Archive for the “General” Category

Rackspace Hosting joins with Akamai CDN to help deliver their Cloud Files solution for their customers. Lew Moorman, president, cloud and chief strategy officer for Rackspace states:

“The next decade presents new opportunities for two industry leaders, Rackspace and Akamai, to better help customers succeed with their cloud strategies, especially around feature-rich content, SaaS applications, and dynamic websites,”

The partnership offers many benefits for Rackspace customers. Here are few listed on the Rackspace website:

  • Improved Application Performance
  • Ensured Application Availability
  • Reduced Support Costs
  • Enhanced Security
  • Pay as You Grow

Further Reading:

Comments No Comments »

Hoping that everyone has a prosperous and eventful new year. I endeavor to increase my blog time and hopefully put out more articles this year.

Comments No Comments »

Since techies are the modern day ninja, I thought I’d share this video of Modesto’s Annual Ninja Parade.

Comments No Comments »

SSH keys are the most effective way to securely shell into your server. In this article we are going to cover creating a SSH key pair. There are a plethora of articles on the net the cover this subject. I suggest reading two or three of them to help understand the process. Creating a SSH key pair is very easy in itself.

Instructions on creating SSH Key pairs are fairly general, so I will explain how I configured the keys for a server.

1. Create the user account on the server and create the same user on the remote system you want to SSH from.

2. On the remote system switch to the user you just created

# su – USERNAME

3. Create the SSH Key pair. You can do this from any directory. Unless otherwise stated, it will default to the /etc/USERNAME/.ssh directory. The are discussions on the differences between RSA keys and DSA keys. They are about the same when it comes to protection, but I like to use DSA keys. RSA is the default so you have to specify DSA if you want to use it.

$ ssh-keygen -t dsa

You will get output such as the following. Some people choose not to use a password, this allows you to ssh into the server without a password, but if someone gets a hold of your ssh key, they can log in to your server without challenge. I suggest using a password, you won’t know any difference than if you used a regular password login.

[vinsane@8bitpipe ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/vinsane/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vinsane/.ssh/id_dsa.
Your public key has been saved in /home/vinsane/.ssh/id_dsa.pub.
The key fingerprint is:
89:15:93:b8:e5:3e:6e:c8:55:8d:32:d9:8a:d8:87:20 vinsane@8bitpipe.com

4. Copy the public key to the server and rename the public key to authorized_keys in the users .ssh directory.

5. On the local machine change the permissions of the private key to 600; it should be located in the /home/USERNAME/.ssh/ Directory. I’ve found that if you don’t have the home directory for the user open for others to view it, you do not have to do this. The system should tell you if the key is not secure.

And there you have it. A more secure login. You can also go into the servers sshd.conf file and disable password logins, but you will need to bring your key with you if you want to login from other computers. I would suggest a small encrypted usb key used only for you ssh key. Keep it on your key chain in the event you need to login to your server when you are out and about and can’t get back to your main system.

Further reading:

Comments No Comments »

In my perusing of the system I came across the following command: getent. Now most my searches on the system produced the following results.

# whatis getent
getent: nothing appropriate

I was able to use a –help and find the usage of the command. I further looked on the web and found the following manpage at die.net.

getent(1) – Linux man page

Name

getent – get entries from administrative database

Synopsis

getent database [key ...]

Description

The getent program gathers entries from the specified administrative database using the specified search keys. Where database is one of aliases, ethers, group, hosts, netgroup, networks, passwd, protocols, rpc, services or shadow.

Author

getent is written by Thorsten Kukuk for the GNU C Library.

This man page is written by Joel Klecker <espy@debian.org> for the Debian GNU/Linux system, updated by Jakub Jelinek <jakub@redhat.com> for GNU C Library 2.2.2 getent changes.

Well, it would appear that this little gem does not do anything spectacular, but to the contrary a fluid use of this command will save sow command line foo when cutting down the searches in the appropriate file.

For example, lets say you cam across a reference to a port number and wanted to know what it did. Who still uses port 70? So you grep 70 out of the /etc/services directory and get a slew of results, 231 on my system. Sure you can work linjitsu to find only the line you wanted, but using getint you get the following result:

# getent services 70
gopher                70/tcp

It even removes the comment at the end of the line. This is a handy tool in my opinion. Hopefully, you will find a good use for this.

Comments 1 Comment »

Finally got around to updating wordpress and the plugins. Looks like I need more content. Let me know if anyone is interested in anything.

Comments No Comments »

Well, it is with a sad panda face that I relate that xmarks will be discontinuing their synchronization service. I have used bookmarks for almost as long as it has been around, back when it was called foxmarks, and there were not any other bookmark syncs for Firefox. I’ve found this tool indispensable and I am sad that the company could not find a sustainable business for it.

For now I am transferring to firefox sync, but I have not used it before. For more information on Xmarks, see the link below.

Sad Panda

Sad Panda

Further Reading:

http://blog.xmarks.com/?p=1886

Comments No Comments »

Every so often I go back to a terminal, start typing a command and get the following:

Write Error: broken pipe

Admittedly, it is usually my centos server, but I have seen them on long searches that time-out before they finish (don’t forget to use screen).  Since I like to know why the error pops up, I did a little bit of research. According to wikipedia, a write error is “a condition in programming [...] when a process requests an output to pipe or socket, which was closed by peer”.

It is sometimes referred to as a ‘sigpipe’ and I thought that was a nifty term. So basically you tell your local host to send a command down the sigpipe to the remote host, but the remote host has closed the connection. So, you get a broken pipe message.

Comments No Comments »

Wow, over a month and no posts. I’m really slacking. I guess I’ll kick off this fine Monday as I usually do, with some computer lingo. Today’s topic is the term ‘Data Haven’. According to wikipedia the term data haven means:

“a computer or a network that holds data protected from government action by both technical means (encryption) and location in a country that has either no laws, or poorly-enforced laws restricting use of data and no extradition treaties.”

In layman’s term, a data haven is a place where you can dump cracked/pirated/illegal software out of the reach of the law. The idea of data havens were conceptualized in the book Islands in the Net by Bruce Sterling and you can see term pervade the cyberpunk genre. There are organizations in place to protect a person’s intellectual properties, but there are still many nations where a data haven could conceivable be set up.

Further Reading:

Comments No Comments »

That’s right. When you only have 8bits in your pipe, any new traffic causes a pipeline burst. I’d like to welcome Goliath to the Pipe. Goliath is one of my senior administrators that I have had the pleasure to work with for the last year. He holds multiple certifications, but is hesitant to blog posting. Hopefully with some prodding he will be come a regular fixture. Now if I can only get Bert on board.

Comments 3 Comments »