George Maschke's Home Page

My home server (a Minisforum system-on-a-chip PC) happily ran Debian without a monitor attached. (I access it via SSH.) Recently, I had reason to switch to Ubuntu Server 22.04 LTS and was perplexed to find that the system would not boot without a monitor attached.

I searched in vain for a way to edit my BIOS or GRUB settings that might fix the problem. Then I came across the suggestion to use an HDMI dummy plug. (My home server has a single HDMI display port.) That was the solution that worked for me.

For a few euros, I obtained a small Fueran HDMI plug that convinces my computer that it has a display attached, and now it runs Ubuntu Server as expected. A built-in LED emits a soft green glow.

I had previously only run Ubuntu Server on cloud servers, where I naturally never encountered any such problem. So, I’m mentioning the solution that worked for me on my local, physical PC in the hope that it might be of use to anyone else who encounters the same difficulty.

PS: If you know a way to solve this issue without a dummy HDMI plug, I would be interested to know your thoughts on this matter.

Word-searchable Version of the Mueller Report

By George Maschke

On 18 April 2019

In Uncategorized

The U.S. Department of Justice has today released a redacted copy of Special Counsel Robert S. Mueller III’s “Report on the Investigation Into Russian Interference In The 2016 Presidential Election.” Unfortunately, as released, one cannot search the 448-page report for key words or phrases of interest. I have created a searchable copy that you can download here (133 MB PDF).

How to Use Quad9 (9.9.9.9) DNS Resolution with Algo VPN in 2019

By George Maschke

On 12 March 2019

In Computing

In December 2017, I wrote a post about how to use Quad9 DNS resolution with Algo VPN, a free and open-source project by Trail of Bits that lets you easily set up your own non-logging VPN server.

My earlier tutorial no longer works with versions of Algo VPN since 25 April 2018, when the Algo VPN code base was changed to enforce encrypted DNS lookups (and five days later, WireGuard support was added, yay!). By default, Algo now uses Cloudflare’s secure DNS lookup. Quad9, which I prefer because of its option to block known malicious sites, implemented DNS over HTTPS in October 2018, and you can now use it with Algo VPN instead of Cloudflare if you like. I will provide step-by-step instruction on how to do this below.

Bear in mind that for these instructions to work, you must be using an Algo installation made with the code base since the April 2018 revision implementing secure DNS lookup:

1. SSH to your Algo server via your terminal app:

ssh root@ip -i ~/.ssh/algo.pem

2. Open /etc/dnscrypt-proxy/dnscrypt-proxy.toml for editing:

nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml

3. Find the line:

server_names = ['cloudflare', 'cloudflare-ipv6']

4. Replace with:

server_names = ['quad9-dnscrypt-ip4-filter-pri', 'quad9-dnscrypt-ip4-filter-alt', 'quad9-doh-ip6-filter-pri', 'quad9-doh-ip6-filter-alt']

5. Hit Control-X to exit, choosing Y to save and keeping the same file name.

6. Type reboot at the command line to reboot.

That’s all! Your Algo VPN server will now use Quad9 for secure DNS resolution.

Note that there are other secure DNS servers that you can set as parameters for server_names. You’ll find them listed here.

How to Fix Missing Database Indexes Problem on NextCloudPi After Upgrade to Version 14.0.x

By George Maschke

On 12 October 2018

In Computing

After upgrading an instance of NextCloudPi from version 13 to version 14, I received the following error notification:

In short, the table “oc_share” was missing the index “parent_index” and the table “oc_filecache” was missing the index “fs_mtime”.

I tried SSH-ing to my NextCloudPi server and running the suggested command, “occ db:add-missing-indices” but it generated an error.

Despite the missing database entries, the instance still seemed to run fine, but I found the constant error message vexing.

After some online research and examination of my NextCloudPi instance’s directory structure, I found the following solution, and not seeing it posted elsewhere, thought I’d share it here:

1. SSH to your NextCloudPi instance.

2. Get a root prompt by entering:

sudo bash

3. Go up to the root directory by typing the following command twice (or as many times as necessary):

cd ../

4. Switch to the nextcloud directory:

cd /var/www/nextcloud

5. Run the following command:

sudo -u www-data php occ db:add-missing-indices

6. You should receive something like the following prompts (which I received):

Check indices of the share table.
Adding additional parent index to the share table, this can take some time...
Share table updated successfully.
Adding additional mtime index to the filecache table, this can take some time...
Filecache table updated successfully.

7. That’s all! Type “exit” and hit enter to terminate the SSH session. The error message should no longer appear.

Persian Word of the Day: نماهنگ

By George Maschke

On 3 January 2018

In Persian Word of the Day

The Persian word for “music video” is نماهنگ. According to Wikipedia, the term was approved by the Farhangestan (Academy of Persian Language and Literature). I encountered it on the website of the office of Iranian Leader Ali Khamenei, which published a music video in connection with his audience with members of the Islamic Propagation Coordination Council. The video is captioned: نماهنگ دیدار اعضای .شورای هماهنگی تبلیغات اسلامی سراسر کشور

Persian Word of the Day: آکبند

By George Maschke

On 28 December 2017

In Persian Word of the Day

In Persian, a commercial product that is unopened and in its original packaging is described as being آکبند. I encountered this word for the first time in an article on Iranian tech website Digiato about restrictions on returning travelers bringing mobile phones into Iran, in the following context:

یکی از مسئولان ستاد قاچاق کالا به دیجیاتو می‌گوید که هر مسافر مجوز آوردن یک موبایل مسافرتی (موبایل رجیسترنشده، چه آکبند باشد چه نباشد) به داخل کشور را دارد.

In a post on 1Doost.com, Nooshin Mohammad Ali provides what seems to me to be a dubious folk etymology, claiming (while citing no source) that it’s derived from the English “UK Band” which supposedly was printed on ribbons wrapped around British goods arriving at the port of Abadan before the 1979 Islamic Revolution.

An interesting but ultimately inconclusive discussion of the etymology of آکبند extracted from the Adabiyat listserv appears on The Iranian here.

Comments welcome.

How to Use Quad9 (9.9.9.9) DNS Resolution with Algo VPN

By George Maschke

On 25 December 2017

In Computing

Algo VPN is an open source project from computer security firm Trail of Bits. It facilitates the creation of a non-logging (and optionally ad-blocking) virtual private network (VPN) on a virtual private server (VPS). I’ve been using Algo VPN for a couple months and am pleased with it’s performance, particularly on Apple devices, which natively support the IKEv2 protocol implemented by Algo VPN.

By default, Algo VPN uses Google’s domain name resolution (DNS) servers (8.8.8.8 and 8.8.4.4). Recently, I heard about an alternative, non-profit DNS service called Quad9 (9.9.9.9) that has some attractive features. In particular, Quad9 blocks known malicious domains, collects no personally-identifiable information, and does not store the IP addresses of end users to disk. Steve Gibson spoke about Quad9 in episode 638 of his weekly Security Now podcast.

Perhaps in the future, Algo VPN will offer Quad9 as an alternative to Google’s DNS servers. But until such time, and for already existing installations, here’s how you can point your Algo VPN server to Quad9’s DNS servers:

1. SSH to your Algo server via your terminal app:

ssh root@ip -i ~/.ssh/algo.pem

2. Open /etc/dnsmasq.conf for editing:

nano /etc/dnsmasq.conf

3. Find the lines:

server=8.8.8.8
server=8.8.4.4

4. Replace with (the second line, not originally included here, is Quad9’s secondary IPv4 address; thanks to commenter “c.” for noting this):

server=9.9.9.9
server=149.112.112.112

5. Hit Control-X to exit, choosing Y to save and keeping the same file name.

6. Type reboot at the command line to reboot.

That’s all! Your Algo VPN server will now use Quad9 for DNS resolution.

Twitter Through Trump’s Eyes

By George Maschke

On 18 August 2017

In Uncategorized

U.S. president Donald J. Trump devotes a great deal of time to Twitter. Have you ever wondered what he sees on Twitter? I did, so I created the “Twitter Through Trump’s Eyes” public list that includes the President’s own tweets along with those of the 45 Twitter accounts that he follows. I will keep this list updated as necessary. You don’t need to have a Twitter account to view. Clicking on the image below will take you to the list.

Screenshot of the “Twitter Through Trump’s Eyes” list

Persian Phrase of the Day: از جمله، اما نه محدود به

By George Maschke

On 10 March 2016

In Persian Word of the Day

Recently, the question of how best to translate the English phrase “including, but not limited to” has crossed my desk. Google Translate offers از جمله، اما نه محدود به which seems quite good, and I’ve found an example of its use (multiple times) on a webpage of Iran’s Islamic Parliament Research Center, where the “but not limited to” part is placed in parentheses از جمله (اما نه محدود به). The same page sometimes uses شامل instead of از جمله.

How to Upgrade to GnuPG 2.x on Ubuntu Linux

By George Maschke

On 27 February 2016

In Computing

If you are using the Enigmail security add-on for Mozilla Thunderbird under Ubuntu Linux, you may have recently discovered (as I did today) that it no longer works with the version of GnuPG that you have installed, and that you need to upgrade. But it’s not evident how to do this, as there is no GnuPG update available in the Ubuntu Software Center.

Fortunately, there is an easy way to upgrade Ubuntu to GnuPG 2. Just open a terminal and type:

sudo apt-get install gnupg2

and enter your password when prompted.