• The Author – Bart Busschots

  

  • About
  • On Flickr
  • On YouTube
  • On Mastodon
  • On Twitter

  
  

  

  

  

  

  

• Site Search

  
  

• Site Map

  • About Bart
  • Blog
    • My Development Toolkit
    • Programming by Stealth
    • Taming the Terminal
    • Photo of the Week
    • Observer’s Log
  • Photography
  • Publications
    • Podcasts
    • Presentations
    • Software
      • HSXKPasswd – A Secure Memorable Password Generator

• Blog Categories

  • 42 (Life the Universe & Everything)
  • Computers & Tech
    • Automation
    • Security
    • Software Development
    • System Administration
  • Cooking & Food
  • History & Geography
  • My Projects
  • Photography
  • Polemics & Politics
  • Science & Astronomy

• Featured Tags

  • presentation
  • review
  • software release
  • tutorial

• Creative Commons

  Unless otherwise stated, the content on this site is licensed under Creative Commons Attribution, Noncommercial, No Derivative Works 3.0 License

  

Last night I released what I hope will be the last beta release Crypt::HSXKPasswd before the first release to CPAN. You can download it from the project’s GitHub page (reminder, you can get installation instructions for the beta releases here).

The head-line change is the addition of a bundled command line app, bringing all the power of Crypt::HSXKPasswd to the terminal, shell scripts, and indeed programs and scripts written in any language with the ability to shell out.

In terms of lines of code the biggest change is a complete re-write of all data validation code. The project now contains a custom type library which exactly defines what it means to be a word, letter, symbol, symbol alphabet etc.. This has made the code much more robust, and has make it a lot easier to write consistent documentation. The type library is written using Type::Tiny, and all the custom type definitions contain customised validation error message functions to give users much more helpful feedback.

With the help of Allison Sheridan from the NosillaCast Mac Podcast, the warnings and error messages issued by the module have also become a lot more human-friendly.

The test suite has also been greatly expanded, making it easier to find and fix bugs going forward.

If you have an interest in this module, please install the beta and report any problems you find by opening issues on the project’s GitHub page. Or better still if you’re a developer, fixing the bug and sending me a pull request 🙂

Finally, I’m looking for help in the following areas:

• Native German, French, Italian, Spanish, Dutch, and Portuguese speakers to sanitise the dictionary files for those languages, leaving only a few thousand common words – these dictionary files are simply too big at the moment, and they must be full of really obscure words to be this large!
• People who are good at technical writing to help me give the documentation some spit and polish. I think all the relevant information is there, and I have run it all though a spell checker, but it could definitely do with some TLC from a copy editor!

Oh, and finally finally, if you find this module useful, please consider donating with the button below – I have literally put hundreds of hours into this code in the last few months, and given it all away for free.

*Download Beta 2 of Crypt::HSXKPasswd via GitHub*

Tagged with: software release • HSXKPasswd • command-line • Perl

This is a quick-start guide to using the free and open source Crypt::HSXKPasswd Perl module for generating secure but memorable passwords.

As I write this post the module is not on CPAN yet, and still in beta form. The module can be downloaded from the project’s GitHub page.

This article assumes you have the module installed – you’ll find installation instructions here.

Before we get stuck into some sample code, let’s first summarise the module’s philosophy.

The module is built around the idea of using common words as a kind of lattice around which to build passwords that are long, have a wide coverage of characters, and yet are still memorable. An ideal HSXKPasswd password will contain a mix of upper and lower case letters, some digits, and some symbols.

The module starts building a password by randomly closing a given number of words from a given dictionary. There can then be an optional number of digits added as pseudo words to the front and/or the back of the initial list of words. Next, a symbol can be used to separate the words, and finally a symbol can be used to pad the front and/or back of the password.

Think of it like this:

correct HORSE BATTERY staple
23 correct HORSE BATTERY staple 45
23*correct*HORSE*BATTERY*staple*45
--23*correct*HORSE*BATTERY*staple*45--

Read more

Tagged with: tutorial • HSXKPasswd • Perl

Until Crypt::HSXKPasswd comes out of beta, I’m not going to upload it to CPAN, so until then, the betas need to be manually installed. You can get the latest release of the library by downloading the appropriate .tar.gz file from GitHub.

For Perl regulars, the process is likely to be familiar, because the module is packaged using the very popular Module::Build. The process is quite straight forward, but there are a few potential pitfalls for the uninitiated.

For quick reference, here are the commands needed to install the module:

perl Build.PL
sudo ./Build installdeps
./Build
./Build test
sudo ./Build install

Read more

Tagged with: Perl • tutorial • HSXKPasswd

It’s been a while since I released a new version of XKPasswd.pm, the open source Perl module that powers the secure memorable password generator at www.xkpasswd.net. The main reason for the big gap is that I needed to learn some new skills to get the code to where I wanted it to be. There were three main problems I wanted solved:

1. To get wide adoption, the Module needs to be available via CPAN
2. The module needs unicode support to deal with non-English languages
3. It needs to be easy to edit and tweak a config with the www.xkpasswd.net web interface, and then use it in your scripts.

While solving those problems, I also took the opportunity to tidy up some other odds and ends in the code base. It’s not that code was broken, it just that a few parts of it had a bit of a fishy smell – it seemed like there was probably a better way to do that, and there was!

So, here’s a summary of what’s changed from the the point of view of a user of the Module:

• The Packaging – the module has a new name, and is now packaged with Module::Build, so it’s easier to install, and ready for distribution via CPAN.
• Unicode Support – if it’s a unicode character, you can use it while generating passwords.
• Redesigned Word Sources – more bundled with the module, and easier to create your own.
• Redesigned Sources of Randomness – more bundled with the module, a better default, and easier to create you own.
• A switch to Named Arguments (in both the constructor and functional interface).

I’ve put a lot of time and effort into developing this entirely free and open source module. If you find it useful, please consider making a donation:

*Download Beta of Crypt::HSXKPasswd via GitHub*

Read more

Tagged with: Perl • HSXKPasswd • software release

This post is part 34 of 39 in the series Taming the Terminal

In the previous instalment we finished a five-part series on SSH. Before moving on, lets take a moment to step back and look at the big-picture. The five SSH instalments are all part of the now long-running series on networking. We have been working our way through the networking stack since instalment 23. We started at the bottom of the stack, and have worked our way up. We are not exploring protocols in the Application Layer.

In this instalment we’re moving on from SSH to HTTP, the protocol that powers the world wide web.

Before we look at some HTTP-related terminal commands, we need a basic understanding of how HTTP works, so that’s what this instalment is all about.

Read more

Tagged with: Taming the Terminal • tutorial • web design

This post is part 33 of 39 in the series Taming the Terminal

This is the final SSH instalment. So far we’ve learned how to securely execute terminal commands on remote computers, how to securely copy files across the network using SSH, how to add both security and convenience to both those operations with SSH key pairs, and how to tunnel just about anything through SSH. In this final instalment we’ll look two approaches for creating SSH bookmarks, SSH config files, and SSH GUIs.

Read more

Tagged with: SSH • Taming the Terminal • tutorial • Unix • Linux • command-line • iOS • OS X

This post is part 32 of 39 in the series Taming the Terminal

This is the fourth SSH instalment. So far we’ve learned how to securely execute terminal commands on remote computers, how to securely copy files across the network using SSH, and how to add both security and convenience to both those operations with SSH key pairs.

As we saw in the previous instalment, SSH’s ability to provide a secure connection between two computers can be used in many different ways. In this instalment we’ll learn about three more ways to encapsulate other network traffic within an SSH connection, adding encryption to that traffic.

Running commands and copying files are the kinds of things most people do, so the three SSH instalments to date have been quite generally applicable. That is not the case for this instalment. The three SSH features we’ll be discussing are all very useful to those who need them, but only a minority will have a use for any one of these features. However, even if you don’t need these features today, I would argue that it’s good to know these features exist, because they could well solve a problem you’ll have in the future.

There will be illustrations of the uses for these technologies, but not commands you type into your terminal to play along at home. That makes this an unusual instalment, but I hope you will still find it worthwhile.

Read more

Tagged with: OS X • SSH • networking • Taming the Terminal • tutorial • Unix • Linux • command-line

This post is part 31 of 39 in the series Taming the Terminal

In Part 29 of n we learned how to use SSH to execute commands on a remote computer. In the previous instalment we learned how to add security and convenience to SSH connections using SSH key-pairs.

The most important thing SSH provides is an encrypted connection between two computers. As we’ve seen, that encrypted connection can be used to securely issue terminal commands to a remote computer, but that same secured channel can also be used to secure other network connections between computers. In this instalment we’ll look at three different ways of securely copying files between computers through an SSH connection, and in the next instalment we’ll look at tunnelling just about any network connection through an SSH connection.

Read more

Tagged with: command-line • OS X • Linux • SSH • Taming the Terminal • backup • tutorial • Unix

This post is part 30 of 39 in the series Taming the Terminal

In the previous instalment we saw how we can use SSH to execute a single command on a remote computer, or, to get a command shell on a remote computer. We also saw how SSH uses host keys to protect us from man-in-the-middle (MITM) attacks.

In this instalment we’re going to look at how we can improve both SSH security and convenience with SSH keys.

Read more

Tagged with: Linux • SSH • networking • Taming the Terminal • tutorial • Unix • command-line • OS X

I spent of a bit of time tweaking my server backup script this week, and figured there was no reason not to share it with others. This is not the be-all-and-end-all of backup scripts, or the most flexible backup script in the world, it does what I need from a backup script, and nothing more or less! It might meet your needs, or, more likely, it might make a useful starting point for a script that meets your exact needs.

You’ll find the code and the documentation over on my GitHub account.

Tagged with: backup.pl • backup • software release • Perl

« go back — keep looking »