A look at the 1968 show Hair

Hair The Musical opened for previews on April 11, 1968. Officially opening on April 29, 1968 it went on to run a total of 1750 shows before closing on July 01, 1972. It was at the Biltmore Theatre now known as The Samuel J. Friedman Theatre. During the lifetime of the show, it was nominated for three awards, one of which it won.

One of the main features of the show was a special effect that allowed multiple lights to switch on and off through the use of a cam driven motor. This motor drove a series of 8 cam’s around that intern activated switches to control the light. The motor was variable between 10RPM and 30RPM and allowed lighting such as beacons to strobe or the lights on a Christmas tree to flash. The device (Pictured below) was large and bulky, also, due to the effect relying on moving parts, it would have required maintenance and would run the risk of braking.

Image from The Lighting Database

Image from The Lighting Database

As you can see, the effect required a lot more room than the comparable effect today as today, the effect would be created via software and likely delivered to the fixture using a protocol such as DMX. This allowed the show to become one of the first shows to use strobe lighting in Broadway, having already been developed in night clubs. The show also featured police style rotating lights, again something that hadn’t been seen much on broadway before.

A major limitation of the time was the inability to do a crossfade with new technicians leading the way to develop the methods required. Originally, all the channels would be locked together, dimmed to certain value, unlocked and the rest would continue to dim until the crossfade was done. The new technicians developed methods of using strings and pulleys along with body parts such as there elbows to successfully crossfade between lights in 3 seconds. This shows a point where lighting developed and lead to modern day lighting where again, a crossfade can be accomplished with some simple programming in a recorded cue.

Due to this level of complexity and the fact the show was run from two piano style lighting consoles, the operator was unable to look at their cue books or a script as they were always getting things ready for the next cue or actually running the cue. This meant that the operator had the remember every lighting change for the show and exactly what had to be done and when.

If the show was to be recreated using modern technology, a standard theatrical lighting desk such as the ETC Ion could effectively be used to achieve the same and many more effects and transitions. For example, the show could become more complex as the operator doesn’t need to remember every change. This opens the door to the possibility of using moving lights and more powerful strobes and special lighting unlike the simple cam driven strobe effects from the original show.

Full details of the show including hookup charts, focus charts, lighting designer notes and more can be found on The New York Public Library & Lighting Archive’s Theatrical Database.

David Hersey’s Lighting Design for Les Miserables

David Hersey is currently, my personal favorite lighting designer for one very simple reason. His design work for the long running show, Les Miserables.

The reason that he is my favorite designer is the lack of light in some parts of the show where the characters on stage were in the dark. This helped to further create the correct mood for the show, where a dark, miserable theme was needed. This contrasts many other shows where the characters are usually well lit and clearly visible. In scenes where the characters are well lit, there is usually beams of light from behind the characters or the set, which are visible in the high haze environment.

Due to the show a high amount of haze, the show’s lighting adds further atmosphere where the audience is slightly emerged into the show, where the audience is surrounded by foggy atmosphere that shows the depression of the characters. It also furthers the lighting beams making them easily identifiable and furthering the look that the majority of the characters are at the bottom and insignificant.

I wasn’t able to find what lighting desk David Hersey used for the show however I was able to find that he used a GrandMA for another recent show. If I was to design the Les Miserables show, I would choose the ETC EOS line of desks, likely using the ETC ION as the main desk as it is a powerful desk with full control of 2 DMX Universes and support for multiple other protocols such as Art Net. Furthermore, the desk’s syntax is easy to use and design with and makes recording cues and building a complex cue stack easy. Also, the offline system for the EOS line allows the show to be completely programmed before being put into the venue or even to use all of the feature of the ION including support for multiple fader wings. This would allow there to be many cheap backup systems using the Nomad software either on the ETC Nomad Puck or any networked computer using a protocol such as Art Net.

David Hersey used the GrandMA on his show of Miss Siagon which has recently been adapted by his associate lighting designer Richard Pacholski for a tour of Japan where the show needed to be able of touring quickly between venues.

Enable or disable automatic updates

Automatic updates can be a useful feature to help keep your system up-to-date and thereby more secure.

Automatic updates can cause problems if you do not know what you are doing. Only set them to run on a production server if you know what you are doing.

To change the current setting simply run the following command:

sudo dpkg-reconfigure -plow unattended-upgrades

Now simply choose the option that suits you best. That’s all there is to it.

Securing your SSH Server

When you have a server running SSH, the last thing you want or need is someone breaking in. This article will look at how to make your servers SSH more secure through a large variety of methods.

Change the Port

Changing the port that SSH runs on will make it harder for automated attacks or scanners to locate your SSH service meaning that this simple change could easily reduce the chance of being hacked. To change the port you need to log into the machine and open the configuration file with the following commands:

sudo nano /etc/ssh/sshd_config

You can now find the line that reads:

 Port 22

This line needs to be changed so that the port will be changed. For this example I will use port ’1234′ however, for your own service you can choose any other port that isn’t being used. When you have made the change it should look something like this:

Port 1234

Thats all there is to it. Now when you SSH into the machine you will need to use the command:

ssh -p 1234 user@host

Disable the Root Account From Logging In

The next step will prevent the root account from being able to log in. This means that you will need to create another account with the ‘Sudo’ privileged to run commands on the server. To disable the Root Account find the line in your SSH config file that reads:

PermitRootLogin yes

Or

PermitRootLogin without-password

And change it so that it reads:

PermitRootLogin no

Now if you try to log in with the root account you will be denied access meaning that any potential hacker must also guess the user name for the account as well as the password.

Restrict Access to Specific Account

Rectricting access to a specific account or specific set of accounts allows you to further restrict who can and can’t log into the server. There are two methods of doing this. With Accounts or Groups.

Accounts

With Accounts you will need to add this line to the end of the SSH Config file:

AllowUsers User1 User2 User3

Now if your account isn’t explicitly allowed you can’t log in.

Groups

With Groups you will need to add this line to the end of the SSH Config file and ensure that you are a member of the group:

AllowGroups Group1

That’s all there is to it. Now you have restricted the login to a certain set of your users.

Disable Password Login

Disabling password login require you to use a SSH key to log in, this further limits the success of an attack as now they must guess the SSH key instead of a password for it to work. To enable this find the line that reads:

#PasswordAuthentication yes

And change it to:

PasswordAuthentication no

Now, the only way to log in is with a SSH key.

Firewall

Another way to add some security to add a firewall rule to block access to certain ports. For this example we are going to completely block port 22 as we have changed what port SSH is running on. To do this run the following command:

sudo iptable -A INPUT -p tcp –dport 22 -j DROP

This will completely block access to the default port. Meaning if anyone does try to brute force the default port the connections are automatically refused.

Fail2Ban

Fail2Ban is a great piece of software that allows you to easily prevent brute force attacks by dynamically adding and removing records to the iptables configuration. With a few lines of code you can have a fully functioning installation that will block connections after x many failures. For full instructions on setting up Fail2Ban check out our article.

Make Password Asterisk Visible

When working in a terminal it can be quite frustrating when you loose track of your password. Normally your password would look like this:

*****************

However, by default you are presented with nothing, no hint at all. So to combat this, run the following command, which will open up the configuration file.

sudo visudo

In this file find the line that looks like this:

Defaults env_reset

Edit it so that it looks like this:

Defaults env_reset,pwfeedback

You can now save the file and it will work. This should work with both Linux and Mac based systems.

Install and Configure Fail2Ban

Fail2Ban is a brilliant piece of software that helps protect your server. It is great for protecting your SSH server or your web server so by following these steps you should correctly set up Fail2Ban so that IP Addresses are added to the banned firewall list. To install Fail2Ban, copy and open the configuration file for editing, run the following commands:

sudo apt-get install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local

In this file you will find all of the configuration information that you need to change to make Fail2Ban work correctly. Below is all of the configuration options for Fail2Ban that you will need to make it work.

Configuration Option Description Default
ignoreip Tells Fail2Ban which IP Addresses to ignore from the banning process 127.0.0.1/8
bantime How long IP Addresses are banned for after Fail2Ban takes action 600 (Seconds – Ten Mins)
maxretry How many attempts you get before being banned within the time limit set by 'findtime' 3
findtime How long to track failed attempts after the first failure 600 (Seconds – Ten Mins)
destemail The Email Address to send ban notices to root@localhost
sendername The name that is used as the sender when an email is sent Fail2Ban
mta The Mail service to use to send the emails about bans sendmail
action The action Fail2Ban takes when banning an account Adds the IP Address to the banned list in iptables

These configuration options allow you to configure your Fail2Bane service how you want to. However, to corectly configure the action section we will take a bit more of a look.

There are three options for the action option. The default option (action_) will simply block the account for us. However if you wish to use mail then you have two options. The first option, action_mw will also send an email with a whois look up on the offending IP Address. The final option, action_mwl will send us the email with the whois lookup and include the Log lines which may help with debugging.

Now we can reload the service with the following command:

sudo service fail2ban restart

Finally, we can add some default rules to our iptables firewall. To do sun the following commands:

sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack –ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p tcp –dport 22 -j ACCEPT
sudo iptables -A INPUT -j DROP
The third line allows connections to our SSH Server, if you have changed the port, ensure that you change the line to allow connection to your new SSH port.

Thats all there is to it. You now have a fully working copy of Fail2Ban set up on your server with a basic firewall intergrated to help protect your server from people who should not be accessing it. Don’t forget to update the firewall if you start to use any other internet accessible programs such as a LAMP Stack.

Share a screen session with multiple accounts

So, whilst looking at how to share a screen session with multiple accounts, I ran into a few problems. However, here are the steps that I did to share the session with multiple accounts.

First log into the account that will host the screen session, for this example, we will call this account ‘User1′. This user MUST have permission to use the sudo command. Run the following commands:

sudo chmod u+s /usr/bin/screen
sudo chmod 755 /var/run/screen

This will make screen capable of sharing a session. Now we need to start a session to share and connect to it.

screen -d -m -S SharedSession
screen -r SharedSession

Once in the shared session, you need to enter a few commands. To enter the command line of screen you need to hit the following keys at once:

CTRL + A + SHIFT + :

You can now enter the following commands, however, you will need to press the keys before each command so that they are run by screen.

multiuser on
acladd User2

You can use this for as many users as you like just repeat the second line changing the users name. Now from the second user you can connect to the session with the following command:

screen -x User1/SharedSession

Thats all there is to it. Now you can create as many shared sessions as you need and add the users that you need.

Setting up Java 8 on Ubuntu

After spending a few days searching the web for a way to install the latest Oracle version of the Java Developers Kit I was relieved to find a team of people that produce an easy to install package for Oracle’s Java.

To begin we are going to add the PPA to our machine and then install the main installer. To do so run the following command:

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer

During the last command a screen will appear, this will ask you if you agree to the Oracle Binary License. You will need to agree to this to continue. When finnished you have installed Java and can check by running the following command:

java -version

If this return something like below then Java has been installed correctly:

java version "1.8.0_11"
Java(TM) SE Runtime Environment (build 1.8.0_11-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.11-b03, mixed mode)

Finally, to set up the JAVA Enviroment you can use another package by the same team. To do so run the following command:

sudo apt-get install oracle-java8-set-default

That’s all there is to it and you have now set up Oracles Official JDK on Ubuntu. The team behind this are absolutely amazing for doing this. It makes the whole process so much easier to install than when I was looking at the way to this manually.

Installing Sick Beard on the Raspberry Pi

In this tutorial I will detail how to install Sick Beard on the Raspberry Pi, specifically, on Raspbmc. It is really easy to install Sick Beard but you will need to install git to get Sick Beard.

To install Git run the following command:

sudo apt-get install git-core

When this is finished you will have git installed. This is a version management system that allows easy code development. Now we are going to download the latest copy of Sick Beard using git. The following command will download Sick Beard in the current directory:

git clone git://github.com/midgetspy/Sick-Beard.git my-sickbeard-install

You now have a copy of Sick Beard, you can either start it or move it to another directory. To start SickBeard run the following command:

python my-sickbeard-install/Sick-Beard.py

If you want to move the Sick Beard installation then running the following commands will move SickBeard to ‘/sickbeard’

sudo mv my-sickbeard-install/* /sickbeard/
$  sudo chmod 777 /sickbeard

There we go, that’s all there is to it. You can now start using SickBeard through the web browser at the web address:

 http://IPADDRESS:8081

 

Installing Handbrake to RIP DVD’s

Should you want to backup a DVD, this tutorial will detail how to install and set up Handbrake to do so.

The first thing that you need to do is install Handbrake with the following command:

sudo apt-get install handbrake

Now we need to install a package called Libdvdcss so that we can access encrypted DVD’s so run the following command to install the main package:

sudo apt-get install libdvdread4

If you have installed the Ubuntu Restricted Extras package from the Software Centre this has already been installed.

Finally to install the Libdvdcss package run:

sudo /usr/share/doc/libdvdread4/install-css.sh

That’s all there is to it! You can now backup your DVD’s with Handbrake!