17 July 2013

478. Briefly: proftpd on debian

I need to transfer raw mass spec files off of the computer controlling our waters zmd, and it seems like I may be the only one in the department wishing to do so.

Since the computer is running Windows NT 4 and doesn't support USB drives out of the box, and I'm a bit worried about installing new software (e.g. old versions of filezilla via oldapps) on a computer on which a lot of people rely, I have two options:

* use SMB i.e. a windows share
or
* use ftp

I'm having all sorts of trouble getting my samba to work well at work -- my computers are sitting on a 192.168.2.0/24 LAN behind a router connected to the corporate network which has proper IP addresses (i.e. not using a reserved private network address space). I haven't managed to get my computer behind the router to 'see' the other computers and their shares at work beyond my router . I can, however, connect directly to the computers using e.g. smbclient -- they just won't show up in e.g. nautilus under windows network or using nmblookup. At any rate, connection directly to the target computer prompts me for a password and it seems that there are no open, accessible shares on that computer, only password protected ones.

Win NT has a DOS ftp client, so I finally decided to set up a quick and dirty ftp server on my workstation in my office so that I could transfer a couple of data files to figure out my other issue -- whether I have any piece of software that can actually open the masslynx .raw files. Turns out that neither wsearch32 nor openchrom can, so the exercise has been somewhat futile, although it has to be said that I'd like to be in charge of any raw data that leads to publications, and so I should be able to manage the storage of it myself.

Note: ftp is an inherently unsafe method since it doesn't use encryption. Use a separate user for this with no privileges, change the password of that user regularly, and close port 21 whenever you aren't using it in order to not advertise that you are running an ftp server. Use ssh/sftp if at all possible.

Anyway, setting up an ftp server was easy.

This method follows this post, http://ubuntuforums.org/showthread.php?t=79588, almost verbatim.

First install proftpd

sudo apt-get install proftpd

Edit /etc/shells:
# /etc/shells: valid login shells /bin/csh /bin/sh #/usr/bin/es #/usr/bin/ksh #/bin/ksh #/usr/bin/rc #/usr/bin/esh /bin/dash /bin/bash /bin/rbash #/usr/bin/screen #/bin/tcsh #/usr/bin/tcsh #/bin/ksh93 /bin/false

sudo adduser ftpuser

su ftpuser
cd ~
mkdir download
mkdir upload
exit

Edit /etc/proftpd/proftpd.conf. In addition to what was already there, I added
UserAliasOnly on UserAlias spinebill ftpuser ExtendedLog /var/log/ftp.log TransferLog /var/log/xferlog SystemLog /var/log/syslog.log AllowStoreRestart on <Directory /home/ftpuser> Umask 022 022 AllowOverwrite off <Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD> DenyAll </Limit> </Directory> <Directory /home/ftpuser/download/*> Umask 022 022 AllowOverwrite off <Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD> DenyAll </Limit> </Directory> <Directory /home/ftpuser/upload/> Umask 022 022 AllowOverwrite on <Limit READ RMD DELE> DenyAll </Limit> <Limit STOR CWD MKD> AllowAll </Limit> </Directory> Include /etc/proftpd/conf.d/

su ftpuser
chsh -s /bin/false
exit

Check the syntax:
sudo proftpd -td5

Test:
ftp `hostname`
Connected to beryllium. 220 ProFTPD 1.3.4a Server (Debian) [192.168.1.1] Name (beryllium:me): spinebill 331 Password required for spinebill Password: 230 User spinebill logged in Remote system type is UNIX. Using binary mode to transfer files. ftp>
I have since tested this from the Win NT 4 computer and everything is working well. I had to familiarise myself with the windows ftp client first: http://www.nsftools.com/tips/MSFTP.htm

477. OpenChrom - Dempster

I don't want to get into writing software reviews, but given how much OpenChrom, an open source program for mass spectrometry which can open a range of proprietary formats, has evolved since I tried the release code-named Syringe (http://verahill.blogspot.com.au/2012/09/using-openchrom-to-open-aglient-d-esi.html) in September 2012, I think a brief update may be in order.

Essentially, OpenChrom now seems a lot easier and more natural to use.

The installation is the same as before (I've copied the old post below):

1. Install Java v1.7 (need > 1.6)
You can either use openjdk 7 or (Oracle) Java. See here for a general guide to installing Oracle/Sun Java.

As for openjdk, you can easily install it:
sudo apt-get install openjdk-7-jdk

(the openjdk-7-jre package is enough if you don't want the full developer's kit)

Anyway.

Make sure that you've selected the right version:
 sudo update-alternatives --config java
There are 7 choices for the alternative java (providing /usr/bin/java).

  Selection    Path                                            Priority   Status
------------------------------------------------------------
  0            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      auto mode
  1            /usr/bin/gij-4.4                                 1044      manual mode
  2            /usr/bin/gij-4.6                                 1046      manual mode
  3            /usr/bin/gij-4.7                                 1047      manual mode
  4            /usr/lib/jvm/j2re1.6-oracle/bin/java             314       manual mode
  5            /usr/lib/jvm/j2sdk1.6-oracle/jre/bin/java        315       manual mode
  6            /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java   1061      manual mode
 *7            /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java   1051      manual mode




2. Get openchrom
cd ~/tmp
wget http://aarnet.dl.sourceforge.net/project/openchrom/REL-0.8.0-PREV/openchrom_linux.gtk.x86_64_0.8.0-PREV.zip
unzip openchrom_linux.gtk.x86_64_0.6.0.zip
cd linux.gtk.x86_64/OpenChrom/
sudo mkdir /opt/openchrom
sudo chown $USER /opt/openchrom 
cp * -R /opt/openchrom
chmod +x /opt/openchrom/openchrom

Stick

alias openchrom='/opt/openchrom/openchrom'

in your ~/.bashrc and source it.




A few notes:
You can now start OpenChrom by running
openchrom
from the command line.

You can install plug-ins, e.g. to open Agilent files, by going to Plugins/OpenChrom Marketplace. Plugins will typically run for 30 days, but can be unlocked for perpetuity by adding a serial key, which is free. Add license keys by first registering on the openchrom website, going to http://www.openchrom.net/main/content/plugins.php, and clicking on the plugin you want a serial key for. You can then enter that key by going e.g. Window/Preferences/Converter in the OpenChrom software.

Everyone has their own idea of what a good piece of mass spec software should look like, and I suspect that OpenChrom caters to them all. Layouts are called Perspectives here. On the flip side, if you accidentally use a perspective that doesn't suit you, you may be incredibly frustrated until you figure out what's going on.

I like wsearch32, so my preferred view is to go to Window/Perspective Switcher -> Chromatogram MS (exact).

Opening spectra is much easier than before: now simply go to File/Open Chromatogram (MSD) and click on the file (or directory structure in the case of e.g. Agilent .D directories) and open:

Anyway, openchrom is getting better, is easier to use, and is still the only open source program that I know which can handle such an array of proprietary formats. Also, it can export data in both .csv and .xls formats, but you will need to install plugins for that, which is luckily very simple.


15 July 2013

476: Rehash: using a browser proxy via tunnel, through a router and with reverse ssh

I may have covered this at some point, but if so, I can't find the post.

Here's the situation:
You have a linux computer at work, which is behind a corporate firewall.
You have a router at home which runs an ssh server (e.g. running tomato).
You have a computer at home, which sits behind the router above.
You want to browse from home using the corporate network

In my case it's a little bit different -- I want to make a change to the router my office network (I have my own office) sits behind, and the easiest way to do that is by logging onto that router via http (it's a stock netgear router).

How to:
First, at work, connect to your home router using reverse ssh, so that all traffic on port 19999 on the router gets sent to port 22 on your work computer:
ssh -R 19999:localhost:22 root@myhomerouter

Later, at home, forward all traffic to port 8989 on your home computer to localhost:19999 on your router (which then gets sent to port 22 on your work computer):
ssh -L 8989:localhost:19999 root@192.168.2.1

We've assumed that the router sits on 192.168.2.1 from inside the LAN. Localhost here refers to your home computer, while localhost in the command before that refers to the router.

Then, in a different terminal, open a proxy through port 8989:
 ssh -D 8888 me@localhost -p 8989

Finally, you can now edit your browser/network settings to use a SOCKS proxy on port 8888 like you would with any other proxy.