Welcome to James Brown's blagoblag! This contains various thoughts and opinions, mostly wrong, going back a couple of decades. All of the opinions are my own, and probably not my employer's. Feel free to visit the about page for more useless interesting facts about me.
*nix Tip of the Day: sudo
I've mentioned sudo in these tips before. It's a neat little utility for
executing commands as somebody else. Well, today I bring you a handy
guide I found on using sudo. I already knew most of the stuff, but some
of it was new, and it looks pretty good as a starter for new users. So
enjoy this article on sudo basics by A.P. Lawrence.
Debian OpenSSL
Sorry readers, no *nix Tip of the Day today. Just a brief word about
the recent Debian OpenSSL vulnerability.
I'm sure you've heard about Debian's OpenSSL
"Disaster". The short of it is that while fixing a questionable line
in the OpenSSL/OpenSSH key generator, the Debian maintainer accidentally
removed most of its entropy generation ability. Debian users with
OpenSSL and/or OpenSSH keys should go regenerate them now. I'll wait.
Anyhow, the other interesting thing I wanted to post about was this.
It's some interesting math showing why you shouldn't be using DSA keys
anyway.
Oh yeah, and I'm done …
read more
*nix Tip of the Day: tee
tee is a handy little utility that probably all of you know about,
but I just found this year. Consider the following scenario: you're
maintaining your Gentoo Linux system and you need to add a line to
/etc/portage/package.unmask. So you type
sudo echo "sys-kernel/gentoo-sources" >> /etc/portage/package.unmask
right? Nope! The way shell parsing works, that turns into
(sudo echo "sys-kernel/gentoo-sources") >> /etc/portage/package.unmask
which is most certainly not what you want, since you probably don't
have permissions to /etc/portage/package.unmask
. The solution is the
tee utility. It would be invoked like …
read more
*nix Tip of the Day: rxvt-unicode and terminfo
An important part of a *nix system is a good terminal emulator. For
some, this means the classic xterm. The same xterm that's happy to
use 7 MiB of resident memory for each instance. Or perhaps you run a
full DE like Gnome and are happy to use gnome-terminal and enjoy 19
MiB of resident. Personally, I use rxvt-unicode (urxvt). It's a very
lightweight version of rxvt which has neato features like full Unicode
support and a daemon mode that lets you pool multiple instances. For
example, my urxvtd processs is using 41 MiB of resident, but hosting 9
urxvtc …
read more
*nix Tip of the Day: SSH SOCKS Proxying
Continuing on my theme of SSH tips, today's Tip of the Day talks about
the awesomeness of SOCKS proxying. As some of the more savvy among you
may know, OpenSSH supports full Layer-2/Layer-3 VPN functionality
using a tun
device. This is an incredibly useful feature if you're
off-site and need like-local access to home, work, school, or somesuch.
But it requires root access, and is more than a little bit of a pita to
set up. If all you need is access to things like the web, e-mail, and
instant messaging, there's an easier way.
SOCKS is a transparent …
read more
*nix Tip of the Day: SSH Agent Forwarding
Today's *nix tip of the day involves SSH and the magic that is Agent
Forwarding.
SSH, as some of you know, is a handy way to connect to *nix systems
in an untrusted environment. Its primary use is to allow one to remotely
access a remote system and get a shell, securely. Basically, encrypted
telnet. Of course, SSH has tons of other useful features (like
tunneling, proxying, and multiplexing), some of which might come up in
future Tips of the Day.
One of SSH's greatest features is its public/private key system.
Basically, using private keys, you can allow much …
read more