Oct
31
A Big Day for the IEDR
Filed Under Computers & Tech, System Administration on October 31, 2007 | 1 Comment
Those of you who have been reading my blog for a long time may remember the battle I had with the IEDR to get my name as a .ie
domain. I should probably explain at this point the the IEDR are the people who control the .ie
top level domain (or TLD) and that they manage very differently to the .com
TLD. They only give out domains in line with very strict policies and generally require a lot of documentation before approving a domain. Anyhow, I was very miffed with the IEDR for not serving anyone but business and government properly. Individuals could not register their name but were instead only entitled to two initials and a number. Needless to say I made it my mission to find a loop-hole and did. Then, when I had my domain, I dedicated one of my first posts on the domain to pointing out in great detail everything that was wrong with the IEDR (The Problems with the IE Domain Registry). Today, for the first time, regular people have the right to register .ie
domains. That’s right, after many years the IEDR has finally seen sense. Prices are also starting to come down so credit where credit is due, I really think things are finally changing for the better in the IEDR. Well done lads!
Oct
24
OS X 10.5 Leopard Security Features Explained
Filed Under Computers & Tech, Security, System Administration on October 24, 2007 | Leave a Comment
How Leopard Will Improve Your Security – a great article explaining the security enhancements brought by Leopard in plain English.
Sep
23
CVS over SSH on a Non-Standard Port
Filed Under System Administration, Computers & Tech on September 23, 2007 | 5 Comments
If you access CVS over SSH you will know that you have to do two things to get it working. Firstly, you have to set the CVS_RSH
environment variable to the location of your SSH binary. Secondly you have to use the :ext:
scheme for the CVSROOT
environment variable (or -d
flag). The thing is, there is no place in the :ext:
scheme to set a port number! This means that CVS will try to open the SSH connection to the specified server on the standard SSH port. I don’t like running SSHD on the standard port, I much prefer to stick it on a non-standard port, but does that mean I can’t use CVS over SSH? Well, if you leave things to CVS then yes, but luckily OpenSSH is not as retarded as CVS and provides you with a simple mechanism for over-ridding the default port on a per-host basis. The key is to add an entry for the host in question to your ~/.ssh/config
file. The sample below tells SSH to use port 123 as the default port when connecting to the server my.machine.ie
:
Host my.machine.ie Port 123
This will work on Unix, Linux and OS X as well as through Cygwin on Windows.
[tags]SSH, CVS, OpenSSH[/tags]
Aug
22
SSH Agent – Simple Yet Secure SSH Keys On OS X
Filed Under Computers & Tech, Security, System Administration on August 22, 2007 | 6 Comments
If, like me, you spend a lot of time using SSH you’ll probably like the idea of being able to log in to servers without a password. If you really want this you can do it by setting up a SSH key pair with an unencrypted private key. This works, it lets you log in to your servers without a password. HOWEVER, it’s a simply disastrous idea from a security point of view. The only reason I don’t do this is because the idea of an unencrypted private key scares the bejeesus out of me. Hence, I still dutifully type my SSH password each time I connect to a server, and each time I check something in to source control. I’ve been keeping an eye out for a simple solution for a while but hadn’t been actively thinking about it for months. That is until I came across Dave Dribin’s blog post Putting the “S” Back Into SSH this morning. Dave rightly points out that there is a solution, ssh-agent
, the problem is it’s a command-line tool and by all account not the simplest one to use. So, what’s obviously needed is a nice GUI for ssh-agent
. Dave initially thought he’d found the solution in the program SSHKeychain. SSHKeychain is more of a proxy for ssh-agent
than a GUI for it though, and Dave soon discovered that it has it’s fair share of problems. So, in the end, I didn’t decide to use SSHKeychain. However, the post inspired me to have another go at finding a solution. Also, the reference to ssh-agent
sparked a vague memory in the back of my head of an OS X GUI for something to do with SSH that had the word ‘agent’ in its name.
[tags]SSH, SSH Keys, ssh-agent, OS X, Apple[/tags]
Jul
20
Figure Out Where All Your Disk Space Went With Disk Inventory X
Filed Under Computers & Tech, System Administration on July 20, 2007 | Leave a Comment
Although we should all be very well organised and we should never forget about files on our disk, we all leave files lying around where we shouldn’t. Then we forget about the files, and a few months later we’re wondering just where all our disk space has gone! Ideally you’d want to be able to get a visual representation of your disk where large files stand out no matter where they’re hidden. Windows users have had a solution to this problem for a long time with WinDirStat. There is now a port of WinDirStat for OS X called Disk Inventory X. This is very simple and very intuitive program and what’s even better is that it’s free and open source! Although it’s a port of a Windows program the port is well done so it looks like a proper OS X application.
[tags]Apple, OS X, Disk Inventory X, WinDirStat, Freeware[/tags]
Jun
23
Namely – The End of a Long Quest
Filed Under System Administration, Computers & Tech on June 23, 2007 | 2 Comments
There are many people who like the dock and many who hate it. Me, I like the dock, but I know it has limits. It’s excellent for keeping those programs you use day-in-day-out at your fingertips. That’s what the dock is for after all, it’s not meant to be the place you keep ALL your apps, just your favorites. On OS X you’re expected to user the Finder to launch those apps that you don’t keep in the Dock. Apple tried to make it a little easier with a keyboard shortcut for going to your applications folder (command+shift+a
) but that’s not all that great and it only works from within the Finder anyhow. So, that’s why I’ve been on a quest to find the perfect application launcher for the Mac for quite some time now.
[tags]Apple, OS X, Quicksilver, Spot Light, Himmel Bar, Namely, Application Launcher[/tags]
Jun
22
SMARTReporter – Automatically Monitor Your Mac for Iminent Disk Failures
Filed Under Computers & Tech, System Administration on June 22, 2007 | 1 Comment
Modern hard disks have a built-in system called SMART for monitoring themselves. SMART makes information on the health of the drive available to the OS. It’s far from perfect, SMART errors don’t always means your drive will die, and not all drive deaths are predicted by SMART but it’s still a good indicator all the same. Now, it’s great having all this SMART data there but it’s no good if no one reads it! OS X CAN read it but it doesn’t do so on an on-going basis. In fact, the only time a default OS X install will read the SMART data is when the Disk Utility app is opened. That’s where SMARTReporter comes in. It polls your SMART data at a given interval (default is once an hour) and lets you know if there’ any problems. It can do this in three ways: it can change the color of an icon in your menu bar, it can pop up a message, and it can send an email. You can choose to have it do all, none, or some of these things. The menu bar icon is perhaps over-kill but some people may find it re-assuring to see a nice health green hard disk icon indicating that SMARTReporter is running and that it has found no errors on any of your drives. As soon as it finds a problem this icon will turn an ominous red color. I’d suggest everyone run this app on their macs but just turn off the menu bar icon. That way it runs totally in the background and totally out-of-sight until there is a problem, which will hopefully never happen! I should also mention that because of limitations with the USB to ATA bridge this will not work with USB hard drives. It will also not work with FireWire drives because Apple’s drivers for FireWire don’t pass on the SMART data. This limits this app to internal ATA(IDE) and SATA drives, i.e. regular internal hard drives. Finally, this app is both free and open source being released under the MIT license.
[tags]Apple, OS X, Hard Disks[/tags]
Jun
17
Bwana – Easier to Read Man Pages on OS X
Filed Under Computers & Tech, System Administration on June 17, 2007 | 1 Comment
Bwana is a very simple app that allows Safari to render Unix Manual Pages (man pages). The man pages are rendered as HTML making them easier to read with the addition of some simple text formating and allowing easy linking to other related man pages. Installation is also trivial, just download, expand, and drag and drop into the Applications->Utilities
folder. Then, by some OS X black magic URLs of the form man:[command]
(e.g. the man page for the ls
command will be found at the URL man:ls
) will start working in Safari. It really is that simple! To make things even sweeter this app is free and open source (released under the MIT License). There really isn’t anything more to say about this app, it’s yet another example of a small, simple, OS X app that does one thing perfectly.
[tags]man pages, OS X, Open Source, Freeware, Safari[/tags]
Mar
29
Some Things to Watch Out For When Upgrading PHP5 on FreeBSD
Filed Under Computers & Tech, System Administration on March 29, 2007 | 5 Comments
Just a little follow on form my earlier bit of un-planned down time. The reason for the downtime was that I ran into three problems while upgrading the php5-cgi
port. In this post I’m going to detail the solutions, mainly so I have easy access to them next time I upgrade PHP5 on a FreeBSD machine, but also because this may be of some use to someone somewhere some time.
[tags]FreeBSD, PHP5[/tags]
Feb
9
TCPDump for Windows
Filed Under System Administration, Computers & Tech on February 9, 2007 | 3 Comments
It’s no secret that I’m not a Windows fan. There are many reasons I don’t like windows including idealogical disagreements with MicroSoft, a lack of faith and trust in MS, security concerns, usability issues etc.. I could go on but for this post only one reason matters, I feel very vulnerable on a Windows machine because I can’t see what it’s doing as easily as I can on Linux, Unix or OS X. There are many Linux command-line tools missing from Windows but now there is one fewer missing from my Windows machine in work. TCPDump is a Linux/Unix command for analyzing all the network traffic that is going to or from your machine. Errand network traffic is a good indicator that you have some form of spyware and being able to monitor traffic can be very useful for debugging network problems. There is a Windows port of TCPDump called WinDump. It’s not entirely straight forward so I’ll just go through how to install it and how to make it work. This will not be a tutorial on how to use TCPDump, for that go here. This is very much a tool for power-users, not regular Windows users.
[tags]Windows, Security, WinDump, TCPDump[/tags]