*nix Tip of the Day: sudo

I've mentioned sudo in these tips before. It's a neat little utility for executing commands as somebody else. Well, today I bring you a handy guide I found on using sudo. I already knew most of the stuff, but some of it was new, and it looks pretty good as a starter for new users. So enjoy this article on sudo basics by A.P. Lawrence.

Debian OpenSSL

Sorry readers, no *nix Tip of the Day today. Just a brief word about the recent Debian OpenSSL vulnerability.

I'm sure you've heard about Debian's OpenSSL "Disaster". The short of it is that while fixing a questionable line in the OpenSSL/OpenSSH key generator, the Debian maintainer accidentally removed most of its entropy generation ability. Debian users with OpenSSL and/or OpenSSH keys should go regenerate them now. I'll wait.

Anyhow, the other interesting thing I wanted to post about was this. It's some interesting math showing why you shouldn't be using DSA keys anyway.

Oh yeah, and I'm done …

read more

*nix Tip of the Day: tee

tee is a handy little utility that probably all of you know about, but I just found this year. Consider the following scenario: you're maintaining your Gentoo Linux system and you need to add a line to /etc/portage/package.unmask. So you type

sudo echo "sys-kernel/gentoo-sources" >> /etc/portage/package.unmask

right? Nope! The way shell parsing works, that turns into

(sudo echo "sys-kernel/gentoo-sources") >> /etc/portage/package.unmask

which is most certainly not what you want, since you probably don't have permissions to /etc/portage/package.unmask. The solution is the tee utility. It would be invoked like …

read more

*nix Tip of the Day: rxvt-unicode and terminfo

An important part of a *nix system is a good terminal emulator. For some, this means the classic xterm. The same xterm that's happy to use 7 MiB of resident memory for each instance. Or perhaps you run a full DE like Gnome and are happy to use gnome-terminal and enjoy 19 MiB of resident. Personally, I use rxvt-unicode (urxvt). It's a very lightweight version of rxvt which has neato features like full Unicode support and a daemon mode that lets you pool multiple instances. For example, my urxvtd processs is using 41 MiB of resident, but hosting 9 urxvtc …

read more

*nix Tip of the Day: SSH SOCKS Proxying

Continuing on my theme of SSH tips, today's Tip of the Day talks about the awesomeness of SOCKS proxying. As some of the more savvy among you may know, OpenSSH supports full Layer-2/Layer-3 VPN functionality using a tun device. This is an incredibly useful feature if you're off-site and need like-local access to home, work, school, or somesuch. But it requires root access, and is more than a little bit of a pita to set up. If all you need is access to things like the web, e-mail, and instant messaging, there's an easier way.

SOCKS is a transparent …

read more

*nix Tip of the Day: SSH Agent Forwarding

Today's *nix tip of the day involves SSH and the magic that is Agent Forwarding.

SSH, as some of you know, is a handy way to connect to *nix systems in an untrusted environment. Its primary use is to allow one to remotely access a remote system and get a shell, securely. Basically, encrypted telnet. Of course, SSH has tons of other useful features (like tunneling, proxying, and multiplexing), some of which might come up in future Tips of the Day.

One of SSH's greatest features is its public/private key system. Basically, using private keys, you can allow much …

read more