Re: [Xastir] Couple of Small Problems, Maybe?
No, it's frowned upon to connect to multiple internet servers at once. You'd switch the one you have defined over to one of the Firenet addresses instead. Firenet and the APRS-IS servers are connected, so you should just pick up MORE stuff with Firenet but not lose anything by connecting there instead of APRS-IS. Some stuff is only on Firenet. Like quakes down to magnitude 0.1, more of the NWS weather alerts, stuff like that. On Thu, Feb 16, 2017 at 5:22 PM, Halley Melindawrote: > Hey, Curt,thanks for the replies. I have the I-gating set up as you > suggested. We're using noam.aprs2.net as the server and the code that > callpass generated when we used it. > When you talk about the firenet server stuff, how would I use that? Do I > set up another internet interface? > Thanks again,Mickey > > > From: Curt Mills > To: Halley Melinda ; Xastir - APRS client software > discussion > Sent: Thursday, February 16, 2017 4:36 PM > Subject: Re: [Xastir] Couple of Small Problems, Maybe? > > On Thu, Feb 16, 2017 at 12:56 PM, Halley Melinda wrote: > > Hey David,This is Mickey, Flip's wife. the xastir site has "TBD" on the > section for Igating. Other than how to turn on igating, there's no help. > > The most up-to-date docs would be the text files with the code. The Wiki > pages won't be as complete. > For igating there are two places to tweak in Xastir: > 1) File -> Configure Defaults -> IGate Options2) Interface -> Interface > Control -> Add -> Internet Server -> Add -> Put in options there for the > particular APRS-IS server you want to connect to. > I'd recommend checking "Activate on Startup?" "Allow Transmitting", and > "Reconnect on NET failure?". You'll need to put in Host, Port, and > Pass-code there. > Also note that you can click on the dashed-line on the drop-down windows > to chop them off and make them stick around for a bit. You can then hit the > 'X' in the corner to make them go away. > Also on the "Interface" menu is "Disable Transmit: ALL". Do NOT check that. > -- > Curt, WE7U > http://we7u.wetnet.net > http://www.sarguydigital.com > > > ___ > Xastir mailing list > Xastir@lists.xastir.org > http://xastir.org/mailman/listinfo/xastir > -- Curt, WE7U http://we7u.wetnet.net http://www.sarguydigital.com ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
- use good passwords (google that one, several articles available) - keep the OS patched regularly. turn on automatic updates if patching isn't part of your routine. Yes, a bad patch _can_ cause trouble but unless you have the vigilance of a paranoid sysadmin you're far more likely to be burned by lack of a patch than a bad patch. There are other things (turning off unused services, change passwords regularly, use layered defenses, etc) but if you cover these 3 you're unlikely to be compromised in a typical environment. I completely agree with Jason that there is a lot of little things that need to be done to secure a Raspberry Pi (or any other Linux box connected to the raw Internet). In addition to all that, the Raspberry Pi platform poses unique challenges since it uses flimsy storage (SD card), prone to power issues, can be in a high RF environment, etc. As such, I've been working on a Rpi hardening document document if anyone is interested: #Actually is RPi3 centric now http://www.trinityos.com/HAM/CentosDigitalModes/RPi/rpi2-setup.html --David KI6ZHD ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] Couple of Small Problems, Maybe?
On Thu, Feb 16, 2017 at 12:56 PM, Halley Melindawrote: > > (Where can these - NWS abbreviations - be found) > You'll have to hunt around the National Weather Service site to find them. I had to do that for the Seattle area. That was many years ago so I don't remember any details, sorry. (where do you find the servers to feed the weather alerts???) > Considering that I'm one of the ones generating the APRS weather alerts, I guess I can answer that! I'm snagging them from official feeds, generating the APRS alerts, then injecting them into the Firenet servers. Either of these two addresses should get you into a round-robin DNS set of three Firenet servers. Gerry Creager and I run the Firenet servers: Firenet.aprs2.net Firenet.us -- Curt, WE7U http://we7u.wetnet.net http://www.sarguydigital.com ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] Couple of Small Problems, Maybe?
On Thu, Feb 16, 2017 at 12:56 PM, Halley Melindawrote: > Hey David,This is Mickey, Flip's wife. the xastir site has "TBD" on the > section for Igating. Other than how to turn on igating, there's no help. The most up-to-date docs would be the text files with the code. The Wiki pages won't be as complete. For igating there are two places to tweak in Xastir: 1) File -> Configure Defaults -> IGate Options 2) Interface -> Interface Control -> Add -> Internet Server -> Add -> Put in options there for the particular APRS-IS server you want to connect to. I'd recommend checking "Activate on Startup?" "Allow Transmitting", and "Reconnect on NET failure?". You'll need to put in Host, Port, and Pass-code there. Also note that you can click on the dashed-line on the drop-down windows to chop them off and make them stick around for a bit. You can then hit the 'X' in the corner to make them go away. Also on the "Interface" menu is "Disable Transmit: ALL". Do NOT check that. -- Curt, WE7U http://we7u.wetnet.net http://www.sarguydigital.com ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] Couple of Small Problems, Maybe?
Hey David,This is Mickey, Flip's wife. the xastir site has "TBD" on the section for Igating. Other than how to turn on igating, there's no help. We've both looked to see how to do this, but no luck. I am sighted, he is not - but he has screen readers to read the stuff out to him. these are excerpts from the included readme files of xastir We are playing around with the idea of an IGate because there isn't one in our county. From the readme.gettingstarted file: Enabling Street Address Lookup: --- Download the USA.geocode file and install it into the /usr/local/share/xastir/GNIS/ directory. This will enable the "Map->Find Address" menu option to work. Xastir will place a big "X" on the map at the street address it finds for you. This file is sometimes available at http://www.dementia.org/geocoder/tgr2003/ As an alternative you can download the individual state files that are located there. == From the readme file: (7) GATING WEATHER ALERTS, STATIONS, OBJECTS/ITEMS TO RF Gating NWS Weather Alerts to RF: If you wish to gate NWS weather alerts from the Internet onto RF, you'll need to create a text file in the users directory as ~/.xastir/data/nws-stations.txt List each NWS station that you would like to transmit via RF. Wildcards are implied for lengths of 3 or greater. Here's what an example file looks like: - Cut Here - # # Seattle, WA SEANPW # # Portland, OR (any alert type) PDX # # Pendleton, OR PDTNPW # # Medford, OR MFRNPW # - Cut Here - All text should start at the beginning of the line. (Where can these - NWS abbreviations - be found) Once that file is in place, you'll need to hook up to at least one Internet server that is feeding you the weather alerts. You'll also need to have at least one RF interface up and running with transmit enabled on that interface. Make sure that "Interfaces->Disable Transmit: All" is not selected. You should now be gating NWS weather messages to RF. Turn on igate logging and look at that log file to view what you're sending out via RF. Don't forget to turn off logging or set up auto-rollover of the log files, else your hard drive might fill up with logging info. Auto-rollover of log files is typically accomplished via CRON. (where do you find the servers to feed the weather alerts???) == Gating Stations, Objects/Items to RF: - The latest code also allows gating packets from specific stations to RF using the above method (except object/item packets). You can also gate objects/items to RF by name. The same wildcarding rules apply as listed above. Callsigns or object/item names listed in this file are case-insensitive, so they'll match any case in received packets. Bob Bruninga, WB4APR, recommends gating these calls to RF: SCOUTS, SATERN, KIDS, REDCROSS, FOUR-H, YOUTH, GUARD, MARS, JOTA See his link: "Generic Callsigns for National Events" off this web page for his current list of recommended callsigns: http://www.ew.usna.edu/~bruninga/aprs.html ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
[Xastir] Run Xatir
Thanks Den for your help on the password problem. After 5 times i figured the xstart thing. Now I don't know how to start Xatir. The instructions say that it will be under "Other" but I don't have that in my program list. I looked through the whole list and don't see Xatir anywhere. Chris Viningre 70 W. Roadrunner Salt Flat, Texas 79847 C:(915) 504-1510 chrisvinin...@gmail.com Amateur Radio Operator: WS5B https://www.qrz.com/db/ws5b http://www.reverbnation.com/chrisviningre ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
Jason, Can not say exactly how I ran into this issuefollowing your tutorial but I did and it was the second time it happened to me. The first configuring a WeeWX pi. This discussion started when Chris appeared to have the same issue on 2/16 and was asking how to fix the pi boot refusal. I was trying to follow a couple of Xastir help files, not really keeping track until I rebooted and could not log in. The light went off and I knew what I did. This time I had the root password set up and could fix the issue. My input would be to avoid sudo su in tutorials where newbies, like me, may 'shoot' themselves, unknowingly. I believe you can accomplish the same commands with sudo as you would without it after the sudo su. No harm, no foul we are all just amateurs trying to have fun. Pleasure communicating with you.. Any suggestions on how to improve the Xastir mapping? 73 Den On 2/16/2017 12:20 PM, Jason KG4WSV wrote: I just did a quick read of http://tnc-x.com/TNCPi.pdf and while there is an apparently unneeded invocation of startx, there were no instructions to do it as root nor did I see prior instructions that would have left you in a root shell. Maybe I read too quickly or there are some out of date instructions floating around. I forgot instructions on how to change the root password after recommending everyone should - sorry about that. To change the root password: pi$ sudo passwd root New password for root: Retype new password: Root can override anyone's password without knowing the old one. You can change the pi user's password the same way, or by the usual unprivileged method: pi$ passwd Old password: New password: Repeat new password: -Jason kg4wsv ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
> On Feb 16, 2017, at 10:44 AM, Denwrote: > > perhaps you could advise the new Pi user just how to protect themselves > definitely NOT a popular subject on the web The problem is that security is at best inconvenient, it isn't always trivial, and it's never ending. For a pi or any system on the 'net: - change the default root (or other admin) and default user (e.g. pi) passwords - use good passwords (google that one, several articles available) - keep the OS patched regularly. turn on automatic updates if patching isn't part of your routine. Yes, a bad patch _can_ cause trouble but unless you have the vigilance of a paranoid sysadmin you're far more likely to be burned by lack of a patch than a bad patch. There are other things (turning off unused services, change passwords regularly, use layered defenses, etc) but if you cover these 3 you're unlikely to be compromised in a typical environment. -j ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
I just did a quick read of http://tnc-x.com/TNCPi.pdf and while there is an apparently unneeded invocation of startx, there were no instructions to do it as root nor did I see prior instructions that would have left you in a root shell. Maybe I read too quickly or there are some out of date instructions floating around. I forgot instructions on how to change the root password after recommending everyone should - sorry about that. To change the root password: pi$ sudo passwd root New password for root: Retype new password: Root can override anyone's password without knowing the old one. You can change the pi user's password the same way, or by the usual unprivileged method: pi$ passwd Old password: New password: Repeat new password: -Jason kg4wsv ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
On Thursday, February 16, 2017 11:44:36 AM PST Den wrote: > Well, I stumbled on this anomaly and it looks like others have too where > you can 'shoot yourself'. Get locked out and not be able to get back in. > And so far, there is no recovery, except logging in as root. There are > way too many shoddy tutorials on the web that lure users into pulling > the trigger. "sudo su" then down the page "xstart" BAM Yes, far to many of those. > I'd prefer to have more control over my guns rather than to have them go > off unintentionally. It's kind of like having a modern rifle and finding the instructions on the web for a muzzleloader. Pour the powder in, stuff down a bullet, pull the trigger and BAM. > > Of course, change the Pi password and create a root password. Both > should be strong. Don't think I advised differently? Actually am tired > of helping people who did not take the simplest precautions right up front. > > KEN; > > perhaps you could advise the new Pi user just how to protect > themselves definitely NOT a popular subject on the web I'm working on a couple of RPi/radio combos that need to be properly configured and I'll try to write up the details. The problem is finding the ATU's to do it and staying focused...oh look 'Squirrel'...long enough. ... -- Ken - N7IPB Email: n7...@wetnet.net JID: n7...@jabber.wetnet.net PGP Sig: F42B EF90 3CD3 31C7 3056 122E 993A 7B2E 5138 C42A “I never am really satisfied that I understand anything; because, understand it well as I may, my comprehension can only be an infinitesimal fraction of all I want to understand” -Ada Lovelace signature.asc Description: This is a digitally signed message part. ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
Well, I stumbled on this anomaly and it looks like others have too where you can 'shoot yourself'. Get locked out and not be able to get back in. And so far, there is no recovery, except logging in as root. There are way too many shoddy tutorials on the web that lure users into pulling the trigger. "sudo su" then down the page "xstart" BAM I'd prefer to have more control over my guns rather than to have them go off unintentionally. Of course, change the Pi password and create a root password. Both should be strong. Don't think I advised differently? Actually am tired of helping people who did not take the simplest precautions right up front. KEN; perhaps you could advise the new Pi user just how to protect themselves definitely NOT a popular subject on the web 73 Den On 2/16/2017 11:08 AM, Jason KG4WSV wrote: On Feb 16, 2017, at 9:19 AM, Denwrote: I'll let you explore how to create a root password, which I recommend. Obviously those with more knowledge think we commoners, and the owner of the Pi, should not use. Well, the problem was that you shot yourself in the foot by running something as root. Maybe they're onto something. sudo is configured on by default for the pi user. Use of sudo instead of using a full root shell (su or sudo bash) or even worse logging in a root is considered best practice for security reasons. Using sudo allows minimal privilege escalation to accomplish a task and consequently minimizes risk. If your pi is to be exposed to the internet, or maybe even on a home network, the passwords _should_ be changed for both the pi and root users. Default passwords are extremely insecure - there are days when I see over 10k brute force login attempts against a dozen or so systems, where attackers are looking for me and my users to rely on default or dumb passwords. -j ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
On Thursday, February 16, 2017 10:08:31 AM PST Jason KG4WSV wrote: > > On Feb 16, 2017, at 9:19 AM, Denwrote: > > > > I'll let you explore how to create a root password, which I recommend. > > Obviously those with more knowledge think we commoners, and the owner of > > the Pi, should not use. > Well, the problem was that you shot yourself in the foot by running > something as root. Maybe they're onto something. > > sudo is configured on by default for the pi user. Use of sudo instead of > using a full root shell (su or sudo bash) or even worse logging in a root > is considered best practice for security reasons. Using sudo allows minimal > privilege escalation to accomplish a task and consequently minimizes risk. > > If your pi is to be exposed to the internet, or maybe even on a home > network, the passwords _should_ be changed for both the pi and root users. > Default passwords are extremely insecure - there are days when I see over > 10k brute force login attempts against a dozen or so systems, where > attackers are looking for me and my users to rely on default or dumb > passwords. And one additional item to add to Jasons excellent comment. Never, never, never put a pi on the internet without either putting it behind a firewall or installing the appropriate firewall rules on the pi itself. Out of the box there is NO protection other than your password and those are far to easy to crack. Put it behind your home router, or better yet put it on it's own subnet, and enable a port forward if you must have Internet access. And for good measure, pick some other port number instead of the standard ssh port that everyone attacks and have that on the Internet facing side. The shear number of attacks on standard ports is incredible and if you have a system or two directly on the Internet, like I do, you put into place all kinds of additional tools to combat the bad guys. For most casual use putting your RPi behind your home firewall and perhaps forwarding a port or two works, but be careful. There are far too many compromised devices out there and it's getting worse. -- Ken - N7IPB Email: n7...@wetnet.net JID: n7...@jabber.wetnet.net PGP Sig: F42B EF90 3CD3 31C7 3056 122E 993A 7B2E 5138 C42A “I never am really satisfied that I understand anything; because, understand it well as I may, my comprehension can only be an infinitesimal fraction of all I want to understand” -Ada Lovelace signature.asc Description: This is a digitally signed message part. ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
> On Feb 16, 2017, at 9:19 AM, Denwrote: > > I'll let you explore how to create a root password, which I recommend. > Obviously those with more knowledge think we commoners, and the owner of the > Pi, should not use. Well, the problem was that you shot yourself in the foot by running something as root. Maybe they're onto something. sudo is configured on by default for the pi user. Use of sudo instead of using a full root shell (su or sudo bash) or even worse logging in a root is considered best practice for security reasons. Using sudo allows minimal privilege escalation to accomplish a task and consequently minimizes risk. If your pi is to be exposed to the internet, or maybe even on a home network, the passwords _should_ be changed for both the pi and root users. Default passwords are extremely insecure - there are days when I see over 10k brute force login attempts against a dozen or so systems, where attackers are looking for me and my users to rely on default or dumb passwords. -j ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
I tried to answer Chris both privately and this list. had issues that the list did not like my formatting. Think eventually my reply made it... not sure though 73 den I'm just playing with Raspian, but I'm not running Xastir on it, it was W2DEN who was doing that. My current work is with Direwolf to make an igate out of an Rpi. On Wed, Feb 15, 2017 at 4:25 PM, Chris Viningrewrote: Curt, What Distro are you using? I tried with the instructions that came with the TNC-Pi running Raspbain Pixel and it keep locking up at the password when it rebooted. Chris Viningre 70 W. Roadrunner Salt Flat, Texas 79847 C:(915) 504-1510 chrisvinin...@gmail.com Amateur Radio Operator: WS5B https://www.qrz.com/db/ws5b http://www.reverbnation.com/chrisviningre On Wed, Feb 15, 2017 at 8:16 AM, Curt Mills wrote: Good deal! On Wed, Feb 15, 2017 at 7:08 AM, Den wrote: Just needed to add the Internet Server Interface Control with my APRS Passcode. Who knew? Well now I do! 73 Den On 2/15/2017 9:12 AM, Den wrote: I have XASTIR running on a Pi 3 B with a TNC-Pi. All looks good. My tracker shows up on the Xastir map as it should. The issue is Xastir will not iGate. It will digipeat but not iGate. The Pi is WiFi to my local internet router which looks OK... I have gone over the settings multiple times with out success. Using a different rig / computer etc. my tracker gets iGated without issue. Switch to the Pi and no luck. Call used is W2DEN. SSID -5 is my tracker, -7 the Pi Xastir (with a successful digipeat) and -3 the other computer running APRSIS32 with many igates. You can find me on aprs.fl. Any help would be appreciated. ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir -- Curt, WE7U http://we7u.wetnet.net http://www.sarguydigital.com ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir
Re: [Xastir] FIXED No iGate, please help
I'm just playing with Raspian, but I'm not running Xastir on it, it was W2DEN who was doing that. My current work is with Direwolf to make an igate out of an Rpi. On Wed, Feb 15, 2017 at 4:25 PM, Chris Viningrewrote: > Curt, What Distro are you using? I tried with the instructions that > came with the TNC-Pi running Raspbain Pixel and it keep locking up at > the password when it rebooted. > Chris Viningre > 70 W. Roadrunner > Salt Flat, Texas 79847 > C:(915) 504-1510 > chrisvinin...@gmail.com > Amateur Radio Operator: WS5B > https://www.qrz.com/db/ws5b > http://www.reverbnation.com/chrisviningre > > > On Wed, Feb 15, 2017 at 8:16 AM, Curt Mills wrote: > > Good deal! > > > > On Wed, Feb 15, 2017 at 7:08 AM, Den wrote: > > > >> Just needed to add the Internet Server Interface Control with my APRS > >> Passcode. > >> > >> Who knew? Well now I do! > >> > >> 73 > >> Den > >> > >> On 2/15/2017 9:12 AM, Den wrote: > >> > >>> I have XASTIR running on a Pi 3 B with a TNC-Pi. All looks good. My > >>> tracker shows up on the Xastir map as it should. The issue is Xastir > will > >>> not iGate. It will digipeat but not iGate. > >>> > >>> The Pi is WiFi to my local internet router which looks OK... I have > gone > >>> over the settings multiple times with out success. > >>> Using a different rig / computer etc. my tracker gets iGated without > >>> issue. Switch to the Pi and no luck. > >>> > >>> Call used is W2DEN. SSID -5 is my tracker, -7 the Pi Xastir (with a > >>> successful digipeat) and -3 the other computer running APRSIS32 with > many > >>> igates. > >>> You can find me on aprs.fl. > >>> > >>> Any help would be appreciated. > >>> > >>> > >> ___ > >> Xastir mailing list > >> Xastir@lists.xastir.org > >> http://xastir.org/mailman/listinfo/xastir > >> > > > > > > > > -- > > Curt, WE7U > > http://we7u.wetnet.net > > http://www.sarguydigital.com > > ___ > > Xastir mailing list > > Xastir@lists.xastir.org > > http://xastir.org/mailman/listinfo/xastir > ___ > Xastir mailing list > Xastir@lists.xastir.org > http://xastir.org/mailman/listinfo/xastir > -- Curt, WE7U http://we7u.wetnet.net http://www.sarguydigital.com ___ Xastir mailing list Xastir@lists.xastir.org http://xastir.org/mailman/listinfo/xastir