Tuesday, April 10, 2012

Having problems browsing SAMBA shares? ..README

SkyHi @ Tuesday, April 10, 2012
I've seen "SAMBA isn't working, now I can't connect to shares on my HTPC" being posted in a few places so I thought I'd post a note to educate people on what's going on. The statement that SAMBA is broken is rarely true. It's usually running fine, and the cause of the problem is simply the ugly way that NetBios over TCP/IP name resolution works. 

The reason you cannot see an smb://share "that was working 5 mins ago" is down to browser election fights between the computers on the network. An election fight is a peer-to-peer negotiation over who gets elected to be in charge of the domain(s) and/or local master browser list; the list of computer names that will appear in the Windows Network Neighbourhood (or it's current equivalent). The machine that wins the election is determined through a combination of uptime, OS version and config settings - meaning the outcome can be unpredictable, and the election process can take time (minutes not milliseconds). Over time your HTPC (as longest uptime device) has probably been elected the master browser, so if you reboot your HTPC the browser list is gone and the remaining machines on the network will restart an election process to decide who owns/creates the replacement. Once the election is over it will take time (again, minutes not milliseconds) to distribute the list and ensure every client has the same version. If you reboot other computers they will join the network and announce their availability, so an election discussion takes place to see if they should become the master browser. It's easy to see how this process may go titsup.com from time to time. Sadly, Mac and Linux computers can suffer the same issues as their Windows counterparts as they (via their local SAMBA client) are ultimately participating in the same process.

In corporate networks this issue is mitigated by having a pre-determined machine configured to win all the elections and maintain the browser list(s) - usually a domain controller. Rigging the election guarantees the election result and ensures the election process is completed quicker. The good news is that it's simple to configure SAMBA on your OE based HTPC to do the same thing. The reason for picking the HTPC to be the master browser is that it's probably the going to be the computer that has the highest uptime in your home network.

First, ensure you have /storage/.config/samba.conf. If you don't there is a sample one in the directory that can be renamed. Then add the lines indicated below to your [global] section:

  server string = Media Centre(%i)
  workgroup = HOME
  domain master = yes  <-- add this line
  local master = yes  <-- add this line
  preferred master = yes  <-- add this line
  os level = 100  <-- add this line
  netbios name = AppleTV
  security = share
  guest account = root
  wins support = yes
  syslog only = yes
  name resolve order = lmhosts wins bcast host
  printcap name = /dev/null
  load printers = no

Even if you do this the problem will never be completely eliminated, but Windows network browsing should in theory be more consistent (in theory!). If it does not clear the problem the solution is usually to "turn everything off and on again" so that the old (incorrect) browser list is lost and a new (correct) one is created, or access your HTPC directly via an IP address based URL, e.g. \\\ 

NB: in pre-RC6 setups the last two lines shown above (printcap name and load printers) were incorrectly placed under the [printers] section of the sample configuration file. If you move them to [global] as above you'll see some SAMBA startup errors in /var/log/messages go away.


Windows can’t see Samba Share

SkyHi @ Tuesday, April 10, 2012
For those of you who are using Samba on Linux (including Ubuntu) systems and would like to be able to have Windows users see your server in their “Network” discovery browser, here’s what you need to do.
The following is required to get windows to see your samba share so you no longer need to type in the IP address of your server every time you want to access it on a new system.
With your favourite text editor, open smb.conf:
vim /etc/samba/smb.cnf
Add this to the top of the file:
wins support = yes
You may also want to check to ensure that wins support configuration doesn’t exist in any other part of the configuration file.
After this is done, restart samba and Windows should be able to see your share!
service samba restart


SSH Keys Authentication With PuTTY

SkyHi @ Tuesday, April 10, 2012

5 Generate A Private/Public Key Pair

We can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA underType of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:
Please move the mouse pointer over the blank area during the key generation to generate some randomness:
Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save publick key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.
Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be .ppk:
Then copy the public key from the PuTTYgen window:

6 Save The Public Key On The Server

Then log in to your SSH server (if you have closed the previous SSH session already), still with the username and password, and paste the public key into the file ~/.ssh/authorized_keys2 (in one line!) like this:
mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EA[...]Lg5whU0zMuYE5IZu8ZudnP6ds= myname@example.com
That file must be write/readable only by that user, so we run
chmod 600 ~/.ssh/authorized_keys

7 Attach The Private Key To The PuTTY Profile

Now launch PuTTY again and load the profile of your SSH server (
Then go to SSH -> Auth and click on Browse:
Browse your file system and select your previously created private key:
Then go to Session again and click on Save:
Now we have attached the private key to our PuTTY profile.

8 Our First Key-Based Login

Now everything is ready for our first key-based login to our SSH server. Click on Open:
As you can see, the public key is now used for authentication, and you are asked for the passphrase (the one you specified in chapter 5):