How do I get Xwindows to work when I am using an encrypted Drive?

My friend Mike Jansen pinged me this afternoon with an interesting problem.  

Here is the background:

He has setup a Linux VM and needs to get to it remotely from his PC running Windows.  He has xming(A great free XWindows server for Windows) and connects to the machine over SSH.  He decided he would take security to the next level and encrypted his personal directory.  Interesting fact is that when you do this on Ubuntu your home directory isn’t decrypted or mounted until you actually login.  Why is that a problem?  Well as part of the login process SSH puts the magic-coookie XWindows needs to start into your /home/<UserID>/.Xauthority file.  The next thing that happens is that your encrypted directory is decrypted and mounted to /home/<UserID>/ which then hides /home/<UserID>/.Xauthority under the mount.  At that point it breaks X and stops you from running the XWindows Programs.  Unless you do something like what Mike pieced together.  What Mike has below should work system wide for all users.  You should as with all scripts test this out on a non-production system first.

Here is what he gave back to be to post to for everyone:

So I got my issue with encrypted home and ssh/xauth figured out. The solution is actually simple once it’s figured out 🙂

The basic idea for xauth transfer was from


The idea for this came from the man page for SSH. 

I got rid of ~/.ssh/rc and put this in /etc/ssh/sshrc:

if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
# X11UseLocalhost=yes
echo add unix:`echo $DISPLAY | cut -c11-` $proto $cookie
# X11UseLocalhost=no
echo add $DISPLAY $proto $cookie
fi | xauth -q -
MYXAUTH=/home/.ecryptfs/`id -un`/.xauth
xauth list > $MYXAUTH
chmod go-r $MYXAUTH

Mount encrypted home

The idea’s behind this section came from this page

In /etc/profile, I mount encrypted home (if it’s not already mounted):

if test -e $HOME/.ecryptfs/auto-mount; then
mount | grep "$HOME type ecryptfs"
if test $? != 0; then


I got rid of ~/.bash_login and put this in /etc/bash.bashrc:

# Load xauth information from pre-encrypt mounting ssh initialiation
MYXAUTH=/home/.ecryptfs/`id -un`/.xauth
if [ -e "$MYXAUTH" ]; then
xauth add `cat $MYXAUTH`

Sample SSH LOGIN after Implementation

Here’s what my ssh login looks like now (I have a bunch of outputs to understand the flow and make sure my real and effective uid’s are what I expect):

Using username "mike-jansen".
Authenticating with public key "REALLY_COOL_DEV_SERVER" from agent
Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-11-generic-pae i686)

* Documentation:

56 packages can be updated.
29 updates are security updates.

Last login: Thu Sep 22 15:48:24 2011 from
------ BEGIN /etc/ssh/sshrc Real [mike-jansen] Effective [mike-jansen]
------ END /etc/ssh/sshrc Real [mike-jansen] Effective [mike-jansen]
------ BEGIN /etc/profile Real [mike-jansen] Effective [mike-jansen]
Enter your login passphrase:
Inserted auth tok with sig [c46ead8832a353d7] into the user session keyring

INFO: Your private directory has been mounted.
INFO: To see this change in your current shell:
cd /home/mike-jansen

------ BEGIN /etc/bash.bashrc Real [mike-jansen] Effective [mike-jansen]
------ END /etc/bash.bashrc Real [mike-jansen] Effective [mike-jansen]
------ END /etc/profile Real [mike-jansen] Effective [mike-jansen]
------ BEGIN ~/.profile Real [mike-jansen] Effective [mike-jansen]
------ BEGIN ~/.bashrc Real [mike-jansen] Effective [mike-jansen]
------ END ~/.bashrc Real [mike-jansen] Effective [mike-jansen]
------ END ~/.profile Real [mike-jansen] Effective [mike-jansen]




*For those who don't know ~ is a shortcut to the current users home directory as recorded in the user repoistory for the system.







HP Touchpad Drama

What everyone wants to know right now is:  Will WebOS live?  If so, Who will own it?

Why does Brian want one?

From Brian himself:

“It’s simple they are cheap movie watching/web surfing devices if nothing else.  They support HTML 5 and at leat MPEG Video.  The really impressive thing is how fast both Ubuntu was made bootable and Android already has beta’s out.  So even if WebOS doesn’t survive we will likely be able to run at least honeycomb and ubuntu.  So the apps issue shouldn’t be a long term problem.  Oh and did I mention it was a $600 tablet just a few weeks ago?  I think the roughly $160 is pretty awesome.” 

Brian’s wife Christa used her amazing shopping powers to get Brian and several members of the extended families five HP Touchpads.  She ordered 8 in total but 3 of them got canceled.  Or at least they thought they did until they recieved this E-Mail from Office Max.( 2 of three of the canceled ones were from OfficeMax)

August 31, 2011
Re: Cancelation of HP TouchPad Order
Dear OfficeMax Customer:
Recently you have been contacted and informed your HP TouchPad order was canceled due to HP discontinuing the item and OfficeMax not being able to source the item.
It was brought to our attention that HP may be shipping additional inventory to its suppliers. Our Merchandising team has contacted HP and is pushing to acquire enough stock to cover the orders we had to cancel. HP has posted the following statement on their website – “Despite announcing an end to manufacturing webOS hardware, we have decided to produce one last run of TouchPads to meet unfulfilled demand. We don’t know exactly when these units will be available or how many we’ll get, and we can’t promise we’ll have enough for everyone.”

We have saved all canceled orders, and if we are successful in attaining additional HP TouchPads, we will contact you to fulfill your order.

As always, we value your business. Thank you for your patience and loyalty throughout this situation.

While we deeply regret any inconvenience this has caused, we ask that if you have questions, please call customer service at 1-877-OfficeMax. 


So we will keep you posted on what Brian does with his and if Joe manages to get his hands on one.  To everyone who did buy one enjoy it.  Go install some linux on it.

Has Ubuntu jumped the shark?

Any time anyone in the FOSS world has issues the critics call for it to be taken out back and put down.  Luckily for Mr. SHuttleworth this is highly unlikely for him or the Ubuntu.  But none the less people are talking about whether 11.04 was the beginning of the end of one of the best Linux Distors there ever was.  Listen to the podcast for more of what we though and check out this link for our original story.


So what do you think?  Is FB on it’s was out.

Fedora and Ubuntu are getting the Butter on our File systems…, a great site with an even better preformance test suite, has a nice write up about the often talked about BRTFS(commonly pronounced Butter FS). They mention that Fedora seems to be releasing it with GRUB extenstions to allow for file system snapshot roll-backs by the end of the year and Ubuntu by the 12.04 release next April.  What is so great about this?  Imagine if your favorite Linux Update tool could tell BRTFS to take a snapshot of the state of the file systems every time it did an update.  Then let’s imagine that GRUB, our favorite boot-loader, could see that they were al there and give you the options to roll-back to that last know working version.  Wouldn’t that just ROCK?  No more worries about not taking snapshots on virtual machines or needing to restore after a bad upgrade on a physical machine.  The time saved will be incredible.  We can’t wait for this all to be production ready and standard on all Linux versions.

Red Hat and Ubuntu pushing buttons in the community….

Both Red Hat and Ubuntu have been in the press a lot lately because of changes they are making in their distribution.  What everyone seems to forget with both companies are just that companies not communities.  While they do a great job of being great community members, people will always complain about them.  Here is what we gleaned from the posts I read:

For Red Hat the change is just how the distribute the kernel itself.  They are now shipping just a completely patched Kernel.  This is instead of shipping a patch set for each and every bug release that was available.   Who does it affect?  The folks that want to look in the kernel.  As far as we can tell that’s it.  We at don’t think that this is an issue for them and more just a reason for people to complain and wish things were better the old way.

For Ubuntu the problem is more one of a lack of change.  They want to push some enhancements into the upstream Gnome package that are being rejected:

Here are the details as described in a ZDNet article:

“The technical problem behind the dispute is that GNOME rejected theUbuntu Ayatana system status indicators. These indicators, and their messaging application programming interfaces (APIs) would be used on the Linux desktop to convey such information as “Whether you are connected, what the time is, whether you are online, whether your battery will last long enough for you to finish your work, whether you have messages,” etc.”

Again it seem like something that shouldn’t be that big an argument.  When you are poring your heart and sole into a project though it’s not always that easy.  We can’t always make a reasonable counter offer when we feel like we are being attacked.

Hopefully everyone will soon see that these aren’t bad choices just ones that we all may not agree with.  We as a community need these companies need to survive and thrive.  If they don’t protect their future and go under then we all loose.  Both companies are spending a lot of time and money on Linux and it’s desktop.  It would be a very different Linux world. 

Ubuntu designer proposes getting rid of quit from app menus….

Matthew Paul Thomas over at the Connanical blog seems to be saying that he wants to phase out the quit option from Linux App Menus.  It’s kind of confusing becuase the topic is.  As a replacement or enhancement for quit he proposes changing the Close functionality of all programs to quit the application when the user closes the last window in it’s set of windows.  The thought behind this is that with today’s processing power and larger installed memory the need to quit applications isn’t needed.  The problem is the model he is trying to compare to is that of Android and iOS.  These aren’t really fair comparisons since I can’t really have more than one or two screens on my Original Droid.  So you can’t run into the problem of having 30 seperate windows within a single application.  I use quit/exit most often to get out of the office fast at the end of the day.  I don’t want to have to jump through all my open windows to close them all.  I want to click File->Quit(Exit) a few times and go home.  

At least they aren’t banning the quit menu option.  As always Connanical is pushing the UI bounds and trying to achieve new things.  It’s an interesting idea but it will take a lot more convincing to get me to be a convert.  It’s a long but interesting read so check it out.

Application Installers Unite…..

According to this article we found, meetings are starting to happen and people are trying to move towards a common Application Installer. So their could be the end of the “My package manager is better than yours is” debates?  Well it’s a bit early to tell but it does sound like the big distros are talking about settling on a common package format.  If they do go forward with this we can only hope that it’s adoption moves faster than LSB(Linux Standards Base).  It would definitely go a long way to help adoption of Linux as a platform.  For instance, only seeing one line on download pages like Windows and Mac have would help newbies or people thinking about trying linux be less afraid.  When you can create app stores that only have to carry one type of package they become a lot easier to create.  We here at hope that every linux install will get easier over time.

What do you think?  What problems will one package format have?  What hidden benefits are there?  What hidden problems?

Episode 37 – Top things that happened in 2010

Running Time:  43:19

1) Introduction

2) This is a running list of things to consider for the top news of 2010

 Big Purchases in 2010:

   Novell get’s purchased – the patents that went to Microsoft

   Oracle buying Sun

   Palm get’s bought by HP

 Changes in the world of Open Source:

   Google World:

    Android shoots for world domination – Or at least Mobile Platform domination

    Google TV announced and delivered

    Chrome OS Pilot Program announced Beta’s of Chrome OS on VM’s

   Ubuntu abandons Xorg and Gnome for Wayland and Unity

   Mandrivia struggling/passing away…

   Tablet Market exploded with the introduction of IPad and Galaxy Tablet

3) Conclusion

  Recommendations for People to interview

  E-Mail us at

  Go to the WebSite to call us via Google Voice

  Facebook Fan Page

  Follow us on Twitter and Identica as @linuxinstall

  Look for us and comment on iTunes, odeo