Welcome to James Brown's blagoblag! This contains various thoughts and opinions, mostly wrong, going back a couple of decades. All of the opinions are my own, and probably not my employer's. Feel free to visit the about page for more useless interesting facts about me.
I've mentioned sudo in these tips before. It's a neat little utility for executing commands as somebody else. Well, today I bring you a handy guide I found on using sudo. I already knew most of the stuff, but some of it was new, and it looks pretty good as a starter for new users. So enjoy this article on sudo basics by A.P. Lawrence.
Sorry readers, no *nix Tip of the Day today. Just a brief word about the recent Debian OpenSSL vulnerability.
I'm sure you've heard about Debian's OpenSSL "Disaster". The short of it is that while fixing a questionable line in the OpenSSL/OpenSSH key generator, the Debian maintainer accidentally removed most of its entropy generation ability. Debian users with OpenSSL and/or OpenSSH keys should go regenerate them now. I'll wait.
Anyhow, the other interesting thing I wanted to post about was this. It's some interesting math showing why you shouldn't be using DSA keys anyway.
Oh yeah, and I'm done …
read moretee is a handy little utility that probably all of you know about, but I just found this year. Consider the following scenario: you're maintaining your Gentoo Linux system and you need to add a line to /etc/portage/package.unmask. So you type
sudo echo "sys-kernel/gentoo-sources" >> /etc/portage/package.unmask
right? Nope! The way shell parsing works, that turns into
(sudo echo "sys-kernel/gentoo-sources") >> /etc/portage/package.unmask
which is most certainly not what you want, since you probably don't
have permissions to /etc/portage/package.unmask. The solution is the
tee utility. It would be invoked like …
An important part of a *nix system is a good terminal emulator. For some, this means the classic xterm. The same xterm that's happy to use 7 MiB of resident memory for each instance. Or perhaps you run a full DE like Gnome and are happy to use gnome-terminal and enjoy 19 MiB of resident. Personally, I use rxvt-unicode (urxvt). It's a very lightweight version of rxvt which has neato features like full Unicode support and a daemon mode that lets you pool multiple instances. For example, my urxvtd processs is using 41 MiB of resident, but hosting 9 urxvtc …
read moreContinuing on my theme of SSH tips, today's Tip of the Day talks about
the awesomeness of SOCKS proxying. As some of the more savvy among you
may know, OpenSSH supports full Layer-2/Layer-3 VPN functionality
using a tun device. This is an incredibly useful feature if you're
off-site and need like-local access to home, work, school, or somesuch.
But it requires root access, and is more than a little bit of a pita to
set up. If all you need is access to things like the web, e-mail, and
instant messaging, there's an easier way.
SOCKS is a transparent …
read moreToday's *nix tip of the day involves SSH and the magic that is Agent Forwarding.
SSH, as some of you know, is a handy way to connect to *nix systems in an untrusted environment. Its primary use is to allow one to remotely access a remote system and get a shell, securely. Basically, encrypted telnet. Of course, SSH has tons of other useful features (like tunneling, proxying, and multiplexing), some of which might come up in future Tips of the Day.
One of SSH's greatest features is its public/private key system. Basically, using private keys, you can allow much …
read more