Skip to content

Linux

  • in Linux
  • 2 min read

Nifty firewall

#!/bin/bash

IPTABLES='/sbin/iptables'

# Clear out any existing firewall rules, and any chains that might have
# been created. Then set the default policies.

$IPTABLES -F
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
$IPTABLES -F -t mangle
$IPTABLES -F -t nat
$IPTABLES -X
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT

# Begin setting up the rulesets. First define some rule chains to handle
# exception conditions. These chains will receive packets that we aren't
# willing to pass. Limiters on logging are used so as to not to swamp the
# firewall in a DOS scenario.
#
# silent       - Just dop the packet
# tcpflags     - Log packets with bad flags, most likely an attack
# firewalled   - Log packets that that we refuse, possibly from an attack

$IPTABLES -N silent
$IPTABLES -A silent -j DROP

$IPTABLES -N tcpflags
$IPTABLES -A tcpflags -m limit --limit 15/minute -j LOG --log-level 4 --log-prefix '** TCP-Flags ** -- '
$IPTABLES -A tcpflags -j DROP

$IPTABLES -N firewalled
$IPTABLES -A firewalled -m limit --limit 15/minute -j LOG --log-level 4 --log-prefix '** Firewalled ** -- '
$IPTABLES -A firewalled -j DROP

# These are all TCP flag combinations that should never, ever, occur in the
# wild. All of these are illegal combinations that are used to attack a box
# in various ways.

$IPTABLES -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j tcpflags
$IPTABLES -A INPUT -p tcp --tcp-flags ALL ALL -j tcpflags
$IPTABLES -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j tcpflags
$IPTABLES -A INPUT -p tcp --tcp-flags ALL NONE -j tcpflags
$IPTABLES -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j tcpflags
$IPTABLES -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j tcpflags

# Allow selected ICMP types and drop the rest.

$IPTABLES -A INPUT -p icmp --icmp-type 0 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 3 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 11 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 8 -m limit --limit 1/second -j ACCEPT
$IPTABLES -A INPUT -p icmp -j firewalled

# The loopback interface is inheritly trustworthy. Don't disable it or
# a number of things will break.

$IPTABLES -A INPUT -i lo -j ACCEPT

# Now allow Internet hosts access to those services we provide. Note that
# enabling inbound FTP 20 & 21 tcp will also require allowing ports
# 1024-65534/tcp. Which in itself is good enough reason not to allow FTP
# connections and to only allow ssh/scp/sftp.

## SSH

# localhost
$IPTABLES -A INPUT -p tcp --dport 22 -s 127.0.0.1 -j ACCEPT

# example.com
$IPTABLES -A INPUT -p tcp --dport 22 -s 208.77.188.166 -j ACCEPT

# oidentd
$IPTABLES -A INPUT -p tcp --dport 113 -j ACCEPT

## HTTP access from anywhere

$IPTABLES -A INPUT -p tcp -s 0/0 --dport 80 -j ACCEPT

# Allow packets that are part of an established connection to pass
# through the firewall. This is required for normal Internet activity
# by inside clients.

$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# Anything not already matched gets firewalled and logged.

$IPTABLES -A INPUT -j firewalled
  • in Linux
  • 13 min read

Fedora 10 on the Acer Aspire One

Update: I have now reinstalled Fedora 10 on my Acer Aspire One, only this time I downloaded a spinoff, Fedora 10 XFCE Live CD, to see how it performed. And not a huge surprise, but it worked remarkably well, far better than Fedora 10 with GNOME. Not to mention that the battery time went from 1 hour and 50 minutes to 2 hours and 50 minutes. I’ve also modified this tutorial a bit, and I have followed these steps myself, so I know it works. But give me a shout anyway should you find that something is lacking.

Righty then. This is going to be one of those posts that probably is going to be a bit longer than usual (if you don’t include the Acer Aspire One-post).

I had settled down with Linpus on my Acer Aspire One, but it nagged me like mad that I had to just settle for it. I mean, Linpus is fine, but I want to have a system that’s up to date, I want to be able to remove packages as I see fit, without worrying that the hal-daemon breaks shakes his fist at Linpus. In any case, surfing the web yesterday, I came upon the post . So in fear of that post being lost at some point, I’m going to write something similar here, with my own hacks and modifications that I made. Here’s how I went about installing Fedora 10 on my Acer Aspire One.

Preparing your USB-pen

For starters, by installing Fedora 10 XFCE Live CD, mostly everything works out of the box. That means webcam, SD-cards, wireless, you name it. How brilliant is that! But I’m getting a bit ahead of myself here. What we need to do first is to install the Live CD to a USB-pen/drive. To do that download the torrent from here. With me having a stationary machine using Fedora 9, I’ll assume that you do as well. :D su to root and install the package livecd-tools:

# yum install livecd-tools

Once the package is installed, and the iso has been downloaded, plug in your USB-pen/drive. I will also assume that your USB-pen/drive has been given the name sdb1. You can check it with the command dmesg, just look at the bottom of output if it has detected it. It should look something like this:

sd 10:0:0:0: [sdb] Write Protect is off
sd 10:0:0:0: [sdb] Mode Sense: 00 00 00 00
sd 10:0:0:0: [sdb] Assuming drive cache: write through
sd 10:0:0:0: [sdb] Write Protect is off
sd 10:0:0:0: [sdb] Mode Sense: 00 00 00 00
sd 10:0:0:0: [sdb] Assuming drive cache: write through
sdb: sdb1
sd 10:0:0:0: [sdb] Attached SCSI disk

Now, with the USB-thingie plugged in, and your iso downloaded, execute the following command:

# livecd-iso-to-disk /home/jorge/downloads/Fedora-10-i686-Live-XFCE/F10-i686-Live-XFCE.iso /dev/sdb1

F10-i686-Live-XFCE.iso being the Live CD iso we just downloaded. This command will copy the Live CD iso to your USB-pen, making that your bootable device.

Installing Fedora 10

Now that the USB-pen is ready to go, reboot your Acer Aspire One, and at boot press F12 to be able to select what boot device to boot from. Your device should pop up in that list. Log in as usual, and double-click the icon that says Install to Hard Drive. Follow the process as normal, however, when it gets time to partition the disk, everything (and I mean everything) that is ext3, change it to ext2! Why? Because having a journaling system on a netbook that uses an SSD-disk is bad. You will experience that your system is pretty much crawling at the pace of a turtle. Anyway, when getting to the partition-section, remember to click on the box named Review and Modify Partitioning Layout, and press Next. In this next window, we want to remove the swap-partition. So click on the line that says Swap under Type, and click Delete. Now that the Swap-partition is gone, we still see that both / and /boot/ are ext3. Click on each line, select Edit, and select the volume corresponding to it, then Edit again. There you can change from ext3 to ext2. When done, click Okay. When pressing Next now, you’ll get a warning about not having a Swap partition. Ignore it and move on with the installation as usual.

Disabling SELinux

Once your installation is all done, you need to reboot for changes to take effect. Answer some questions, create a user, and you’re done! ..for now. Still have a lot of things to do. The first thing that comes to mind is to make your root-filesystem to be ext2. But didn’t we specify that when we partitioned? We sure did. Why the root partition STILL is ext3 is beyond me, but we need to fix that. The user Turnip mentioned that he didn’t really feel like having LVM, so he just deleted the big partition that held it, and recreated an unvarnished ext2 partition in it’s place. When he rebooted to change what he believed was ext3, it was in fact still ext2. I have to test this myself to be certain (I sure wish I had an Acer Aspire One for testing purposes).

Before we fix the whole LVM/ext3-problem though, we need to disable SELinux. SELinux is such a pain in the butt it’s unbelieveable. Press Alt-F2, type terminal, su to root, and edit the file /etc/selinux/config and set the variable SELINUX to disabled. Save and close the file.

Converting the filesystem from ext3 to ext2

I sure hope you have your USB-pen/drive in hand, because we’re going to need it. Reboot your machine, with your USB-thingie plugged in, and again press F12 at boot, selecting your USB-device as the boot device. When done booting to the Live CD, press Alt-F2 and type terminal, and su to root.

What we need to do next is to convert the root-partition of our system to ext2 (as it is currently ext3). The root filesystem is on an LVM-partition, so the way to change it isn’t exactly your usual way of doing it. Run the command vgscan, and it’ll look something like this:

# vgscan
Reading all physical volumes.  This may take a while...
Found volume group "VolGroup00" using metadata type lvm2

You can now find your root partition in /dev/VolGroup00/LogVol00. To convert this to ext2, run the following command:

# tune2fs -O ^has_journal /dev/VolGroup00/LogVol00
# e2fsck /dev/VolGroup00/LogVol00

When this is done, your system should be ext2. To test this, you can do the following things:

# mkdir /mnt/disk
# mount -t ext3 /dev/VolGroup00/LogVol00 /mnt/disk

This last command should fail, as we’re not mounting an ext3 partition. Try it with ext2, it should now work.

Next step is to update an important file, and making a new initrd.

Updating /etc/fstab and making a new initrd

Now that our filesystem is updated, we need to change the entries in /mnt/disk/etc/fstab to read and specify the root partition as ext2, and not ext3. So open up the file /mnt/disk/etc/fstab, and replace ext3 with ext2. When done, save and close the file. Remember that you need to do these changes as root!

We need to do some changes to the boot partition as well, so mount it up, and other things as well (thanks skug67!):

# mount /dev/sda1 /mnt/disk/boot/
# mount -o bind /sys /mnt/disk/sys
# mount -o bind /proc /mnt/disk/proc

What we will do now is to change our root-enviroment so that we’re working directly inside the mounted partitions. You can do that by running this command:

# chroot /mnt/disk/ /bin/bash

We’re now in the new enviroment. It’s time to create the new initrd. Now, the image-versions shown below does not necessarily have to be what you have. The iso you downloaded from the Fedora torrent might be newer than what I’m writing here, so just do an ls /boot/ to see what your image-file looks like. We proceed:

# mv initrd-2.6.27.5-117.fc10.i686.img initrd-2.6.27.5-117.fc10.i686.img.ext3
# mkinitrd initrd-`uname -r`.img `uname -r`

When this is done, you’ve created a new initrd. Follow up with exiting the enviroment, unmounting the partitions and rebooting:

# exit
# cd /root/
# umount /mnt/disk/boot/
# umount /mnt/disk/sys/
# umount /mnt/disk/proc/
# umount /mnt/disk/
# reboot

With SELinux gone, ext3 converted to ext2, and a new initrd created, you should be able to boot into your Fedora 10 on the Acer Aspire One. :)

And now, optimizing the system.

Optimizing Fedora 10

I assume that by now you are actually using the Fedora 10 installation. Here’s how to improve the system performance a bit.

Quoting the Ubuntu wikipages:

Frequent writes to the SSD will cause failure eventually. We can reduce the number of writes to the SSD by moving our logs to a temporary filesystem in RAM that gets destroyed at ever reboot. Now this means your logs will not be persistent across reboots making debugging difficult in some cases. This step is optional of course, so if you need the logs for an extended period of time do not follow these steps.

Let’s assume that you want to do this. su to root, and open up the file /etc/fstab, and place these following lines there:

tmpfs      /var/log        tmpfs        defaults           0    0
tmpfs      /tmp            tmpfs        defaults           0    0
tmpfs      /var/tmp        tmpfs        defaults           0    0

Also, modify the first line in /etc/fstab to include the options noatime and nodiratime. When done, your /etc/fstab should look something like this:

/dev/VolGroup00/LogVol00 /                       ext2    defaults,noatime,nodiratime        1 1
UUID=43882dc4-109b-40c9-b3eb-6e2c7ebd2758 /boot                   ext2    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
tmpfs                   /var/log            tmpfs   defaults        0 0
tmpfs                   /var/tmp                tmpfs   defaults        0 0
tmpfs                   /tmp                tmpfs   defaults        0 0

Save the file, and close it. The next thing we can do is to place the following into your /etc/rc.d/rc.local-file:

# Economize the SSD
sysctl -w vm.swappiness=1               # Strongly discourage swapping
sysctl -w vm.vfs_cache_pressure=50      # Don't shrink the inode cache aggressively

# As in the rc.last.ctrl of Linpus
echo ondemand > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
echo ondemand > /sys/devices/system/cpu/cpu1/cpufreq/scaling_governor
cat /sys/devices/system/cpu/cpu0/cpufreq/ondemand/sampling_rate_max > /sys/devices/system/cpu/cpu0/cpufreq/ondemand/sampling_rate

echo 1500 > /proc/sys/vm/dirty_writeback_centisecs
echo 20 > /proc/sys/vm/dirty_ratio
echo 10 > /proc/sys/vm/dirty_background_ratio

echo 1 > /sys/devices/system/cpu/sched_smt_power_savings
echo 10 > /sys/module/snd_hda_intel/parameters/power_save
echo 5 > /proc/sys/vm/laptop_mode

#Decrease power usage of USB while idle
[ -w /sys/bus/usb/devices/1-5/power/level ] && echo auto > /sys/bus/usb/devices/1-5/power/level
[ -w /sys/bus/usb/devices/5-5/power/level ] && echo auto > /sys/bus/usb/devices/5-5/power/level

/sbin/setpci -d 197b:2381 AE=47
/sbin/modprobe pciehp
/sbin/modprobe sdhci

Create a file named blacklist_msreader in /etc/modprobe.d, with the following in it:

blacklist jmb38x_ms

Open up the file /boot/grub/grub.conf and add elevator=noop to the kernel-line, making this:

kernel /vmlinuz-2.6.27.5-117.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet

Look like this:

kernel /vmlinuz-2.6.27.5-117.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet elevator=noop

Proceed with rebooting your machine, and everything should be working fine. :)

Ways to extend your battery life

There are several things you can do to extend the battery life on your Acer Aspire One.

  • Turn the screen brightness down – your screen is the most power-intensive component in your laptop, and why turn the brightness all the way up if you already can see well enough?
  • When not in use, turn of the wireless and bluetooth functions.
  • If you have enough memory on your laptop, disable swapping. I would suggest putting in more memory, as swapping writes to virtual memory.
  • Journaling-filesystem on a SSD-disk = baaad. More writing to disk means more power used. Switch to ext2 instead.
  • Disable all services that just aren’t used. A lot of distributions come with say httpd enabled at start up. If you don’t need it, get rid of it.
  • When you’re in no need of sound – mute it!

Jason Farrel has these following tips to apply as well:

  • Not exactly a performance tweak, but add vga=0×315 to the end of the kernel-line in grub.conf in order to see the fancy new plymouth solar bootup screen. Kernel mode setting isn’t yet supported for the intel gma display, so this vesa mode set workaround is needed.
  • Use powertop to eliminate more power hogs.
  • If using mplayer to play video, and you see nasty horizontal tearing, it’s because the fast overlay isn’t being used by default. Edit ~/.mplayer/config and gui.conf to use vo=xv:port=XX where XX is the port returned from the xvinfo util for the overlay adaptor – this should be 79.

  • To cut the bootup time almost in half (down to 25 seconds here), disable uneeded services. Here’s a one-liner to disable them (run it as root): for s in atd auditd avahi-daemon bluetooth cups gpm ip6tables kerneloops mdmonitor nfslock portreserve rpcbind rpcgssd rpcidmapd sendmail setroubleshoot livesys livesys-late microcode_ctl; do echo “chkconfig $s off”; chkconfig $s off; done

  • This one makes a big difference: don’t forget to disable firefox’s disk cache or you’ll grind to death.

Thanks for the tips Jason. :)

I installed FC10 like you described. It works fine. I was a bit surprised the AAO appeared rather slow compared to my EEE 1000H. So I ran cat /proc/cpuinfo. It appeared the CPU ran at 800 Mhz. I first looked at the BIOS, but the CPU ran at 1600 Mhz over there. Then I looked at services and found cpuspeed running. This is for scaling the CPU speed. After disabling this service the cat /proc/cpuinfo reported 1600 Mhz CPU speed and the system runs much smoother (and most probably consumes more power!).

And he is completely right. Jaap, thanks a million!

Minor troubleshooting

Make the sound work properly

When checking the initial volume-settings, you’ll notice that you can hear a little bit of sound, but not much, even if you’ve cranked up the volume to the max. Thing is, we need to specify a little something, just a line really, to make it work properly. Create a file named /etc/modprobe.d/sound with the following in it:

options snd-hda-intel model=acer-aspire

If you were previously using options snd-hda-intel model=acer, change it to options snd-hda-intel model=acer-aspire. This should sort out your problem when plugging in a headphone, and the sound would still get out by the normal speaker at the same time. Thanks to Bruno Malone for the tip. :)

Reboot, and your sound should be working perfectly fine, even after you’ve resumed from suspend. :)

Using Fn-Arrow Up/Down to control the volume

You’ll probably come to notice that Fn-Left/Right works perfectly fine for adjusting the screen brightness. Unfortunately, Fn-Up/Down doesn’t work for controlling the volume. But that is easily fixed. :) A program that’s needed, named aumix, isn’t installed. So as root, install it this way:

# yum -y install aumix

That should make things peachy again. ;)

Making the Wifi LED work

In order for you to have a functional Wifi LED working, you need to have madwifi installed. Upon installing madwifi, it will automatically blacklist the atheros-driver for your wireless card. Don’t get me wrong, your wireless will still work (and rumor has it that madwifi is faster). Another reason that you might want to use madwifi instead of the one included in the kernel is that there seems to be a weird bug where the wireless flakes to the point where it won’t work until you do a full power down (pulling battery and discharging the caps). To be able to install madwifi you need to have the rpmfusion-repository enabled. You can enable it by doing so:

# rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

Once that is done, you can continue by installing madwifi like this:

# yum -y install madwifi

Once it is installed, add the following to the bottom of the file /etc/sysctl.conf:

dev.wifi0.ledpin = 3
dev.wifi0.softled = 1

Now reboot your machine, and your Wifi LED on the front will now do the association blink, as well as blink based on wireless traffic.

Making suspend work when closing the lid

When closing the lid on your Acer Aspire One, you expect it to suspend, right? This behaviour does not come as default with the XFCE desktop. You can make it work by doing the following.

First you have to have acpid installed. Execute:

# yum install acpid

to install it. Once it is installed, create a file named lid.conf in /etc/acpi/events/ and place the following in it:

event=button/lid.*
action=/usr/sbin/pm-suspend

This will now suspend your machine when closing the lid.

If your wireless networking isn’t working after resuming from suspend, and you are using the madwifi driver instead of the native kernel provided driver, you can prevent that problem by placing the following content in a file named /usr/lib/pm-utils/sleep.d/06acerwifi:

#!/bin/sh

. "${PM_FUNCTIONS}"

unload_madwifi()
{
/usr/bin/madwifi-unload > /dev/null
}

load_madwifi()
{
/sbin/modprobe ath_pci > /dev/null
}

case "$1" in
hibernate|suspend)
unload_madwifi
;;
thaw|resume)
load_madwifi
;;
*) exit $NA
;;
esac

When done, change the permissions:

# chmod 755 06acerwifi

Reboot, and it should suspend when closing the lid. :) The only problem with this is that NetworkManager won’t automatically connect to your previous wireless network, so you’ll have to click and select it. I’ll see what I can find out about it. :)

Thanks to derge from the Fedoraforums for the tip about the resume-sound from suspend issue.

That’s pretty much what I have, so far. But I can’t end this post without an image. :) This is how my Fedora 10 XFCE desktop looks on the Acer Aspire One.

Good luck!

  • in Linux
  • 1 min read

Oracle Tips and Tricks

Finding out if Oracle is running on the machine (Oracle always has a db-writer process running):

ps aux | grep dbw

Finding the name of the database-instance:

ps aux | grep -v grep | grep dbw | cut -d _ -f 3

Logging in as sysdba:

sqlplus "/ as sysdba"

Finding out where Oracle places the archive-logs:

> show parameter log_archive_dest;

Show general log information:

> show parameter log_archive;

Setting the archive-log path:

> system set log_archive_dest='/path/to/logs/arch';

Finding out where Oracle places the alert-log:

> show parameter background_dump_dest;

Healthchecking Oracle (if you are able to take down the database):

> shutdown abort;
> startup;
> shutdown;
> startup;
> select sysdate from dual;

Forcing Oracle to write to the archive-logs:

> alter system switch logfile;

Starting the database if it isn’t running:

> alter database open;
  • in Linux
  • 1 min read

code-fu and sps Released

My previous post was about me working on two projects – the Simple Password Storage-script, and code-fu, an open source pastebin. I’m happy to announce that both are now released, version 0.0.1. Head to the Atlantis Crew-pages to download both. To see and test code-fu, head to .

  • in Linux
  • 2 min read

Projects, projects, projects

I get envious when I come upon people that have such a passion for things they do. For instance, my friend Stian, he has so many projects going on it’s insane. He’s been coding an email-client in perl, which he’s named Inlook (brilliant name – Microsoft’s Outlook, get it?), he also has a music-project, and he’s trying to write a novel. Another friend, Kenneth, is always looking for new stuff to try out, especially when it comes to media – ripping his own DVD’s, always finding and testing out what the best alternatives are. At last I’ve found something to get me going. I’ve been working on two things of late – a way to get hold of your passwords through a terminal or SSH, in a safe and easy way, and making an open source pastebin. Here’s a screenshot of both projects:

sps is pretty simple – as not only do you not need a graphical interface to manage it, but it’s dependencies are rather common things. As for the pastebin, the temporary name I’ve given it is code-fu. If it’ll stick or not remains to be seen. But at least I’ve got some things going on. Very exciting. :)

  • in Linux
  • 1 min read

My 1.5 seconds of fame

GNU (GNU’s Not Unix) celebrated quite recently (yesterday) a very special birthday. 25 years had passed since everything was started, and even Stephen Fry was eager to make a video, congratulating the project.

fry

As I may have mentioned before (or not at all), I used to be a GNU webmaster, helping them translate their website to Norwegian. I don’t recall how long I helped out, perhaps a year. I had to give it up though, real life came in the way. With Michael around now, I’m surprised I even have time to check my email when at home. Having left the days with GNU behind me, imagine my surprise when a co-worker made me aware of this:

few_seconds_of_fame1

Seems my name was in the end credits. :) There you have it, my 1.5 seconds of fame. :)

Oh, and happy birthday GNU!

  • in Linux
  • 1 min read

Firefox 3 and Java

One of the things that has been annoying me for ages is getting Firefox and Java working together. For some bizarre reason I never seem to get it working together properly. Till just now. Here’s the easy way of installing Java on your machine, and having it working with Firefox.

Proceed to , and press the Download-button. Download the file named Linux RPM (self-extracting file). Once the file is downloaded, su to root and do a chmod +x on it.

su -
chmod +x jre-6u7-linux-i585.rpm.bin

Then run the binary file:

./jre-6u7-linux-i585.rpm.bin

After agreeing to the license terms, Java should install itself. Now we’ll try to make it work with Firefox. Head to /usr/lib/mozilla/plugins/ and remove the symlink named libjavaplugin.so. Then proceed to create a new symlink with the same name, only link it to /usr/java/latest/plugin/i386/ns7/libjavaplugin_oji.so:

cd /usr/lib/mozilla/plugins/
rm libjavaplugin.so
ln -s /usr/java/latest/plugin/i386/ns7/libjavaplugin_oji.so libjavaplugin.so

And that’s that. Restart your Firefox if it’s already up and going, and once it is back up, Java should now be working. :)

ssh-agent-script

To be placed in your .bashrc-file:

SSHAGENT="/usr/bin/ssh-agent"
SSHAGENTARGS="-s"

if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
  eval `$SSHAGENT $SSHAGENTARGS`
    trap "kill $SSH_AGENT_PID" 0
fi
  • in Linux
  • 18 min read

Acer Aspire One Tips and Tricks

Unfortunately, I no longer maintain this guide. Being that I myself now use Fedora for the Acer Aspire One, I don’t spend much time investigating how to tweak Linpus. All things you try based on this guide are at your own risk! I still recommend using http://www.aspireoneuser.com/forum/ for further questions about the Acer Aspire One. If you need help on IRC, you can find me on the channel #linuxhjelp on the IRC-network DALnet (irc.dal.net).

I have, well had, a Powerbook G4 which was driving me nuts. Having been using Linux for a such a long time, I wasn’t quite able to adjust to how a Mac dealt with software – most of the stuff out there isn’t free. That was just one of the problems I had with a Mac. Making a long story short, I ended up with giving my Powerbook to my parents. I’m sure they’ll enjoy it way more than I do.

So, having gotten rid of that laptop, I suddenly found myself laptop-less, which, to be honest, left me feeling quite naked. I did find a solution though! Getting hold of an Acer Aspire One.

I’ve now ordered it, and it should be in my hands in about a week. Till then, I’ll just gather some tips and tricks concerning it and its system. The machine is finally in my hands. :) You can find the following tips and tricks here:

Please keep in mind that most changes done to the system will require you to have root-access. So unless specified otherwise, run all the commands as root. Whether you are root or not is indicated by the first character in your terminal. $ signifies that you’re a regular user, # is for when you are root.

Oh, and if you’re wondering about what the root password is, I believe it is the same as your regular user password. If you’d like to change it though, do the following:

1
2
3
4
5

$ sudo su -
# passwd root
New Unix password:
Retype new Unix password:
passwd: all authentication tokens updates successfully.

Before we proceed though, I need to emphasize that every instruction here is done at your own risk. There is no guarantee that any of this will work on your Acer Aspire One. Most people have reported these instructions to be a success, while others report failure. So, be cautious!

Changing to the default desktop

The Acer Aspire One runs a Linux distribution called Linpus. This distribution comes with XFCE as the default windowmanager. Of course Acer has modified it a bit, which makes it look like this:

Word of caution though. Most websites will tell you to do the following:

su to root:

1

$ sudo su -

and open the file /etc/xdg/xfce4-session/xfce4-session.rc:

1

# mousepad /etc/xdg/xfce4-session/xfce4-session.rc

and find the line:

1

Client0_Command=xfdesktopnew

Change it to:

1

Client0_Command=xfdesktop-xfce

But the thing is, when you replace xfdesktopnew with xfdesktop-xfce, a script called xfce-mcs-manager won’t start up, and that is what some people find so “horrible” about the regular xfce-desktop. If we open up the file xfdesktopnew located in /usr/bin/, we find the following:

1
2
3
4
5
6
7
8
9

#!/bin/sh
if [ -f /usr/bin/xfce-mcs-manager.new ];then
sudo mv /usr/bin/xfce-mcs-manager.new /usr/bin/xfce-mcs-manager
fi
/usr/bin/xfdesktop2 & >/dev/null 2>&1
sleep 5
if [ -f /usr/bin/xfce-mcs-manager ];then
sudo  mv /usr/bin/xfce-mcs-manager /usr/bin/xfce-mcs-manager.new
fi

As you can se here the script xfdesktopnew starts the application xfdesktop2. What that script contains, I’ve no idea. Try opening the file for yourself, you’ll see what I’m talking about. Anyway, in order for this to work, change the line:

1

/usr/bin/xfdesktop2 & >/dev/null 2>&1

to:

1

/usr/bin/xfdesktop & >/dev/null 2>&1

Save it and close it. Next, open up the file /usr/bin/xfdesktop, and change line 6 to look like this:

1

/usr/bin/xfdesktop-xfce & >/dev/null 2>&1

Save, close, and reboot. You should have a fully working xfce desktop, with icons!

Now, if you’re like me, and would like to have the icons gone from the desktop, create a file named xfdesktoprc in /home/user/.config/xfce4/desktop/ with the following in it:

1
2
3
4
5

[file-icons]
show-filesystem=false
show-home=false
show-trash=false
show-removable=true

Save and close, and reboot. The result? Something like my desktop:

Have fun. :)

Enabling the Right-click Menu

Usually when you’re in xfce you can right-click on the desktop to bring forth a menu. This isn’t enabled as a standard function with the desktop that comes with the Acer Aspire One. To enable it, do the following.

1

$ xfce-setting-show

This will bring up the xfce settings manager. Select Desktop, Behavior and click the box named Show desktop menu on right click. Voila, that should be it. :)

Changing the keyboard layout to Norwegian

This can be done in at least two ways. You either put setxkbmap no at the bottom of the .bash_profile-file (located in your home-folder) like this:

1

 $ echo "setxkbmap no" >> bash_profile

The second method was downloading an RPM, but with the new Live Update-patch, this is no longer required.

Disabling autologin

Warning: Take caution when commenting out lines, and inserting new ones. The lack of a single character may render your system useless.

Open the file named /etc/rc.d/rc.S and comment out the following line:

1

/usr/bin/xinit -- -br>/dev/null 2>&1 &

Like this:

1

#/usr/bin/xinit -- -br>/dev/null 2>&1 &

Below this line, insert the following:

1

/usr/sbin/gdm

And that’s that. The username is user and the password is whatever you set it to be during the installation.

Should you for some reason be unlucky enough to forget to add /usr/sbin/gdm to the file, but still commented out /usr/bin/xinit — -br>/dev/null 2>&1 &, and rebooted, do what David here did. Thanks David. :)

Installing Firefox 3

If you want Firefox 3 to be installed properly (via yum), you should add the remi repository:

1
2

# wget http://rpms.famillecollet.com/remi-release-8.rpm
# rpm -Uvh remi-release-8.rpm

Edit the file /etc/yum.repos.d/remi.repo, and set enabled to 1 under [remi] and NOT [remi-test].

Then we proceed with removing the old Firefox and installing the new one. Now, a regular yum remove firefox won’t work, as it’ll drag a buttload of dependencies with it. However, this will only remove Firefox, without its dependencies:

1

# rpm -e --nodeps firefox

Then install the new one:

1

# yum install firefox

That’s all there is to it. :)

Now, having said that, a friendly chap named Nacho Marin made me aware of a problem that had totally slipped my mind. It seems that there are several programs that are depending on some libraries that Firefox 2 has, and not Firefox 3. The Acer Aspire One e-mail client being one of them, and the RSS reader too. The missing libraries are libgtkembedmoz.so, libmozjs.so, libxpcom_core.so and libxpcom.so.

A big thank you to Nacho for the heads up about the library-files.

Update: It seems that several people were complaining about how the e-mail program kept shutting down for no apparent reason. It seems that they need more than simply the library-files. I believe I’ve located the files, and that you now should be able to have both Firefox 3, and the email client working. Give me some feedback to let me know how the script turns out.

I (Jorge) have made a script to make this a bit easier to fix, so stay tuned.

Update: Script is finished, instructions are as follows:

Become root and open a file named recover_firefox_libraries.sh:

1
2

$ sudo su -
# mousepad recover_firefox_libraries.sh

Place the following in it:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

#!/bin/bash
#
## Script to recover Firefox 2 libraries
## Jorge Barrera Grandon 
## Version 2
#
#
## Usage: ./recover_firefox_libraries.sh

WGET=`which wget`
RPM_URL="http://jorge.fbarr.net/files/firefox-files.tar.gz"
MV=`which mv`
CHOWN=`which chown`
CHMOD=`which chmod`
RM=`which rm`
TAR=`which tar`
MKDIR=`which mkdir`
RMDIR=`which rmdir`

cd /root/
echo "## Getting hold of the Firefox-files.."
$WGET $RPM_URL

echo "## Unpacking the library-files.."
$TAR zxvf firefox-files.tar.gz

echo "## Moving library-files.."
$MV /usr/acer/bin/AME /usr/acer/bin/old.AME
$MV /root/firefox-files/AME /usr/acer/bin/AME
$MKDIR /usr/lib/firefox-files/
$MV /root/firefox-files/* /usr/lib/firefox-files/

echo "## Changing permissions and cleaning up.."
$RM /root/firefox-files.tar.gz
$RMDIR /root/firefox-files/
$CHOWN -R root.root /usr/lib/firefox-files/
$CHMOD -R 755 /usr/lib/firefox-files/

echo "## Done!"

What the script basically does is to get hold of the file firefox-files.tar.gz (so be online when running it), moves the libraryfiles, changes the permission, and removes the file and the unnecessary directories it creates. Make the file executable, then run it:

1
2

# chmod +x recover_firefox_libraries.sh
# ./recover_firefox_libraries.sh

Enjoy!

Installing other packages with yum

If you want to install other packages with yum, a repository I can recommend is http://rpm.livna.org. You can add this repository by following these instructions. First, become root. You should be able to either do sudo su – and then entering the password for user, or just do su –, and entering the root-password (which I think is the same as for user):

1
2

 $ sudo su -
# yum -y install yum-priorities

Open and edit the file /etc/yum/pluginconf.d/priorities.conf. Change vim to whatever editor you prefer (nano is one of the easier ones):

1

# vim /etc/yum/pluginconf.d/priorities.conf

Make the contents of the file look like so:

1
2
3

[main]
enabled = 1
check_obsoletes = 1

Save and close the file. Now finally, install this package and you should be set:

1

# rpm -Uvh http://www.fedorafaq.org/f8/yum  http://rpm.livna.org/livna-release-8.rpm

Removing the search-bar is very simple as well. Open the file /usr/share/search-bar/start-search_bar.sh and comment out each line to make the content look like so:

1
2
3
4
5
6
7
8
9
10
11

#!/bin/sh
#resolution=`xrandr |grep *|awk '{print $1}'`
#resolution=`xrandr |grep current|awk -F"current" '{print $2}'|awk -F"," '{print $1}'|sed 's/ //g'`
#
#if [ $resolution = "1280x800" ];then
#   acer-search-desktop --x=650 --y=90 --width=490 --height=31
#elif [ $resolution = "1024x600" ];then
#   acer-search-desktop --x=510 --y=65 --width=490 --height=31
#else
#   acer-search-desktop
#fi

Enable Circular Scrolling

I doubt that this part is Linpus-specific, but after having had an Acer Aspire One for a few days, you’ll come to notice that the scrolling is damn annoying. The way to scroll as default is by dragging your finger along the right-hand side of the touchpad. And it isn’t even on the edge either, but a bit inside the edge. I personally found circular scrolling to be easier to use. Enable it like so.

Either press Alt-F2 and type gsynaptics or open a terminal and type the same. Go to Scrolling and select Enable Circular Scrolling. Enjoy!

Adding your own Desktop-Icons

You’re probably not going to use some of the the default applications listed on your Acer One-desktop. I know I’m not going to. But wouldn’t it be nice to be able to specify what programs you would like displayed on your desktop? Good thing it IS possible then. Have a look:

There you see that I’ve added two applications of my own – VLC and audacious. Here’s how you do it.

First off, you need to have the programs installed. :) In most cases you’ll already find that once you install the program, icons for it are present. Check /usr/share/pixmaps/ for them. But should you need an icon for some program that hasn’t any at some point, it has to be 90×90, and be placed in that folder.

If you installed VLC through yum, like I did, then you’ll find the file livna-vlc.desktop in /usr/share/applications/. Now, for the sake of tidiness, I renamed the file to vlc.desktop:

1

# mv livna-vlc.desktop vlc.desktop

This file looks something like this:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

[Desktop Entry]
Version=1.0
Name=VLC media player
Name[fr]=Lecteur multimédia VLC
Comment=Read, capture, broadcast your multimedia streams
Comment[fr]=Lire, capturer, diffuser vos flux multimedia
Name[sv]=Mediaspelaren VLC
Comment[sv]=Allmän uppspelare av film och musik
Name[ru]=Медиаплеер VLC
Comment[ru]=Универсальный проигрыватель видео и аудио
Exec=vlc
Icon=vlc.png

Terminal=false
Type=Application
Categories=AudioVideo;Player;
MimeType=video/dv;video/mpeg;video/x-mpeg;video/msvideo;video/quicktime;video/x-anim;video/x-avi;video/x-ms-asf;video/x-ms-wmv;video/x-msvideo;video/x-nsv;video/x-flc;video/x-fli;application/ogg;application/x-ogg;application/x-matroska;audio/x-mp3;audio/x-mpeg;audio/mpeg;audio/x-wav;audio/x-mpegurl;audio/x-scpls;audio/x-m4a;audio/x-ms-asf;audio/x-ms-asx;audio/x-ms-wax;application/vnd.rn-realmedia;audio/x-real-audio;audio/x-pn-realaudio;application/x-flac;audio/x-flac;application/x-shockwave-flash;misc/ultravox;audio/vnd.rn-realaudio;audio/x-pn-aiff;audio/x-pn-au;audio/x-pn-wav;audio/x-pn-windows-acm;image/vnd.rn-realpix;video/vnd.rn-realvideo;audio/x-pn-realaudio-plugin;application/x-extension-mp4;audio/mp4;video/mp4;video/mp4v-es;x-content/video-vcd;x-content/video-svcd;x-content/video-dvd;x-content/audio-cdda;x-content/audio-player;
X-Desktop-File-Install-Version=0.13

The next step is opening up the file /home/user/.config/xfce4/desktop/group-app.xml. Go through the file, you’ll see it’ll make sense. Now, I assume that you want VLC to be placed under the category Fun. Open the group-app.xml-file, and search for:

1

7

Somewhere in between there, add the following:

1

/usr/share/applications/vlc.desktop

Save and close the file, reboot, and your VLC-icon should be there. :) If you want your VLC-icon to be visible, like I did on my desktop, swap the sequence=”6” with a more appropriate number (like 1-3), just make sure that two objects in the file don’t have the same sequence number.

Or even easier – click and drag the icon you want displayed into one of the first three slots. :)

The right resolution with an external monitor

If you’ve plugged in an external monitor, you’ve probably noticed that 1024×600 doesn’t look too good on a 17″. There is a remedy for this though, but you need to modify your xorg.conf-file.

First, take a backup of your current xorg.conf, in case something goes wrong:

1

# cp /etc/X11/xorg.conf /root/

Now open the file:

1

# mousepad /etc/X11/xorg.conf

Find the Screen-section – there should be a line there that says:

1

Virtual 1024 600

Change it to:

1

Virtual 2304 1024

Also add the resolutions “1280×1024” and “1024×768” to the Modes-line above. This will make sure that the virtual screen space is big enough to accomodate a 1280×1024 screen beside a 1024×600.

So that part of your xorg.conf should end up looking like this:

1
2

Modes "1280x1024" "1024x768" "1024x600" "800x600" "640x480"
Virtual 2304 1024

Save and close the file, and reboot to activate the virtual screen size.

Now, to be able to clone your desktop to the external monitor, press Fn-F5. If you however would like to use BOTH your Acer One Aspire, and your external monitor, open a file named dual_desktop.sh and put the following in it:

1
2
3

#!/bin/bash
xrandr -s 1280x1024
xrandr --output LVDS --left-of VGA --auto

Save, close, and do a chmod +x on it:

1

$ chmod +x dual_desktop.sh

Press Fn-F5 till both your Acer Aspire One and the external monitor are active. Then run the script:

1

$ ./dual_desktop.sh

Now when you run it, you should be able to drag applications between your Acer Aspire One, and your external monitor. :) Just change -–left-of to -–right-of if your Acer Aspire One is on that side. Change the resolution in the script to something else as well if you should need it. If you don’t feel like doing it though, here’s a script I’ve made that’s a little more advanced:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

#!/bin/bash
#
## Script to extend your Acer Aspire One (AA1) desktop
## Jorge Barrera Grandon 
#
#
## Press Fn-F5 on your AA1 till both monitors are 
## active then run this script. Usage is like so:
## ./dual_desktop.sh  
##
## Example: ./dual_desktop.sh 800x600 left

XRANDR=`which xrandr`

if [ "$1" = "1280x1024" ] || [ "$1" = "1024x768" ] || [ "$1" = "800x600" ] && [ "$2" = "left" ] || [ "$2" = "right" ]; then

    echo "Setting resolution to $1 and alignment to $2."
    $XRANDR -s $1
    $XRANDR --output LVDS --$2-of VGA --auto

else
    $XRANDR -s 1280x1024
    $XRANDR --output LVDS --left-of VGA --auto
    echo "No or invalid resolution given - setting resolution to 1280x1024 and alignment to left."

fi

If you want a resolution of 800×600 on your external monitor, and your Acer Aspire One is on your right-side, run the script like so:

1

$ ./dual_desktop.sh 800x600 right

Managing the (noisy) fan speed

At first my Acer Aspire One was working just fine. I never had any problems with it, nor the fan. But of late the thing has been making such a sound that it’s driving me nuts. Solution, solution, where art thou solution?! Well, there is a solution. :)

Download the scripts http://jorge.fbarr.net/files/acer_ec.pl and http://jorge.fbarr.net/files/acerfand. Once downloaded, do a chmod +x on them, and place them in /usr/local/bin/. Add an entry in /etc/rc.d/rc.local to start acerfand, and create the configuration-file needed. So:

1
2
3
4
5

$ sudo su -
# wget http://jorge.ulver.no/files/{acer_ec.pl,acerfand}
# chmod +x acer*
# mv acer* /usr/local/bin/
# echo "/usr/local/bin/acerfand" >> /etc/rc.d/rc.local

Then create the file acerfand.conf in /etc/ with the following options:

1
2
3

INTERVAL=5
FANOFF=55
FANAUTO=65
  • INTERVAL is the polling interval in seconds.
  • FANOFF is the temperature in Celsius at or below which to turn the fan off, if it’s currently on auto.
  • FANAUTO is the temperature in Celsius at or above which to turn the fan to auto, if it’s currently off.

Righty, so when the default temperature reaches 55C, the fan works again. According to Intel, the Atom Chip could work at 99C. But I doubt anyone is willing to risk it. Heck, I know I don’t. Simply modify the values in acerfand.conf to your own liking. Enjoy!

USB Recovery Image

I’ve taken the liberty of uploading the image to a private server.

You can find the new and improved (not really ;) image at http://jorge.fbarr.net/files/aa1_usb_recovery_image.gz.

Now, the instructions.

I had to use an external USB drive for this, as I don’t have a USB-pen that’s above 125MB, but it works just the same. Besides the Acer One Aspire, I’ve another machine with Fedora 9 on it. Once the external drive was plugged in, this is what dmesg came up with:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

usb 2-2.1: New USB device found, idVendor=1058, idProduct=0702
usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
usb 2-2.1: Product: External HDD
usb 2-2.1: Manufacturer: Western Digital
usb-storage: device found at 14
usb-storage: waiting for device to settle before scanning
usb-storage: device scan complete
scsi 16:0:0:0: Direct-Access     WD       1200BEVExternal  1.02 PQ: 0 ANSI: 0
sd 16:0:0:0: [sdb] Write Protect is off
sd 16:0:0:0: [sdb] Mode Sense: 00 00 00 00
sd 16:0:0:0: [sdb] Assuming drive cache: write through
sd 16:0:0:0: [sdb] Write Protect is off
sd 16:0:0:0: [sdb] Mode Sense: 00 00 00 00
sd 16:0:0:0: [sdb] Assuming drive cache: write through
sdb: sdb1
sd 16:0:0:0: [sdb] Attached SCSI disk
sd 16:0:0:0: Attached scsi generic sg2 type 0

So now we know that the drive has been assigned /dev/sdb. Let’s make the recovery usb drive then.

1

# zcat aa1_usb_recovery_image.gz > /dev/sdb

Notice that it’s /dev/sdb and NOT /dev/sdb1, as we’re overwriting the whole disk, and not just a partition of the disk.

That did the trick for me. Once the command was completed, remount the external drive and you’ll see that the new contents is there. Unmount it again, plug it into your Acer Aspire One, boot the machine, and press F12 during boot to select the USB-pen/external harddrive as the device to boot. You should be on your way towards recovery. :)

If someone happens to know how to do this in Windows, please give me a shout so that I can add it to this post. :)

Improve read and write performance

According to this post I found, concerning SSD, the following will greatly increase read and write performance on your SSD-disk (which happens to be the type of disk the Acer Aspire One has, the Linux-version anyway).

Simply do the following:

1
2

$ sudo su -
# mousepad /boot/grub/grub.conf

Now, add the elevator=noop option to the kernel-line, making this line:

1

kernel /boot/bzImage ro root=LABEL=linpus vga=0x311 splash=silent loglevel=1 console=tty1 quiet nolapic_timer

look like this:

1

kernel /boot/bzImage ro root=LABEL=linpus vga=0x311 splash=silent loglevel=1 console=tty1 quiet nolapic_timer elevator=noop

Save the file, close it, and reboot. Some have reported that there’s an increase in writespeeds going from 7.1MB/s to 9.1MB/s by adding this change. If it works or not, well, you can be the judge of that. :)

Another thing you can do to improve performance, is disabling Firefox’s cache. With IO (Input/Output) being the real bottleneck on the Acer Aspire One, disabling writing to the disk might be a good idea. When a page is loaded, Firefox will cache it into the hard disk so that it doesn’t have to be downloaded again for redisplaying. If you browse enough sites, you’ll experience that Firefox might freeze for a few seconds or so.

1

about:config

Search for browser.cache.disk.enabled, and if set to True, doubleclick it to set it to False.

Wallpaper for the Acer Aspire One

I found the following wallpaper in this post, but I thought to post them here as well for easy access. The regular wallpaper on your AA1-desktop can become quite a drag with time. So why not spice it up a bit with some color?

The way to change the wallpaper is like so. Right-click on your desktop, select Settings then click on Desktop Settings. Next to File:, just enter the new path of your wallpaper. :)

Blue Red Green

Purple Royale Sepia

Troubleshooting

VLC

The Fedoraproject-pages say the following:

The Fedora Project recently re-signed all of its packages with a new key. Background details regarding the key change are found here. This page exists to aide users in the transition to the newly signed content and further updates for Fedora 8 and Fedora 9.

I assume many (if not all) of you have by now experienced the following problem when installing VLC:

1
2
3

Error: Missing Dependency: libpulse.so.0(PULSE_0) is needed by package vlc
Error: Missing Dependency: libopendaap.so.0 is needed by package vlc-core
Error: Missing Dependency: libdvdnav.so.4 is needed by package vlc-core

The solution to this is to install the new key distributed by fedora. This is how you do it.

Download, verify and install this RPM-file:

1
2

$ sudo su -
# wget http://kojipkgs.fedoraproject.org/packages/fedora-release/8/6.transition/data/signed/4f2a6fd2/noarch/fedora-release-8-6.transition.noarch.rpm

Now verify that the package sha1sum matches 9a684ad36f4c1f49df7c569d5990d00f7da2cb9c:

1

# sha1sum fedora-release-8-6.transition.noarch.rpm

Once that is verified, install the package through rpm:

1

# rpm -Uvh fedora-release-8-6.transition.noarch.rpm

Now import the new GPG-key like so:

1

# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-8-and-9

And that should be it. You should now be able to download and install VLC (among other things) as normal. :)

ssh-agent

ssh-agent is quite a nifty thing to have running in the background. I thought that adding some lines of code to your .bashrc or .bash_profile would do the trick. But apparently not. The code I added was this:

1
2
3
4
5
6
7

SSHAGENT="/usr/bin/ssh-agent"
SSHAGENTARGS="-s"

if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
  eval `$SSHAGENT $SSHAGENTARGS`
    trap "kill $SSH_AGENT_PID" 0
fi

Adding it to either file didn’t work, because upon doing an ssh-add, I got the following error:

1
2

$ ssh-add
Could not open a connection to your authentication agent

And this happened even if ssh-agent was running:

1
2

$ ps aux | grep ssh-agent
user     2709  0.0  0.0   6332   604 ?        Ss   Aug28   0:00 /usr/bin/ssh-agent -s

The solution to this isn’t very intuitive. Open the file /etc/xdg/xfce4/xinitrc, and remove the comment from the following lines:

Line 72 – 77

1
2
3
4
5
6

#sshagent=`which ssh-agent`
kill_sshagent=0
#if test -z "$SSH_AGENT_PID" -a "$sshagent" -a "x$sshagent" != "xno"; then
#   eval `$sshagent -s`
#   kill_sshagent=1
#fi

Line 100 – 102

1
2
3

#       if test $kill_sshagent -eq 1; then
#           eval `$sshagent -k`
#       fi

When done, save and close the file, and reboot. ssh-add should now be working properly. :)