/?] (NEW)
Solarflare SFC9000-family hwmon support (SFC_MCDI_MON) [Y/n/?] (NEW)
Solarflare SFC9000-family SR-IOV support (SFC_SRIOV) [Y/n/?] (NEW)
Drivers for the AMD PHYs (AMD_PHY) [N/m/?] (NEW)

QMI WWAN driver for Qualcomm MSM based 3G and LTE modems (USB_NET_QMI_WWAN) [N/m/?] (NEW)

support MFP (802.11w) even if uCode doesn't advertise (IWLWIFI_EXPERIMENTAL_MFP) [N/y/?] (NEW)

Additional debugging output (RTLWIFI_DEBUG) [Y/n] (NEW)

TI OMAP4 keypad support (KEYBOARD_OMAP4) [N/m/y/?] (NEW)

Synaptics USB device support (MOUSE_SYNAPTICS_USB) [N/m/y/?] (NEW)

Cypress TTSP touchscreen (TOUCHSCREEN_CYTTSP_CORE) [N/m/y/?] (NEW)

Ilitek ILI210X based touchscreen (TOUCHSCREEN_ILI210X) [N/m/?] (NEW)

Xen Hypervisor Multiple Consoles support (HVC_XEN_FRONTEND) [Y/n/?] (NEW)

HSI support (HSI) [N/m/y/?] (NEW)

Intel PCH EG20T as PTP clock (PTP_1588_CLOCK_PCH) [N/m/?] (NEW)

Dallas 2781 battery monitor chip (W1_SLAVE_DS2781) [N/m/?] (NEW)

2781 battery driver (BATTERY_DS2781) [N/m/?] (NEW)

Summit Microelectronics SMB347 Battery Charger (CHARGER_SMB347) [N/m/?] (NEW)

Microchip MCP3021 (SENSORS_MCP3021) [N/m/?] (NEW)

TPS65217 Power Management / White LED chips (MFD_TPS65217) [N/m/?] (NEW)

TI TPS62360 Power Regulator (REGULATOR_TPS62360) [N/m/?] (NEW)

GPIO IR remote control (IR_GPIO_CIR) [N/m/?] (NEW)

Keene FM Transmitter USB support (USB_KEENE) [N/m/?] (NEW)

AzureWave 6007 and clones DVB-T/C USB2.0 support (DVB_USB_AZ6007) [N/m/?] (NEW)

Realtek RTL28xxU DVB USB support (DVB_USB_RTL28XXU) [N/m/?] (NEW)

Allow to specify an EDID data set instead of probing for it (DRM_LOAD_EDID_FIRMWARE) [N/y/?] (NEW)

DisplayLink (DRM_UDL) [N/m/?] (NEW)

Intel740 support (EXPERIMENTAL) (FB_I740) [N/m/y/?] (NEW)

Exynos Video driver support (EXYNOS_VIDEO) [N/y/?] (NEW)

Backlight driver for TI LP855X (BACKLIGHT_LP855X) [N/m/?] (NEW)

Saitek non-fully HID-compliant devices (HID_SAITEK) [N/m/?] (NEW)

TiVo Slide Bluetooth remote control support (HID_TIVO) [N/m/?] (NEW)

Generic OHCI driver for a platform device (USB_OHCI_HCD_PLATFORM) [N/y/?] (NEW)

Generic EHCI driver for a platform device (USB_EHCI_HCD_PLATFORM) [N/y/?] (NEW)

USB Fintek F81232 Single Port Serial Driver (USB_SERIAL_F81232) [N/m/?] (NEW)

USB Metrologic Instruments USB-POS Barcode Scanner Driver (USB_SERIAL_METRO) [N/m/?] (NEW)

LED support for PCA9633 I2C chip (LEDS_PCA9633) [N/m/?] (NEW)

Xen ACPI processor (XEN_ACPI_PROCESSOR) [M/n/?] (NEW)

Memory allocator for compressed pages (ZSMALLOC) [M/y/?] (NEW)

Intel Management Engine Interface (Intel MEI) (INTEL_MEI) [N/m/y/?] (NEW)

USB over WiFi Host Controller (USB_WPAN_HCD) [N/m/?] (NEW)

Apple Gmux Driver (APPLE_GMUX) [N/m/y/?] (NEW)

QNX6 file system support (read only) (QNX6FS_FS) [N/m/y/?] (NEW)

NFSv4.1 Implementation ID Domain (NFS_V4_1_IMPLEMENTATION_ID_DOMAIN) [kernel.org] (NEW)

RPC: Enable dprintk debugging (SUNRPC_DEBUG) [N/y/?] (NEW)

Print additional diagnostics on RCU CPU stall (RCU_CPU_STALL_INFO) [N/y/?] (NEW)

Yama support (SECURITY_YAMA) [N/y/?] (NEW)

Camellia cipher algorithm (x86_64) (CRYPTO_CAMELLIA_X86_64) [N/m/y/?] (NEW)

CRC32 perform self test on init (CRC32_SELFTEST) [N/y/?] (NEW)

CRC32 implementation

> 1. Slice by 8 bytes (CRC32_SLICEBY8) (NEW)

2. Slice by 4 bytes (CRC32_SLICEBY4) (NEW)

3. Sarwate's Algorithm (one byte at a time) (CRC32_SARWATE) (NEW)

4. Classic Algorithm (one bit at a time) (CRC32_BIT) (NEW)

choice[1-4?]:

Links to this post:
http://askubuntu.com/questions/147725/ubuntu-12-04-fail-to-upgrade-to-kernel-3-4
http://www.deltageek.fr/installer-un-nouveau-noyau-linux/
http://thinkpad-forum.de/threads/141365-Linux-Probleme-mit-neuen-Modellen-(W-L-X-Tx30)/page2
http://crunchbang.org/forums/viewtopic.php?id=24814

17 May 2012

155. Gromacs with external fftw3 and blas on debian testing

This is based on http://verahill.blogspot.com.au/2012/03/building-gromacs-with-fftw3-and-openmpi.html

Make sure your build environment is set up:
sudo apt-get install build-essential gfortran libopenmpi-dev

fftw
sudo mkdir /opt/fftw/
sudo chown ${USER} /opt/fftw
mkdir ~/tmp
cd ~/tmp
wget ftp://ftp.fftw.org/pub/fftw/fftw-3.3.2.tar.gz
tar xvf fftw-3.3.2.tar.gz
cd fftw-3.3.2/

./configure --enable-float --enable-mpi --enable-threads --with-pic --prefix=/opt/fftw/fftw-3.3.2/single

make && make install

make clean

./configure --disable-float --enable-mpi --enable-threads --with-pic --prefix=/opt/fftw/fftw-3.3.2/double

make && make install

openblas
sudo mkdir /opt/openblas
sudo chown ${USER} /opt/openblas
cd ~/tmp
wget http://nodeload.github.com/xianyi/OpenBLAS/tarball/v0.1.1
tar xvf v0.1.1
cd xianyi-OpenBLAS-e6e87a2/
wget http://www.netlib.org/lapack/lapack-3.4.1.tgz
make all BINARY=64 CC=/usr/bin/gcc FC=/usr/bin/gfortran USE_THREAD=0 INTERFACE64=1 1> make.log 2>make.err

make PREFIX=/opt/openblas install
cp lib*.* /opt/openblas/lib

add

export LD_LIBRARY_PATH:$LD_LIBRARY_PATH:/opt/openblas/lib

to your ~/.bashrc

[for later use with nwchem and ecce, add /opt/openblas/lib to /etc/ld.so.conf and do sudo ldconfig]

gromacs

sudo mkdir /opt/gromacs
sudo chown ${USER} /opt/gromacs
cd ~/tmp
wget ftp://ftp.gromacs.org/pub/gromacs/gromacs-4.5.5.tar.gz

tar xvf gromacs-4.5.5.tar.gz

cd gromacs-4.5.5/

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/openmpi/lib:/opt/openblas/lib

single
export LDFLAGS="-L/opt/fftw/fftw-3.3.2/single/lib -L/opt/openblas/lib -lopenblas"
export CPPFLAGS="-I/opt/fftw/fftw-3.3.2/single/include -I/opt/openblas/include"

./configure --disable-mpi --enable-float --with-fft=fftw3 --with-external-blas --with-external-lapack --program-suffix=_sp --prefix=/opt/gromacs/gromacs-4.5.5
make -j3
make install

double
make distclean
export LDFLAGS="-L/opt/fftw/fftw-3.3.2/double/lib -L/opt/openblas/lib -lopenblas"
export CPPFLAGS="-I/opt/fftw/fftw-3.3.2/double/include -I/opt/openblas/include"

./configure --disable-mpi --disable-float --with-fft=fftw3 --with-external-blas --with-external-lapack --program-suffix=_dp --prefix=/opt/gromacs/gromacs-4.5.5
make -j3
make install

single + mpi
make distclean
export LDFLAGS="-L/opt/fftw/fftw-3.3.2/single/lib -L/opt/openblas/lib -lopenblas"
export CPPFLAGS="-I/opt/fftw/fftw-3.3.2/single/include -I/opt/openblas/include"

./configure --enable-mpi --enable-float --with-fft=fftw3 --with-external-blas --with-external-lapack --program-suffix=_spmpi --prefix=/opt/gromacs/gromacs-4.5.5
make -j3
make install

double + mpi
make distclean
export LDFLAGS="-L/opt/fftw/fftw-3.3.2/double/lib -L/opt/openblas/lib -lopenblas"
export CPPFLAGS="-I/opt/fftw/fftw-3.3.2/double/include -I/opt/openblas/include"

./configure --enable-mpi --disable-float --with-fft=fftw3 --with-external-blas --with-external-lapack --program-suffix=_dpmpi --prefix=/opt/gromacs/gromacs-4.5.5
make -j3
make install

Make sure to put this in your ~/.bashrc

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/openmpi/lib:/opt/openblas/lib
export PATH=$PATH:/opt/gromacs/gromacs-4.5.5/bin

You now have four versions of each binary -- with and without mpi, with single and with double precision.

02 May 2012

128. Encrypting your email, chat and VOIP in linux (Debian Wheezy)

I'll show how to use GnuPG with Gajim, mcabber, Evolution, Thunderbird and Mutt below
.
I'll also show SRTP/ZRTP using Twinkle with iinet for encrypted VOIP calls -- this solution should work computer-to-computer, but not from computer to phone and vice versa.

You may also want to look at truecrypt (http://verahill.blogspot.com.au/2012/04/using-truecrypt-with-dropbox.html) to secure your files and/or devices, in particular portable storage media like USB sticks. Truecrypt is a good way of backing up or managing your pgp/gpg keys.

I do recognise that there's a lot of info on this page, so don't feel shy about using 'search' to get to where you want to be.

Why?
If you have nothing to hide, why worry?

University and company email systems get hacked. What you do and say can come back to haunt you in unintended way. A lot of employers in the US are scared of submitting honest letters of recommendation because they fear getting sued if they are not favourable enough. Politicians are, often illegally, using private email for official business.

On the one hand, if something doesn't pass the 'newspaper test' (how would you feel if this was the headline on today's newspaper?) maybe you shouldn't be doing/writing/saying that.

On the other hand, in particular in academia, it is important that discourse can be direct and honest.

For these reasons I favour using PGP/GPG encryption as much as possible, since I feel that it strikes a good balance between the need for privacy and unfettered discourse, and the need for a paper trail. PGP/GPG encrypts the content of your conversation, but still leaves it open with whom you converse, thus providing a trail ensuring that you don't get involved in something which you shouldn't.

In some jurisdictions this means that you can be ordered to decrypt your conversation, while, to my understanding, in e.g. the US the content and relevance of the conversation needs to be known to some extent for this to happen. The bottom line is that you will be involved in the release of the material, and that it will take a court order for that to happen.

As with everything else, encryption is just a tool, and it can be used responsibly for good purposes, or irresponsibly with bad intent.

And if even you truly don't have anything to hide, you may support the right for each citizen to decide for themselves whether they want to use encryption or not. The view of law enforcement in many countries seems to be that only criminals have reasons to use encrypted communication, while at the same time security/intelligence agencies believe that their job becomes more difficult to do if they can't sniff all traffic (e.g. ECHELON). These are legitimate opinions, but as with everything you have to make a choice between how much liberty you are willing to sacrifice for a little bit of security. You have to decide for yourself where you draw that line.

Enough meaningless banter, time to get configured.

1. IMPORTANT

The key KEY principle is that:
1. the PUBLIC key ENCRYPTS
2. the PRIVATE key DECRYPTS.

You can encrypt with a private key (e.g. signing), but then anyone with your public key can decrypt it.

I'll write this in bold because it is central to encryption with public and private keys:
use the recipients PUBLIC key to encrypt correspondence to them, and they should use your public key to encrypt correspondence to you. If a private key is used to encrypt, everyone can read the correspondence.

IF, on receiving an encrypted email from someone else, you have to go online to download their key to decrypt, then they used their private key and not your public key to encrypt. That is wrong and INSECURE.

A side effect is that,UNLESS you cc and encrypt to yourself using your public keys when emailing, you WILL NOT BE ABLE TO READ SENT EMAILS which have been encrypted using someone else's public key.

In a more formal setting you will probably want to use expiring keys. For personal use, keys that don't expire are probably fine.

2. How?

2a. Keys and key-management

First install seahorse, gnupg, and gnupg2.

Regardless of how you create your key, it will be found in ~/.gnupg

ls ~/.gnupg/

gpg.conf pubring.gpg pubring.gpg~ random_seed secring.gpg trustdb.gpg

This means that anyone with root/sudo access on that system can access your private key and decrypt all your correspondence unless you password protect it. In general, don't store your key on a shared computer.

Creating a key

using gpg (terminal)

gpg --gen-key

gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc.
[..]
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) Y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: I Lindqvist
Email address: i.lindqvist@email.net
Comment: fake address
You selected this USER-ID:
"I Lindqvist (fake address) <i.lindqvist@email.net>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

You'll get asked for a passphrase twice. Then:

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 283 more bytes)

..+++++
...+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 109 more bytes)
.....................+++++
gpg: key 2B4C5636 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/2B4C5636 2012-05-02
Key fingerprint = 5B71 C3F1 0C2D E008 B299 21A8 019F 907E 2B4C 5636
uid I Lindqvist (fake address) <i.lindqvist@email.net>
sub 2048R/78F9B6C1 2012-05-02

gpg --list-key

/home/me/.gnupg/pubring.gpg
-----------------------------
pub 2048R/2B4C5636 2012-05-02
uid I Lindqvist (fake address) <i.lindqvist@email.net>
sub 2048R/78F9B6C1 2012-05-02

To add more email address, do
gpg --edit-key 2B4C5636
>adduid
and follow the prompts. You do not want to add subkeys.

Do
>trust
to set the trust level. Ultimate for your own key, full for your pals.

using seahorse:
if it isn't already installed, then
sudo apt-get install seahorse

and start it by typing seahorse in the terminal, or selecting Passwords and Keys in gnome. Select New

PGP key

Add details

You can add additional addresses later by selecting your key and right-click, then select Properties

Publish your PUBLIC key:
You can either do this directly using seahorse (very easy), or, if you prefer a more manual approach:

gpg --export -a

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBE+gt4IBCADPY9CyEr1aqU1uqOKquwFOUgsiLNV7pYRLKkTa3hki/8Zz0Ssr
16DIvuO5dGQVsDu712E2FaW3FSzThzPBW9R9z1WNHjZUWtRu78WVNyJJ3WwjJFWV
hmA9kmWzFn14pcqzeD6RAkpK7YrKENu05A2vWB47mWFxlysCxo8VdPoj/uEG0Cvw
BHNrI8raVarwWOPPZiVTp7nbbHySQxZjJTpdR5bEFH+L1AqA3T0YG5FdXryGFXG0
DMLPD3mCSZHoT27WRH4l8mH7K25m6ONUV8u6JDLtSy/WAi9J2nGo5K5r/OetDqe7
zTOaQk7u+WyTxK41nzNk/NRVAUlcc7aM7WXFABEBAAG0MkkgTGluZHF2aXN0IChm
YWtlIGFkZHJlc3MpIDxpLmxpbmRxdmlzdEBlbWFpbC5uZXQ+iQE4BBMBAgAiBQJP
oLeCAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRABn5B+K0xWNtxlB/9K
GAq9Q8YlZjKOnOx2jZWRqE6dHZ5BjNX24SmsVWf0jpEIP1Bj699QiWxxEYeIc2S7
E0vm3G323oEHfiGUlTpqi4piCnrEgm63JKNGWKamKBkYBTvygRFRC7DUWhB6kwP3
FmOU8SMR9+8lSei6IJoRlJUThdF3gWLiNnQtDDowjQL2gIHvh+Ht/geC+fDtN0i5
R7yGUOyIicYDa04dSsX5LZJneouIavNYulTpJc0wth6GOrzAbitVsfdQ84O/Q/Ld
lyI6HSzz/QNDuY2YkAPiejapHBtBP9LukBvFChfkiwNv+RPG9VE8zm0vIg9ylmaf
Fbe1CrawAsjQDM8f1KEtuQENBE+gt4IBCADK5PJMH0I8CB1RoMLo13Ewd8tFoIYu
bXIuV2RpUCTwxOA1nbKiJUrZP0Dxe0aK6GXspEzRtYjpT2QdIvdYsHrr85V4+AsJ
BFQ3ehp6XW2NtyECQyzYlUm4Yo06EU128E0whfeK42b+egWazOrdnt9QKlZCP5lz
UU8L9zJiDI64old79AkbRm7mKdH6uIAwkPG3Eft+2H312MkRGfmiJ/Eq/HQO8ygo
pcg93kqU9RrI8xwfO5plqF9yc9iNzrgDu8iuOPSxYuJtG3cj0W4CzuwLRzMnWFXO
CQpcCWF38/a2HTrXCxA5QAf0Td3P7zc7eZd6JhpzNTTJ7zQeeQreKjhfABEBAAGJ
AR8EGAECAAkFAk+gt4ICGwwACgkQAZ+QfitMVjbn2Af/SURRS72DJ66F0Gpt9bIe
p2zr98c+W4bPru7fVg4uOAxz95H1vK65kX7jZ+9M5yqHGqLNxmVcUcVhbXS+Fkik
LoBxLezU7s1bC40HSFPu00IQQxiH5jv9Dd/kqP16oel+JVGDwmRXFWXqByaWaaNm
6JYHYcCH6B4UwSpSRiwJScbTWsvxq9+WVAUO730FwGy3BYnZAXNeibV2/bbtZbz6
P23zyitFqOizuafvwFIS9pGvbL3pmUkQne0dF1OGhfhsdczZi+LVhnKy6iOy7lTx
6saK149HMndyLNOlS8pmJez2ULXF/fijLlrXAi3zr8a2UFkpYPEIj+emkeFpAGiE
mQ==
=VnnT
-----END PGP PUBLIC KEY BLOCK-----

Then copy/paste it into the front page at pgp.mit.edu

2b. Chat

Gajim
Gajim is seven kinds of awesome, but is primarily used for jabber-compatible protocols. This means gmail gmx, etc.

To set up encryption for an address, go to Edit, Accounts, select the address and go to the Personal tab.

GPG Agent is broken on Debian, so don't use that.

Before you use gajim to encrypt chat you may need to rightlick on the recipient and assign the correct key:

Once all that is done, encryption is easy.

mcabber
Mcabber is a terminal chat client and that makes configuration very easy.
Edit ~/.mcabber/mcabberrc and add (or uncomment):

set pgp = 1
set pgp_private_key = "06403515C1XXXX6B"
set pgp_passphrase_retries = 3

The private key ID is much longer than what you may be used to -- you can look it up using seahorse. pgp.mit.edu will also report it if you've uploaded your public key:

Anyway, start mcabber, select the contact you presumably already have a key for and type:
/info

05-02 16:02 *** jid: <xxx.xxxxx@xxxx.xxx>
05-02 16:02 *** Name: xxxxx at xxxx
05-02 16:02 *** Type: user
05-02 16:02 *** Subscription: both
05-02 16:02 *** Resource: [o] (50) Gajim76E72461
Status timestamp: 2012-05-02 16:02:09
PGP key id: 06403515C1XXXX6B
Last PGP signature: good

The contact is recognised and you have their key. So, you should be able to simply start chatting.

Switch encryption on and off using
/pgp enable
and
/pgp disable

So how can you tell whether it's encrypted or not?

05-02 16:02 -~> This is encrypted

05-02 16:09 --> This is not encrypted

Yup. A ~ makes the difference.

Received encrypted messaged look like this:
05-02 16:12 <~= encryption the other way

2c. E-mail

Evolution
Evolution supports integration with gnupg out of the box, but each email address needs to be configured separately. Start evolution, click on Edit, select Preferences, Mail Accounts, highlight the email address you want to configure, click on Edit. Select the Security tab in the Account Editor and type in the key ID.

When you're composing, this is what meets you:

You will have problems encrypting to people who's keys haven't been associated properly with the email address you're composing to.

Thunderbird
Thunderbird isn't as well-supported for PGP/GPG as evolution but there's an add-on, Enigmail 1.4.1 (you might have to download it manually from http://enigmail.mozdev.org/download/index.php.html), which is compatible with Earlybird/Thunderbird 11. The downside on using an add-on is that compatibility sometimes breaks.

The key here is the 'GnuPG was found...' bit. To gain access the tabs below you can click on Display Expert Settings.

Once you've installed enigmail via the add-on menu and restarted, you can set the preferences:

Most options are straight-forward

You may need to set the key manually if the email address isn't explicitly associated with an address.

Go to Edit, Account Settings, and uncheck use html under Composition and Addressing for each address. Partly because signing will work better, but mainly because you have no reason to use html. Ever.

And this is how it looks when you are composing emails:

You can choose to sign and/or encrypt emails from simple menu.

Mutt

The key ID is C1XXXX6B. Edit your .mutt/muttrc file and add (the field which need to be edited are given in red below):

# GPG stuff - autosign
set pgp_decode_command="gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0xC1XXXX6B -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xC1XXXX6B -- -r %r -- %f"
set pgp_import_command="gpg --no-verbose --import -v %f"
set pgp_export_command="gpg --no-verbose --export --armor %r"
set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r"
set pgp_autosign=yes
set pgp_sign_as=0xC1XXXX6Bset pgp_replyencrypt=yes
set pgp_timeout=1800
set pgp_good_sign="^gpg: Good signature from"

In mutt, p is associated with gpg/pgp:

In mutt, write your email in vim or nano, then exit the editor and hit p. Select e to encrypt:

And it now shows 'Security: Encrypt', and you can send.

Encrypted VOIP
While skype encrypts by default, skype isn't 'open', and you are not in control.

For twinkle (below), you need a sip address. You sometimes have one via your ISP, but you can also get one for free from e.g. https://www.ekiga.net/index.php?page=register

Twinkle and ccRTPp are available in the debian repos.
sudo apt-get install twinkle
pulls in everything you need

Next, start twinkle and configure it:

The only interesting step is this one:

Select ZRTP/SRTP

Next log in:

My guess is that you need to include the country code. Don't forget to drop any leading 0s off the area code (the scatter brained cause of the failed call listed in the log below)

Pages