Installation of openSUSE Linux Leap 15.1 – Instructions for Users

It is a follow up to the general installation instructions and it contains settings that have to be adjusted by each user, as well as instructions for certain programs and for remote access.

Important: The highlighted steps are important and should be performed by every user when beginning to work on a new machine (or new installation).

USER SETTINGS

BACKUP

VERSION CONTROL

REMOTE CONNECTIONS

ENCRYPTION

USER SETTINGS

These are some settings that must be performed once by each user after a new installation. The description also includes some useful hints for trouble-shooting.

  1. KDE: A new user should take the time to customize the many options in KMenu / Settings / Configure Desktop.
    1. One specially useful setting is under Personalization / Regional Settings, then under Formats change the region to Canada. Apply. And under Spell Checker change the Default Language to Canadian English and uncheck Skip run-together words (and, if you like, enable Automatic spell checking by default). Apply.
    2. Screen Lock: To change the time or to disable screen locking in
      • KDE: Open KMenu / Settings / Configure Desktop, then Workspace / Desktop Behavior / Screen Locking and change the time or uncheck Lock screen automatically after:.
      • XFCE: Open openSUSE / Settings / Settings Manager, then Personal / Screensaver and change the time or uncheck Lock Screen After.
    3. No Blinking: To disable cursor blinking, open KMenu / Settings / Qt4 Settings and in the Interface tab, change Cursor Flash Time down to No blinking. Then File / Save. On the Konsole, go to Settings / Configure Konsole, in the Profiles tab select default, Edit Profile. In the Advanced tab make sure Blinking cursor is unchecked.
    4. NOTE: After an update existing users start with their old settings. A copy of their old settings and KDE specific files, such as address book, calendar and email, can be found in ~/.kde4_old/.
  2. KWallet: (KMenu / System / KWalletManager) Secure password storage.
    1. To store passwords securely in KWallet for wireless connections and for Chrome/Chromium, select Classic, blowfish encrypted file, Next, then enter your password twice. It is sufficiently secure and more convenient in KDE, than the GPG encryption recommended by the popup.
    2. KWallet can also be used to securely store manually entered passwords in the KWalletManager by left-clicking on the Password folder and right-clicking on Passwords and selecting New.
    3. To export or import your wallet for transfer to another computer, use File / Export as encrypted or Import encrypted, respectively.
  3. Firefox: Change following Firefox settings:
    1. Security / Passwords: (Open menu / Preferences / Security) If you allow Firefox to Remember Passwords, then make sure to Use a master password, so that URLs and passwords are encrypted.
    2. Close Firefox to save these settings.
    3. Firefox Extensions: (Open menu / Add-ons) Get Add-ons with many extensions to enhance Firefox. If extensions are downloaded and installed directly from the maker’s website, you need to Allow the site to install them in Firefox. Some suggested extensions are:
      1. Mendeley Web Importer: download papers directly into Mendeley.
      2. Video DownloadHelper: save videos from YouTube and other sources.
  4. Chromium and Chrome: To save passwords in Google’s Chromium or Chrome, go to Settings, then click on Advanced Sync Settings. Set Encrypt synced passwords with your Google credentials.
  5. Kile: (KMenu / Office / Kile) The LaTeX user interface. In Settings / Configure Kile adjust:
    1. Kile / General: Template Variables: Document Class Options: delete a4paper,10pt; File Clean-up Details: set Automatically clean-up files after close.
    2. Tools / Build: The QuickBuild button is set to PDFLatex+ViewPDF by default. Change this only if necessary.
    3. Tools / Build: Change the ViewHTML Command from konqueror to firefox, otherwise the list of LaTeX commands under Help / LaTeX Reference cannot be shown.
    4. Editor / Editing: Spellcheck: change the Default Language to English (Canada) and uncheck Skip run-together words (and, if you like, enable Automatic spell checking by default).
    5. Editor / Open/Save: General: change Line Length Limit to unlimited (option below zero). If a file with too long lines was open Read Only, then it will be reopened as Read Only, until the option Tools / Read Only Mode is unchecked.
    6. OK.
  6. KWrite, Kate: (KMenu / Utilities) One of the text editors should be configured, in addition to Kile. The other will follow the same configuration. In Settings / Configure Kate (or Configure Editor) adjust:
    1. Editor Component / Editing (or Editing): Spellcheck: change the Default Language to American English (United States)[CA] and uncheck Skip run-together words (and, if you like, enable Automatic spell checking by default).
    2. Editor / Open/Save (or Open/Save): General: change Line Length Limit to unlimited (option below zero). If a file with too long lines was open Read Only, then it will be reopened as Read Only, until the option Tools / Read Only Mode is unchecked.
    3. OK.
  7. LibreOffice:
    1. Replace Microsoft Fonts: To display correctly Microsoft Office documents, replace MS fonts with equivalent open source fonts:
      • Go to Tools > Options > LibreOffice > Fonts.
      • On the right-hand side, first enable the Replacement Table by checking Apply replacement table.
      • Type Calibri into the Font box and select Carlito in the Replace with box. The click the check box to add the replacement to the table.
      • Type Cambria into the Font box and select Caladea in the Replace with box. The click the check box to add the replacement to the table.
      • Apply. OK.
    2. LibreOffice Extensions: To add more extensions to LibreOffice, start LibreOffice Writer, then Tools / Extension Manager and Get more extensions online.
    3. Writer: To access text or figures that do not respond to clicking, go to Tools > Options > LibreOffice Writer > Formatting Aids and disable Cursor in protected areas.
  8. Annotation of PDF files:
    1. Xournal: KMenu / Utilities / Xournal Although designed for use with tablets, this is the easiest annotation tool for PDFs and it can also be used with regular desktops. Start Xournal and open a PDF with File / Annotate PDF. Use the pen and ruler modes to add lines and the text mode to add comments. Save the annotations only with File / Save As under *.pdf.xoj or re-export to PDF with File / Export to PDF.
    2. Okular: The default PDF reader can also annotate. Click on the Reviews icon on the left, or Tools / Review or click F6. After adding reviews and bookmarks, save them to be able to see the annotations in another computer.
    3. With the installation of openSUSE package servicemenu-pdf, many PDF editing operations are now available by right-clicking and choosing Actions.
  9. Wireless Connections: To avoid having to memorize all wireless passwords, use KWallet to save them securely (you will be prompted for it, select the Classic, blowfish encrypted file mode). You usually only need to type the KWallet password once in each login session.
  10. University Wireless Service (UWS): To connect to UWS with your laptop, left-click on the KNetworkManager icon in the task bar (Networks) and click on UWS (under Available Connections), then on Manage Connections. Select UWS from the list or type UWS in the Essid field, then Next. Set the following options:
    • Security: WPA/WPA2 Enterprise
    • EAP: Method: Protected EAP (PEAP)
    • CA Certificate: Check Use system CA Certs
    • Inner Authentication: MSCHAPv2
    • Username: your CCID
    • Password: your UofA password
  11. Sound: There are several ways to control sound in openSUSE.
    1. Mixer (speaker icon in the System Tray (bottom-right)): The Mixer allows for quick volume control of output and input (microphone). It can be adjusted a left-click.
    2. Configure Desktop (KMenu / Settings / Configure Desktop / Hardware / Multimedia / Audio Volume): It allows for individual adjustment in case of different audio devices or programs. You can also create different profiles in the Advanced tab.
    3. PulseAudio (KMenu / Multimedia / PulseAudio Volume Control): PulseAudio is the lowest level program controlling the audio.
  12. Fonts: To produce accented characters, use the right Ctrl+Shift keys as Compose keys. Press the combination first, then press the accent key, then press the accented letter key. If you have problems displaying foreign characters (accented letters) in any text editor, try changing the font encoding method from utf-8 to iso8859-1.
  13. Fonts: KMenu / System / Configure Desktop / Appearance / Fonts Manage system fonts. To install new fonts go to Font Management, and Add the files.
  14. Android and KDE synchronization:: KDE can now synchronize with any Andriod mobile device on the same LAN (local network). This requires installation of the openSUSE package kdeconnect-kde (already installed) and installation of the app KDE Connect from the Google Play Store in the mobile device. After installation (and possibly after reboot of the mobile device or just waiting for a while), you can pair the device with the computer:
    • Add the widget KDE Connect to your KDE Desktop background. You can also access KDE-Connect via KMenu / Configure Desktop / Hardware.
    • Open the Firewall (YaST / Security and Users / Firewall): Under Service to Allow (while Selected Zone shows External Zone) Add KDE Connect from the pull-down menu Service to Allow. Next. Finish.
    • On the mobile device, start KDE Connect and wait (or reboot) until you see the name of your computer under Not Paired Devices. Then click on it and Request Pairing.
    • The computer will show a Pairing reqest from [device]. Click Accept.
    • The name of your computer will move to the Connected Devices list in your mobile device. You can test the connection by clicking on the computer name and Send ping.
    • From now on, the computer will show battery status, notifications, and phone calls from the device. You can also control multimedia programs, such as Amarok, VLC, and Kaffeine, remotely from your mobile device. Amarok’s music will automatically pause, when you receive a phone call. And there will be a link under Places in Dolphin that allows you to transfer data to and from the phone (you need to unlock the phone screen first).
    • If you tap on the computer name under Connected Devices, then on the three dots at the top and Select plugins, you can select all the different types of connections.
  15. Oneko: If you are bored with your mouse cursor, run oneko & in a console terminal or in KRunner (Alt+F2: oneko ; Enter) to have a cat chasing your mouse cursor. Add this command to your Autostart for permanent use: KMenu / System / Configure Desktop / Workspace / Startup and Shutdown: Autostart: Add Program: oneko. OK. OK.

BACKUP

  1. Personal Backup: Each user is responsible for backing up her/his data. Backup is the single most important system maintenance activity for the user and it can save many days, sometimes weeks, of work in case of hardware failure. Create a habit of regularly backing up locally and off-site your most important data, specially during heavy work periods.
    1. Local Backup: Each CFD-Lab user is entitled to means for regular local backup (weekly is recommended). This is specially important for very large files and simulation results files, which are not included in the automatic backup. The current means of local backup is:
      • An external hard-disk that is connected to the machine through the external disk bay. All backup disks shall be stored in the fireproof safe.
    2. Off-site Backup: In addition to the local backup, each user should use their own means for regular off-site backup (daily is recommended). Examples of backup media are: large USB memory keys, rewritable DVDs, external hard-disks, or synchronization to an external machine.
    3. Backup Commands and Scripts: The special scripts below were installed in /usr/local/bin/ during the installation process.
      1. For full copy use the standard Linux commands:
        • cp -a orig dest (local backup)
        • scp -rp orig remote-mach:dest (remote backup)
        • tar zcvf filename.tar.gz orig (creates a single packed and compressed tar-file (similar to ZIP, but preserving all attributes))
      2. For efficient incremental synchronization, the best command is rsync. Because of the complexity of the this command, we recommend the use of the following scripts for directory (folder) synchronization:
        • syncsend directory remote-mach:
        • syncget directory remote-mach:
        which are used to send and receive updated data between two active machines (ex. laptop and desktop), asking the user before deleting files.
        • syncsendauto directory remote-mach:
        • syncgetauto directory remote-mach:
        which are used to send updates from an active machine to a passive backup destination (ex. external hard disk) or to receive updates at a passive destination. Deletes are synced without prompting.
      3. These scripts also accept local parent directories (use full path) as destinations (ex.: syncsendauto Thesis/ /media/disk/user/ ).
      4. To generate a compressed tar-ball, containing only new and modified files in a directory (folder) after a certain date, that can be easily stored in a small memory stick, use the backupfromdate script. For example, to backup all new and modified files from the past 24h in a directory use:
        backupfromdate yesterday directory
        This creates a tar.bz2 file that can be restored later running from the top directory:
        tar jxpf file.tar.bz2
        Description and another example can be found running backupfromdate –help.
  2. Other Backup and Synchronization Tools: In addition to the scripts above, there are several other tools available for backup and synchronization:
    1. Grsync: a GUI for rsync.
    2. Dropbox: see below.
    3. luckyBackup: another GUI front-end for rsync. It offers scheduled backups.
    4. rdiff-backup: an incremental backup tool based on rsync that offers snapshots in time, allowing for the retrieval of past versions of files and folders.
    5. Unison: a graphical bidirectional synchronization tool that can synchronize between Linux and Windows.
  3. Dropbox: The Dropbox command-line client is already pre-installed in your system.
    1. There is only a command-line interface for Dropbox. Type dropbox in a Konsole terminal to get an initial list of commands. Type dropbox help to get more specific help.
  4. Automatic Backup: (CFD-Lab)

VERSION CONTROL

To create a record of changes to a large file or a group of files, such the Latex chapters of a thesis, the source files of a program, or the installation scripts and instructions described here, there are several version control systems. They offer the ability to trace related changes across several different files, and to easily go back to an earlier consistent version, in case one changes the mind. The most widely used distributed versioning system currently is Git. Git is very powerful, but it can also be employed for personal use very easily. The initialization and the use of Git with the graphical front end QGit is briefly described here.

  1. Initialize Git: In terminal at your home directory, initialize your user name and email globally (stored in ~/.gitconfig)
    git config –global user.name “Your Name
    git config –global user.email name@provider
    This step only needs to be performed once.
  2. Change to the top directory of the project:
    cd ProjectDir
  3. Initialize the local Git repository
    git init
  4. Add a single file or the entire project directory to be controlled by Git. The directory can contain sub-directories, too.
    git add filename
    or
    git add .
  5. To enter the current version of the project file(s) in the history record of Git, commit them to the repository and include a meaningful comment about the version
    git commit -m “Initial Commit”
  6. QGit: KMenu / Development / QGit From this point on, you can use the graphical user interface QGit to commit new versions to previously added files or to create a branch from an older version. Use File / Open to open the project directory.
  7. After completing changes to one or more files, commit the changes (one file at a time, if changes are unrelated, or groups of files that have related changes) with Edit / Commit (select corresponding file(s) only) and give an explanatory message in the Comments field. You need to add new lines not starting with #. All lines starting with # will be ignored (but they contain useful hints). Click on Commit when ready.
  8. You can easily compare versions by selecting both with the Ctrl key and selecting External Diff from the right-click menu.
  9. To add a new file to the list that can be committed, you have to run this command in a terminal at the project directory
    git add filename
    An entire sub-directory can also be added with this command.
  10. To change a file name and keep the file history, you have to use the following Git command:
    git mv oldfilename newfilename
  11. To delete a file, you have to use the following Git command:
    git rm filename
  12. Branch: If you want to restart your work based on an older version or start a parallel development of another version, create a branch:
    • First make a clone of the project in a separate directory:
      cd ..
      git clone ProjectDir NewProjectDir
    • In QGit, open the new project directory, select the version to branch out from, right-click and select Make branch. Enter the branch name, say NewBranch. Or, from the command line:
      cd NewProjectDir
      git branch NewBranch
    • Then switch to the branch by right-clicking again and selecting the branch name at bottom of the pop-up menu. Or, from the command line: git checkout NewBranch
  13. If you have transferred the project directory from another computer without using the git clone command, then you first need to update the index of QGit with Edit / Commit / Update Index.

REMOTE CONNECTIONS

  1. Remote File Browsing: To browse files on another computer with the SSH protocol, go to the Network place in Dolphin, and Add Network Folder using Secure shell (ssh) protocol.
  2. Remote login: To securely login (ssh) and copy files (scp, sftp) to other computers in a terminal without retyping your password every time:
    1. First generate a key pair for your computer with
      ssh-keygen -t rsa
      and save it in the suggested place.
    2. Make sure you use a passphrase, which can later be changed with
      ssh-keygen -p -t rsa
    3. Send the public key to each remote computer:
      ssh-copy-id machine.name
    4. Finally, every time you login on your local machine, run ssh-add from a Konsole once to load your private key.
    5. To start ssh-add automatically in KDE together with KWallet, you can add it to the Autostart list: go to KMenu / Startup and Shutdown / Autostart, then Add Program and enter ssh-add. OK.
    6. If ssh-add on a remote machine gives an error, try logging in to that machine with ssh -A to enable auth agent forwarding.
    7. If the remote machine was upgraded or reinstalled, its fingerprint was changed in the process and SSH will prevent you from logging in, thinking that another machine is pretending to be it. To solve this you have to remove the current version of the RSA key corresponding to the remote machine with:
      ssh-keygen -R machine.name -f $HOME/.ssh/knwon-hosts
  3. X2Go Client (KMenu / Utilities / X2Go Client): To access your desktop remotely or to run single applications use the X2Go Client for best results.
    • To access your complete desktop on a remote machine:
      1. Start a New Session (Session / New Session) and enter Server Host name and Login.
      2. Important: Change the Session type to XFCE, because X2Go currently has problems supporting the new KDE Plasma 5 desktop.
      3. In the other tabs you can adjust the connection speed, size of display window, media sound support, and shared folders, if needed. OK.
      4. Once the session started, you can close the session window or the client window and the session (and any running program) will continue to run in the remote server.
      5. At the end of a session, do not forget to logout from within the session (openSUSE Menu / Logout), to actually terminate the session in the server.
      6. If login does not work, try restarting the OpenVPN session first, because it may have expired. Alternatively, repair the database in the server computer running x2godbadmin –createdb as root.
    • To access a particular application on a remote machine:
      1. Start a New Session as above and set the Session type to Single apllication, then enter the application call in the Command field. OK.
      2. Note: Matlab must be called from a terminal window that remains open, such as xterm -e matlab.
      3. At the end of a session, do not forget to quit the application as usual.
    • To clean up sessions, in case X2Go is hanging:
      1. Use the following commands as root: x2golistsessions, x2goterminate-session, x2gocleansessions.

ENCRYPTION

In case of a laptop, University rules require that you have a complete encrypted home partition.

In case you want to share files securely over email or otherwise, or if you want to store them securely on your desktop computer or in any backup medium, you need to encrypt the files separately.

Using GnuPG for encryption of files:

  1. KGpg (KMenu / Utilities / KGpg): KGpg is a key manager and can help encrypt and decrypt files.
    First generate a key pair:
    1. When you start KGpg for the first time, accept the binary, Next. Then check Generate New Key and Start KGpg automatically. After the first start, you can also open the Key Manager and go to the menu Keys / Generate Key Pair….
    2. Give Name, Email and comment for user ID.
    3. Choose expiration: 0 (never expires).
    4. Choose the key length: 2048, for example.
    5. Choose the algorithm: RSA & RSA (or DSA & ElGamal).
    6. Enter a Passphrase: note that a long sequence of unrelated words is easier to remember and harder to crack than a short sequence of mixed letters and symbols.
    7. Check Set as Default Key and Save a revocation Certificate.
    8. You can also generate a key pair from the command line with:
      gpg2 –gen-key
  2. Now, you can export the public key and give it to others, so they can encrypt files that only you can decrypt. You also can export it to a key server, so others can more easily find it.
  3. You can also right-click on the key and Export Secret Key, but make sure you encrypt the file and save it in a secure and hidden place. This secret key can be imported into KGpg at another machine to enable encryption and decryption with the same key pair.
  4. To import an existing key from another machine, first decrypt the file on a machine that has KGpg set, then import the decrypted key in the new machine. Do not forget to delete the decrypted file.
  5. To Trust your own key (or any imported key), double-click on it, change Owner trust to Ultimately and OK. You may have to refresh the list (F5) to see the Trust colour change.
  6. You can also set this key as the default key: right-click and select Set as Default Key.
  7. To encrypt a file, right-click on it and select Actions / Encrypt File. In case of a text file, you can also right-click on KGpg and select Open Editor, then Open the text file and click on Encrypt. Select your Public Key from the list, then Save As, if you want a different name for the encrypted file. After saving the encrypted file, do not forget to delete the unencrypted version, in case you used different names.
  8. You can also encrypt a file from the command line with:
    gpg2 [-r userID] -e file.name
    If no userID is given, the default key (your own) is used. The encrypted file is saved in the same directory as file.name.pgp.
  9. To decrypt a file, right-click on it and choose Open with / KGpg. With this method, a copy of the decrypted file will be saved in the same directory.
    In case of a text file, you can also right-click on KGpg and select Open Editor, then Open the encrypted file and click on Decrypt, or simply right-click on the file itself and choose Actions / View file decrypted. These two methods do not create an unencrypted file on the disk, just on memory, and the unencrypted text disappears, when you close the Editor window.
  10. You can also decrypt a file from the command line with:
    gpg2 -d file.name.pgp > file.name
  11. If you want to modify an encrypted text file, after opening it and decrypting with the KGpg Editor, do not forget to encrypt again the modified text before saving the encrypted file.

Credits