Just in case anybody cares, I've upgraded the site to the latest and greatest (WordPress version 2.8.1). No user action is required at this time.
Also, the code behind the blog is now valid HTML5, and there's a Google Friend Connect widget so you can participate in discussions without creating yet another account (woo!).read more
New GPG Key
As you may have seen around the Internet, there was a
fairly significant break in the SHA-1 hash function, which is used
by default in GnuPG. This is worrisome, since GPG/PGP signatures are
one of the only things I'd actually trust to verify somebody's identity
online. So I've generated a new key with a 2048-bit RSA primary (for
SHA256 and SHA512 support) and a 4096-bit ElGamal encrypting key (which
took about 15 minutes to generate, so better be worth it). The key ID is
CB8AA0FF, and the fingerprint is
5C35 D713 3E10 9A19 FFFC F58A 68E8 ...
So, I'm currently in San Clemente for a couple of days before going back to Claremont. As usual, the trip cross-country was fun. Lots of hours in a tin can. Anyhow, something amusing happened at T.F. Green when I was leaving. TSA got confused by my backpack in the X-Ray machine (understandable, since it's got a zillion wires and such in it). So they start going through it and they find that I brought a copy of Mohsin Hamid's The Reluctant Fundamentalist. The guy then ignores the rest of my bag, pulls out the book, and ...read more
*nix Tip of the Day: sudo
I've mentioned sudo in these tips before. It's a neat little utility for executing commands as somebody else. Well, today I bring you a handy guide I found on using sudo. I already knew most of the stuff, but some of it was new, and it looks pretty good as a starter for new users. So enjoy this article on sudo basics by A.P. Lawrence.read more
Sorry readers, no *nix Tip of the Day today. Just a brief word about the recent Debian OpenSSL vulnerability.
I'm sure you've heard about Debian's OpenSSL "Disaster". The short of it is that while fixing a questionable line in the OpenSSL/OpenSSH key generator, the Debian maintainer accidentally removed most of its entropy generation ability. Debian users with OpenSSL and/or OpenSSH keys should go regenerate them now. I'll wait.
Anyhow, the other interesting thing I wanted to post about was this. It's some interesting math showing why you shouldn't be using DSA keys ...read more
*nix Tip of the Day: SSH Agent Forwarding
Today's *nix tip of the day involves SSH and the magic that is Agent Forwarding.
SSH, as some of you know, is a handy way to connect to *nix systems in an untrusted environment. Its primary use is to allow one to remotely access a remote system and get a shell, securely. Basically, encrypted telnet. Of course, SSH has tons of other useful features (like tunneling, proxying, and multiplexing), some of which might come up in future Tips of the Day.
One of SSH's greatest features is its public/private key system. Basically, using private keys, you can ...read more