Installation of Jupyter on external hard disk/ USB

We have to use Jupyter notebooks for Machine Learning at our university. Jupyter needs a lot of space on the hard disk and I was able to remember (from vocational school) that we were able to install PHPMyAdmin on a USB stick. You have a transportable web application on this way. I had this goal for Jupyter and the Python environment on Linux. 🙂

So I want to give you the installation guide for Jupyter on openSUSE Leap 15.1 (incl. Python) in a virtual environment.
Install the following packages as a foundation:

 sudo zypper install python3-pip python3-devel

After that install the virtual environment with pip3:

sudo pip3 install --upgrade pip
sudo pip3 install virtualenv

Create a project directory for Jupyter in your home directory and mount the external disk/ USB stick there:

sudo mkdir ~/Jupyter
sudo mount /dev/sda1 ~/Jupyter

You have to umount /dev/sda1, if the disk has been mounted automatically in /run/media/ (in my case):

sudo umount /run/media/user/TOSHIBA\ EXT/
sudo mount /dev/sda1 ~/Jupyter

If the external disk is mounted, you can create the virtual environment for Python and Jupyter in the special project directory:

virtualenv ~/Jupyter

Inside, it will install a local version of Python and a local version of pip. We can use this to install and configure an isolated Python environment for Jupyter.
Before we install Jupyter, we need to activate the virtual environment:

source ~/Jupyter/bin/activate

You are ready to install Jupyter into this virtual environment.
You can install Jupyter on the external disk with the following command:

pip install jupyterlab

Call Jupyter via command line inside of the project directory then:

jupyter notebook

That will open your web browser with http://localhost:8888/tree.
Do you need additional packages or Python libraries? You can install them in this project directory, too.
Change to this directory and install them with pip3 (in my case these ML packages):

pip3 install scipy numpy matplotlib sklearn pandas
pip3 install keras tensorflow

Enjoy Jupyter on an external disk.

Q&A for openSUSE Board elections

Our openSUSE Chairman has some questions for the candidates for the openSUSE Board. My answers are here:

1. What do you see as three, four strengths of openSUSE that we should cultivate and build upon?

1) Fantastic coherence in the community
2) Great products with collaboration all over the world
3) Quality

2. What are the top three risks you see for openSUSE? (And maybe ideas how to tackle them?)
1) Dependency on SUSE (humans and financials)
Background: I was asked really often at open source events how another company can sponsor openSUSE. We had to say that it would not possible because all of our money is going via a SUSE credit card and the money would be lost (same with the GSoC money, which has to be transferred to other organizations because of this issue). No company wants to pay Open Source Developers with such a background of an open-source project. Therefore, most openSUSE Contributors are working for SUSE or SUSE Business Partners. This topic popped up more than 3 times during my last Board Membership (really created by SUSE employees each time!).
Solution: Creation of the foundation! I had to suggest this solution more than 3 times before that was accepted by SUSE employees in the Board. I told about all the benefits how we can manage our own money then, receive new sponsors, SUSE can use more money for their own, SUSE can sponsor us continuously and we would be able to receive more Contributors.

2) openSUSE infrastructure in Provo
Background: I am one of the Founders of the openSUSE Heroes Team and was allowed to coordinate our first wiki project between Germany and Provo. The openSUSE infrastructure is in Microfocus hands and they need very long to respond on issues and we are not allowed to receive access as a community. Additionally, SUSE is not part of Microfocus any more which makes it more difficult to receive good support in the future.
Solution 1: Migration of all openSUSE systems from Provo to Nuremberg / Prague (perhaps missing space?)
Solution 2: Migration of all openSUSE systems from Provo to any German hosting data centre with access for openSUSE Heroes

3) Bad reputation of openSUSE Leap & openSUSE Tumbleweed
Background: We are the openSUSE project with many different sub-projects. We don’t offer only Linux distributions, but we are well known for that and most people are associating us with that. I had given many presentations about openSUSE during my last Board Membership and represented us at different open source events. The existing openSUSE Board does not do that very much. They have another focus at the moment.
Solution: We need more openSUSE Contributors representing openSUSE and I can do that as an openSUSE Board Member again. After that, we can be one of the top Linux distributions again. 😉

3. What should the board do differently / more of?
The existing openSUSE Board is working mostly on the topic with the foundation. That is good. Thank you! But the role of a Board Member contains the representation of the community, too. We would have one less risk with that.

4. If you had a blank voucher from the SUSE CEO for one wish, what would that be?

I wish the start financing of the foundation for openSUSE. Both sides will profit from that. 🙂

5. What is your take on the Foundation? What do you consider a realistic outcome of that endeavour? (And if different, what outcome would you like to see?)

The Foundation is a benefit for SUSE and openSUSE (see risk 1). SUSE can support and contribute to us continuously. The difference is that we are open for other sponsoring companies then. Google Summer of Code money can be used for Travel Support. We can say how much money can be used for every openSUSE event/ Summit (without any eye on the situation of SUSE). We can manage that all for our own. If we can accept more companies as sponsors, SUSE can invest the saved money into the own company or in other open-source projects. We become more open and that is a reason for companies to invest money into jobs as Open Source Developers for us. So the community can grow with more companies as sponsoring partners.

Running for the openSUSE Board again or: reelect (Sarah);

I was in the openSUSE Board for 2 years in the past and I have enjoyed this time to bring along the openSUSE project.
I want to run for the openSUSE Board again after a short break about 1 year. I am happy that the existing openSUSE Board has proceeded my idea with the foundation so successfully. But I would be happy about being allowed to finalize this/ my topic together with the other Board Members as my old idea.
Additionally, I have watched the decreasing reputation. Public representations of openSUSE have been missing by the openSUSE Board in the last year. I would increase that on the same way I have done that at our university.

My main activity at openSUSE is the Coordination of the global Localization Team besides my studies. However, that is not the sole task. I contribute to QA, give presentations, update the wiki (English and German) and create PRs on Github. I would be able to contribute some code as a Computer Scientist, too. But SUSE does not want to see any Computer Scientists from our university. Therefore, my focus is on improving our study plan with open source development.

I love to represent openSUSE. So I have decided to run for reelection. 😉

Do you want to know more about my goals and thoughts? You can find more about my goals for these openSUSE Board elections on my openSUSE Board election platform.

  • Email:
  • Blog: (my blog)
  • facebook:
  • LinkedIn:
  • Connect:
  • I wish all candidates good luck, and hope that we‘ll see lots of voters!

    Password Security with GPG in Salt on openSUSE Leap 15.0

    We are creating a deployment of openSUSE clients with Salt. Kerberos needs password authentication. Therefore, we want to encrypt passwords before using them in Salt. I want to explain how to integrate that all.

    At first, you have to install gpg, python-gnupg and python-pip. openSUSE wants to install only the package python-python-gnupg which isn’t enough for Salt. You have to use additionally pip install python-gpg.

    After that, you have to create the directory /etc/salt/gpgkeys with mkdir. That will be the home directory for the decryption key of Salt. Then you can create a password less key in this directory. Salt is not able to enter any password for encryption.

    # gpg --gen-key --pinentry-mode loopback --homedir /etc/salt/gpgkeys
    gpg (GnuPG) 2.2.5; Copyright (C) 2018 Free Software Foundation, Inc.This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.
    Note: Use "gpg2 --full-generate-key" for a full featured key generation dialog.
    GnuPG needs to construct a user ID to identify your key.
    Real name: Salt-Master
    Email address:
    You selected this USER-ID:"Salt-Master <>"
    Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    gpg: /root/.gnupg/trustdb.gpg: trustdb created
    gpg: key B24D083B4A54DB47 marked as ultimately trusted
    gpg: directory '/root/.gnupg/openpgp-revocs.d' created
    gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/6632312B6E178E0031B9C8E8B24D083B4A54DB47.rev'
    public and secret key created and signed.
    pub   rsa2048 2019-02-05 [SC] [expires: 2021-02-04]
    uid   Salt-Master <>
    sub   rsa2048 2019-02-05 [E] [expires: 2021-02-04]

    After that you have to export and import your public and secret key in an importable format. Salt can not decrypt passwords without the Secret Key.

    # gpg --homedir /etc/salt/gpgkeys --export-secret-keys --armor > /etc/salt/gpgkeys/Salt-Master.key
    # gpg --homedir /etc/salt/gpgkeys --armor --export > /etc/salt/gpgkeys/Salt-Master.gpg
    # gpg --import Salt-Master.key
    gpg: key 9BE990C7DBD19726: public key "Salt-Master <>" imported
    gpg: key 9BE990C7DBD19726: secret key imported
    gpg: Total number processed: 1
    gpg:               imported: 1
    gpg:       secret keys read: 1
    gpg:   secret keys imported: 1
    # gpg --import
    gpg: key 9BE990C7DBD19726: "Salt-Master <>" not changed
    gpg: Total number processed: 1
    gpg:              unchanged: 1

    The key has the validity unknown at the moment. We have to trust that. Therefore, we have to edit the key, trust that, enter a 5 for utimately and save that.

    # gpg --key-edit Salt-Master
    gpg (GnuPG) 2.2.5; Copyright (C) 2018 Free Software Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    Secret key is available.
    sec  rsa2048/3580EA8183E8E03E
         created: 2019-02-05  expires: 2021-02-04  usage: SC
         trust: unknown       validity: unknown
    ssb  rsa2048/4ABC9E975BD76370
         created: 2019-02-05  expires: 2021-02-04  usage: E
    [ unknown] (1). Salt-Master <>
    gpg> trust
    sec  rsa2048/3580EA8183E8E03E
         created: 2019-02-05  expires: 2021-02-04  usage: SC
         trust: unknown       validity: unknown
    ssb  rsa2048/4ABC9E975BD76370
         created: 2019-02-05  expires: 2021-02-04  usage: E
    [ unknown] (1). Salt-Master <>
    Please decide how far you trust this user to correctly verify other users' keys
    (by looking at passports, checking fingerprints from different sources, etc.)
      1 = I don't know or won't say
      2 = I do NOT trust
      3 = I trust marginally
      4 = I trust fully
      5 = I trust ultimately
      m = back to the main menu
    Your decision? 5
    Do you really want to set this key to ultimate trust? (y/N) y
    sec  rsa2048/3580EA8183E8E03E
         created: 2019-03-07  expires: 2021-03-06  usage: SC
         trust: ultimate      validity: unknown
    ssb  rsa2048/4ABC9E975BD76370
         created: 2019-03-07  expires: 2021-03-06  usage: E
    [ unknown] (1). Salt-Master <>
    Please note that the shown key validity is not necessarily correct
    unless you restart the program.
    gpg> save

    So the key is validity and usable. You can see your keys listed with following commands.

    # gpg --list-keys
    # gpg --homedir /etc/salt/gpgkeys --list-keys

    Salt needs access to the key for decryption. Therefore, you have to change permissions on /etc/salt/gpgkeys.

    # chmod 0700 /etc/salt/gpgkeys
    # chown -R salt /etc/salt/gpgkeys

    We can decrypt passwords with the key now. Replace supersecret with your password and Salt-Master with the name of the key.

    # echo -n "supersecret" | gpg --armor --batch --trust-model always --encrypt -r "Salt-Master"
        -----BEGIN PGP MESSAGE-----
        -----END PGP MESSAGE-----

    The output is a Base64 encoded PGP Message. You can use that in your sls file (in my case kerberos.sls) in the pillar directory.

      principal: X95A
      password: |
        -----BEGIN PGP MESSAGE-----
        -----END PGP MESSAGE-----

    Salt is not able to distinguish encrypted from non-encrypted strings at the moment.

    You have to uncomment the entry gpg_keydir: and add /etc/salt/gpgkeys in the salt-master configuration of /etc/salt/master. In addition, you can find the part with decrypt_pillar:. In my case, I add – ‚kerberos:password‘: gpg there.

    You need a restart of the service salt-master. Afterwards Salt knows, that the special pillar entry has to be decrypted with gpg. Following you can run the sls file on any salt client and Salt can use the password.

    At the end you should remove the command with your password for the PGP Message creation in your bash history. Therefore, edit ~/.bash_history and remove the entry with echo. So nobody can figure out the secure encrypted password for the user.

    Running for the openSUSE Board again…

    One period is more quickly left than you can imagine and I am running for re-election for the openSUSE Board!
    My name is Sarah Julia Kriesch and I am a work experienced Student in Computer Science at 2 universities.
    I am completing my Study Abroad Semester at the University of Bristol at the moment and I have a running IT project at my home university Nuremberg Institute of Technology Georg Simon Ohm. In addition, I am working as a Student Research Assistant at my home university.

    A lot has happened in the last years and I try to combine my studies with openSUSE Contributions as best as possible. I am the Founder of the Working Group Open Source  at the Faculty of Computer Science of the Nuremberg Institute of Technology. We offer workshops in Linux and Open Source bi-weekly. These are open for Students by other Faculties, too. I am the Educator for our Orga Team with Linux Trainers. We have presentations and workshops in cooperation with openSUSE every semester. I want to forward such Open Source education everywhere in Germany.

    Our IT project is a migration of our Linux Laboratory from Ubuntu to openSUSE Leap. We automate that with Salt and that all have to work with Kerberos authentication. So our Students are able to use their AD accounts and special sums have to be debited against our student cards for printing with Kerberos tickets then. We are working in cooperation with SUSE here.

    I have occupied myself with different units in Bristol. I have HPC, Embedded & Real-Time Systems, Security and Sustainability. I am glad to be allowed to combine a part of my exam in Sustainability with openSUSE. I wanted to create a project plan to improve our Sustainability for my next period in the openSUSE Board. My election pledge is the switch from DVDs to USB flash drives in the marketing material.

    My efforts within openSUSE is mainly an education part at our university to receive new openSUSE/ Open Source Contributors and being active as an Advocate at different conferences and expos. I have switched from Germany to the United Kingdom for this semester. This year I will return to Germany. Another role is the Global Coordinator Localization incl. German translations and the Wiki.

    Going forward and joining Germany again, I want to concentrate more on the well-being of the openSUSE Community. You don‘t receive new Contributors if you don‘t have the correct climate in the community and some would be unsatisfied. I want to build that on the introduction of the Board publicity by our elected Board Members in the last year. That would improve the collaboration and respect within openSUSE.

    I am much obliged to be an elected Board Member for 2 years. I appreciate receiving your votes for a second term.

    Thank you in advance!






    AG Open Source and our responsibilities

    Last semester I founded the AG Open Source at our university. We are organizing workshops and hackathons in cooperation with open source projects/ companies. Our students should learn more about open source development and how to contribute. The difference to the Friedrich-Alexander-University and their professorship in open source development is that we want to learn the real practice by professionals.

    After 3 months we had a reputation. The AG Open Source should be open for other faculties, too. EFI (electronic – fine mechanics – information technology) has been interested for our events. So students in Computer Science and Electronics are receiving basic courses in Linux and using git. In addition, we create a program which is different every semester. Last semester we had topics like security and the ownCloud hackathon. This semester our focus is on monitoring and docker.

    I am the Lead of the AG Open Source. I am educating other students in the student council for different positions in the AG. We need an additional lead. So I have one student as a Junior Lead who is being taught in organization, email writing and publishing by me. Two other students want to become Linux Trainers. They  have to know all about the cooperation with other  AGs in the student council and their processes, too.

    Last semester I was the Linux Trainer in all Linux workshops. One (advanced) student supported me with running through the lines and looking for different students. Other students in my semester are interested for this job this semester, too. Last week we received the request for a Linux course for advanced Linux users parallel to the Linux course for beginners. So I am teaching one student to pick up my course for beginners. Next semester we’ll use 2 rooms for this event. I’m planning the course for Advanced Linux Users.


    Since this week we are responsible for a new task at our university: Linux

    support for students

    A EFI student stood in the door of our student council for Computer Science and said: „I’m not from this faculty, but I need Linux support by the AG Open Source. Nobody else can help me. I was in the data center. They want to support only Windows. I can’t find anybody at our faculty, too.“

    The data center has reconfigured eduroam. That’s the Wifi for students and professors. We need additional entries for Linux systems and a new certificate now. I configured his Wifi and I know: I have to educate Linux Supporters for our AG. On our internal homepage openSUSE and Android are listed as supported operating systems (Linux) by the data center, but our Sysadmins don’t know what to do there. All students are coming to the student council for Computer Science now, because they are receiving Linux workshops by us.

    Our AG Open Source is growing, but our responsibilities are growing, too!



    openSUSE release party at FrOSCon

    We had a nice weekend at FrOSCon with a lot of fun. This atmosphere has gone over to our neighbours, so some Fedora Ambassadors wanted to change to openSUSE. That was the last time at the Fedora booth for them and their booth became green.

    You can see here a Fedora Ambassador who wants to have openSUSE marketing material for students of the university Marburg. He has green glasses as a signal for his change. He’ll give Linux workshops with openSUSE and wants to become a openSUSE Hero.

    We had many visitors the first day. Our release party took place at our booth at 5 o’clock. We were surprised about so many people. The cake was away after a quarter hour. It wasn’t enough for all interested guests. All were happy and toasted the new Leap release with the champagne.

    After that we had our first tombola with a big chameleon. What for a surprise! Last year a family of LPI won 2 chameleons. This year a small LPI girl won the first one again. That shows us the partnership between LPI and openSUSE. 🙂


    Sunday I went to some interesting presentations. We shared our service at the openSUSE booth. Additional to that we spoke about the OpenRheinRuhr organization, what we want to improve and how we can realize all with new German Advocates. Second day we had a second tombola. This chameleon went to invis server.

    Debian and Ubuntu didn’t have any booth. Some Debian users asked us for Debian Contributors. I sent them to Open Office. After this visit they came back and talked with us about openSUSE and what is new. They were really interested.

    That was a successful weekend for openSUSE with a lot of fun. Thanks for all the sponsoring at FrOSCon!

    openSUSE at Chemnitzer LinuxTage 2017

    I went to Chemnitzer LinuxTage last weekend. That was a successful open source event.

    openSUSE has got a lot of positive feedback. Some people changed from Ubuntu to openSUSE Tumbleweed and are happy.

    There was some misunderstanding with the new release development of openSUSE Leap. Some people thought that would be a second rolling release by openSUSE. After explaining that we want to do that only in the development phase for achieving a more stable operating system and we will have a release day every year again, these cusomers have been happy again and like this idea. More stability is a good reason. 🙂

    invis server had his meeting about their new project openSUSE SMB. One openSUSE customer was interested for this project and I brought him to Stefan. Some booth visitors want to visit our next oSC in Nuremberg.

    We had more customers than in the year before. Somtimes guys asked how to change to us and to contribute. Linux beginners wanted to have live CDs. We burned flash drives with Tumbleweed live images for them.

    Sunday we had a raffle at our booth. The award was a big chameleon. You can see the winner on the picture.At the end I took part of the raffle by Thomas Krenn AG. 🙂

    They produce server hardware and storage. Their first award was a low energy server which I won. That‘ s ideal for students like me. The best thing is that this server hardware is supported by openSUSE.

    Chemnitzer LinuxTage was a fantasic open source event like every year. Thanks for the sponsoring!

    tcpdump of a docker container

    You create docker containers and many tools are missing. As an example: tcpdump

    So I was looking for a solution for sniffing the traffic from outside of the container. It is recommended to setup an additional (tcpdump) container and to use it with following network connection:

    docker pull adamoss/docker-tcpdump

    docker run -ti –net=container:${id} adamoss/tcpdump port https or port http


    You can specify different ports and save the data in a file. The id is the name of the container and the „–net=container:“ is saying that you want to have input/output traffic of the docker container like the command would be executed on the same system.

    Running for the openSUSE Board

    Hi! I‘m Sarah Julia Kriesch, 29 years old, educated as a Computer Science Expert for System Integration, and currently studying Computer Science at the TH Nürnberg.


    Introduction and Biography

    I am a Student at the TH Nürnberg, Student Officer for Computer Science (Fachschaft Informatik) and a Working Student (Admin/ DevOps) at ownCloud. I changed from working life to student life this year. I have received the scholarship „Aufstiegsstipendium“ (translated „upgrading scholarship“) for students with work experience by the BMBF.

    I have got 4 years of work experience as a Linux System Administrator in the Core System Administration (Monitoring) at 1&1 Internet AG/ United Internet and as a (Managing) Linux Systems Engineer for MRM Systems (SaaS) at BrandMaker. MRM Systems are systems for project management in marketing (Marketing Ressource Management Systems).

    I used SLES/ openSUSE during my German education of information technology for the first time in 2009. In the company I learned installations with YaST. I wanted to know more, which was the reason for going to conferences and expos. I tried to educate myself (with community support and vocational school) until the end of my 2nd year. oSC11 was the time stamp for meeting the openSUSE Community.  Marco Michna wanted to become my Mentor in System Administration and gave me private lessons until his death. I got a scholarship for further education (a free Linux training) by Heinlein. Both were a good base for starting in the job after the vocational training act.

    I wasn‘t allowed to contribute to openSUSE during my last year of education, because my education company didn‘t want to see that. They filtered Google after all contributions in forums and communities. That‘s the reason why I am using the anonymous nick name „AdaLovelace“ at openSUSE. I had to wait for joining openSUSE again until my first job where I worked together with Contributors/ Members of Debian, FreeBSD and Fedora.

    I started with German translations at openSUSE with half a year of work experience. Most of you know me from oSCs (since 2011). I was Member of the Video Team, the Registration Desk and contributed as a Speaker. Since 2013 I am wiki maintainer in the German wiki and admin there. Since 2014 I am an active Advocate in Germany. I give yearly presentations, organize booths and take part in different Open Source Events. As a GUUG Member (German Unix User Group) I asked for a sponsorship for oSC16. I hold my first (English) presentation about performance monitoring there then.

    This year I have joined the Heroes Team and the Release Management Team. I founded the Heroes Team with my friends during the oSC16 because of the spam in the wiki. I became the Coordinator for this project. I am Translation Coordinator now, too. I was responsible for the documentation of openSUSE Leap 42.2. So I wrote a lot in the English wiki this year. I was interviewed (as an Advocate) by the Hacker Public Radio at the FOSDEM 2016.

    Some of you know me from different mailing lists. That‘s the best way to reach me.

    I love openSUSE and pick up tasks, if I see something to do where I can help with my Sysadmin/ Coordination/ Documentation/ BPM skills. Free periods ( Monday & Tuesday) are reserved for openSUSE Contributions. If somebody asks me for technical help (unimportant whether programming, infrastructure or communication), I‘ll try to find a solution.  I learned to work agile (Scrumban in System Administration) which I want to transfer to my teams in open source projects.

    Issues I can see

    I want to improve the cooperation between openSUSE and universities/ TH Nürnberg as the founder of the Open Source AG there.

    openSUSE should be one of the main distributions on AWS (main AMI).

    The openSUSE Infrastructure should be easier to achieve for openSUSE admins, so that we can react on escalations very fast.

    Role of the Board

    My goal is to have happy customers and developers. That‘s what I want to achieve as an Advocate and (perhaps) as a Board Member in the future.

    We should live freedom in the community. Everybody should do what he likes. I don‘t like bossing. But I want to help in leadership with coordination and solutions where needed.

    Why you should vote me

    •  I am a geek(o).
    •  I like new technologies and learning.
    •  I know most important people in the community.
    •  I learned coordination in my first job, which I can use as a Board Member, too.
    •  I am educated by communities.
    •  I have got an education in information technology.
    •  I contribute to different parts of the project (technical and non-technical).
    •  I have got a big open source network (openSUSE, ownCloud, GUUG, …).
    •  I have got international work experience.
    •  I love openSUSE.


    Aims/ Goals

    We should improve openSUSE and hold the position of being one of the best Linux distributions.

    I want to be open for cooperation with other Linux/ open source projects.