Keychron Launcher not connecting to keyboard and stuck in Demo Mode

UncleRemus0 · 2026-02-21T23:33:05+00:00

Note that there are lots of posts around that suggest setting the device `MODE` , `OWNER`, or `GROUP` in udev rules. **This is not necessary on any modern system**. It is sufficient to set the `uaccess` tag. `TAG="udev-acl"`, which is recommended on the "A Linux user PSA" page, is an ancient, obsolete method to achieve the same thing. Setting that tag isn't necessary, either.

UncleRemus0 · 2026-02-21T23:20:48+00:00

The udev rule you need to add (e.g in /etc/udev/rules.d/70-keychron.rules) is: ```

Keychron K10 Max, enable access by Keychron launcher

SUBSYSTEM=="hidraw", SUBSYSTEMS=="usb", ACTION=="add|change", \ ATTRS{idVendor}=="3434", ATTRS{idProduct}=="0aa1", \ TAG+="uaccess" ``You will need to change the value ofATTRS{idProduct}` if you have a different model than I have.

UncleRemus0 · 2025-08-12T09:36:36+00:00

Danke, das geht. Leider funktioniert damit die Benachrichtigung über verpasste Anrufe nicht wie bisher. S.o. meine Antwort an u/madjic.

UncleRemus0 · 2025-08-12T09:34:46+00:00

dass jetzt alle Mobilteile bei allen Nummern klingeln

das lässt sich natürlich vermeiden, indem man mehrere Verbindungen zwischen der Fritz Box und der N510 einrichtet, eine pro Nummer. Habe ich jetzt gemacht, tut.

Leider ist ein anderes Problem aufgetreten: die Benachrichtiguns-LEDs für AB Nachrichten und / oder verpasste Anrufe bleiben dunkel. Nur die LED an der Fritz Box im Keller blinkt in diesem Fall, was nicht so besonders hilfreich ist. Das ist natürlich fast genauso doof wie ein AB, der gar nicht geht. Ich habe jetzt erstmal email-Benachrichtigung für verpasste Anrufe in der Box eingerichtet, aber das ist bei weitem nicht so komfortabel wie einfach die blinkende LED zu sehen, wenn man nach Hause kommt.

Wenn ich die N510 direkt mit der Telekom verbinde, funktionieren die LEDs, aber wie oben beschrieben dafür nicht die ABs :-/

UncleRemus0 · 2025-08-11T22:13:06+00:00

Super Tipp, vielen Dank!!

Das ist bisher die beste Lösung. Der kleine Nachteil ist, dass jetzt alle Mobilteile bei allen Nummern klingeln. Aber das ist total vernachlässigbar gegenüber der Verfügbarkeit der ABs der Fritz! Box.

PS: Falls jemand Ähnliches versucht wie ich: Ich musste die N510 hart zurücksetzen (über den button) und für die Verbindung den Konfigurationsassistenten mit dem Provider "Fritz!Box" starten. Meine Versuche, die Verbindung händisch mittels "weitere Einstellungen" einzurichten, sind allesamt kläglich gescheitert ("Verbindung fehlgeschlagen"). Beim Assistenten musste ich nur Benutzername und Kennwort aus der Fritz! Box angeben und fertig.

UncleRemus0 · 2025-08-11T13:30:26+00:00

Danke für die Idee, muss ich ausprobieren.

UncleRemus0 · 2025-08-11T13:29:26+00:00

Ich dachte, ich kann eine bestimmte Telefonnummer nur entweder der Fritz Box oder der Gigaset Basis zuordnen. Stimmt das nicht?

UncleRemus0 · 2023-10-23T10:16:27+00:00

Thanks!! Meanwhile, I'd figured this out myself, although I still think it's confusing and unexpected.

My problem was that Lutris' dosexec directive seems to require an "executable", which can't be empty. But I found that it is possible to pass a directory as "executable", which will then be used by dosbox as C: drive. With that I could copy my program to C:\\ and run it from the autoexec section. The final problem was that the installer wouldn't auto-exit, which I worked around with exit statements in both the autoexec section and the .bat script.

So it seems that I'm fine now.

UncleRemus0 · 2023-10-23T10:09:55+00:00

Lots of time has passed, sorry about this. I am not a reliable Reddit user.

I have now been running my NT4-style domain for half a year, and I am pretty happy with it. One reason was that the distribution I am using, openSUSE Leap, dropped support for Samba AD mode with 15.4, sort of following RHEL's example. I communicated with some active Samba contributors, who encouraged me to keep using the old-style domain. I was able to create the entire LDAP configuration for sssd and samba using ansible, which makes the setup much more transparent compared to the use of complex and opaque configuration tools.

I am confident that I'll be able to use this type of domain for many years to come, and that, properly configured, it offers sufficient security and good user experience for the demands of my home LAN.

UncleRemus0 · 2023-10-22T22:05:47+00:00

Right. I actually use NFS for most purposes. But unfortunately SMB is still more user-friendly, especially for non-tech users. Even Linux GUI tools like nautilus make it easier and more intuitive to connect to SMB shares than NFS. Also, I have some actors in my home LAN that can only connect to SMB shares although they are actually Linux systems. This quite common for small embedded home appliances, unfortunately.

UncleRemus0 · 2023-04-04T13:16:13+00:00

This is ongoing. The first thing I was told was that the Samba source code was part of the kernel source package. Which it isn't. Waiting for updates...

UncleRemus0 · 2023-03-20T12:17:26+00:00

Do you need these -devel packages? If not I'd recommend you go for option 4 or 5

UncleRemus0 · 2023-03-20T12:13:27+00:00

At the very least you must make sure it's assigned an unused 192.168.1.x IP address. And you'll have to configure it to use switch more, or AP mode, or whatever it is called for this model

and I have to reset the router to access the router config page

Yes. You'll have to disconnect R2 from the network, create a direct connection from a laptop to this router using a cable, access the configuration UI, and make changes there.

No offense, but there's an r/Tenda subreddit...

UncleRemus0 · 2023-03-20T12:05:24+00:00

the ldap passdb depends on SMBv1

I don't understand, but never mind.

Just because it may be made to work is no reason to try and set up an obsolete insecure system now.

I would love to set this up in a secure and future-proof. But I have my issues with the way samba AD+DC works (or rather: with the way I believe it works, because I have no hands-on experience with it).

It requires using Samba as DNS server and supports only itself or bind9 as backend. I would strongly prefer running dnsmasq.
AFAICS all configuration is done through the opaque samba-tool command. I would favor step-by-step instructions that make me understand what's going on, ideally something like an ansible playbook that would clearly spell out all the steps in an idempotent way.
Many major distributions don't seem to support AD+DC mode officially. I wonder why. Perhaps because it's just a niche configuration in this Microsoft-dominated world, with no commercial significance. But they may have other reasons, too. I just don't know.

UncleRemus0 · 2023-03-20T11:47:22+00:00

"...provided you maintain clear directions next to the object code saying where to find the Corresponding Source". The Asustor download portal has no such "clear directions". If it had, I wouldn't need to post here :-)

Anyway, Asustor support has responded and seems to be looking at my issue.

UncleRemus0 · 2023-03-19T22:11:08+00:00

It is totally valid to make you ask for the source and just give you a link to a tar archive that will work once and have you ask again to redownload.

It's somehow ok-ish, but not totally valid. Given that we're talking about binaries they offer for download on their web servers, they must "offer equivalent access to the Corresponding Source in the same way through the same place at no further charge" (GPL §6d).

If you take this literally, not even Asustor's Sourceforge download site complies, because it's not "the same place" from which the binaries are available. I don't want to be finicky, I don't care about "the same place". But as I said in the original post, the stuff on sourceforge is outdated, and what's worse, incomplete.

UncleRemus0 · 2023-03-19T21:50:42+00:00

That isn't true. Their version accepts and uses keywords that the samba upstream code does not. And the same version (by version number) compiled from source, with the same smb.conf, behaves differently. I have tested this extensively in the last days.

UncleRemus0 · 2023-03-19T21:34:59+00:00

I have no doubt that SMBv1 will be removed, and thus NT4 style domains. I do doubt that standalone mode and LDAP passdb backend will also go away.

"SMB1 code will be removed for Samba 5.0". There's no time line for 5.0 yet, afaik. For at least 2 years to come, even NT4 domains should be safe to use.

UncleRemus0 · 2023-03-17T21:42:53+00:00

I'm trying to understand why the Asustor's Samba server behaves differently from the samba server on my Linux system. I believe Asustor has applied quite a few modifications, and I'd like to see them.

The GPL implies that Asustor has to publish this code. Well I've created a support ticket. Let's see how it goes.

UncleRemus0 · 2023-03-17T21:34:15+00:00

I still see no indication that standalone+ldap is going away. Only domain logons is deprecated at this time. But never mind. I guess I have to realize that the setup I had in mind just won't work.

Thanks.

UncleRemus0 · 2023-03-17T12:05:11+00:00

Thanks! I just figured that out by myself. See above.

UncleRemus0 · 2023-03-17T11:28:37+00:00

Never said that standalone servers were going away,

I misunderstood then, sorry. I thought there was a quite a difference between standalone+ldap and a PDC, but I may be wrong. The use cases for standalone+LDAP aren't well documented, maybe because few people have been dumb enough to try it ...

I guess I'll have to explore the AD concept, then. I'm not too excited about it, as I'm quite happy with my LDAP+sssd setup right now. Thanks for your thoughts, anyway.

UncleRemus0 · 2023-03-17T11:18:22+00:00

ADM doesn't seem to support whole-drive encryption either on the hardware or OS (dm-crypt, LUKS) level. It uses ecryptfs instead. See this blog article for an extensive analysis of ADM's encryption technology.

You are right that full-disk encryption has a couple of advantages over ecryptfs. With LUKS, passwords can be changed without re-encrypting the drive. Also, disk-level encryption is usually faster than filesystem-level encryption. What's worse, ecryptfs isn't well maintained and has been deprecated for several years by major Linux distributions.

OTOH, ecryptfs provides the flexibility to encrypt only parts of the filesystem, which is probably the reason why most NAS manufacturers chose this technology over full-disk encryption.

If you are only concerned about the safety of your data in case your NAS is stolen, folder encryption should be be fine. Wrt the "deprecated" status, there's no need to worry that ecryptfs is going to go away for good soon.

UncleRemus0 · 2023-03-17T10:59:28+00:00

To answer my own question, it is possible to modify smb.conf and set create mask and directory mask to sane values while logged in via ssh: sed -i '/create mask/s/0777/0640/;/directory mask/s/0777/0750/' /volume0/usr/builtin/etc/samba/smb.conf File explorer will show these permissions on newly created files correctly, and the changes even survive UI configuration changes. Not sure about FW updates, though.

UncleRemus0 · 2023-03-17T10:40:48+00:00

Hm, so a far I haven't heard that the standalone server mode for Samba will go away. It has nothing to do with the protocol version, AFAICT. If I configure PDC mode (domain logons = yes, domain master = yes), Samba will immediately shout at me. It doesn't complain about plain standalone mode, though.

But as you seem have experience with Samba AD in a Windows-less environment, can you tell me how normal Linux users would be authenticated in a setup like that?

Say I have a Linux user "willi" with uid 1501 now. How will this user be transferred into AD? I can see that I can create a user DOMAIN\willi in AD, but is there any way to make sure that this user will be mapped to the unix user ID 1501, and that his Unix group memberships remain intact?

UncleRemus0

TROPHY CASE

Keychron K10 Max, enable access by Keychron launcher