Rescuing a hard drive with ddrescue

November 5, 2015

A while ago, one of my Windows hard drives gave up the ghost. Unfortunately, the last backup I’d done on it was a while ago. Lesson #1: Don’t forget to back things up.

The hard drive had been staring at me on my desk for a while, so I decided to see what I could do about it. My searches led me to CGSecurity and two pages on their website: TestDisk and the Damaged Hard Disk page. They in turn led me to ddrescue.

Here’s what I’ve done so far:

  1. Have a nice server that has a motherboard advanced enough to hot-mount SATA drives. This is very useful if the disk disappears now and then and needs to be remounted.
  2. Mount the drive in a spare slot in the server.
  3. sudo apt-get install lzip because ddrescue is stored in lzip archives
  4. Grab the latest stable build from the ddrescue download directory. (I used version 1.20.)
  5. lzip -d then extract the ddrescue tar file.
  6. cd into the ddrescue directory and configure; make
  7. Next I tried plain ddrescue: sudo ./ddrescue -n /dev/sde /data/sde_rescue sde_map
  8. That seemed to be having trouble, so I reversed direction: sudo ./ddrescue -n -R /dev/sde /data/sde_rescue sde_map
  9. That whirred for a few days. Next I decided to try mounting as a raw device, on the theory that the kernel cache might be obscuring things.
  10. sudo /sbin/modprobe raw
  11. sudo raw /dev/raw/raw1 /dev/sde
  12. sudo ./ddrescue -n -R /dev/raw/raw1 /data/sde_rescue sde_map

So far I’ve theoretically recovered 130M of my 500M disk. When reading the raw device, I don’t get an estimate of time remaining (which was about a year). It will be interesting to see if this actually gets recovered, or if I’m just grabbing random numbers at this point.

Unlocking a Windows 8.1 machine with MSN password

September 20, 2015

Recently, I inherited a laptop that came with Windows 8.1 installed. The previous owner had forgotten the login password, and no longer had the phones/accounts that were associated with the machine either. (If you have the choice, I’d recommend you avoid Alzheimer’s disease. It sucks.) I wanted to get the user information off before wiping it and reinstalling. Unfortunately, this machine had a Windows Live / MSN password, rather than a local password.

I started with these instructions. They take advantage of an exploit to enable a command shell from the login screen. In short:

  1. Go into Advanced Startup Options and Troubleshoot -> Advanced Options -> Command Prompt
  2. copy c:\windows\system32\utilman.exe c:\
  3. copy c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe
  4. Reboot
  5. Click the “Ease of Access” icon at the bottom left of the login screen. Now this will open a command shell.
  6. If the user had a local account, you’d be home free now. (net user “username” new-password and then copy the original utilman.exe back). But I wasn’t – instead I saw “System error 8646 : The system is not authoritative for the specified account”. That was because the machine had a MSN login / Microsoft Live password. So instead…
  7. net user brandnewuser secretpassword
  8. Reboot again (probably not necessary, but I did this)
  9. Get back into the “Ease of Access” shell
  10. net localgroup Administrators brandnewuser /add
  11. Reboot
  12. Log in as brandnewuser rather than the original user.
  13. Wait a really really long time (10 minutes or so) for Windows to rebuild the desktop for the new user.
  14. At this point, you can navigate to C:\Users and copy the files from the original user to somewhere else. You will probably have to run the Explorer as Adminstrator in order to do this. I recall being prompted with “You don’t have access to this directory, do you want to get it permanently” once or twice. I said “Yes”.
  15. And that’s it – the pictures can now be copied to CD for preservation (except the ones that were stored in Windows Live, of course). After that you can create restore media and wipe/reinstall.

Changing user and group ID on Unix

May 2, 2015

Recently I’ve set up a file server for both Windows and Linux. When I went to mount the file system on Linux, things were broken – because I hadn’t paid attention to user ID and group ID when I created users on my different Unix machines.

So I needed to change the UID and GID of a user, then update the files. Luckily, someone had already done the work:

In short:

usermod -u <NEWUID> <LOGIN>    
groupmod -g <NEWGID> <GROUP>
find / -user <OLDUID> -exec chown -h <NEWUID> {} \;
find / -group <OLDGID> -exec chgrp -h <NEWGID> {} \;
usermod -g <NEWGID> <LOGIN>

One wrinkle that I wasn’t expecting: you can’t change the user ID of a user who has a running process. So I had to create a second user with adduser, add that user as in /etc/groups for sudo, log in as that user, and then change the user ID of the original user.

When I ran this on Ubuntu and Raspbian, I saw about 4 errors in /proc which I ignored. There’s probably a faster way to do to this using xargs rather than running -exec each time, but I was a little worried I might exceed what I could pass in on a command line (I had hundreds of thousands of files) so I let it do its thing.

Setting up a static IP for a Raspberry Pi over wifi using OpenBSD dhcpd

May 1, 2015

Like the rest of the world, I wanted to have a static IP for a Raspberry Pi that was on a wifi network. Like the rest of the world, I couldn’t figure out how to do it after three attempts. At that point, like the rest of the world I gave up and decided to make my DHCP server do the work instead of the Pi.

Here’s how I did it:

1. On the Pi, edit /etc/wpa_supplicant.conf and add:


2. Reboot and get an IP address through DHCP.

3. Confirm that I can see the world with the DHCP address.

4. ifconfig wlan0 and copy down the hardware Ethernet address for wlan0 (let’s pretend it was 00:11:22:33:44:56).

5. Go to the box running DHCP, and add a stanza inside my shared-network:

       host myserver {
               hardware ethernet 00:11:22:33:44:56;
               option host-name "myserver";

6. Kill and restart the DHCP daemon.

7. Reboot the pi and confirm it’s getting the right static IP address now.

Samba – let Windows execute even if execute bit not set

April 23, 2015

I’ve set up Samba once again, and it’s still not easy, especially with Cygwin in the mix. I still haven’t figured out Cygwin, but I did get the magic phrase that lets Windows machines run exe files without having to set the execute bit.

This is an option that’s not documented in the /etc/samba/smb.conf file, but that’s where it goes:

# Allow Windows machines to execute things that don't have
# the execute bit set
acl allow execute always = True

Thanks to for the info!

Setting up a WD Red drive for use in a NAS

April 12, 2015

It’s in bits and pieces all over the net, but I haven’t seen it all in one place yet. Western Digital Red drives have 4k (4096 byte) sectors rather than the old 512 byte sectors. In order to use them optimally, you need to format them aligned on those sectors.

The first trick is to use parted rather than fdisk/cfdisk to define the partitions, and parted version 2.2 or higher, as described on this Western Digital support article.

Next, you need to decide what your partition table should look like. For maximum compatibility, use msdos. But if you have drives larger than 2G, you will probably want to use gpt instead.

Assuming you’re using /dev/sdd as your drive:

# parted -a optimal /dev/sdd
(parted) mklabel msdos
(parted) q

Next, you will want to add the partition. In my case, I wanted to create an ext4 partition that took up the whole disk. Here’s how:

# parted -a optimal /dev/sdd
(parted) mkpart primary ext4 0% 100%
(parted) p
Model: ATA WDC WD20EFRX-68A (scsi)
Disk /dev/sdd: 2000GB
Sector size (logical/physical): 512B/4096B
Partition Table: msdos

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  2000GB  2000GB  primary  ext3
(parted) q

The -a optimal is the magic bit that tells parted to partition on 4k boundaries for a 4k drive. My ext4 partition actually got created as an ext3 partition, since those are the same partition type.

Then you need to create a file system on the partition you just created. I add a label afterwards so I can mount it via label in /etc/fstab. (There’s a way to add a label in the mkfs command, but I can never remember it, so I do it in two steps.)

# mkfs -t ext4 /dev/sdd1
# e2label /dev/sdd1 mynewdrive

Then edit /etc/fstab to add the new drive to it:

LABEL=mynewdrive /newdrivemountpoint ext4 defaults 0 2

The label matches the label I specified on e2label, and the /newdrivemountpoint is the directory in the Unix file system that I want the drive to be mounted on. The last two numbers say “don’t dump” (0) and “do fsck after the root drive” (2). See the man page or the Ubuntu fstab page for more details on that.

Setting up Direwolf/Xastir on a Raspberry Pi

March 22, 2015

A long time ago I set up Soundmodem for Ubuntu. Recently, I tried setting up an igate using WB2OSZ’s Direwolf instead. Things are much nicer these days.

The Direwolf site includes a very nice guide to setting up a Raspberry Pi as an igate, so I won’t go over it here. Instead, this is just to record the steps I took to set up my Raspberry Pi v2 as an igate server.

1. Set up the Raspberry Pi to run Raspbian
2. Follow along with the setup guide:

sudo apt-get remove --purge pulseaudio # I didn't need to do this since it wasn't installed, but better safe than sorry
sudo apt-get install libasound2-dev xastir # Note that I'm installing xastir at the same time - this is different from the direwolf guide
cd direwolf-1.1
make -f Makefile.linux tocalls-symbols
make -f Makefile.linux
sudo make -f Makefile.linux install
make -f Makefile.linux install-rpi
make -f Makefile.linux install-conf

Next, make sure the sound card is plugged into USB (I used the bottom slot). When I plugged it in, the system rebooted, so it’s probably smart to shut down before plugging the sound card in. For a sound card, I used the Syba SD-CM-UAUD USB Stereo Audio Adapter, C-Media Chipset from Amazon.

From there, run
aplay -l
to see:
card 1: Device [C-Media USB Audio Device], device 0: USB Audio [USB Audio]

Now I know the device is card 1 device 0. We’re almost ready to edit direwolf.conf. First, though – something that wasn’t documented on the Direwolf site. Igates need a secret code so they can log into the tier 2 servers. It’s based on your callsign, and there’s a utility called callpass in Xastir that will compute it for you.

callpass {my-real-call}

This gives you a 5 or 6 digit integer that you should remember. I’ll call it {my-code}.

Now edit direwolf.conf:

  1. uncomment ADEVICE plughw:1,0 – if you got a different number from aplay above, you might have to modify it.
  2. change MYCALL NOCALL to MYCALL {my-real-call}-10. I used -10 because that’s the APRS SSID for igates. (APRS SSIDs are documented here.) In the direwolf.conf that I got, the NOCALL had a ^J after it; I had to take that out
  3. uncomment IGSERVER (maybe use a different server if you’re not in North America)
  4. uncomment IGLOGIN and change it to IGLOGIN {my-real-call} {my code}
  5. direwolf

Yay, you’re igating. But what’s around? Set up Xastir for that:

  1. xastir
  2. In the first menu that comes up, set your callsign to {my-real-call}-10 and (if desired) set your lat/long/position ambiguity
  3. Interface -> Interface Control, Add, Networked AGWPE, Add. Leave Pass-code blank, save and Start. Now you’re getting APRS from over the air displayed on your Xastir maps.
  4. Not enough for you? Interface -> Interface Control, Add, Internet Server, Add. Set Pass-code to {my-code}, save and Start. Now you’re getting APRS from the network as well.
  5. Want to see it on maps? I wasn’t able to get all the maps going, but things worked when I picked Maps -> Map Chooser and selected only Online/osm_tiled_mapnik.geo and


Get every new post delivered to your Inbox.