Setting up Ubuntu Desktop


Eventually make things faster (sudo without password) on a desktop env as long as you are the sysadmin of the box,

groupadd -g 11 wheel
usermod -a -G wheel $admin

#cat > /etc/sudoers.d/$admin <<-EOF
#$admin  ALL = NOPASSWD: ALL
cat >> /etc/sudoers <<-EOF

Enable ctrl-alt-backspace to kill X like in the old days,

    sudo dpkg-reconfigure keyboard-configuration

Generate your workstation key pair and copy/paste it to the servers you need to maintain,

    ssh-keygen -t ecdsa
    cat ~/.ssh/

    #ssh-keygen -t ed25519
    #cat ~/.ssh/

eventually store the fingerprint of your public key (MD5 used at GitHub),

    ssh-keygen -lf >
    ssh-keygen -E md5 -lf >

also provide the PPK format for e.g. Filezilla, but unless you are willing to compile the dev version, you will have to use RSA or DSA (-t rsa, dsa, rsa1),

    cd ~/.ssh/
    sudo apt install putty-tools
    puttygen pkey -o pkey.ppk

fix the permissions,

    chmod 700 ~/.ssh/
    chmod 600 ~/.ssh/*
    chmod 400 ~/.ssh/id_*

Choose your Desktop Env:

Install a few packages from the Ubuntu Server post-installation guide. You may then add those ones for workstation usage,

    sudo apt install \
    vlc \
    mpv \
    chromium-browser \
    deluge deluged \
    filezilla \
    firefox \
    irssi \
    nautilus-share \
    rxvt \
    terminator \
    thunderbird \

    sudo update-alternatives --config x-terminal-emulator

Run (and enable?) indexing,



do you need Putty-like happy copy/pasting?

cp -pi /usr/share/terminator/terminatorlib/ /usr/share/terminator/terminatorlib/
vi /usr/share/terminator/terminatorlib/
/def on_buttonpress
(change 3 to 2 and 2 to 3)



install Oracle Java on Ubuntu,

apt install software-properties-common
add-apt-repository ppa:webupd8team/java

Debian9/stretch // Devuan/ascii,

vi /etc/apt/sources.list

deb artful main

apt-key adv --keyserver --recv-keys C2518248EEA14886

and proceed,

apt update
apt install oracle-java8-installer oracle-java8-set-default
ls -l /etc/alternatives/java
/usr/lib/jvm/java-8-oracle/jre/bin/java -version


eventually fetch [Eclipse] (, extract and install the IDE flavor of your choosing (you can do it from the gui). for Linux

Fetch the latest version and,

ls -lhF slack-desktop-3.*-amd64.deb 
dpkg -i slack-desktop-3.*-amd64.deb 
apt -f install

Skype for Linux

Fetch the latest skype for linux as DEB and install,

    dpkg -i skypeforlinux-64.deb
    apt -f install

DESTROY and re-initialize gnome keyring,

rm -rf ~/.local/share/keyrings
sudo apt install seahorse
seahorse &

Additional notes

Eventually install & setup Conky.

Eventually setup Netfilter to allow only outbound connections.


there is a main difference with the Ubuntu Server setup: network. It’s ok to keep using Network Manager on a desktop environment.


check your network settings handled by Network Manager,

nmcli device show ens2

domain search

three solutions:

  1. Control Center -> Network
  2. dhclient.conf
  3. resolv.conf.d/

  4. use the GUI,

    Control Center -> Network –> (general tab) Domain name: … Control Center -> Network –> (DNs tab) Search domains: …

  5. OR add some domain searches for DHCP sessions, e.g.,

    cd /etc/dhcp/ cp -pi dhclient.conf dhclient.conf.dist vi dhclient.conf

    prepend domain-search “”, “example.local”;

  6. OR change the resolvconf config directly,

      cd /etc/resolvconf/resolv.conf.d
      cp -pi base base.dist
      vi base

also make sure that the local system hostnames resolves itselfs as FQDN accordingly ( on a desktop)

CIFS ready

setup your default workgroup when mounting windows file shares,

    sudo apt install smbclient cifs-utils
    #smbfs samba
    vi /etc/samba/smb.conf


Reduce the boot-loader timeout,

cp -pi /etc/default/grub /etc/default/grub.dist
vi /etc/default/grub


You can ask GRUB2 to boot the same OS that was booted last time by default,



iwl3945 power saving issue

experienced on IBM/Lenovo T60 / R60e

If you get this error in the logs while loosing iwl3945 wireless network connectivity,

BSM uCode verification failed at addr 0x00003800+0 (of 900), is 0xa5a5a5a2, s/b 0xf802020
Unable to set up bootstrap uCode: -5

and this error when trying to UP the wireless network interface,

    SIOCSIFFLAGS: Input/output error

==> disable wlan power saving using NetworkManager,

vi /etc/NetworkManager/conf.d/default-wifi-powersave-on.conf

wifi.powersave = 2

service NetworkManager restart
iwconfig wls3

Kodi / ureadahead

(optional) you might also want to remove that one in case it is installed and not needed (it was spamming my logs),

    sudo apt remove ureadahead
    #sudo apt purge ureadahead


sudo dpkg-reconfigure locales
#sudo locale-gen
sudo update-locale LANG=en_US.UTF-8

OEM Installation

Choose the OEM auto-install if you need to delivery the computer to someone-else: finish-up the process as oem user, then click on the Prepare for shipping and the user will have a little setup wizard next boot.

Finish-up as OEM user, choose preferred mirror for packages,

Control Center -> Software Sources

and apply updates using the little shield button in the systray.

install additional languages depending on target users,

Control Center -> Languages

make sure Firefox is also available language-specific.

You’re now ready to click “Prepare for shipping” on the Desktop and reboot.

Note. few things are missing with this method e.g. Adblock for Firefox.

Web Browser Java


To get Java plug-in to work into firefox you need an older version: v52 ESR (not latest release). Fortunately, it is still the default browser on Debian / Devuan.

cd ~/opt/
tar xjf firefox-52.4.1esr.tar.bz2 
cd firefox/
./firefox -p -no-remote

Deploy the Java plugin,

cd ~/.mozilla/plugins
#cd /usr/lib/firefox-addons/plugins/
ln -s /usr/lib/jvm/java-8-oracle/jre/lib/amd64/

Start menu > Oracle Java 8 plugin control panel
security > add exceptions e.g. http://localhost:xx (the port number matters)

To get to the Java console of e.g. some old enterprise-class servers, a quick and dirty fix would be,

ls -l /usr/lib/jvm/java-8-oracle/jre/lib/security/java.policy
ls -l /etc/java-8-oracle/security/java.policy
cp -pi /etc/java-8-oracle/security/java.policy /etc/java-8-oracle/security/java.policy.dist
vi /etc/java-8-oracle/security/java.policy

#cp -pi /usr/lib/jvm/java-8-oracle/jre/lib/security/java.policy /usr/lib/jvm/java-8-oracle/jre/lib/security/java.policy.dist
#vi /usr/lib/jvm/java-8-oracle/jre/lib/security/java.policy

grant {

References about older versions of Java, just for the record:

Alternate solution would be OpenJDK with icedtea-plugin.


DO NOT fetch the latest VirtualBox for Linux. Use the repos instead (well, the thing is already available now within Ubuntu):

deb <mydist> contrib

apt update

Access the guests through SSH using the default NAT setup,

VBoxManage modifyvm myserver --natpf1 "ssh,tcp,,3022,,22"
VBoxManage showvminfo myserver | grep 'Rule'
ssh root@localhost -p 3022


Legacy Adobe Reader

It is still possible to run the old proprietary Adobe Reader on Linux, although it is 32-bit,

dpkg -i AdbeRdr9.5.5-1_i386linux_enu.deb
apt -f install
apt install libcanberra-gtk-module:i386
apt install libatk-bridge2.0-0:i386 libatk-adaptor:i386 libgail-common:i386
apt install libxml2:i386
apt install gtk2-engines-murrine:i386

and check the output,

dpkg -L adobereader-enu | grep bin
which acroread

then for PDF handouts,


Printer // Properties
double sided printing...
page size...

Page Handling // Page Scaling
multiple pages per sheet
pages per sheet: 9
page order: horizontal

Orientation // Landscape

And on Debian/Devuan,

dpkg --add-architecture i386
apt update
apt install gdebi
gdebi AdbeRdr9.5.5-1_i386linux_enu.deb

Bypassing national restrictions

Install friGate3 add-on on your web browser (tested with Firefox), add the target domain into List of sites e.g.,

and edit the Proxy Servers e.g. to access from France, [RU] [RU] [RU] [RU] [RU] [RU] [RU] [RU] [RU] [RU] [RU] [RU]

or access from Russia, [FR] [UK] [FL] [FR]

Setting up an external drive

cfdisk ...
mkfs.ext4 -T largefile -m 0 /dev/...
e4label /dev/... NEWNAME
lsblk --fs --ascii