Instructions to set up a basic LAMP+SSH server environment
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

540 lines
23 KiB

6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
  1. Linux servers - Exercise 7
  2. ==============
  3. *Disclaimer:*
  4. --------------
  5. This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018) // Linux-palvelimet (ICT4TN021, kevät 2018)](http://www.haaga-helia.fi/fi/opinto-opas/opintojaksokuvaukset/ICT4TN021) school course organized as a part of Information Technology studies in Haaga-Helia university of Applied Sciences, Helsinki, Finland. Course lecturer [Tero Karvinen](http://terokarvinen.com/) has defined the original assignment descriptions in Finnish presented in this document in English. Answers and translations have been written by Pekka Helenius (me, ~ Fincer).
  6. *Table of contents:*
  7. --------------
  8. - [a) **Practical lab test** Solve a previously published final major test of this school course (You can find them with DuckDuckGo or Google).](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#a-solve-a-previously-published-final-major-test-of-this-school-course-you-can-find-them-with-duckduckgo-or-google)
  9. - [Initial set-up for remote control of a server](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#initial-set-up-for-remote-control-of-a-server)
  10. - [Security set-up for a company](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#security-set-up-for-a-company)
  11. - [System statistics](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#system-statistics)
  12. - [PHP from abroad](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#php-from-abroad)
  13. - [iot12tools - IoT tools for users](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#iot12tools---iot-tools-for-users)
  14. - [Hello Python 3](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#hello-python-3)
  15. - [c) **Free-will Linux usage** (optional) Use Linux outside the course scope.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#c-optional-use-linux-outside-the-course-scope)
  16. - [About my Linux usage](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#about-my-linux-usage)
  17. --------------
  18. **a)** Solve a previously published final major test of this school course (You can find them with DuckDuckGo or Google).
  19. --------------
  20. **Answer:**
  21. Let's pick up our previous major test [ict4tn021-1 autumn 2016](http://terokarvinen.com/2016/arvioitava-laboratorioharjoitus-%e2%80%93-linux-palvelimet-ict4tn021-1-uusi-ops-alkusyksylla-2016).
  22. ----------------------------
  23. ### Initial set-up for remote control of a server
  24. **Issue:** Prepare to control the server from abroad. Secure the server with firewall
  25. We shall install SSH server daemon to the targeted server computer. It is assumed that local or other direct access to the server command line is available since SSH server daemon is not yet installed, thus preventing direct, remote SSH control of the server.
  26. Once having access to the server command line, we shall test that the computer can reach the internet. Test the following commands:
  27. ```
  28. ifconfig
  29. ping www.duckduckgo.com
  30. ip -br link show
  31. ```
  32. Command explanations:
  33. - [ifconfig](https://www.linux.fi/wiki/Ifconfig) = Has IP address determined to a network interface on the server?
  34. - [ping](https://fi.wikipedia.org/wiki/Ping) = Does a site respond to ICMP requests?
  35. - ip = Is the network interface, which should have connection to the internet, up and active (UP)?
  36. When the internet connection is established, we shall proceed by installing the following packages, assuming that the server uses a Debian-based Linux distribution: `openssh-server`, `openssh-sftp-server`, `openssh-client`
  37. On some distributions, those packages can be installed simply issuing:
  38. ```
  39. sudo apt-get update
  40. sudo apt-get -y install ssh
  41. ```
  42. We shall confirm that the SSH server daemon starts during the server boot-up. We shall also confirm that the SSH server daemon is up and running and its status is `active`:
  43. ```
  44. sudo systemctl enable ssh.service
  45. systemctl is-active ssh.service
  46. ```
  47. **NOTE:** Alternative commands can also be used, like:
  48. ```
  49. sudo systemctl enable sshd
  50. systemctl status sshd
  51. ```
  52. Has our firewall program installed on the system?
  53. ```
  54. which ufw
  55. which iptables
  56. ```
  57. If both of those executable files ('ufw' and 'iptables') are found on the system, we shall accept network traffic to port `22`, protocol TCP (INPUT 22/TCP). Let's apply these rules to our firewall:
  58. ```
  59. sudo ufw allow 22/tcp
  60. ```
  61. Make sure our firewall program `ufw` (Uncomplicated Firewall) is enabled and turned on:
  62. ```
  63. sudo ufw enable
  64. sudo systemctl enable ufw.service
  65. ```
  66. **NOTE:** By default, Linux firewall blocks all input traffic. Therefore, SSH input traffic must separately be allowed like described above.
  67. ----------------------------
  68. ### Security set-up for a company
  69. **Issue:** Install remotely working security tools for our company. (In this assignment, you can assume that installing a package or packages from our repository is secure)
  70. The following commands have been pre-determined in the assignment:
  71. - download `.deb` package file with `wget` command
  72. - install the downloaded `.deb` package with command `sudo dpkg -i` which extract a new repository file `terorep.list` into `/etc/apt/sources.list.d/`)
  73. - update package databases with command `sudo apt-get update`
  74. - install package `terowatch` which is made available by the new repository. The package is available for Ubuntu distribution, version 16.04 LTS. The repository file `terorep.list` itself contains string `deb http://terokarvinen.com/qrs/terorep/ precise main`
  75. **NOTE:** `terowatch` package uses network interface `eth0` by default. However, we haven't defined such interface in our system configuration (this can be fixed by adding `net.ifnames=0` in udev rules or in kernel boot parameters in Syslinux or GRUB2). Instead, we use default network interface `enp4s0`.
  76. Proper fix to this issue would be patching the code and applying the patch into the deb package. Another solution would be making the proper fix directly to the source code. In this assignment, we directly modify the executable file, written in Python. This method is not recommended but for the extent of this assignment, it is sufficient solution to proceed.
  77. ```
  78. dpkg -L terowatch
  79. sudo sed -i 's/eth0/enp4s0/g' /usr/bin/qrsc
  80. ```
  81. Command `terowatch` gives desired text output “TeroWatch is installed” (the string is defined in shell executable `/usr/bin/terowatch`)
  82. ----------------------------
  83. ### System statistics
  84. **Issue:** Collect workload statistics of various system resources (CPU, RAM) while doing the assignment. The data collection must be started before proceeding in the assignment. Write a short analysis of the collected statistics after you've finished other parts of the assignment.
  85. We shall install `sysstat`:
  86. ```
  87. sudo apt-get update && sudo apt-get -y install sysstat
  88. ```
  89. Let's run `sar` command with 2 second interval for undefined time period. Print output of the command to file `$HOME/sysstat.file`
  90. ```
  91. sar 2 -o $HOME/sysstat.file
  92. ```
  93. The file can be analysed afterwards with `sar` command in the end of the assignment.
  94. ![sysstat_cpu-mem](https://github.com/Fincer/linux-server-setup/blob/master/images/sar_stats_cpu-ram.png)
  95. Short analysis, based on the picture above:
  96. - CPU (command: `sar 10 -f $HOME/sysstat.file`): CPU has been in moderate workload. User processes have not depleted resources that much, in contrast to system processes which stress the CPU many times more. 'iowait' value tells us that the processor has waited for mass memory device. During the data collection, some data was transferred from a hard disk to another. CPU capacity limits were not reached.
  97. - Mem/RAM (command: `sar -r 10 -f $HOME/sysstat.file`): Memory consumption has been significant during the data collection period (`%memused` and `%commit`). The system has 4GB DDR3 memory of which majority has been in use. Amount of free memory has been 100MB. Two main operations have affected the memory usage level: web browser usage and file transfer/copy operations which were performed during the data collection period. Active memory was used 2.5GB on average, passive (inactive) memory usage was 700MB. Amount of memory which has waited for to be written varies between 5MB-200MB (`kbdirty`).
  98. ----------------------------
  99. ### PHP from abroad
  100. **Issue:** Install us necessary tools for remote PHP website development.
  101. - SSH server daemon has already been installed, port `22` is opened -> OK
  102. - We shall install HTTP daemon (Apache web server) and open the default port `80` for it in our firewall. Additionally, we shall install necessary PHP (7.0) packages:
  103. ```
  104. sudo apt-get update && sudo apt-get -y install apache2 php7.0 libapache2-mod-php7.0 && sudo ufw allow 80/tcp
  105. ```
  106. Let's enable Apache server daemon, check the status of it (must be `active`) and tell the system that Apache should automatically be started during the server boot-up:
  107. ```
  108. systemctl is-active apache2
  109. sudo systemctl enable apache2
  110. ```
  111. Let's check that the port `80` is opened in our firewall:
  112. ```
  113. xubuntu@xubuntu:/home$ sudo ufw status
  114. Status: active
  115. To Action From
  116. -- ------ ----
  117. 22/tcp ALLOW Anywhere
  118. 80/tcp ALLOW Anywhere
  119. 22/tcp (v6) ALLOW Anywhere (v6)
  120. 80/tcp (v6) ALLOW Anywhere (v6)
  121. ```
  122. (you don't need to execute command `sudo systemctl start apache2` after the Apache installation because the Apache web server daemon is automatically enabled during the server boot-up by default. This information can be found with command `systemctl status apache2`)
  123. We shall enable Apache's PHP module while using module `userdir`. This can be done by commenting the lines between `<IfModule mod_userdir.c>` tags in file `/etc/apache2/mods-available/php7.0.conf`. Right after we should enable Apache's 'userdir' module and restart the Apache web server:
  124. ```
  125. sudo a2enmod userdir
  126. sudo systemctl restart apache2.service
  127. ```
  128. Let's check that Apache web server is still up and running by issuing command `systemctl status apache2.service`. Let's check that we can access our default localhost website (IP address `127.0.0.1`) which indicates whether the Apache server works as intended:
  129. ```
  130. xdg-open http://localhost
  131. ```
  132. 'xdg-open' command definition:
  133. ```
  134. [12/03/2018 22:31:11 - fincer: ~ ]$ whatis xdg-open
  135. xdg-open (1) - opens a file or URL in the user's preferred application
  136. ```
  137. We must check that we can access our website from a remote network. In a test laboratory, this test would be done checking output of command `ifconfig`, looking for a relevant IP address and login to the server from another computer using the grabbed IP address and SSH client program (command syntax using default SSH port `22` would be: `ssh server-user@server-ip`). In order to access the server from a remote network, the relevant IP address for connecting the server must be known, and confirmation for succeeded remote access must exist. Any router & NAT/PAT configurations between a client and the server must work.
  138. **Issue:** Our users are as follows: Maija Mehilälinen, Peter Ö, Oskar Jäärä, John Do, Verner Vrij, Mikko Möttönen, Jalmari Ähkä, Håkan Swarz and Maija Maitoparta. Create a sample website for each user with PHP.
  139. **Issue:** List all user accounts and passwords in file lab.txt (`/home/*/lab.txt`). Protect the file so that other users can not read it.
  140. We shall generate all required passwords (9 for users + admin) with `pwgen`. Password length is 20 characters, randomized, at least one uppercase character included and secure parameter for the command is used:
  141. ```
  142. sudo apt-get update && sudo apt-get install pwgen
  143. pwgen 20 10 -sc1
  144. ```
  145. We shall store additional admin password into a separate, secure place (of your choice). Admin account (or user) username is `admin`.
  146. We haven't created admin user `admin` yet. Let's do it. We shall also grant `sudo` group permissions to this new administration user:
  147. ```
  148. sudo adduser admin
  149. sudo usermod -aG sudo admin
  150. su admin
  151. ```
  152. The last command `su admin` switched our shell view to `admin` shell. We should lock the server root account by issuing command `sudo usermod --lock root` (which adds an exclamation mark right before root's password in file `/etc/shadow`). We could increase system's overall security by blocking usage of various TTY sessions (commenting out lines in file `/etc/securetty`) and by adding more restrictions to the system's PAM policy.
  153. For securing our SSH connections, we shall add the following line in `/etc/ssh/sshd_config` file (use `sudoedit /etc/ssh/sshd_config` or `sudo nano /etc/ssh/sshd_config` command):
  154. ```
  155. PermitRootLogin no
  156. ```
  157. After having altered `/etc/ssh/sshd_config`, restart SSH server daemon by issuing command
  158. ```
  159. sudo systemctl restart sshd
  160. ```
  161. Create file `$HOME/lab.txt` (where `$HOME` is `/home/admin`) with the following contents:
  162. ```
  163. mmehilal RWjM8r2fyq8gQq3wnzq0 # Maija Mehilälinen
  164. po a5B60cmTyrwPLS2mJ9uQ # Peter Ö
  165. ojaara P1KkLl0XaV5JpqntxdJG # Oskar Jäärä
  166. jdo ZgMb5TrU4Ee3bT48eCff # John Do
  167. vvrij RWjM8r2fyq8gQq3wnzq0 # Verner Vrij
  168. mmottone GpuyZqp2pGsmPINJPO1h # Mikko Möttönen
  169. jahka nFTellIyRjwiC0YKtPwq # Jalmari Ähkä
  170. hswarz u5qfJCC2jZMGQPWwPZLV # Håkan Swarz
  171. mmaitopa OCeBmKYWWgFIXubdFc6j # Maija Maitoparta
  172. ```
  173. Restrict permissions for this file by issuing the following command (as user `admin`):
  174. ```
  175. chmod og-rwx,u-x $HOME/lab.txt
  176. ```
  177. Output:
  178. ```
  179. admin@xubuntu:~$ ls -l lab.txt
  180. -rw------- 1 admin admin 407 Mar 12 11:42 lab.txt
  181. ```
  182. Let's create a generic, pretty simple PHP file `index.php` into the home directory of `admin` (and as `admin`).
  183. ```
  184. nano /home/admin/index.php
  185. ```
  186. Add the following contents:
  187. ```
  188. <?php
  189. phpinfo();
  190. ?>
  191. ```
  192. **NOTE:** Make sure you have enabled `php` & `userdir` modules on Apache at this point!
  193. After that, we shall copy the PHP file for each user into a user-specific subdirectory `public_html` (`/home/*/public_html`).
  194. The user-specific directory `public_html` and contents of it should have correct permissions set up for each user.
  195. On Debian-based Linux distributions, a perl script '[adduser](https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=adduser/adduser.git;a=tree)' is provided for creating new users. Let's do the following:
  196. - 1) Create required user accounts with the generated passwords
  197. - 2) Copy the pre-created `index.php` file into each user's `$HOME/public_html` folder
  198. - 3) For each user, test that their `index.php` is showing expected and correct output
  199. Run the following with any system user who belongs to `sudo` group:
  200. ```
  201. sudo apt-get update && \
  202. sudo apt-get -y install curl && \
  203. for user in mmehilal po ojaara jdo vvrij mmottone jahka hswarz mmaitopa; do \
  204. echo -e "User is: $user\n" && \
  205. sudo adduser $user && \
  206. sudo mkdir -p /home/$user/public_html/ && \
  207. sudo cp /home/admin/index.php /home/$user/public_html/ && \
  208. sudo chown -R $user:$user /home/$user && \
  209. [[ $(curl -s http://localhost/~${user}/index.php | grep -i "404 not found" | wc -l) -ne 0 ]] && \
  210. echo -e "\nPHP test site not found for '${user}'\n" || \
  211. echo -e "\nPHP test site is OK for user\n"; \
  212. done
  213. ```
  214. **NOTE:** To test site on a graphical web browser, you need to keep in mind that user `xubuntu` is the only user having access to graphical display on X server right now (see `.Xauthority` and environment variable `DISPLAY` for details). Thus, the following commands should be used in our current setup:
  215. ```
  216. sudo passwd xubuntu
  217. su xubuntu
  218. for user in mmehilal po ojaara jdo vvrij mmottone jahka hswarz mmaitopa; do xdg-open http://localhost/~${user}; done
  219. ```
  220. **NOTE:** We can exit the shell view of the user `admin` simply issuing command `exit` on that shell view.
  221. **NOTE:** Consider the following in a production environment, instead of doing nasty things with administration users:
  222. - You can (but don't have to) modify the current user, grant administration rights, modify username, home directory and groups (`usermod` command) instead of adding a separate account for an administrator
  223. - You can create a new main/admin user and remove an old one (in our case, we should delete `xubuntu` account). You can delete users with command `sudo userdel <account>`.
  224. - You can have clearly restricted and well named groups to separate users with various permissions on a system. Apply your user and group policy so that specific users belong to the right groups.
  225. - Check usage of various environment variables in your shell view
  226. Screenshot of user-specific PHP sites on the configured server environment:
  227. ![apache-php-multiple](https://github.com/Fincer/linux-server-setup/blob/master/images/apache_phpinfo_multiple.png)
  228. Checking permissions for each `index.php` files & `public_html` directories:
  229. ```
  230. for user in mmehilal po ojaara jdo vvrij mmottone jahka hswarz mmaitopa; do ls -lR /home/$user | sed '/total [0-9]/d'; done
  231. ```
  232. Output:
  233. ```
  234. /home/mmehilal:
  235. drwxr-xr-x 2 mmehilal mmehilal 60 Mar 12 11:50 public_html
  236. /home/mmehilal/public_html:
  237. -rw-r--r-- 1 mmehilal mmehilal 20 Mar 12 12:00 index.php
  238. /home/po:
  239. drwxr-xr-x 2 po po 60 Mar 12 12:00 public_html
  240. /home/po/public_html:
  241. -rw-r--r-- 1 po po 20 Mar 12 12:00 index.php
  242. /home/ojaara:
  243. drwxr-xr-x 2 ojaara ojaara 60 Mar 12 12:01 public_html
  244. /home/ojaara/public_html:
  245. -rw-r--r-- 1 ojaara ojaara 20 Mar 12 12:01 index.php
  246. /home/jdo:
  247. drwxr-xr-x 2 jdo jdo 60 Mar 12 12:01 public_html
  248. /home/jdo/public_html:
  249. -rw-r--r-- 1 jdo jdo 20 Mar 12 12:01 index.php
  250. /home/vvrij:
  251. drwxr-xr-x 2 vvrij vvrij 60 Mar 12 12:01 public_html
  252. /home/vvrij/public_html:
  253. -rw-r--r-- 1 vvrij vvrij 20 Mar 12 12:01 index.php
  254. /home/mmottone:
  255. drwxr-xr-x 2 mmottone mmottone 60 Mar 12 12:01 public_html
  256. /home/mmottone/public_html:
  257. -rw-r--r-- 1 mmottone mmottone 20 Mar 12 12:01 index.php
  258. /home/jahka:
  259. drwxr-xr-x 2 jahka jahka 60 Mar 12 12:02 public_html
  260. /home/jahka/public_html:
  261. -rw-r--r-- 1 jahka jahka 20 Mar 12 12:02 index.php
  262. /home/hswarz:
  263. drwxr-xr-x 2 hswarz hswarz 60 Mar 12 12:02 public_html
  264. /home/hswarz/public_html:
  265. -rw-r--r-- 1 hswarz hswarz 20 Mar 12 12:02 index.php
  266. /home/mmaitopa:
  267. drwxr-xr-x 2 mmaitopa mmaitopa 60 Mar 12 12:02 public_html
  268. /home/mmaitopa/public_html:
  269. -rw-r--r-- 1 mmaitopa mmaitopa 20 Mar 12 12:02 index.php
  270. ```
  271. ----------------------------
  272. ### iot12tools - IoT tools for users
  273. **Issue:** Install and configure metapackage `iot12tools` for us. The metapackage should install the following development tools for 'Internet of Things': arduino IDE, gedit (text editor), gedit-plugins, curl (CLI browser) and Python 3 programming language.
  274. Run the following commands as `admin`:
  275. ```
  276. sudo apt-get update && sudo apt-get -y install equivs
  277. mkdir ~/iot12tools
  278. cd ~/iot12tools
  279. equivs-control iot12tools
  280. ```
  281. Edit contents of file `io12tools` to look like the following:
  282. ```
  283. ### Commented entries have reasonable defaults.
  284. ### Uncomment to edit them.
  285. Section: misc
  286. Priority: optional
  287. Standards-Version: 3.9.2
  288. Package: iot12tools
  289. Version: 0.1
  290. Maintainer: Pekka Helenius <fincer89@hotmail.com>
  291. Depends: arduino, gedit, gedit-plugins, curl, python3
  292. Architecture: all
  293. Description: A meta package which provides basic IoT development tools
  294. Installs Gedit text editor, Gedit plugins, Arduino IDE and Python 3
  295. ```
  296. Run the following command in directory `~/iot12tools`:
  297. ```
  298. equivs-build iot12tools
  299. ```
  300. Install the generated metapackage (which installs required packages for us):
  301. ```
  302. sudo apt install -f ./iot12tools_0.1_all.deb
  303. ```
  304. ----------------------------
  305. ### Hello Python 3
  306. **Issue:** Jalmari wants to develop in Python 3. Create a simple Python 3 file in his home root directory. The file should print output 'Hello World'.
  307. Install necessary python3 packages as the user `admin`:
  308. ```
  309. sudo apt-get update && sudo apt-get install -y python3
  310. ```
  311. Switch your shell view to user `jahka` (Jalmari Ähkä) and go to his home directory:
  312. ```
  313. su jahka
  314. cd
  315. ```
  316. **NOTE:** We can make sure that we are in his home directory (`/home/jahka`) by issuing command 'pwd'.
  317. Let's create a new file `~/helloworld.py` with the following contents:
  318. ```
  319. #!/usr/bin/env python3
  320. print("Hello World");
  321. ```
  322. Modify file permissions, grant executable permission for the user `jahka`, remove from others (including the group who owns the file):
  323. ```
  324. chmod u+x,og-x helloworld.py
  325. ```
  326. The file permissions are now:
  327. ```
  328. -rwxrw-r-- 1 jahka jahka 47 Mar 12 12:59 helloworld.py
  329. ```
  330. Test the code:
  331. ```
  332. jahka@xubuntu:~$ python3 ~/helloworld.py
  333. Hello World
  334. ```
  335. The output is as desired, `Hello World`, indicating that we have successfully installed Python3 development environment for the required user.
  336. **c)** (optional) Use Linux outside the course scope.
  337. --------------
  338. **Answer:**
  339. The following pictures demonstrate [Arch Linux ARM](https://archlinuxarm.org/platforms/armv6/raspberry-pi) running on my Raspberry Pi 1 Model B. The solution is quite rushed but it works technically:
  340. ![rpi1b_archlinux-1](https://github.com/Fincer/linux-server-setup/blob/master/images/rpi1b_archlinux_1.jpg)
  341. ![rpi1b_archlinux-2](https://github.com/Fincer/linux-server-setup/blob/master/images/rpi1b_archlinux_2.jpg)
  342. - Display: [Lilliput 869GL](http://www.lilliputuk.com/monitors/hdmi/869gl/)
  343. - SDHC card: Transcend 16GB
  344. - HDD: 750GB in [Icy Box IB-3640SU3](http://www.raidsonic.de/products/external_cases/external_cases_35/index_en.php?we_objectID=480) hard disk external case.
  345. - Desktop environment: LxQt
  346. ### About my Linux usage
  347. My first touch to Linux world was back in early spring, 2011. The first Linux distribution I installed was Ubuntu 10.04 LTS, and after that I have tried out many distributions, including Linux Mint, Fedora, OpenSUSE and Arch Linux.
  348. The first computer I ever had a Linux installation was [Asus Eee PC 1215N](https://www.asus.com/Laptops/Eee_PC_1215N/) mini laptop. My primary operating system on that laptop was [EasyPeasy](https://sourceforge.net/projects/ubuntu-eee/), a variant of Ubuntu 10.04 LTS which uses Gnome 2 desktop environment and additional customization package 'ubuntu-netbook-launcher' (known as [Linux Netbook Remix](https://en.wikipedia.org/wiki/Ubuntu_Netbook_Edition)), predecessor of Canonical's Unity desktop.
  349. After the Asus Eee PC 1215N broke, I moved to [Asus N56JR laptop](https://www.asus.com/Laptops/N56JR/) for which I installed Linux Mint with Cinnamon desktop environment at first. Soon after I moved to Arch Linux where I used Cinnamon desktop for a short while, as well. I moved quickly from Cinnamon to KDE desktop because I Cinnamon desktop had mysterious and unacceptable freeze events on my personal use.
  350. Why did I choose KDE desktop over multiple alternatives, such as XFCE, LXDE, Mate, Gnome 3, Budgie, Pantheon or LxQt? I consider several things when choosing a desktop environment: stability, long-term development history, suitability for efficient multitasking and configuration possibilities (source code + GUI + conf files). I have been happy Arch Linux + KDE desktop user for many years - and I still am. Of course, I have tested various other desktop environments but always returned to KDE.
  351. In general, I have multiple Linux distributions, MS Windows 7 and Android on Virtual Machines for various purposes.
  352. More or less, I have participated in various open source project and done Windows software testing on Wine. I like to create scripts for daily usage, mainly to automate routine-like, boring tasks and processes. One of my key interests have been in digital image processing and raw image analysis, for which both Linux suits very well, offering a solid, adaptable and cost-effective platform. I set up my first LAMP server several years back from now on my Raspberry Pi 1 Model B.