Recent comments on posts in the blog:

Network Problems (...)

Hi everyone !

  1. Martin, thanks for the big instructions ! (5 life-days saved)

  2. kuschelmaus, thanks for debian 9 network things (2 life-days saved)

  3. FlorianRingbeck, to solve /etc/network/interfaces issue you need to use enp1s0 as follow:

    auto enp1s0
    iface enp1s0
    inet static address [IP]/24
    gateway [GW]
    pre-up /sbin/ip addr flush dev enp1s0 || true

    Carefull, in your example, you are using a private IP address.

  4. In grub (IP static) configuration use Netmask and not Slash (as I do during 2h)


That's all folks !

Comment by Someone
Network Problems

Thank's for the excellent guide. I rented a dedicated server from Kimsufi and tried to setup my machine to boot from the encrypted harddrive.

The unlock via dropbear does work but unfortunately the server does not respond on the network interface afterwards. I assume that there is an error in the network config but I was not able to find it until now. This is the logfile of the boot process (i replaced my real ip with May 16 21:08:24 xxxx kernel: Kernel command line: BOOT_IMAGE=/vmlinuz-4.9.0-6-amd64 root=/dev/mapper/vg0-root ro net.ifnames=0 ip= May 16 21:08:24 xxxx kernel: e1000e 0000:01:00.0 eth0: (PCI Express:2.5GT/s:Width x1) 00:21:4f:b3:21:74 May 16 21:08:24 xxxx kernel: e1000e 0000:01:00.0 eth0: Intel(R) PRO/1000 Network Connection May 16 21:08:24 xxxx kernel: e1000e 0000:01:00.0 eth0: MAC: 3, PHY: 8, PBA No: FFFFFF-0FF May 16 21:08:24 xxxx kernel: IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready May 16 21:08:24 xxxx kernel: e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow Control: None May 16 21:08:24 xxxx kernel: e1000e 0000:01:00.0 eth0: 10/100 speed: disabling TSO May 16 21:08:24 xxxx kernel: IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready May 16 21:08:24 xxxx kernel: e1000e: eth0 NIC Link is Down

This is my network config: root@rescue:/# cat /etc/network/interfaces

interfaces(5) file used by ifup(8) and ifdown(8)

Include files from /etc/network/interfaces.d:

source-directory /etc/network/interfaces.d

auto lo iface lo inet loopback

auto eth0 iface eth0 inet static address gateway pre-up /sbin/ip addr flush dev eth0 || true

Any ideas what to look at? Thank's in advance.

Comment by FlorianRingbeck
Re: rescue section

tincho, yes, the mount command is there, but this one:

chroot /target mount -a

did not mount the boot partition and there were no errors either so I had no idea that it was not mounted :)

By the way, thanks for the guide!

Comment by vanix
Rescue section

After reading the comments and the tip from kuschelmaus I've made needed changes to /etc/defaults/grub file. And it didn't work, I tried every possible solution out there. But the problem was that I had to manually mount boot partition

mount /dev/sda1 /target/boot

Otherwise, update-grub2 didn't have any effect and I was getting stuck with error message that eth0 unknown device. I had to simulate installation on my local VirtualBox machine because there is no console access available at Kimsufi.

Comment by vanix
Kuschelmaus: Thanks a lot for noticing that! I think that when I last reinstalled my server I had to do this, but forgot to update the notes!
Comment by tincho
Stretch network setup struggle

Just in case you encounter the same problem when setting up Debian 9.

After setting up everything based on this guide, which I used since wheezy, thanks for that by the way :), I noticed that my server wasn't coming back online after rebooting.

Problem: eth0 doesn't exist anymore... so no network if I setup a non-existing nic.

Solution: Either disable the new naming schema in GRUB_CMDLINE_LINUX="net.ifnames=0" or check your predictable device name by running udev and look for eth0 (since the rescue system is still a debian 8 based OS). I just dumped it to a file then searched for eth0 with vi. To dump everything just run: udevadm info -e > /tmp/udev.log then look for the predictable name in this order: ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH ID_NET_NAME_MAC

In my case it is an onboard device and the name it got is enp1s0. After adding that to GRUB_CMD_LINE and in /etc/network/interfaces I could finally get into my dropbear and unlock the system. Took me two days to figure that out. Maybe it safes someone a lot of time...

Comment by kuschelmaus
The BlankStore (although deprecated) from microG works well for me for downloading, searching and updating applications I don’t find in F-Droid.
Comment by mirabilos
comment 2

Hi Martin,

Using microg/nogapps for around 4-5 years now and also very happy!
Signature spoofing allows microg to replace google play service by giving microg the same signature. Google implemented a forced dependency model in Android which gives app suppliers the power to create a dependency on a company instead of a library. This makes conditional sale possible and easy. If I am correct, the signature spoofing patch only allows microg+blankstore and not other apps to replace google play service. Personnally I think it would even be better if you had the freedom to redefine all dependencies yourself and get rid of the possibility of conditional sale entirely. It is up to the user to decide what company to use and not the supplier. There is no extra danger from malicious actors with the patch unless you download an app with a microg signature and give that app the signature spoofing permission. I think this risk is equal or less to the risk of downloading an app which has a Google signature. Cyanogen's argument is solely based on the idea that google play services should not be replaced by another app, even if it is disabled by default and the user has to explicitly enable it a couple of times. End of cyanogen argument. Since then I am avoiding cyanogenmod when possible. Very happy with Omnirom right now.

Best! Bob

Comment by debianbob