Late one snowy day in December, 1960, after many failed tests and disappointments, the team discussed their predicament. As the discussion progressed, Herriott continued tweaking the mirror alignment, when suddenly…. it happened! Javan looked over at the oscilloscope as Herriott was making his adjustments, and to his great delight, saw the signal displayed that they were waiting for. They had finally dialed in the tube alignment for a stable output, emitting in the infrared (IR) region at 1153nm. It was the first gas laser and the first laser with CW output.

As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

RPMC Lasers is your HeNe Laser Supplier. We provide industry-leading HeNe Laser Tubes, HeNe Laser Modules, and HeNe Laser Power Supplies. The tried-and-true HeNe laser has been around forever as a staple in the laser lab with their excellent beam quality and long service life. These proven, reliable HeNe lasers are readily available with quick turnaround, perfect as a drop-in replacement!

sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

A HeNe laser (also helium-neon laser or he-ne laser) is a type of continuously operating, or continuous-wave (CW) gas laser that uses a mixture of helium and neon gases as the active medium, most commonly emitting light at 632.8 nanometers (red).

nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

A gas laser light source produces a laser beam by applying a high voltage electrical discharge through a gas (e.g., CO2, Helium-Neon, or Argon-Ion). The gas laser was the first continuous operation laser and the first laser to operate by converting electrical energy to a laser light output.

sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Upstream documentation with official, detailed information about installing LTSP is at http://wiki.ltsp.org/wiki/LTSPedia. Installating and configuring LTSP5 using the chrootless method Introduction As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

High Voltage: HeNe lasers often use voltages above 1500 V. Such high voltages create certain risks for people and equipment around.

Short Life-Time: Helium atoms are very important for reducing the lasing threshold of the complete laser. But these atoms are small and tend to diffuse through the walls of the glass tube. Diffusion of He atoms is the main reason of short lifetime of HeNe lasers, which is often in the range of 1000 to 10000 hours, and that is less than 1 year of 24/7 operation. This is considered the main drawback of HeNe lasers in industrial applications.

sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Openthinclient

19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Long Warm-Up Time: Manufacturers specify typical warm-up time of 10 minutes. This might not be a big issue in some applications requiring continuous operation, however in situations where the laser has to be frequently turned on and off, this is a big drawback, which typically means that one has to install mechanical shutters, which open up for laser exposure, i.e. the laser must run continuously, which further decreases life time.

12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

LASOS brings many years of experience and expertise to the design and manufacturing of sophisticated laser systems, with company roots and in-house laser manufacturing dating back to 1966. LASOS’ industry proven HeNe laser sources cover a wide range of applications requiring 543nm, 594nm, and 638.2nm wavelengths. With the closed chain of development, design and manufacturing LASOS is able to adapt to customer’s requirements and deliver solutions that cater specifically to your application requirements.

High Spectral Purity: HeNe lasing medium features several emission peaks, however it is relatively easy to force the laser to oscillate in just one of the emission bands. Once it is done, no spontaneous emission or emission from other bands is detectable.

Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Check out our Online Store: This page contains In-Stock products and an ever-changing assortment of various types of new lasers at marked-down/discount prices.

kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

iPXE

If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

The first HeNe laser was developed in 1960 at Bell Labs by Ali Javan, in conjunction with William Bennet Jr. and Donald Herriott. Along the way, the team encountered many issues and setbacks, from melting a laser tube to destroying mirror coatings.

sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

ThinLinc

“method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Standard and customized models are available with a host of options including single-mode or multimode, random or linear polarization, Brewster window tubes, fiber-coupling, and frequency stability.

sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Learn More About HeNe Lasers A gas laser light source produces a laser beam by applying a high voltage electrical discharge through a gas (e.g., CO2, Helium-Neon, or Argon-Ion). The gas laser was the first continuous operation laser and the first laser to operate by converting electrical energy to a laser light output. The gain medium of a HeNe gas laser is a 10:1 gas mixture of helium and neon, pressurized within a glass tube. Applying a DC current to electrodes on opposite ends of the HeNe tube excites helium gas atoms into metastable states. Thus, when excited, helium atoms can efficiently transfer energy to neon atoms with quite similar excitation energies leading to population inversion. Due to the multiple energy levels of neon gas atoms, multiple laser transitions (helium neon laser’s emitted wavelengths) are possible, providing green HeNe lasers, yellow HeNe lasers, red HeNe lasers, and even IR HeNe lasers.  He Ne Laser Diagram Our He Ne Laser Products: LASOS brings many years of experience and expertise to the design and manufacturing of sophisticated laser systems, with company roots and in-house laser manufacturing dating back to 1966. LASOS’ industry proven HeNe laser sources cover a wide range of applications requiring 543nm, 594nm, and 638.2nm wavelengths. With the closed chain of development, design and manufacturing LASOS is able to adapt to customer’s requirements and deliver solutions that cater specifically to your application requirements. There are many types of gas lasers. We currently offer a selection of Helium-Neon (HeNe / He-Ne) laser tubes and modules. These gas lasers feature a robust mechanical design, excellent beam quality, and a variety of configurations. Furthermore, HeNe laser wavelengths are available in the Green, Yellow, and Red spectral ranges, with output powers up to 20mW. The stabilized HeNe lasers we offer boast an excellent TEM00 beam, robust mechanical design, and a long service life of up to 30,000 hours. 543 nm, 594 nm, and 632.8 nm (633 nm) wavelengths are available. Standard and customized models are available with a host of options including single-mode or multimode, random or linear polarization, Brewster window tubes, fiber-coupling, and frequency stability. We also offer HeNe laser power supplies. All models can be provided with either a laboratory HeNe power supply, or one of three OEM power supply versions. Deeper Dive into HeNe Lasers He Ne Laser Applications: These HeNe lasers boast long life, low noise, and high-stability, with many customization options. Because of these features, HeNe lasers are perfect for alignment, Raman spectroscopy, Fabry Perot interferometry, holography, gas sensing, digital imaging, medical and biophotonics applications, other he ne laser experiments, and more! Laser Beam Alignment: Laser alignment can be a challenging task, but aligning a laser beam doesn’t have to be as complicated as it might seem with the right optical alignment tools and proper laser alignment techniques. Multiple optical alignment techniques have been developed over the years, utilized by technicians and engineers to simplify the alignment process. With the development of these universal laser beam alignment methods, along with some laser alignment tips and tricks, you don’t need to be a laser expert to perform your alignments with relative ease, ensuring your laser beam path is right where you want it to be and your beam is on target every time. This will not be a comprehensive, step by step laser alignment tutorial for every situation. However this blog will cover a few of these tips and methods, focusing on the benefits of utilizing time-tested, high-quality HeNe lasers to assist in the alignment process. If you are looking for a very in-depth optical alignment tutorial, or have a particularly unique or complicated laser alignment challenge, you may consider looking into a more focused laser alignment training service. Read the full article here. Why is Polarization Switching Unsuitable for Interferometry? A common problem for HeNe laser customers is the issue of polarization switching, which is the sudden change of the polarization of different modes, especially in shorter tubes, which can be particularly detrimental when operating frequency stabilized HeNe laser tubes. This phenomenon is sometimes referred to as ‘mode hopping.’ However, this is not accurate. While somewhat similar to polarization switching, mode hopping involves (mostly in single-frequency lasers) the laser’s operation on a single resonator mode, which suddenly switches to another mode, causing the optical power to switch over to this new mode. Polarization switching shares this feature of erratic output power. However, with this phenomenon, the output power fluctuations are due to the swapping of the two perpendicularly polarized modes’ polarization states rather than the swapping from one particular mode to another. Read the full article here. He Ne Lasers vs Diode Lasers: There have been many discussions around whether or not diodes will replace HeNe lasers. However, while this may be plausible for certain applications, the superior beam quality, long service lifetime, low noise, high stability, long coherence length and competitive helium neon laser cost ensures a solid foothold in applications where enhanced performance and excellent beam quality is critical.  Advantages of HeNe Lasers High Coherence Length: This is very typical to most gas lasers. In case of HeNe, the coherence length varies from 20 cm (for multiple longitudinal modes) to more than 100 m. It all depends on cavity parameters and mirrors and etalons used in the design. Stable Central Wavelength: The typical emission wavelength of HeNe lasers is about 632.816 nm in air. Very stable oscillation frequency of <1 MHz (<0.001 pm @633 nm) drift is characteristic just to the most sophisticated HeNe lasers, having extra stabilization measures. The central wavelength of non-stabilized lasers can drift in the range  of 1 pm, which is still fairly good, comparing to other laser types. High Spectral Purity: HeNe lasing medium features several emission peaks, however it is relatively easy to force the laser to oscillate in just one of the emission bands. Once it is done, no spontaneous emission or emission from other bands is detectable. Good Beam Quality and Alignment: The longer is the gas tube, the easier it is to get good Gaussian beam profile, good beam quality and very good angular and spatial alignment with respect to the laser housing. Low-Cost: Deep traditions of HeNe laser manufacturing and its wide spread in such applications as first barcode scanners and CD players has been driving the cost down and now a laser of 2-3 mW output power costs typically less than 1000 EUR. This is cheap, considering nice and useful characteristics described above. Drawbacks of HeNe Lasers Short Life-Time: Helium atoms are very important for reducing the lasing threshold of the complete laser. But these atoms are small and tend to diffuse through the walls of the glass tube. Diffusion of He atoms is the main reason of short lifetime of HeNe lasers, which is often in the range of 1000 to 10000 hours, and that is less than 1 year of 24/7 operation. This is considered the main drawback of HeNe lasers in industrial applications. Long Warm-Up Time: Manufacturers specify typical warm-up time of 10 minutes. This might not be a big issue in some applications requiring continuous operation, however in situations where the laser has to be frequently turned on and off, this is a big drawback, which typically means that one has to install mechanical shutters, which open up for laser exposure, i.e. the laser must run continuously, which further decreases life time. Low Output Power: Most powerful HeNe lasers emit 35 to 50 mW of output power. This is low comparing with a 100 mW to 200 mW TEM00 output from some semiconductor lasers. Even frequency stabilized 633 nm lasers emit 70 mW to 100 mW of narrow-linewidth power. Very Bulky: A 35 mW output power HeNe laser is about 1 meter long. It is not cost effective anymore to buy it, nor to store or transport it. Such big but not very powerful lasers are typically used in scientific labs or in some sophisticated holography applications. High Voltage: HeNe lasers often use voltages above 1500 V. Such high voltages create certain risks for people and equipment around. Read the full article here. A Brief History of the HeNe Laser: The first HeNe laser was developed in 1960 at Bell Labs by Ali Javan, in conjunction with William Bennet Jr. and Donald Herriott. Along the way, the team encountered many issues and setbacks, from melting a laser tube to destroying mirror coatings. Late one snowy day in December, 1960, after many failed tests and disappointments, the team discussed their predicament. As the discussion progressed, Herriott continued tweaking the mirror alignment, when suddenly…. it happened! Javan looked over at the oscilloscope as Herriott was making his adjustments, and to his great delight, saw the signal displayed that they were waiting for. They had finally dialed in the tube alignment for a stable output, emitting in the infrared (IR) region at 1153nm. It was the first gas laser and the first laser with CW output. However, a laser emitting IR radiation didn’t have much demand at the time, and the research continued, seeking a laser configuration emitting radiation in the visible spectrum. In early 1962, a mere eighteen months later, the tried-and-true 632.8nm HeNe laser was developed. Read the full article here. Let Us Help RPMC Lasers is your HeNe Laser Supplier. We provide industry-leading HeNe Laser Tubes, HeNe Laser Modules, and HeNe Laser Power Supplies. The tried-and-true HeNe laser has been around forever as a staple in the laser lab with their excellent beam quality and long service life. These proven, reliable HeNe lasers are readily available with quick turnaround, perfect as a drop-in replacement! With over 25 years experience matching the right laser source to your application, and our wide range of industry-leading HeNe Laser options, the team at RPMC is prepared and eager to help you find the right solution! If you have any questions, or if you would like some assistance please Contact Us here. Furthermore, you can email us at [email protected] to talk to a knowledgeable Product Manager. Alternatively, use the filters on this page to assist in narrowing down the selection of HeNe lasers for sale. Finally, head to our Knowledge Center with our Lasers 101 page and Blogs, Whitepapers, and FAQ pages for further, in-depth reading. Check out our Online Store: This page contains In-Stock products and an ever-changing assortment of various types of new lasers at marked-down/discount prices.

ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

If you have any questions, or if you would like some assistance please Contact Us here. Furthermore, you can email us at [email protected] to talk to a knowledgeable Product Manager.

The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

While somewhat similar to polarization switching, mode hopping involves (mostly in single-frequency lasers) the laser’s operation on a single resonator mode, which suddenly switches to another mode, causing the optical power to switch over to this new mode. Polarization switching shares this feature of erratic output power. However, with this phenomenon, the output power fluctuations are due to the swapping of the two perpendicularly polarized modes’ polarization states rather than the swapping from one particular mode to another.

Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Low-Cost: Deep traditions of HeNe laser manufacturing and its wide spread in such applications as first barcode scanners and CD players has been driving the cost down and now a laser of 2-3 mW output power costs typically less than 1000 EUR. This is cheap, considering nice and useful characteristics described above.

Translation(s): English - Português (Brasil) LTSP5 How To Upstream documentation with official, detailed information about installing LTSP is at http://wiki.ltsp.org/wiki/LTSPedia. Installating and configuring LTSP5 using the chrootless method Introduction As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

This will not be a comprehensive, step by step laser alignment tutorial for every situation. However this blog will cover a few of these tips and methods, focusing on the benefits of utilizing time-tested, high-quality HeNe lasers to assist in the alignment process. If you are looking for a very in-depth optical alignment tutorial, or have a particularly unique or complicated laser alignment challenge, you may consider looking into a more focused laser alignment training service.

18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Start ThinLinc server

/var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Epoptes

This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Introduction As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Ltspgithub

However, a laser emitting IR radiation didn’t have much demand at the time, and the research continued, seeking a laser configuration emitting radiation in the visible spectrum. In early 1962, a mere eighteen months later, the tried-and-true 632.8nm HeNe laser was developed. Read the full article here.

The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

A common problem for HeNe laser customers is the issue of polarization switching, which is the sudden change of the polarization of different modes, especially in shorter tubes, which can be particularly detrimental when operating frequency stabilized HeNe laser tubes. This phenomenon is sometimes referred to as ‘mode hopping.’ However, this is not accurate.

Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

We also offer HeNe laser power supplies. All models can be provided with either a laboratory HeNe power supply, or one of three OEM power supply versions.

16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Alternatively, use the filters on this page to assist in narrowing down the selection of HeNe lasers for sale. Finally, head to our Knowledge Center with our Lasers 101 page and Blogs, Whitepapers, and FAQ pages for further, in-depth reading.

which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Very Bulky: A 35 mW output power HeNe laser is about 1 meter long. It is not cost effective anymore to buy it, nor to store or transport it. Such big but not very powerful lasers are typically used in scientific labs or in some sophisticated holography applications.

and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

There are many types of gas lasers. We currently offer a selection of Helium-Neon (HeNe / He-Ne) laser tubes and modules. These gas lasers feature a robust mechanical design, excellent beam quality, and a variety of configurations. Furthermore, HeNe laser wavelengths are available in the Green, Yellow, and Red spectral ranges, with output powers up to 20mW.

ThinStation

Low Output Power: Most powerful HeNe lasers emit 35 to 50 mW of output power. This is low comparing with a 100 mW to 200 mW TEM00 output from some semiconductor lasers. Even frequency stabilized 633 nm lasers emit 70 mW to 100 mW of narrow-linewidth power.

Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Laser alignment can be a challenging task, but aligning a laser beam doesn’t have to be as complicated as it might seem with the right optical alignment tools and proper laser alignment techniques. Multiple optical alignment techniques have been developed over the years, utilized by technicians and engineers to simplify the alignment process. With the development of these universal laser beam alignment methods, along with some laser alignment tips and tricks, you don’t need to be a laser expert to perform your alignments with relative ease, ensuring your laser beam path is right where you want it to be and your beam is on target every time.

Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

# The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

These HeNe lasers boast long life, low noise, and high-stability, with many customization options. Because of these features, HeNe lasers are perfect for alignment, Raman spectroscopy, Fabry Perot interferometry, holography, gas sensing, digital imaging, medical and biophotonics applications, other he ne laser experiments, and more!

3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

The stabilized HeNe lasers we offer boast an excellent TEM00 beam, robust mechanical design, and a long service life of up to 30,000 hours. 543 nm, 594 nm, and 632.8 nm (633 nm) wavelengths are available.

With over 25 years experience matching the right laser source to your application, and our wide range of industry-leading HeNe Laser options, the team at RPMC is prepared and eager to help you find the right solution!

There have been many discussions around whether or not diodes will replace HeNe lasers. However, while this may be plausible for certain applications, the superior beam quality, long service lifetime, low noise, high stability, long coherence length and competitive helium neon laser cost ensures a solid foothold in applications where enhanced performance and excellent beam quality is critical.

7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

LTSPmeaning

Good Beam Quality and Alignment: The longer is the gas tube, the easier it is to get good Gaussian beam profile, good beam quality and very good angular and spatial alignment with respect to the laser housing.

17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

The gain medium of a HeNe gas laser is a 10:1 gas mixture of helium and neon, pressurized within a glass tube. Applying a DC current to electrodes on opposite ends of the HeNe tube excites helium gas atoms into metastable states. Thus, when excited, helium atoms can efficiently transfer energy to neon atoms with quite similar excitation energies leading to population inversion. Due to the multiple energy levels of neon gas atoms, multiple laser transitions (helium neon laser’s emitted wavelengths) are possible, providing green HeNe lasers, yellow HeNe lasers, red HeNe lasers, and even IR HeNe lasers.

14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

High Coherence Length: This is very typical to most gas lasers. In case of HeNe, the coherence length varies from 20 cm (for multiple longitudinal modes) to more than 100 m. It all depends on cavity parameters and mirrors and etalons used in the design.

Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Installating and configuring LTSP5 using the chrootless method Introduction As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

Stable Central Wavelength: The typical emission wavelength of HeNe lasers is about 632.816 nm in air. Very stable oscillation frequency of <1 MHz (<0.001 pm @633 nm) drift is characteristic just to the most sophisticated HeNe lasers, having extra stabilization measures. The central wavelength of non-stabilized lasers can drift in the range  of 1 pm, which is still fairly good, comparing to other laser types.

Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

LTSP5 How To Upstream documentation with official, detailed information about installing LTSP is at http://wiki.ltsp.org/wiki/LTSPedia. Installating and configuring LTSP5 using the chrootless method Introduction As the linux terminal server project (ltsp) has matured there are a number of options in its configuration to consider: chrootless or a separate chroot, all one subnet or a separate subnet for the clients, a local dns cache using dnsmasq or not, network block device (nbd) or network file system (nfs) or some of one with the other, 32 bit (i386) or 64 bit (amd64). In this howto the chrootless method is layed out in steps using the commandline and some steps are particular for one of the other options so that they could be skipped. The version of ltsp is labeled ltsp5 to distinguish it from the latest version ltsp19 which is in alpha at the time of writing. The chrootless model (once known as ltsp-pnp) is less flexible than having a separate chroot since the clients must run the same version of distribution and platform as the server. The upside is that the model is easier to maintain. In the event that all clients can run the 64bit version this is recommended. This howto has been created using amd64. Otherwise a 32bit version is suggested (just make certain that everywhere this howto writes "amd64" replace it with "i386".) After creating a server that uses the nbd boot method there are a few additional steps at the end so that the squashfs image is served to the clients by nfs giving greater stability and speed. The use of dnsmasq provides an easy way of providing useful features. It will act as the tftp server, the local dns cache and the handling of dhcp-proxy or dhcp-server proper. Also in this model no static addresses will be used. NetworkManager will be configured to use the router's dhcp server and other options. At the time of writing (August 19, 2019) the versions of LTSP and other relevant packages in Debian Buster are: ltsp-info  server information: No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10 Codename: buster server packages: ii ldm 2:2.18.06-1 ii ldm-server 2:2.18.06-1 ii ldm-themes 18.02.1 ii ltsp-client 5.18.12-3 ii ltsp-client-core 5.18.12-3 un ltsp-docs ii ltsp-server 5.18.12-3 ii ltsp-server-standalone 5.18.12-3 un ltsp-utils ii ltspfs 1.5-2 ii ltspfsd 1.5-2 ii ltspfsd-core 1.5-2 found image: /opt/ltsp/images/amd64.img Other relevant tools: ii kernel 4.19.0-5-amd64 ii epoptes 1.0.1-2 ii dnsmasq 2.80-1 ii network-manager 1.14.6-2 ii network-manager-gnome 1.8.20-1.1 ii nfs-kernel-server 1:1.3.4-2.5 ii nbd-server 1:3.19-3All config files need to be edited using root privileges. In this documentation the sudo command is used but it is also possible to use su to become root if your system is so configured. Basic first steps for all scenarios 1. Update the server, and check the files /etc/hostname and /etc/hosts are as desired. 2. Install these 8 packages ltsp-server-standalone dnsmasq epoptes epoptes-client ltsp-client network-manager-gnome dnsutils rsync (and if you haven't already a desktop environment installed) a desktop environment of your choice. 3. Once epoptes is installed one must add the server's user (in the example "administrator") to the new epoptes group. This command will do it: sudo usermod -G epoptes -a administrator Note that this new membership will only be activated in the next login. 4. Often there is no such line but check in /etc/NetworkManager/NetworkManager.conf for a line with the dns= key. If it is there comment out the line. ◦ #dns=dnsmasq In case step 5 is confusing, here is an explanation. Often Debian configurations are setup so that the following file deals with the network device. Most of the time the active use of this file means that network manager will not deal with the network device. In this howto network-manager will be used. Step 5 allows the configuration to be changed if necessary. 5. Check the file /etc/network/interfaces for possible lines similar to # The primary network interface allow-hotplug iface inet “method” here is often “dhcp” or “static” but there are others. If such lines are not present (or they are commented out with the symbol #) then network-manager will be in control so go on to step 6. Otherwise these lines need to be commented out by adding the hash symbol # in front of each line. Then save this edited config file. However, the system must be rebooted before control can be passed on to network-manager otherwise step 6 cannot be done. Be careful, once the server is rebooted the Internet may be temporarily unavailable until step 6 is done. So take care to copy down somewhere all of step 6 and complete it so the Internet is restored. If the server is to use two network interfaces jump down to step 6(dual) Steps for the one network interface scenario 6(single). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching: Choose the Wired connection and double click it. This opens it for editing. Click on the IPv4 Settings tab. Choose 'Automatic (DHCP) addresses only' instead of just 'Automatic (DHCP)'. In the DNS servers field enter 127.0.0.1 first to allow dnsmasq to cache (otherwise leave it out) followed by one or two external DNS servers, separated by spaces (e.g. 127.0.0.1 208.67.222.222 8.8.8.8). Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" then save these settings and close the window. Restart Network Manager with sudo systemctl restart network-manager.service If the Internet was not available this should restore it. 7(single). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(single). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise commenting this line out, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(single). The other part to edit has to do with whether the server is going to use the router as its dhcp server (as is usually the case) so that dnsmasq is configured with dhcp proxy. To do this see if the line dhcp-range=x.y.z.0,proxy corresponds to this subnet. If this is correct comment out the other range line #dhcp-range=192.168.67.20,192.168.67.250,8h and save the file. If instead you want the server to use dnsmasq as the dhcp server then comment out the proxy line and set the dhcp-range=x.y.z.20,x.y.z.250,8h as appropriate. Then restart dnsmasq with the command sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

sudo systemctl restart dnsmasq.service Skip down to step 10 Steps for the two network interfaces scenario Note that the local area network (lan) device should be a gigabit (or faster) device and connected to a gigabit switch (or a gigabit port) with a category 6 (or faster) cable. The wide area network (wan) device may even be wireless. 6(dual). To edit NetworkManager's configuration launch nm-connection-editor from the command line. After launching you should see two wired connections, one for the wide area network (wan) that faces the router and the other for the local area network (lan) that faces the ltsp clients. Edit the wan connection as described above. Edit the lan connection as follows: Click on the IPv4 Settings tab. Choose the method 'Shared to other computers’ and in the ‘Address (optional) section add the address 192.168.67.1 and netmask 24 but leave the gateway blank. Now click on the General tab and make sure that both lines are enabled: "Connect automatically with priority" and "All users may connect to this network" Save these settings and close the window. Network manager will now provide ip-forwarding and iptable nat rules on the lan interface without needing you to do anything else, once the server has been rebooted. Restart Network Manager with sudo systemctl restart network-manager.service Note To verify that iptable nat rules are in force run the command sudo iptables -L which should produce some rules that mention 192.168.67.1 7(dual). Create a default configuration file for dnsmasq with the command sudo ltsp-config dnsmasq 8(dual). To activate dnsmasq to serve as the local dns cache, in addition to step 5 part (b) you must edit the file /etc/dnsmasq.d/ltsp-server-dnsmasq.conf and comment out the line: #port=0 Otherwise leaving this line as it is, dnsmasq will run perfectly fine but will not serve as the local dns cache. 9(dual). Check to see if the line dhcp-range=x.y.z.0,proxy corresponds to the wan subnet and the other range line dhcp-range=192.168.67.20,192.168.67.250,8h corresponds to the lan subnet. Leave both lines active (without the # symbol.) Thus dnsmasq will be the dhcp server for the lan, i.e. subnet with the clients. Final basic steps for any scenario Note, as mentioned above, steps 10 and 11 are only necessary if dhcp proxy is NOT wanted. So they can be skipped because the ltsp configuration defaults to IPAPPEND 3 for proxyDHCP so skip to step 12. 10. If the router is NOT going to be a DHCP server for the ltsp server then edit the config file /etc/ltsp/update-kernels.conf and add the line IPAPPEND=2 11. After doing step 10 this change needs to be put in the initd. The version of the kernel running on the server can be determined with the command uname -r Note that at the time of writing the kernel was 4.19.0-5-amd64 thus the command is sudo dpkg-reconfigure linux-image-4.19.0-5-amd64 This reports update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64 adding the change from step 10. 12. Inspect and edit as desired /etc/ltsp/ltsp-update-image.excludes as some software running on the server will not be appropriate for the clients. 13. Once the server has been updated and any additional software has been installed a new client filesystem image must be created in order for the clients to also have these updates. This is the command sudo ltsp-update-image --cleanup / Note: if instead of an image being created the system reports: "Your system seems to be using NFS to serve LTSP chroots. If you're absolutely certain you want to switch to NBD, run: /usr/sbin/ltsp-update-image --config-nbd /" run the command apt purge nfs-kernel-server and then repeat step 13. The package nfs-kernel-server must be installed only later in step 16. This builds the latest squashfs image for nbd in /opt/ltsp/images and puts the latest kernel into /var/lib/tftboot/ltsp/amd64.) It triggers "ltsp-config nbd-server" to create (if needed) the files /etc/nbd-server/conf.d/swap.conf and /etc/nbd-server/conf.d/ltsp_amd64.conf. Check to see if both are there. It also creates /etc/nbd-client. 14. Then, create the default configuration file for the clients with the command sudo ltsp-config lts.conf 15. At this point the ltsp server is ready to serve the clients the squashfile image with NBD. If this is desired then skip to the last step 19. 16. Install some additional packages with sudo apt install nfs-kernel-server 17. Set up nfs with its export file sudo ltsp-config nfs 18. Remove the symbolic link /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default sudo rm -iv /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default 19. Create a file (not a symbolic link) /var/lib/tftpboot/ltsp/amd64/pxelinux.cfg/default with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

with these 8 lines (note the append line is long:) default ltsp-NFS ontimeout ltsp-NFS label ltsp-NFS menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork

menu label LTSP, using NFS kernel vmlinuz-amd64 append ro initrd=initrd.img-amd64 init=/sbin/init-ltsp forcepae root=/dev/nfs nfsroot=/opt/ltsp/images ltsploop=amd64.img ipappend 3 20. Lastly reboot the server so that all changes are active including the user's membership in the group epoptes. Final notes The lts.conf file should be studied and edited as appropriate. Note that all headings (written between square brackets) should have at least one entry each so don't leave any empty. This file plays a role similar to xorg.conf for xorg and there are many options for it to choose from. One is worth mentioning here: Under [Default] the option LDM_DIRECTX = True (the default is false) allows one to turn off the encrypted X tunnel via SSH, and instead run a less secure, but much faster unencrypted tunnel. If speed is important and security is less so then it is recommended. In this model note that lts.conf is in/var/lib/tftpboot/ltsp/amd64/ which among other things means that changes made to this file do NOT require a re-creation of the squashfs image. When ready to try ltsp don't forget to create users as appropriate for the clients. This also does NOT require a re-creation of the squashfs image. The following changes DO require a re-creation of the squashfs image: When the server is updated. Software is added to the server that is desirable for clients. This means one repeats the step: On the commandline run sudo ltsp-update-image --cleanup / Once running the server with clients the command sudo showmount -a will verify that the clients are connected by nfs. To test whether local dns caching is enabled, run the following command: nslookup google.com If it reports: Server: 127.0.0.1 Address: 127.0.0.1#53 then the local dns cache is enabled. CategoryNetwork