Find OpenBSD folks on Google Plus
posted by Dennyboy at 8/22/2011 01:05:00 AM
0 comments
Custom Search
Monday, August 22, 2011
Tuesday, July 12, 2011
Blogging From My Cell
If I can get used to blogging from my cell phone it sure would help
me out. I know everyone is doing it now, but it's rough on this phone.
me out. I know everyone is doing it now, but it's rough on this phone.
posted by Dennyboy at 7/12/2011 02:27:00 AM
0 comments
No More Website
Got to squat on a friend's domain for quite a while which I used
for showing people new to OpenBSD how to get everyday things
done. I called it Polarwave's Tips & Tricks for Newbies. Saved
all the material and may eventually put it back up somewhere new,
but for now this blog will have to do. Some of the material was out
date as is a lot of the older entries here. Originally I started this blog
not so much as a tutorial site but more as an ongoing journal of my
experiences with OpenBSD. In the process I hope others got some
help from it.
for showing people new to OpenBSD how to get everyday things
done. I called it Polarwave's Tips & Tricks for Newbies. Saved
all the material and may eventually put it back up somewhere new,
but for now this blog will have to do. Some of the material was out
date as is a lot of the older entries here. Originally I started this blog
not so much as a tutorial site but more as an ongoing journal of my
experiences with OpenBSD. In the process I hope others got some
help from it.
posted by Dennyboy at 7/12/2011 01:21:00 AM
0 comments
Sunday, July 10, 2011
Lynx and URL Shortening
I use tmux and normally have 8 virtual terminals running inside
my xterm. Found out I didn't have to run a GUI browser with js
to be able to shorten links. URL Generator does a real nice job
of it from inside lynx. This way I can run lynx in one virtual
terminal and TTYtter inside another and copy my shortened
links over. That is if I do not wish to use Twitter's built-in URL
shortening service which works great in TTYtter. You type
/short http://somewebaddress.com
and it's darned near instantaneous. But there are other times I
can use the URL Generator too, like in mutt in a different terminal,
composing a message and wishing to put in a shortened URL.
my xterm. Found out I didn't have to run a GUI browser with js
to be able to shorten links. URL Generator does a real nice job
of it from inside lynx. This way I can run lynx in one virtual
terminal and TTYtter inside another and copy my shortened
links over. That is if I do not wish to use Twitter's built-in URL
shortening service which works great in TTYtter. You type
/short http://somewebaddress.com
and it's darned near instantaneous. But there are other times I
can use the URL Generator too, like in mutt in a different terminal,
composing a message and wishing to put in a shortened URL.
posted by Dennyboy at 7/10/2011 10:06:00 PM
0 comments
Wednesday, January 26, 2011
Midnight Commander
Got around to try using mc(1) (Midnight Commander)
for ftp and ssh file operations. Didn’t have any problem
with ssh, but I couldn’t get anything going with ftp except
errors, especially:
ftpfs: invalid value for ai_flags
Read the man page and the Makefile, searched some of
the OpenBSD mailing lists, and came up with:
Midnight Commander error on 4.7:
Here’s a snippet from that link:
I’m not a good C coder, so I just did some basic
research and replaced line 703 in ftpfs.c:
old: “hints.ai_flags = AI_ADDRCONFIG;”.
new: “hints.ai_flags = 1;”
Now it works as expected.
I didn’t have any idea how to do the above, but figured
it was time I learned, so first I used pkg_delete(1) to
uninstall mc(1). I knew when you build a port it will
download the port file and extract all its files in
subdirectories under /usr/ports. I found the file I
needed, ftpfs.c, under:
/data2/mktemp/obj/mc-4.7.0.6p0/mc-4.7.0.6/lib/vfs/mc-vfs
That’s because of limited space on my main drive and
fixing that problem by creating /etc/mk.conf and adding:
WRKOBJDIR=/data2/mktemp/obj
DISTDIR=/data2/mktemp/distfiles
PACKAGE_REPOSITORY=/data2/mktemp/packages
I edited ftpfs.c as described above, deleted the installed
package, changed directory into /usr/ports/misc/mc,
and did:
sudo make -D –with-vfs -D –with-samba \
-D –with-screen=slang -D –with-subshell \
-D –enable-charset
I don’t know if there is a way to tie all those together
without all the extra -D’s, and comments are welcome,
but I was tired at that point of all the searching to fix the
problem, so I did it the long way and it worked. Then I
did make install, then opened mc and this time ftp worked.
Mission accomplished! :-)
for ftp and ssh file operations. Didn’t have any problem
with ssh, but I couldn’t get anything going with ftp except
errors, especially:
ftpfs: invalid value for ai_flags
Read the man page and the Makefile, searched some of
the OpenBSD mailing lists, and came up with:
Midnight Commander error on 4.7:
Here’s a snippet from that link:
I’m not a good C coder, so I just did some basic
research and replaced line 703 in ftpfs.c:
old: “hints.ai_flags = AI_ADDRCONFIG;”.
new: “hints.ai_flags = 1;”
Now it works as expected.
I didn’t have any idea how to do the above, but figured
it was time I learned, so first I used pkg_delete(1) to
uninstall mc(1). I knew when you build a port it will
download the port file and extract all its files in
subdirectories under /usr/ports. I found the file I
needed, ftpfs.c, under:
/data2/mktemp/obj/mc-4.7.0.6p0/mc-4.7.0.6/lib/vfs/mc-vfs
That’s because of limited space on my main drive and
fixing that problem by creating /etc/mk.conf and adding:
WRKOBJDIR=/data2/mktemp/obj
DISTDIR=/data2/mktemp/distfiles
PACKAGE_REPOSITORY=/data2/mktemp/packages
I edited ftpfs.c as described above, deleted the installed
package, changed directory into /usr/ports/misc/mc,
and did:
sudo make -D –with-vfs -D –with-samba \
-D –with-screen=slang -D –with-subshell \
-D –enable-charset
I don’t know if there is a way to tie all those together
without all the extra -D’s, and comments are welcome,
but I was tired at that point of all the searching to fix the
problem, so I did it the long way and it worked. Then I
did make install, then opened mc and this time ftp worked.
Mission accomplished! :-)
Labels: ftpfs.c, mc, midnight commander, openbsd, port hack, port make
posted by Dennyboy at 1/26/2011 08:56:00 PM
2 comments
Sunday, January 09, 2011
GoogleCL Wordwrap Test
Was wondering how to create lengthy posts for Blogger from the command
line with GoogleCL since I know the sentences will wrap and eventually
I'll encounter the command line character limit. I keep remembering the
figure 255. Not sure if that still holds true or not.
The above paragraph was done from the command line with googlecl.
I used the following command:
google blogger post --tags "googlecl, wordwrap, character limit" \
--title "GoogleCL Wordwrap Test" ~/path/file
I read at Google code googlecl that --src is required which I took to
mean the path to the file that was being used for the post. When I tried
it, though, I got an error and it didn't post. I removed --src from the
command line and it worked, the entry posted. So, I still have some
things to learn. :-)
The above paragraph was done from the command line with googlecl.
I used the following command:
google blogger post --tags "googlecl, wordwrap, character limit" \
--title "GoogleCL Wordwrap Test" ~/path/file
I read at Google code googlecl that --src is required which I took to
mean the path to the file that was being used for the post. When I tried
it, though, I got an error and it didn't post. I removed --src from the
command line and it worked, the entry posted. So, I still have some
things to learn. :-)
Labels: character limit, googlecl, wordwrap
posted by Dennyboy at 1/09/2011 06:14:00 PM
0 comments
2011 OpenBSD Puffy Desktop Calendar
Made an OpenBSD Puffy desktop calendar wallpaper for myself.
It’s 406×700 pixels. You can put it on a black background or
copy and paste it into a plain black image of your own making
the size of your desktop. Took Puffy from a snapshot of the
OpenBSD ftp login screen and pasted it into the calendar image.
The characters and Puffy are kind of subdued terminal green color.
It’s 406×700 pixels. You can put it on a black background or
copy and paste it into a plain black image of your own making
the size of your desktop. Took Puffy from a snapshot of the
OpenBSD ftp login screen and pasted it into the calendar image.
The characters and Puffy are kind of subdued terminal green color.
Labels: 2011 calendar, desktop wallpaper, openbsd, puffy
posted by Dennyboy at 1/09/2011 12:22:00 AM
0 comments
Saturday, January 08, 2011
GoogleCL on OpenBSD
Installed googlecl on OpenBSD 4.8 tonight. Looked at the port's
Makefile and didn't see anything special, so I just installed the
package. First time you run googlecl it creates its config file in
~/.googlecl. When you run it there will be a long outputted
string and it'll tell you before you hit enter you will need to
okay access. You do that through the browser while in your
Google account in:
My Account
Change authorized websites
The catch is, I had to open my browser to do that, and it made no
difference to googlecl. Each time after okaying it in my account
settings in my browser googlecl still errored out. I added the
following to the config file to fix it:
auth_browser = /usr/local/bin/seamonkey
This time when I hit enter it opened a new tab in my browser and
everything worked. After it was working I tried doing a listing of
my docs and it worked. Next I ran some commands that accessed
contacts, blogger, and calendar, and got all of them okayed in my
account settings. Still a lot to learn, but it's working okay now.
Just a matter of reading up more on it online and playing around
with it. Incidentally, I uploaded this post with googlecl. Didn't
format quite like I wanted and I had to do some editing from my
browser, but not bad first time out.
Makefile and didn't see anything special, so I just installed the
package. First time you run googlecl it creates its config file in
~/.googlecl. When you run it there will be a long outputted
string and it'll tell you before you hit enter you will need to
okay access. You do that through the browser while in your
Google account in:
My Account
Change authorized websites
The catch is, I had to open my browser to do that, and it made no
difference to googlecl. Each time after okaying it in my account
settings in my browser googlecl still errored out. I added the
following to the config file to fix it:
auth_browser = /usr/local/bin/seamonkey
This time when I hit enter it opened a new tab in my browser and
everything worked. After it was working I tried doing a listing of
my docs and it worked. Next I ran some commands that accessed
contacts, blogger, and calendar, and got all of them okayed in my
account settings. Still a lot to learn, but it's working okay now.
Just a matter of reading up more on it online and playing around
with it. Incidentally, I uploaded this post with googlecl. Didn't
format quite like I wanted and I had to do some editing from my
browser, but not bad first time out.
posted by Dennyboy at 1/08/2011 12:27:00 AM
0 comments
Friday, December 24, 2010
End of the Year Hodge-Podge
Put off upgrading way too long. As to how long, I’m embarrassed
to say. Previously I could pretty much get things how I wanted
in a couple of days, even after doing a new install and getting
all my old stuff back in. This time it took a couple of weeks to
really get where I wanted to be with the system. Not keeping up
with changes can bite one in the butt.
I’ve got a Linksys WRT54G-TM router running DD-WRT v24-sp2
firmware. Got an account at Hurricane Electric and if you
have got IPv6 working already, http://ipv6.he.net/. Also
have an account at DynDNS.com for when my ISP changes the
IP address on my cable modem and a hostname that synchronizes
with it so I can reach home when I’m traveling. I setup a
VPN too, and am now able to surf through it no matter where
I’m connected at. Good for for instance, we go to B&N a lot
and they’ve got free Wifi. I connect to them, then activate
the the connection to my home VPN. Works great so far. Just
wish I’d figure out how to get IPv6 to work on the it. The
router does DHCP for my LAN and I’ve got it set to give the
same IP address to each box each time. Makes things easier
on me moving and copying files around the LAN. Ran into a
problem with my browser on a lot of IPv6 sites, where they’d
revert to IPv4 or not load at all. I had missed the option
mentioned in the man page ‘family inet6 inet4′ which sets
the preference to IPv6 as it’s first. When you use DHCP to
assign addresses, each time a box boots and starts the network,
/etc/resolv.conf gets overwritten. If you have some settings
you want in it like I did, you get around the overwrite
problem by putting the options in /etc/resolv.conf.tail and
then they show up in resolv.conf okay. Also had added some
stuff to /etc/pf.conf so icmp would be passed, as they’re
required for IPv6 to work right on my tunnel.
#Under the macros section:
icmp_types=”{ echoreq, echorep, unreach }”
#Under the rules section:
pass inet proto icmp all icmp-type $icmp_types
pass inet6 proto icmp6
***********************************************************
Fiddled around with tmux quite a bit, trying to get it configured
the way I need it. Hadn’t used it in a while and had forgotten quite
a bit. My setup is not real complicated, I just had problems with
how I was calling the program. Here’s my .tmux.conf:
# Default global options.
set status-bg yellow
set status-fg black
set default-command “exec /bin/ksh -l”
set -g status-right ‘%a %m/%d/%y %H:%M’
set -g status-interval 5
set bell-action current
set history-limit 2000
# Prefix key.
unbind C-b
set -g prefix C-s
# Keys to switch session.
bind q switch -t0
bind Q switch -t0
bind w switch -t1
bind W switch -t1
bind -r C-n next-window
bind -r C-p previous-window
bind ‘”‘ choose-window
# Other key bindings.
bind i list-windows
bind I list-windows
bind ‘-’ split-window -dv
bind ‘|’ split-window -dh
bind “‘” new-window
bind < resize-pane -L 1
bind > resize-pane -R 1
bind _ resize-pane -D 1
bind u resize-pane -U 1
# Session Initialization
# First Session.
new -d -s0 -nmain1
neww -d -nmutt
neww -d -nwork1
splitw -v -p 50 -t 2
splitw -h -p 50 -t 2
neww -d -nwork2
splitw -h -p 50 -t 3
neww -d -nnet
selectw -t 0
# Second Sesson.
new -d -s1 -nmain2
neww -d -nshell1
splitw -v -p 50 -t1
neww -d -nshell2
splitw -v -p 50 -t2
neww -d -nshell3
splitw -v -p 50 -t3
selectw -t 0
Lot of split panes and stuff there I probably don’t need,
but I needed to know how to do it, so I just did some
experimenting with it. Put a few aliases in ~/.kshrc:
alias tm0=’tmux attach-session -t 0′
alias tm1=’tmux attach-session -t 1′
alias tmk=’tmux kill-server’
***********************************************************
Side note while I’m thinking of it. Never had the occasion
to pipe anything to vim before. Started wondering how to
do it. Here’s how:
$ cat file.txt | vim -
***********************************************************
I built the gimp, sane-frontends, and sane-backends the other
day. I expected to have an ‘Acquire’ choice in the gimp menu
but it wasn’t there. Then my buddy in the local LUG reminded
me to install xsane. The gimp no longer has the ARG to build
it with mmx, but I had to put some extra switches on the make
command when I built
$ cd /usr/ports/graphics/sane-frontends/
sudo env FLAVOR=”gimp” make install
$ cd ../sane-backends/
sudo make -D --with-gphoto install
$ cd ../xsane/
sudo env FLAVOR=”gimp” make install
***********************************************************
Got tired of the nag on the console about clamav being out of
date. I had installed the package for 4.8 release, 0.96.1 which
was causing the nag. Uninstalled latest version, 0.96.4 and
built it. Seemed like it took a lot longer than it did with
previous versions, but it built and installed okay. That
version didn’t last long. Uninstalled it, then built 0.96.5
on 20101214. Built and installed okay. Just a pain in the butt
with the clamav uid and gid thing. Old version used _clamav.
Last few versions want clamav. You can change it using the
following to avoid the error when running ./configure:
sudo ./configure –with-group=_clamav –with-user=_clamav
***********************************************************
Have never used irc extensively but taught myself enough to
know how to configure and get around in irssi. Installed silc
which is supposed to be more secure than regular irc and is
built around irssi. Including some notes here on how I was
able to connect to a silc server over tor:
1) If you haven't done so already, install tor and socat 2) Start /usr/local/bin/tor which defaults to port 9050
*Side Note on tor*
To run it all the time you can start it in /etc/rc.local at
boot time:
fi
if [ -x /usr/local/bin/tor ]; then
echo -n ‘ starting tor’;
/usr/local/bin/tor
fi
3) Now run this command as root or with sudo:
socat TCP4-LISTEN:706,bind=localhost,range=127.0.0.1/32,fork \
SOCKS4A:127.0.0.1:silc.silcnet.org:706,socksport=9050 > socat_log.$$ 2>&1 &
4) Start silc
5) After entering password and silc is running:
/connect 127.0.0.1 706
A bit slower than a regular connection but much more secure
since your real IP address isn’t visible.
to say. Previously I could pretty much get things how I wanted
in a couple of days, even after doing a new install and getting
all my old stuff back in. This time it took a couple of weeks to
really get where I wanted to be with the system. Not keeping up
with changes can bite one in the butt.
I’ve got a Linksys WRT54G-TM router running DD-WRT v24-sp2
firmware. Got an account at Hurricane Electric and if you
have got IPv6 working already, http://ipv6.he.net/. Also
have an account at DynDNS.com for when my ISP changes the
IP address on my cable modem and a hostname that synchronizes
with it so I can reach home when I’m traveling. I setup a
VPN too, and am now able to surf through it no matter where
I’m connected at. Good for for instance, we go to B&N a lot
and they’ve got free Wifi. I connect to them, then activate
the the connection to my home VPN. Works great so far. Just
wish I’d figure out how to get IPv6 to work on the it. The
router does DHCP for my LAN and I’ve got it set to give the
same IP address to each box each time. Makes things easier
on me moving and copying files around the LAN. Ran into a
problem with my browser on a lot of IPv6 sites, where they’d
revert to IPv4 or not load at all. I had missed the option
mentioned in the man page ‘family inet6 inet4′ which sets
the preference to IPv6 as it’s first. When you use DHCP to
assign addresses, each time a box boots and starts the network,
/etc/resolv.conf gets overwritten. If you have some settings
you want in it like I did, you get around the overwrite
problem by putting the options in /etc/resolv.conf.tail and
then they show up in resolv.conf okay. Also had added some
stuff to /etc/pf.conf so icmp would be passed, as they’re
required for IPv6 to work right on my tunnel.
#Under the macros section:
icmp_types=”{ echoreq, echorep, unreach }”
#Under the rules section:
pass inet proto icmp all icmp-type $icmp_types
pass inet6 proto icmp6
***********************************************************
Fiddled around with tmux quite a bit, trying to get it configured
the way I need it. Hadn’t used it in a while and had forgotten quite
a bit. My setup is not real complicated, I just had problems with
how I was calling the program. Here’s my .tmux.conf:
# Default global options.
set status-bg yellow
set status-fg black
set default-command “exec /bin/ksh -l”
set -g status-right ‘%a %m/%d/%y %H:%M’
set -g status-interval 5
set bell-action current
set history-limit 2000
# Prefix key.
unbind C-b
set -g prefix C-s
# Keys to switch session.
bind q switch -t0
bind Q switch -t0
bind w switch -t1
bind W switch -t1
bind -r C-n next-window
bind -r C-p previous-window
bind ‘”‘ choose-window
# Other key bindings.
bind i list-windows
bind I list-windows
bind ‘-’ split-window -dv
bind ‘|’ split-window -dh
bind “‘” new-window
bind < resize-pane -L 1
bind > resize-pane -R 1
bind _ resize-pane -D 1
bind u resize-pane -U 1
# Session Initialization
# First Session.
new -d -s0 -nmain1
neww -d -nmutt
neww -d -nwork1
splitw -v -p 50 -t 2
splitw -h -p 50 -t 2
neww -d -nwork2
splitw -h -p 50 -t 3
neww -d -nnet
selectw -t 0
# Second Sesson.
new -d -s1 -nmain2
neww -d -nshell1
splitw -v -p 50 -t1
neww -d -nshell2
splitw -v -p 50 -t2
neww -d -nshell3
splitw -v -p 50 -t3
selectw -t 0
Lot of split panes and stuff there I probably don’t need,
but I needed to know how to do it, so I just did some
experimenting with it. Put a few aliases in ~/.kshrc:
alias tm0=’tmux attach-session -t 0′
alias tm1=’tmux attach-session -t 1′
alias tmk=’tmux kill-server’
***********************************************************
Side note while I’m thinking of it. Never had the occasion
to pipe anything to vim before. Started wondering how to
do it. Here’s how:
$ cat file.txt | vim -
***********************************************************
I built the gimp, sane-frontends, and sane-backends the other
day. I expected to have an ‘Acquire’ choice in the gimp menu
but it wasn’t there. Then my buddy in the local LUG reminded
me to install xsane. The gimp no longer has the ARG to build
it with mmx, but I had to put some extra switches on the make
command when I built
$ cd /usr/ports/graphics/sane-frontends/
sudo env FLAVOR=”gimp” make install
$ cd ../sane-backends/
sudo make -D --with-gphoto install
$ cd ../xsane/
sudo env FLAVOR=”gimp” make install
***********************************************************
Got tired of the nag on the console about clamav being out of
date. I had installed the package for 4.8 release, 0.96.1 which
was causing the nag. Uninstalled latest version, 0.96.4 and
built it. Seemed like it took a lot longer than it did with
previous versions, but it built and installed okay. That
version didn’t last long. Uninstalled it, then built 0.96.5
on 20101214. Built and installed okay. Just a pain in the butt
with the clamav uid and gid thing. Old version used _clamav.
Last few versions want clamav. You can change it using the
following to avoid the error when running ./configure:
sudo ./configure –with-group=_clamav –with-user=_clamav
***********************************************************
Have never used irc extensively but taught myself enough to
know how to configure and get around in irssi. Installed silc
which is supposed to be more secure than regular irc and is
built around irssi. Including some notes here on how I was
able to connect to a silc server over tor:
1) If you haven't done so already, install tor and socat 2) Start /usr/local/bin/tor which defaults to port 9050
*Side Note on tor*
To run it all the time you can start it in /etc/rc.local at
boot time:
fi
if [ -x /usr/local/bin/tor ]; then
echo -n ‘ starting tor’;
/usr/local/bin/tor
fi
3) Now run this command as root or with sudo:
socat TCP4-LISTEN:706,bind=localhost,range=127.0.0.1/32,fork \
SOCKS4A:127.0.0.1:silc.silcnet.org:706,socksport=9050 > socat_log.$$ 2>&1 &
4) Start silc
5) After entering password and silc is running:
/connect 127.0.0.1 706
A bit slower than a regular connection but much more secure
since your real IP address isn’t visible.
Labels: dd-wrt, icmp, ipv6, irc, irssi, pf, router, silc, tor, upgrade
posted by Dennyboy at 12/24/2010 10:22:00 PM
0 comments
Sunday, October 10, 2010
PKG_PATH Tweaking
Saw these on the mailing list a few weeks back.
First example is a bit long and drawn out but it works:
PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/`uname -a | \
cut -d” ” -f 3`/packages/`uname -a |cut -d” ” -f 5`/
Second method is a bit neater:
PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/`uname -r`/packages/`arch -s`/
Create an alias in called pkg_find:
alias pkg_find=”echo ls | ftp -a $PKG_PATH |sed ‘s/.*\ //g’ |grep -i ”
Then, from the command prompt, do
$ pkg_find somepkg
and you’ll get the full package name.
First example is a bit long and drawn out but it works:
PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/`uname -a | \
cut -d” ” -f 3`/packages/`uname -a |cut -d” ” -f 5`/
Second method is a bit neater:
PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/`uname -r`/packages/`arch -s`/
Create an alias in called pkg_find:
alias pkg_find=”echo ls | ftp -a $PKG_PATH |sed ‘s/.*\ //g’ |grep -i ”
Then, from the command prompt, do
$ pkg_find somepkg
and you’ll get the full package name.
posted by Dennyboy at 10/10/2010 01:28:00 PM
2 comments
Saturday, May 08, 2010
Free OpenBSD Shell Account Provider, Unix Shells
Found out about this site the other day. Nice folks, great site.
Here's a snippet from their manifesto:
Devio.us came about one afternoon while brainstorming
new possible projects. While other shell providers do
exist, most of them lack a clear goal, or are ran by an
inexperienced group of people. The servers are either
unstable, insecure or the hardware is just plain bad.
Realizing this sad state of of affairs, we set out to
create devio.us. While Kayla set out to design the site,
the rest of the team started working on writing all the
user administration utilities, automating tasks and
setting up the environment. Shortly thereafter, the
project was launched.
Lots of FAQ's and help on the site. Check out the forums at
Free Unix Shell Accounts - Devio.us Forums
or join in on the chat at irc.freenode.net #devious
Here's a snippet from their manifesto:
Devio.us came about one afternoon while brainstorming
new possible projects. While other shell providers do
exist, most of them lack a clear goal, or are ran by an
inexperienced group of people. The servers are either
unstable, insecure or the hardware is just plain bad.
Realizing this sad state of of affairs, we set out to
create devio.us. While Kayla set out to design the site,
the rest of the team started working on writing all the
user administration utilities, automating tasks and
setting up the environment. Shortly thereafter, the
project was launched.
Lots of FAQ's and help on the site. Check out the forums at
Free Unix Shell Accounts - Devio.us Forums
or join in on the chat at irc.freenode.net #devious
Labels: free shell accounts, openbsd
posted by Dennyboy at 5/08/2010 12:18:00 AM
0 comments
Friday, May 07, 2010
bsdtalk 188 - Dru Lavigne
Interview with Dru Lavigne. We talk about her new book, The Definitive Guide to PC-BSD,
and also the upcoming BSD Professional Certification.
Main Site for bsdtalk
Interview mp3 link
Interview ogg link
and also the upcoming BSD Professional Certification.
Main Site for bsdtalk
Interview mp3 link
Interview ogg link
Labels: bsd professional certification, bsdtalk, dru lavigne, pc-bsd, will blackman
posted by Dennyboy at 5/07/2010 11:40:00 PM
0 comments
Duck Duck Go
Not sure how long Duck Duck Go has been around but I
found out about it tonight after I saw a link to it on IRC.
You want to check it out and read what all it's got, go to:
About Duck Duck Go
found out about it tonight after I saw a link to it on IRC.
You want to check it out and read what all it's got, go to:
About Duck Duck Go
Labels: search engines
posted by Dennyboy at 5/07/2010 11:24:00 PM
1 comments
Tuesday, December 01, 2009
bsdtalk180- OpenBSD Enthusiast Girish Venkatachalam
Interview with my programmer OpenBSD bud Girish Venkatachalam.
Main Site for bsdtalk
Interview mp3 link
Interview ogg link
Main Site for bsdtalk
Interview mp3 link
Interview ogg link
Labels: bsdtalk, girish venkatachalam, openbsd, will blackman
posted by Dennyboy at 12/01/2009 10:09:00 AM
0 comments
Tuesday, November 24, 2009
Absolute Minimal OpenBSD USB Image
My friend Girish Venkatachalam has added another
OpenBSD USB bootable image, a very minimal 1GB
version without X and without a single package,
just the base install.
Absolute Minimal Version
Enjoy!
OpenBSD USB bootable image, a very minimal 1GB
version without X and without a single package,
just the base install.
Absolute Minimal Version
Enjoy!
Labels: openbsd, usb minimal bootable image no x
posted by Dennyboy at 11/24/2009 04:13:00 PM
0 comments
Sunday, November 22, 2009
Cksum
Create Fingerprints Using Cksum
cksum(1) is a very important utility since it
can figure out the fingerprint/message digests
using several key algorithms employed in
cryptography.
it gives the longest output and there is
very little chance of collision.
I think this article is not going to make
much sense without explaining the rationale
and the math behind the idea of cryptographic
hashes of message digests.
The basic goal is quite easy to state and
understand. The idea of a message digest is
to create a fixed length "fingerprint" from
any input data of any length, be it 2 bytes
or 2 Terabytes. This is done in a such a way
that the output varies significantly for
slight changes in input data.
All that is fine and dandy but the most
important aspect of the checksum algorithm
is its ability to avoid collisions.
Collisions are input values for which the
checksum algorithm produces the same output.
This can be quite dangerous and defeats the
very purpose of having a checksum in the
first place.
But mathematically speaking, nature enforces
a limit to the probability or possibilty of
collisions. But in practice this works quite
well as long as your output sample space is
quite big. Which is the case with sha512
digests. MD4 is broken. Don't use it. MD5 is
weak too.
The importance of cryptographic hashing comes
from many angles. First thing is that it is key
to generating digital signatures. A signature
is a private key encrypted message digest of
the input message. Simple and straight.
Then you have something called HMAC or hashed
message authentication code where a secret key
is used for generating message digests.
Normally message digests do not employ any
secret information. It is completely open.
Anyone can generate cryptographic hashes since
the algorithm is well known, there are no keys
and given the input, the output is fixed.
This is alright when we want to detect accidental
changes or integrity of file transfers. But this
does not protect us from malicious tampering. For
that we normally encrypt the hash with a secret key.
Or append it with the message and encrypt it. That
way we can detect tampering.
However HMAC is different. In this method,
the cryptographic hash is protected with a
secret key and only if you possess the secret
key you can generate the hash.
HMAC is widely used in TLS or SSL web security.
We have already seen many applications for
message digests or cryptographic hashes.
There is one important detail however. All
the public key cryptosystems in particular
the most widely used RSA algorithm relies
on cryptographic hashes in a interesting way.
RSA is a little complicated to explain in
this article but my idea is to illustrate
that cryptographic hashes have a much bigger
role to play than simple integrity checking.
Cryptographic hash functions are also known
as one way hash functions. Which is to say
that the function is not reversible. There
is no inverse of the function. You can only
get an output from input, never the other
way round.
RSA is nothing but a one way hash function
of the input data with a key. RSA relies on
the prime number factorization problem. So
the idea here is that you can multiply two
prime numbers trivially but you cannot divide
them. You can of course but not without a
significant computational overhead.
Now that we have seen enough theory, let us
get to the practical side and figure out how
it can help us in real life. After all math
has a great real life significance.
$ cksum /etc/passwd
3171604895 3646 /etc/passwd
$ cksum -a sha512 /etc/passwd
SHA512 (/etc/passwd) =
b4d6a742cada5305686832f1037b60f79b56fe6dfdf99
04e6070295e74c2341535db26b731e27e04a73f0cb70b
b589d31b8e9e18e207a8aae5aa81d06ea29f5a
(above cksum output line wrapped)
$ cksum -a sha256 /etc/passwd
SHA256 (/etc/passwd) =
fd2626c043a288c0a25bdc9772af4b19e001c890e9317
0a4de40043a9516e94a
(above cksum output line wrapped)
$ cksum -a rmd160 /etc/passwd
RMD160 (/etc/passwd) =
70455b60aad955b556aa4052af017ecf61bfe5a1
$ cksum -a md5 /etc/passwd
MD5 (/etc/passwd) =
e7818836fe36fa1fde1ab6198ee2da77
$ cksum -a sha1 /etc/passwd
SHA1 (/etc/passwd) =
9c80fdd62b69909a705c64fe79b6294d778ffef6
You can avoid the above mentioned issue of
collisions with the cksum(1) utility since
you have access to several state of the art
checksum algorithms from one command/utility.
So if you are paranoid kindly compare the sha1
and sha256 sums of the same file at both sides
after transfer. That way you can avoid issues
with collision.
openssl(1) also comes built in with access to
several checksum algorithms and so can sha1 and
md5 commands help under OpenBSD. But cksum has
an advantage of supporting many algorithms. Moreover
all these utilities come with base OpenBSD. There
is never a need to install any specific package.
In other words you are guaranteed to find them,
on any OpenBSD box!
Note on Authorship:
This article was contributed by Girish Venkatachalam
who is also a co-author on Denny's OpenBSD Newbies Blog.
cksum(1) is a very important utility since it
can figure out the fingerprint/message digests
using several key algorithms employed in
cryptography.
1. cksum
2. md4
3. md5
4. rmd160
5. sha1
6. sha256
7. sha384
8. sha512
9. sum
10. sysvsum
sha512 is the best algorithm to use sinceit gives the longest output and there is
very little chance of collision.
I think this article is not going to make
much sense without explaining the rationale
and the math behind the idea of cryptographic
hashes of message digests.
The basic goal is quite easy to state and
understand. The idea of a message digest is
to create a fixed length "fingerprint" from
any input data of any length, be it 2 bytes
or 2 Terabytes. This is done in a such a way
that the output varies significantly for
slight changes in input data.
All that is fine and dandy but the most
important aspect of the checksum algorithm
is its ability to avoid collisions.
Collisions are input values for which the
checksum algorithm produces the same output.
This can be quite dangerous and defeats the
very purpose of having a checksum in the
first place.
But mathematically speaking, nature enforces
a limit to the probability or possibilty of
collisions. But in practice this works quite
well as long as your output sample space is
quite big. Which is the case with sha512
digests. MD4 is broken. Don't use it. MD5 is
weak too.
The importance of cryptographic hashing comes
from many angles. First thing is that it is key
to generating digital signatures. A signature
is a private key encrypted message digest of
the input message. Simple and straight.
Then you have something called HMAC or hashed
message authentication code where a secret key
is used for generating message digests.
Normally message digests do not employ any
secret information. It is completely open.
Anyone can generate cryptographic hashes since
the algorithm is well known, there are no keys
and given the input, the output is fixed.
This is alright when we want to detect accidental
changes or integrity of file transfers. But this
does not protect us from malicious tampering. For
that we normally encrypt the hash with a secret key.
Or append it with the message and encrypt it. That
way we can detect tampering.
However HMAC is different. In this method,
the cryptographic hash is protected with a
secret key and only if you possess the secret
key you can generate the hash.
HMAC is widely used in TLS or SSL web security.
We have already seen many applications for
message digests or cryptographic hashes.
There is one important detail however. All
the public key cryptosystems in particular
the most widely used RSA algorithm relies
on cryptographic hashes in a interesting way.
RSA is a little complicated to explain in
this article but my idea is to illustrate
that cryptographic hashes have a much bigger
role to play than simple integrity checking.
Cryptographic hash functions are also known
as one way hash functions. Which is to say
that the function is not reversible. There
is no inverse of the function. You can only
get an output from input, never the other
way round.
RSA is nothing but a one way hash function
of the input data with a key. RSA relies on
the prime number factorization problem. So
the idea here is that you can multiply two
prime numbers trivially but you cannot divide
them. You can of course but not without a
significant computational overhead.
Now that we have seen enough theory, let us
get to the practical side and figure out how
it can help us in real life. After all math
has a great real life significance.
$ cksum /etc/passwd
3171604895 3646 /etc/passwd
$ cksum -a sha512 /etc/passwd
SHA512 (/etc/passwd) =
b4d6a742cada5305686832f1037b60f79b56fe6dfdf99
04e6070295e74c2341535db26b731e27e04a73f0cb70b
b589d31b8e9e18e207a8aae5aa81d06ea29f5a
(above cksum output line wrapped)
$ cksum -a sha256 /etc/passwd
SHA256 (/etc/passwd) =
fd2626c043a288c0a25bdc9772af4b19e001c890e9317
0a4de40043a9516e94a
(above cksum output line wrapped)
$ cksum -a rmd160 /etc/passwd
RMD160 (/etc/passwd) =
70455b60aad955b556aa4052af017ecf61bfe5a1
$ cksum -a md5 /etc/passwd
MD5 (/etc/passwd) =
e7818836fe36fa1fde1ab6198ee2da77
$ cksum -a sha1 /etc/passwd
SHA1 (/etc/passwd) =
9c80fdd62b69909a705c64fe79b6294d778ffef6
You can avoid the above mentioned issue of
collisions with the cksum(1) utility since
you have access to several state of the art
checksum algorithms from one command/utility.
So if you are paranoid kindly compare the sha1
and sha256 sums of the same file at both sides
after transfer. That way you can avoid issues
with collision.
openssl(1) also comes built in with access to
several checksum algorithms and so can sha1 and
md5 commands help under OpenBSD. But cksum has
an advantage of supporting many algorithms. Moreover
all these utilities come with base OpenBSD. There
is never a need to install any specific package.
In other words you are guaranteed to find them,
on any OpenBSD box!
Note on Authorship:
This article was contributed by Girish Venkatachalam
who is also a co-author on Denny's OpenBSD Newbies Blog.
Labels: cksum, cryptographic algorithms, encryption, hashes, md4, md5, openbsd, rmd160, security, sha1, sha256, sha384, sha512, sum, sysvsum
posted by Dennyboy at 11/22/2009 08:43:00 AM
0 comments
Tuesday, November 17, 2009
Interfacing the Medical Transcription
Foot Pedal With Mplayer
Those of you who are hearing mplayer for the first
time should certainly see this article.
It is the best multimedia application out there and
it is written in pure C. It is amazing stuff. A grand
old project with an amazing cornucopia of features.
Those of you who have not heard of the footpedal
do not need to worry. It is a footrest with three
buttons which you can press with the toe.
Here is a picture.
It connects via the 9 pin serial connector to the
serial port of the computer. Before we get to the
technical details we do need to know something
about the medical transcription industry.
Every technical problem needs a business goal to
meet. Sometimes it is not very obvious as in the
case of academic UNIX tools, but without having
an appreciation of the real purpose of the project,
one cannot do well in business. Technical solutions
do not exist in isolation.
Medical transcription is the process of converting
a doctor's voice recordings into English text. The
doctor would have spoken at varying speeds and
with different accents. A medical transcriptionist
has the job of translating his spoken words into
the written word.
I am sure you can imagine that this is no easy task.
The transcriptionist has to listen to the dictation
multiple times at various speeds to figure out what
on earth the doctor is trying to say.
His/her fingers are typing the message in the audio,
and you wish to be able to rewind, pause/play and
fast forward the recording with the foot. That is
where a footpedal comes in. You can't use the mouse
or keyboard for this since the hands are busy typing
out text.
While the hand is typing the foot will be interacting
with the audio player to help the transcriptionist to
accurately translate the dictation into English text.
The footpedal is a passive device with no power and
no moving parts. There are 3 switches as you can see
above. The left pedal is connected to the DSR pin(8),
the middle pedal is connected to the CTS pin(6), and
the right pedal is connected to the DCD pin(1).
I figured this out using a perl script given here.
use Device::Modem;
my $modem = new Device::Modem( port => '/dev/tty00' );
/*
if( $modem->connect( baudrate => 9600 ) ) {
print "connected!\n";
} else {
print "sorry, no connection with serial port!\n";
}
*/
my %sig = $modem->status();
for ('CTS','DSR','RLSD')
{
if($_ =~ /RLSD/) {
print "Signal DCD is: ", ($sig{$_} > 0 ? 'on'
: 'off'), "\n";
} else {
print "Signal $_ is: ", ($sig{$_} > 0 ? 'on'
: 'off'), "\n";
}
}
The next thing to do was figure out a way to do this
in C. That was the hard part but I got there. Check
out the code in this page to interface with the serial
port on Windows and OpenBSD to recognize the pedal
presses.
Okay now we are halfway through. We can recognize
the pedal presses. But how to interface with the
audio player?
Before that we have an even more important question
to tackle.
Which player should we use?
I started working on audacity but
quickly realized that
it does not have the rewind and forward feature. Plus
I realized that most audio players don't have this at all.
Except of course mplayer. But before that I considered
and rejected sox and vlc.
I looked at the mplayer input.c file, the way it interfaced
with the joystick and LIRC remote control. I know I could
copy the semantics and match it with key presses. I did the
project first on OpenBSD and then got it working under
Windows. It was a great project, I thoroughly enjoyed it.
All the code in beautiful syntax highlighted fashion with
black background is here
However the work is not over yet. You need to recognize
the pedal presses with more care. Right now it is too
sensitive so to speak. It has to have some back pressure
and hysteresis. I need to understand the needs of the
medical transcriptionist better. I shall finish this
project and add these details later. At the moment, I
can say that the project is nearly over.
posted by Dennyboy at 11/17/2009 05:27:00 AM
1 comments
Saturday, November 14, 2009
LiveUSB Image With OpenBSD
My programmer friend in India who is also a co-author on my
other blog has created two usb OpenBSD bootable images.
There is a 1Gb image and a 2Gb image. The instructions
and download links are at:
LiveUSB image with OpenBSD
Cheers!
other blog has created two usb OpenBSD bootable images.
There is a 1Gb image and a 2Gb image. The instructions
and download links are at:
LiveUSB image with OpenBSD
Cheers!
Addendum:
There are 3 images now.
1. Minimal version for 1GB without X
2. Lite version for 1 GB with X
3. Full version for 2 GB
There are 3 images now.
1. Minimal version for 1GB without X
2. Lite version for 1 GB with X
3. Full version for 2 GB
posted by Dennyboy at 11/14/2009 02:35:00 AM
0 comments
Tuesday, November 10, 2009
Small Conky Calendar
I”m not a perl programmer and I’m sure my chances of having
come up with this on my own would be right up there with the
classic example about the monkeys with typewriters creating
the encyclopedia! :-) I got it off this mailing list:
freebsd-questions@freebsd.org
cal | perl -pe ’s/^/ /;s/$/ /;s/ ‘”$(date “+%e”)”‘ /\['"$(date "+%e")"']/’
I plugged it into the bottom of my .conkyrc file like so:
${color green}${execi 360 cal | perl -pe ’s/^/ /;s/$/ /;s/ ‘”$(date “+%e”)”‘ /\[ '"$(date "+%e")"']/’} ${color}
BTW, the above perl lines are wrapped, both the first which
is from the command line, and the second, which is the entire
line in .conkyrc. It shows the current day enclosed in brackets
in order to highlight it. Nice touch.
Cheers!
come up with this on my own would be right up there with the
classic example about the monkeys with typewriters creating
the encyclopedia! :-) I got it off this mailing list:
freebsd-questions@freebsd.org
cal | perl -pe ’s/^/ /;s/$/ /;s/ ‘”$(date “+%e”)”‘ /\['"$(date "+%e")"']/’
I plugged it into the bottom of my .conkyrc file like so:
${color green}${execi 360 cal | perl -pe ’s/^/ /;s/$/ /;s/ ‘”$(date “+%e”)”‘ /\[ '"$(date "+%e")"']/’} ${color}
BTW, the above perl lines are wrapped, both the first which
is from the command line, and the second, which is the entire
line in .conkyrc. It shows the current day enclosed in brackets
in order to highlight it. Nice touch.
Cheers!
posted by Dennyboy at 11/10/2009 12:45:00 AM
0 comments
Sunday, November 08, 2009
Taking Desktop Screenshots
I was Googling around the other night looking for graphics
help and ran across this site where I learned about some
X stuff I didn’t even know was there on my box:
Useful Things You Can Do with FVWM
Example of dumping the root screen using xwd, part
of the X Window System included with OpenBSD:
xwd -root -out file
Example of displaying the dumped image with xwud,
again part of the X Window System:
xwud -in file
Example of dumping the root screen & outputting it to
jpg format using xwdtopnm and pnmtopng, both
included in the netpbm port/package:
xwd -root |xwdtopnm |pnmtopng > file.jpg
Example of converting an existing screenshot taken with
xwd, using xwdtopnm and pnmtopng:
xwdtopnm < file | pnmtopng > file.png
xwdtopnm < file | pnmtojpeg > file.jpg
Example converting a screenshot taken with xwd with
convert, part of the ImageMagick port/package:
convert file file.png
convert file file.jpg
Cheers!
help and ran across this site where I learned about some
X stuff I didn’t even know was there on my box:
Useful Things You Can Do with FVWM
Example of dumping the root screen using xwd, part
of the X Window System included with OpenBSD:
xwd -root -out file
Example of displaying the dumped image with xwud,
again part of the X Window System:
xwud -in file
Example of dumping the root screen & outputting it to
jpg format using xwdtopnm and pnmtopng, both
included in the netpbm port/package:
xwd -root |xwdtopnm |pnmtopng > file.jpg
Example of converting an existing screenshot taken with
xwd, using xwdtopnm and pnmtopng:
xwdtopnm < file | pnmtopng > file.png
xwdtopnm < file | pnmtojpeg > file.jpg
Example converting a screenshot taken with xwd with
convert, part of the ImageMagick port/package:
convert file file.png
convert file file.jpg
Cheers!
Labels: desktop, fluxbox, import, openbsd, pnmtopng, screenshot, xwd, xwdtopnm, xwininfo, xwud
posted by Dennyboy at 11/08/2009 11:47:00 PM
0 comments
Celebrate Freedom Nov 9 – Anniversary of the fall of the ‘Wall’
Nov 9, 1989. That’s the day the damnable Berlin Wall came down!
Celebrate freedom around the world today! Thanks, ‘Dutch’, I will
never forget your words:
“Mr. Gorbachev, tear down this wall!”
Cheers!
Celebrate freedom around the world today! Thanks, ‘Dutch’, I will
never forget your words:
“Mr. Gorbachev, tear down this wall!”
Cheers!
posted by Dennyboy at 11/08/2009 11:41:00 PM
0 comments
Conky Update
Added some information at the end of Conky System Statistics
on a new way to stop one version of Conky from a script that runs
from a cronjob and start a new version, again from a script run
from a cronjob. Hope if anyone used the old way they didn't have
the same problem I did. If so, sorry. The current way has been
working without issue for several days now.
Cheers!
on a new way to stop one version of Conky from a script that runs
from a cronjob and start a new version, again from a script run
from a cronjob. Hope if anyone used the old way they didn't have
the same problem I did. If so, sorry. The current way has been
working without issue for several days now.
Cheers!
Labels: conky system statistics, cronjob, openbsd, shell scripting
posted by Dennyboy at 11/08/2009 11:09:00 PM
0 comments
Sunday, November 01, 2009
Tweeting From the Command Line
Recently ran across an article Tweeting from the command line,
so I thought I’d give it a try. Didn’t have a Twitter account,
so that was the first step, creating one. Go to Twitter and
create your account.
After that, you need to copy the script and put in your username
and password and make the script executable. I placed my script
in ~/bin and did a chmod 700 ~/bin/tweet.sh so the script
is only executable, readable, and writable by me. Here’s the script:
#!/bin/sh
tweet="${@}"
user="username"
pass="sekret"
if [ $(echo "${tweet}" | wc -c) -gt 140 ]; then
echo "FATAL: The tweet is longer than 140 characters!"
exit 1
fi
curl -k -u ${user}:${pass} -d status="${tweet}"
https://twitter.com/statuses/update.xml >/dev/null 2>&1
if [ "$?" == "0" ]; then
echo "Successful tweet!"
fi
The full instructions are at the link listed above at
the beginning of this blog entry. It mentions escaping
special characters such as "?" and "!" for one thing,
and that’s important. I read the other night where you
can’t edit a "Tweet", only delete it, going on to explain
that anyone following you would not be in sync with your
Tweets if you deleted an entry and then entered a new
version of it. I erroneously thought, also, that to Retweet
meant doing a Tweet over, but it's actually more like
passing on what someone else has already Tweeted.
Obviously I've still got a lot to learn about Twitter, but
the script above should get my fellow CLI geeks going. ;)
Cheers!
Addendum:
TTYtter for Perl: More Tweeting from the command line
TTYtter: an interactive console text-based command-line Twitter client and Perl platform
Just a follow up on Tweeting from the command line.
Cool setup. ANSI Graphics, too. Check it out.
Cheers!
so I thought I’d give it a try. Didn’t have a Twitter account,
so that was the first step, creating one. Go to Twitter and
create your account.
After that, you need to copy the script and put in your username
and password and make the script executable. I placed my script
in ~/bin and did a chmod 700 ~/bin/tweet.sh so the script
is only executable, readable, and writable by me. Here’s the script:
#!/bin/sh
tweet="${@}"
user="username"
pass="sekret"
if [ $(echo "${tweet}" | wc -c) -gt 140 ]; then
echo "FATAL: The tweet is longer than 140 characters!"
exit 1
fi
curl -k -u ${user}:${pass} -d status="${tweet}"
https://twitter.com/statuses/update.xml >/dev/null 2>&1
if [ "$?" == "0" ]; then
echo "Successful tweet!"
fi
The full instructions are at the link listed above at
the beginning of this blog entry. It mentions escaping
special characters such as "?" and "!" for one thing,
and that’s important. I read the other night where you
can’t edit a "Tweet", only delete it, going on to explain
that anyone following you would not be in sync with your
Tweets if you deleted an entry and then entered a new
version of it. I erroneously thought, also, that to Retweet
meant doing a Tweet over, but it's actually more like
passing on what someone else has already Tweeted.
Obviously I've still got a lot to learn about Twitter, but
the script above should get my fellow CLI geeks going. ;)
Cheers!
Addendum:
TTYtter for Perl: More Tweeting from the command line
TTYtter: an interactive console text-based command-line Twitter client and Perl platform
Just a follow up on Tweeting from the command line.
Cool setup. ANSI Graphics, too. Check it out.
Cheers!
Labels: bsd, command line, linux, shell scripting, tweeting, twitter, unix
posted by Dennyboy at 11/01/2009 10:37:00 PM
0 comments
Saturday, October 31, 2009
ClamAv Update on OpenBSD Box
Updated my ClamAv today from version 0.95.2 to 0.95.3
and luckily read the warning about needing to patch it
on the download page at:
Clam AntiVirus
There’s a link there to download the diff. I downloaded
everything, then ran gpg against the file and signature
file to verify:
gpg –verify clamav-0.95.3.tar.gz.sig clamav-0.95.3.tar.gz
gpg: Signature made Wed Oct 28 10:59:38 2009 CDT using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
After that, cd /usr/ports/mystuff/ and do:
sudo tar xzvf /path/to/clamav-0.95.3.tar.gz
Next, I needed to uninstall the old version, but first I
had to stop the daemon running:
ps auxw grep clamd
sudo kill PID#
Then:
cd clamav-0.95.2
sudo ./configure
sudo make uninstall
There’s a warning in the docs about old librairies
and file versions on your system:
Caveats:
1) Make sure that you haven’t got old libraries (libclamav.so)
lying around your filesystem. You can verify it using:
$ ldd `which freshclam`
/usr/local/bin/freshclam:
Start End Type Open Ref GrpRef Name
1c000000 3c011000 exe 1 0 0 /usr/local/bin/freshclam
0470f000 24744000 rlib 0 1 0 /usr/local/lib/libclamav.so.6.5
022d7000 222db000 rlib 0 2 0 /usr/local/lib/libbz2.so.10.4
07d8b000 27d93000 rlib 0 2 0 /usr/lib/libz.so.4.1
0cd94000 2cd9d000 rlib 0 1 0 /usr/lib/libpthread.so.11.0
0c104000 2c13a000 rlib 0 1 0 /usr/lib/libc.so.48.0
05e7e000 05e7e000 rtld 0 1 0 /usr/libexec/ld.so
With my previous version of Clamav I had the file
/usr/local/lib/libclamav.so.6.4 but the uninstall
removed it okay.
More warnings:
2) Also make sure there is only one version of ClamAv
on your system.
3) whereis freshclam
4) whereis clamscan
In case anything went wrong I saved my old configuration
files in /usr/local/etc renaming them. Then:
cd /usr/ports/mystuff/clamav-0.95.3/
cp /path/to/patch-0.95.3-bug1737.diff .
sudo patch -p1
After everything built and installed successfully, all that
was left to do was go back into /usr/local/etc and configure
clamd.conf and freshclam.conf, then restart the daemon:
sudo /usr/local/sbin/clamd
I want to stress like always that it pays to read
documentation. Where you want your TemporaryDirectory,
where you want your LocalSocket and DatabaseDirectory
and so on. Same goes for your freshclam settings.
READ THE DOCS!
If you’re going to go through all the above to have
Clamav on your system, then you’re probably going
to want to start it when your system boots. I’ve got
the following in /etc/rc.local:
if [ -x /bin/mkdir ]; then
/bin/mkdir /tmp/clamd && chown clamav:clamav /tmp/clamd
fi
if [ -x /usr/local/sbin/clamd ]; then
/usr/local/sbin/clamd
fi
I do the above mkdir along with the ownership thing
since my sytem cleans out /tmp on reboot. It’s set in
/etc/rc.conf.local:
clear_tmp_enable=”YES” # clear /tmp on reboot
Cheers!
and luckily read the warning about needing to patch it
on the download page at:
Clam AntiVirus
There’s a link there to download the diff. I downloaded
everything, then ran gpg against the file and signature
file to verify:
gpg –verify clamav-0.95.3.tar.gz.sig clamav-0.95.3.tar.gz
gpg: Signature made Wed Oct 28 10:59:38 2009 CDT using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
After that, cd /usr/ports/mystuff/ and do:
sudo tar xzvf /path/to/clamav-0.95.3.tar.gz
Next, I needed to uninstall the old version, but first I
had to stop the daemon running:
ps auxw grep clamd
sudo kill PID#
Then:
cd clamav-0.95.2
sudo ./configure
sudo make uninstall
There’s a warning in the docs about old librairies
and file versions on your system:
Caveats:
1) Make sure that you haven’t got old libraries (libclamav.so)
lying around your filesystem. You can verify it using:
$ ldd `which freshclam`
/usr/local/bin/freshclam:
Start End Type Open Ref GrpRef Name
1c000000 3c011000 exe 1 0 0 /usr/local/bin/freshclam
0470f000 24744000 rlib 0 1 0 /usr/local/lib/libclamav.so.6.5
022d7000 222db000 rlib 0 2 0 /usr/local/lib/libbz2.so.10.4
07d8b000 27d93000 rlib 0 2 0 /usr/lib/libz.so.4.1
0cd94000 2cd9d000 rlib 0 1 0 /usr/lib/libpthread.so.11.0
0c104000 2c13a000 rlib 0 1 0 /usr/lib/libc.so.48.0
05e7e000 05e7e000 rtld 0 1 0 /usr/libexec/ld.so
With my previous version of Clamav I had the file
/usr/local/lib/libclamav.so.6.4 but the uninstall
removed it okay.
More warnings:
2) Also make sure there is only one version of ClamAv
on your system.
3) whereis freshclam
4) whereis clamscan
In case anything went wrong I saved my old configuration
files in /usr/local/etc renaming them. Then:
cd /usr/ports/mystuff/clamav-0.95.3/
cp /path/to/patch-0.95.3-bug1737.diff .
sudo patch -p1
After everything built and installed successfully, all that
was left to do was go back into /usr/local/etc and configure
clamd.conf and freshclam.conf, then restart the daemon:
sudo /usr/local/sbin/clamd
I want to stress like always that it pays to read
documentation. Where you want your TemporaryDirectory,
where you want your LocalSocket and DatabaseDirectory
and so on. Same goes for your freshclam settings.
READ THE DOCS!
If you’re going to go through all the above to have
Clamav on your system, then you’re probably going
to want to start it when your system boots. I’ve got
the following in /etc/rc.local:
if [ -x /bin/mkdir ]; then
/bin/mkdir /tmp/clamd && chown clamav:clamav /tmp/clamd
fi
if [ -x /usr/local/sbin/clamd ]; then
/usr/local/sbin/clamd
fi
I do the above mkdir along with the ownership thing
since my sytem cleans out /tmp on reboot. It’s set in
/etc/rc.conf.local:
clear_tmp_enable=”YES” # clear /tmp on reboot
Cheers!
Labels: clamav update, openbsd, patching, security
posted by Dennyboy at 10/31/2009 10:44:00 PM
0 comments
Tracking Network Usage With a Shell Script
Every morning the daily output is waiting there for
me in my email. Part of the normal output under Ipkts
and Opkts shows what went through the interface:
Ipkts Opkts
2999812 2509494
I don’t reboot very often but when I do, it seems the system
zeros this out and it starts all over again. I put together
a script that runs periodically from a cronjob:
#!/bin/sh
# Filename: netusage.sh
cd $HOME/bin
if grep ‘daily output’ $HOME/Mail/root/new/*; then
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $5}’ > ibytes.out
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $7}’ > obytes.out
else
echo “No daily output yet” > /dev/null 2>&1
fi
cd
At the end of the month I run another script to total
the network usage:
#!/bin/sh
# Filename: netusemonthly.sh
cd $HOME/bin
date > `date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Ibytes” >> `date +”%Y%m%d”`_endofmonthnetuse.log
cat *ibytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Obytes” >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
cat *obytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
mv -f *ibytes.out *obytes.out rebytes/
mv -f *endofmonthnetuse.log rebytes/
cd
The file names I used probably look ludicrous and they are all
completely arbitrary. If you try this out you can use whatever
file names and paths suit your needs. The whole thing was done
just to learn more about scripting, awk, and so forth. Also, to keep
the numbers right after a reboot, I added the following to
/etc/rc.shutdown:
netstat -ivn |head -8 |tail -1 |awk ‘{print $5}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_ibytes.out
netstat -ivn |head -8 |tail -1 |awk ‘{print $7}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_obytes.out
chown useracct:useracct /home/useracct/bin/*reboot_*bytes*
Like I said, this was all done just for learning purposes.
Maybe you can find a way to use some variation of the idea
on your own system.
Cheers!
me in my email. Part of the normal output under Ipkts
and Opkts shows what went through the interface:
Ipkts Opkts
2999812 2509494
I don’t reboot very often but when I do, it seems the system
zeros this out and it starts all over again. I put together
a script that runs periodically from a cronjob:
#!/bin/sh
# Filename: netusage.sh
cd $HOME/bin
if grep ‘daily output’ $HOME/Mail/root/new/*; then
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $5}’ > ibytes.out
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $7}’ > obytes.out
else
echo “No daily output yet” > /dev/null 2>&1
fi
cd
At the end of the month I run another script to total
the network usage:
#!/bin/sh
# Filename: netusemonthly.sh
cd $HOME/bin
date > `date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Ibytes” >> `date +”%Y%m%d”`_endofmonthnetuse.log
cat *ibytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Obytes” >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
cat *obytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
mv -f *ibytes.out *obytes.out rebytes/
mv -f *endofmonthnetuse.log rebytes/
cd
The file names I used probably look ludicrous and they are all
completely arbitrary. If you try this out you can use whatever
file names and paths suit your needs. The whole thing was done
just to learn more about scripting, awk, and so forth. Also, to keep
the numbers right after a reboot, I added the following to
/etc/rc.shutdown:
netstat -ivn |head -8 |tail -1 |awk ‘{print $5}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_ibytes.out
netstat -ivn |head -8 |tail -1 |awk ‘{print $7}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_obytes.out
chown useracct:useracct /home/useracct/bin/*reboot_*bytes*
Like I said, this was all done just for learning purposes.
Maybe you can find a way to use some variation of the idea
on your own system.
Cheers!
Labels: awk, netstat, network usage tracking, openbsd, shell scripting
posted by Dennyboy at 10/31/2009 10:25:00 PM
0 comments
Saving Tips From Mailing Lists
Besides my constant experimentation towards always
learning more about OpenBSD, one of my other means
of accumulating tips is from the mailing lists I
subscribe to. I put together a script to save messages
from the misc@openbsd mailing list. It finds all the
messages in thread in my mutt subdirectory under Mail
and concatenates all of them to a text file. It’s
interactive and it asks you for a search pattern,
where to search, and where to save the output to.
Here’s what it looks like:
#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt
The stuff like Return-Path and X-Virus-Checker-Version
are stuff in my header I don’t want in the saved tip.
If it was just a single message I could strip the entire
header with a sed command, but it doesn’t work when there
is more than one message in the thread. It gets even more
complicated on the script I use to do the same thing with
my freebsd-questions mailing list threads. Here’s that
script and you will see the difference:
#!/bin/sh
# Filename: fbsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ | \
sed ‘/freebsd-questions/d’ |sed ‘/unsubscribe/d’ >> \
$HOME/bsd/$i.txt
Depending on your MUA you will have to adjust your
filtering. I’ve been using mutt for years and do not
have any intention of switching to anything else. So,
if you’re using mutt, it will be easy to implement
for you. If you’re using some other MUA YMMV. ;)
Cheers!
Sat Oct 31 14:35:33 CDT 2009
Addendum:
Made the script a bit more interactive and helpful.
Thanks go to my friend Girish for helping me on it,
too. Here’s the new script for searching through my
misc@openbsd mail threads:
#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# resolutions to my BSD tips folder
found=”N”
while [ "$found" = "N" ]; do
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
if grep $r $HOME/$R/* > /dev/null 2>&1 ;
then
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt
# XXX finish the program!
found=”foo”
else
echo “Can’t find it! Check your search pattern and path.”
# Rerun the search with new pattern and/or path
found=”N”
fi
done
I’d also like to add something at the end of the script where,
even after it finds what I’m looking for and writes it out to my
tips file, it will still come up and ask me if I’d like to enter
a new search. Anyone have a suggestion, please leave a comment.
Cheers!
learning more about OpenBSD, one of my other means
of accumulating tips is from the mailing lists I
subscribe to. I put together a script to save messages
from the misc@openbsd mailing list. It finds all the
messages in thread in my mutt subdirectory under Mail
and concatenates all of them to a text file. It’s
interactive and it asks you for a search pattern,
where to search, and where to save the output to.
Here’s what it looks like:
#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt
The stuff like Return-Path and X-Virus-Checker-Version
are stuff in my header I don’t want in the saved tip.
If it was just a single message I could strip the entire
header with a sed command, but it doesn’t work when there
is more than one message in the thread. It gets even more
complicated on the script I use to do the same thing with
my freebsd-questions mailing list threads. Here’s that
script and you will see the difference:
#!/bin/sh
# Filename: fbsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ | \
sed ‘/freebsd-questions/d’ |sed ‘/unsubscribe/d’ >> \
$HOME/bsd/$i.txt
Depending on your MUA you will have to adjust your
filtering. I’ve been using mutt for years and do not
have any intention of switching to anything else. So,
if you’re using mutt, it will be easy to implement
for you. If you’re using some other MUA YMMV. ;)
Cheers!
Sat Oct 31 14:35:33 CDT 2009
Addendum:
Made the script a bit more interactive and helpful.
Thanks go to my friend Girish for helping me on it,
too. Here’s the new script for searching through my
misc@openbsd mail threads:
#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# resolutions to my BSD tips folder
found=”N”
while [ "$found" = "N" ]; do
echo “Enter your search pattern: ”
read r
echo “Enter your search path: ”
read R
echo “Enter file to save to: ”
read i
if grep $r $HOME/$R/* > /dev/null 2>&1 ;
then
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt
# XXX finish the program!
found=”foo”
else
echo “Can’t find it! Check your search pattern and path.”
# Rerun the search with new pattern and/or path
found=”N”
fi
done
I’d also like to add something at the end of the script where,
even after it finds what I’m looking for and writes it out to my
tips file, it will still come up and ask me if I’d like to enter
a new search. Anyone have a suggestion, please leave a comment.
Cheers!
Labels: mailing lists, openbsd, saving tips, shell scripting
posted by Dennyboy at 10/31/2009 09:59:00 PM
0 comments
Sunday, October 18, 2009
Find and Kill Process
I had used the following to find an instance of conky and
kill it in order to start a different conky configuration:
ps -U useracct |grep justweather |head -1 | \
cut -c 1-5 |sed -e ’s/[\ ]//g;/^$/d’ > jwpid.out
kill -9 `cat jwpid.out`
That’s unnecessarily complicated compared to this simpler way:
ps -U useracct |grep justweather.conkyrc | awk ‘{print $1}’ | \
xargs kill -15
kill it in order to start a different conky configuration:
ps -U useracct |grep justweather |head -1 | \
cut -c 1-5 |sed -e ’s/[\ ]//g;/^$/d’ > jwpid.out
kill -9 `cat jwpid.out`
That’s unnecessarily complicated compared to this simpler way:
ps -U useracct |grep justweather.conkyrc | awk ‘{print $1}’ | \
xargs kill -15
posted by Dennyboy at 10/18/2009 04:38:00 AM
0 comments
Thursday, October 15, 2009
Keeping Up With Security Patching
Put together a script that uses lynx(1) and sed(1) to download
and parse to a nice output the latest OpenBSD security and
reliability notifications.
#!/bin/sh
# Filename: undead.sh
cd $HOME/bin/
echo "" > errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
echo "Undeadly.org" >> errata.out
echo "" >> errata.out
lynx -dump http://undeadly.org/ ¦sed -n '/OpenBSD Errata/,$p, ¦ \
sed '/OpenBSD Resources/q' ¦ sed -n -e :a -e '1,3!{P;N;D;};N;ba' ¦ \
sed 's/^[ \t]*//' >> errata.out
echo "" >> errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
echo "OpenBSD Errata" >> errata.out
echo "" >> errata.out
lynx -dump http://www.openbsd.org/errata44.html ¦ \
sed -n '/OpenBSD\ FAQ/,$p' ¦ \
sed '1d ' ¦sed '/References/,$d' ¦sed '$d' >> errata.out
echo "" >> errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
cat errata.out ¦mail -s "OpenBSD Daily Errata" dennyboy
cd
You can always subscribe to security-announce@openbsd.org
but, sometimes, despite good intentions, things fall through the
cracks. In the end, at least IMHO, security is the responsibility of
the system admin, whether he's overseeing a server room full of
blade servers or if he's just a home user running one box.
Cheers!
and parse to a nice output the latest OpenBSD security and
reliability notifications.
#!/bin/sh
# Filename: undead.sh
cd $HOME/bin/
echo "" > errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
echo "Undeadly.org" >> errata.out
echo "" >> errata.out
lynx -dump http://undeadly.org/ ¦sed -n '/OpenBSD Errata/,$p, ¦ \
sed '/OpenBSD Resources/q' ¦ sed -n -e :a -e '1,3!{P;N;D;};N;ba' ¦ \
sed 's/^[ \t]*//' >> errata.out
echo "" >> errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
echo "OpenBSD Errata" >> errata.out
echo "" >> errata.out
lynx -dump http://www.openbsd.org/errata44.html ¦ \
sed -n '/OpenBSD\ FAQ/,$p' ¦ \
sed '1d ' ¦sed '/References/,$d' ¦sed '$d' >> errata.out
echo "" >> errata.out
echo - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \
>> errata.out
echo "" >> errata.out
cat errata.out ¦mail -s "OpenBSD Daily Errata" dennyboy
cd
You can always subscribe to security-announce@openbsd.org
but, sometimes, despite good intentions, things fall through the
cracks. In the end, at least IMHO, security is the responsibility of
the system admin, whether he's overseeing a server room full of
blade servers or if he's just a home user running one box.
Cheers!
Labels: notifications, openbsd, patching, security
posted by Dennyboy at 10/15/2009 11:27:00 PM
0 comments
Monday, August 24, 2009
Your Favourite BSD Tips & Tricks?
Following from Dru Lavigne's blog:
A Year in the Life of a BSD Guru
Your Favourite BSD Tips & Tricks?: "BSD Mag has asked me to write another Tips & Tricks column for the upcoming 1/2010 issue of the magazine."
A Year in the Life of a BSD Guru
Your Favourite BSD Tips & Tricks?: "BSD Mag has asked me to write another Tips & Tricks column for the upcoming 1/2010 issue of the magazine."
Labels: bsd mag, bsd tips and tricks, dru lavigne
posted by Dennyboy at 8/24/2009 10:25:00 PM
0 comments
Sunday, August 23, 2009
Passive Aggressive Spam Filtering
Passive Aggressive Spam Filtering: "
Using OpenBSD and spamd for spam filtering and grey-listing is very old news but there are a few situations where it becomes politically and technically challenging to run in production. Here was a simple yet (and in no way the best method) of using PF and some friends on the internet to help 'slow the flow' of offal from the Internet into your mail server.
Read more..."Labels: openbsd, passive agressive spam filtering, pf
posted by Dennyboy at 8/23/2009 10:31:00 PM
0 comments
OpenBSD 4.6 Pre-Orders Online!
OpenBSD 4.6 Pre-Orders Online!: "
Pre-orders are now being accepted for OpenBSD 4.6, scheduled for release on October 1st, 2009.
The developers bring us an amazing amount of cool new stuff (PF now enabled by default, a new privilege-separated SMTP daemon, routing domain support and lots more).
Of course, t-shirts and posters are available too. Order your set NOW!
"Labels: 4.6 pre-orders, openbsd
posted by Dennyboy at 8/23/2009 10:25:00 PM
0 comments
BSD load demystified
BSD load demystified: "
Ariane van der Steldt (ariane@) posted a reply to the OpenBSD misc mailing list last month that offered some valuable insight into how load is calculated in the BSD kernel. This is a topic that comes up routinely but remains largely misunderstood by the average user.
Read on for Ariane's explanation and comparison to Linux load...
Read more..."Labels: kernel, load calculate, openbsd
posted by Dennyboy at 8/23/2009 10:06:00 PM
0 comments
SecPuffy:): OpenBSD tips and tricks - adding swap on the fly
posted by Dennyboy at 8/23/2009 12:24:00 AM
0 comments
Monday, August 10, 2009
Spam control with OpenBSD greylisting
New link for my friend in Tamil Nadu. He's renamed
his antispam product to SpamCheetah. He has been a
good friend over the years, helped me numerous times
with OpenBSD and other projects, and definitely knows
what he's doing. So if you're in need of an antispam
solution, he's definitely the guy to see! The link is
in the title but here it is again just to be safe:
SpamCheetah - Main Site
SpamCheetah - On SourceForge
Youtube videos about the product:
OpenBSD Tarpit
SpamCheetah's Web Interface
There is both a commercial version with full tech-support and
the free downloadable open source version.
his antispam product to SpamCheetah. He has been a
good friend over the years, helped me numerous times
with OpenBSD and other projects, and definitely knows
what he's doing. So if you're in need of an antispam
solution, he's definitely the guy to see! The link is
in the title but here it is again just to be safe:
SpamCheetah - Main Site
SpamCheetah - On SourceForge
Youtube videos about the product:
OpenBSD Tarpit
SpamCheetah's Web Interface
There is both a commercial version with full tech-support and
the free downloadable open source version.
Labels: antispam, blacklists, email, greylisting, openbsd, security, tarpit
posted by Dennyboy at 8/10/2009 09:17:00 PM
0 comments
Saturday, May 16, 2009
Youtube Without Flash
Check it out:
HQTube for Greasemonkey
Youtube live streaming without flash, gnash, etc. Yes, it works,
at least so far in Seamonkey for me. Haven't tried it yet with
Firefox but, going from past experience, Firefox is easier to
work with than Seamonkey and better supported in regards
to add-on's, but I choose Seamonkey because it's just faster.
At least it always has been for me.
Audio is working great, no stuttering or distortion, and video
streaming over my broadband connection is good, no jerkiness
or distortion there either.
Before doing anything else, if you don't have them installed
already, install the mplayer and mplayerplug-in packages.
Whether you're using Firefox or Seamonkey, you'll need to
install Greasemonkey. For Firefox, check out:
Greasespot
If you're using Seamonkey, you'll have to install xsidebar.
You can get it at:
xSidebar :: Seamonkey Add-ons
Then you can get the Seamonkey modified Greasemonkey
version at:
mozdev.org - xsidebar: modifiedmisc: Greasemonkey
Here's what's in my ~/.mplayer/mplayerplug-in.conf:
vo=gl
cachesize=512
cache-percent=5
profile=plugin
Here's what's in my ~/.mplayer/config:
[plugin]
autosync=0
mc=0
correct-pts=yes
Those are straight out of the installation instructions for the
HQTube for Greasemonkey script. So far I haven't had
to change that or add anything else.
Caveat:
Right now the script only works with Youtube.
Sun Nov 1 02:13:41 CST 2009
Addendum:
Had to stop using HQTube. Started getting error messages saying
it was no longer compatible and needed upgrading. Unfortunately,
I couldn't find an upgrade. So, I did some searching and ran across
the following:
Free Youtube! for Greasemonkey
So far it's not working too badly in this old Seamonkey version I'm
running. Lazy old me, I haven't upgraded yet to OpenBSD 4.6 but it
is going to happen shortly. Already received my shiny new CD set! ;)
Only problem with Free Youtube! I've had so far is it doesn't want to
play the videos on the BSD Conference part of Youtube. Wouldn't you know
it? They seem to be laid out differently than regular Youtube videos.
Hopefully after I upgrade I'll get that going too.
Had to uninstall HQTube. Started getting error messages that
Labels: firefox, flash, greasemonkey, openbsd, seamonkey, youtube
posted by Dennyboy at 5/16/2009 05:24:00 PM
0 comments
Friday, November 14, 2008
Customizing Seamonkey's Toolbar
How to Customize the SeaMonkey Toolbar | eHow.com
I thought this had some pretty good tips in it
for Seamonkey, which is my favorite browser.
Much faster than Firefox, at least in my browsing
experiences.
I thought this had some pretty good tips in it
for Seamonkey, which is my favorite browser.
Much faster than Firefox, at least in my browsing
experiences.
posted by Dennyboy at 11/14/2008 02:21:00 AM
2 comments
Wednesday, July 09, 2008
SSH & Samba Write-up
I solved a windows network connectivity problem I was
having when I was using a socks 5 proxy through an ssh
tunnel to my OpenBSD box for safer browsing. I'd leave
the windows box running but not use it, sometimes for
hours, and more often than not, overnight. When I'd try
to get anywhere with the browser I no could. I still had
connectivity with the OpenBSD box, but that was it. I put
in a batch file that cleans up the local area connection
on the windows box and run it from windows scheduler
every 6 hours and it solved the problem. The addendum,
batch file, and link to the network article that helped me
are at the bottom of my original write-up at:
SSH & Samba
having when I was using a socks 5 proxy through an ssh
tunnel to my OpenBSD box for safer browsing. I'd leave
the windows box running but not use it, sometimes for
hours, and more often than not, overnight. When I'd try
to get anywhere with the browser I no could. I still had
connectivity with the OpenBSD box, but that was it. I put
in a batch file that cleans up the local area connection
on the windows box and run it from windows scheduler
every 6 hours and it solved the problem. The addendum,
batch file, and link to the network article that helped me
are at the bottom of my original write-up at:
SSH & Samba
Labels: newbies, openbsd, socks 5 proxy, ssh tunnels, tips, tricks, windows
posted by Dennyboy at 7/09/2008 05:42:00 PM
0 comments
Friday, July 04, 2008
Fluxbox Article
I've got a new write up on switching desktop wallpaper in
fluxbox automatically on a scheduled basis by using a script
and a cronjob to call it. I also made some additions to my
.kshrc file exporting some values into the environment for
when I login to the system that can be tested against and
also tell fluxbox which one of my wallpaper files to load
when it's starting.
Fluxbox Desktop
fluxbox automatically on a scheduled basis by using a script
and a cronjob to call it. I also made some additions to my
.kshrc file exporting some values into the environment for
when I login to the system that can be tested against and
also tell fluxbox which one of my wallpaper files to load
when it's starting.
Fluxbox Desktop
Labels: cronjob, desktop, fluxbox, newbies, openbsd, shell scripting, tips, tricks, wallpaper
posted by Dennyboy at 7/04/2008 02:31:00 AM
0 comments
Saturday, May 31, 2008
Recent Web Site Updates
I finally got a couple of pages up I'd been wanting to
despite a bunch of interruptions. One is on installing
and configuring Conky to display system info on your
desktop. It also shows how to pull in other information
like weather reports and some system info that I couldn't
get with Conky's regular functions, due to either my own
misunderstanding of the instructions, or else something in
my chipset that's incompatible with the program. Probably
some of both.
ADDENDUM: 2008-06-06
Pertaining to Conky above, I've added some info to the page
that shows how I'm now getting stock market data to display.
ADDENDUM: 2008-06-13
Again, pertaining to Conky above, added some info on how I
kludged together a script to filter out my daily Accuweather
forecast email message, format it and scp it from that box to
the box I'm using conky on to be displayed below the current
conditions feed I get from NOAA's weather site.
The other write up is on creating a file to be used as a
persistent table for OpenBSD's PF packet filter firewall,
how to automatically concatenate IP addresses of would
be intruders to the file using scripts that run on a schedule
from a cronjob, and then flush the one table that does the
collecting and reload the persistent file back into its own
table. This makes it truly persistent, since rebooting has no
effect. You don't have to start back all over again with loads
of intrusion attempts in your logs.The pages are at:
Conky
PF with a Cumlative Table
ADDENDUM: 2008-07-04
Again I've added some more to the conky article above.
This addition describes how I run 2 instances of conky
and change one of them depending on the time of day and
the day of the week, since one configuration uses stock
market data and weather, while the other for the times
when the market is closed just displays the weather.
The change is accomplished using 2 short shell scripts
and 2 cronjobs. The last part of the entry shows how I
clean stale values from the environment in case I close
X but don't log out of the system, and then restart X.
From the value that gets exported from .xinitrc conky
determines which configuration file to use by comparing
that value with a small text file containing appropriate
times to load the file with stock market data. If it's
after hours or on the weekend when X restarts, it loads
just the weather version of conky on the one side of the
screen. The other conky running on the right side of the
screen doesn't change. It always shows system information.
despite a bunch of interruptions. One is on installing
and configuring Conky to display system info on your
desktop. It also shows how to pull in other information
like weather reports and some system info that I couldn't
get with Conky's regular functions, due to either my own
misunderstanding of the instructions, or else something in
my chipset that's incompatible with the program. Probably
some of both.
ADDENDUM: 2008-06-06
Pertaining to Conky above, I've added some info to the page
that shows how I'm now getting stock market data to display.
ADDENDUM: 2008-06-13
Again, pertaining to Conky above, added some info on how I
kludged together a script to filter out my daily Accuweather
forecast email message, format it and scp it from that box to
the box I'm using conky on to be displayed below the current
conditions feed I get from NOAA's weather site.
The other write up is on creating a file to be used as a
persistent table for OpenBSD's PF packet filter firewall,
how to automatically concatenate IP addresses of would
be intruders to the file using scripts that run on a schedule
from a cronjob, and then flush the one table that does the
collecting and reload the persistent file back into its own
table. This makes it truly persistent, since rebooting has no
effect. You don't have to start back all over again with loads
of intrusion attempts in your logs.The pages are at:
Conky
PF with a Cumlative Table
ADDENDUM: 2008-07-04
Again I've added some more to the conky article above.
This addition describes how I run 2 instances of conky
and change one of them depending on the time of day and
the day of the week, since one configuration uses stock
market data and weather, while the other for the times
when the market is closed just displays the weather.
The change is accomplished using 2 short shell scripts
and 2 cronjobs. The last part of the entry shows how I
clean stale values from the environment in case I close
X but don't log out of the system, and then restart X.
From the value that gets exported from .xinitrc conky
determines which configuration file to use by comparing
that value with a small text file containing appropriate
times to load the file with stock market data. If it's
after hours or on the weekend when X restarts, it loads
just the weather version of conky on the one side of the
screen. The other conky running on the right side of the
screen doesn't change. It always shows system information.
Labels: newbies, openbsd, persistent tables, pf, system info, tips, tricks
posted by Dennyboy at 5/31/2008 05:06:00 PM
0 comments
Tuesday, May 06, 2008
4.3 Upgrade & New Pages on Web Site
4.3 OpenBSD is out and I've got one box upgraded so far. Had a
couple of problems which you can read about at:
Denny’s OpenBSD Newbies blog
Should be clear to see they were my fault. :-)
I also put up a couple of new pages under the tips & tricks section.
One on using colors in xterm and one on quick remote printing over ssh.
Xterm and Color
Quick Printing Over SSH
couple of problems which you can read about at:
Denny’s OpenBSD Newbies blog
Should be clear to see they were my fault. :-)
I also put up a couple of new pages under the tips & tricks section.
One on using colors in xterm and one on quick remote printing over ssh.
Xterm and Color
Quick Printing Over SSH
Labels: color, newbies, openbsd, remote printing, ssh, tips, tricks, xterm
posted by Dennyboy at 5/06/2008 03:50:00 AM
0 comments
About Me
- Name: Dennyboy
- Location: Biloxi, MS, United States
Vietnam vet. Served in Company C of the 168th Combat Engineer Battalion in III Corp area 1966. Retired from offshore oil and gas production and safety system work. Hurricane Katrina survivor. Disabled now, but I can still work the heck out of a keyboard!
Links
- Free shell account? Try Devio.us!
- Spam Cheetah
- A Year in the Life of a BSD Guru
- BSDCertification Group
- Study BSD - BSDCert Help
- BSD Talk Podcasts
- BSD on Google
- BSD on Slashdot
- OpenBSD
- OpenBSD Binary Updates
- FreeBSD
- NetBSD
- DragonFlyBSD
- FrenzyBSD
- Quetzal live DVD/CD
- OliveBSD LiveCD
- FreeSBIE LiveCD
- ServerWatch on different BSD's
- MirosBSD
- TrueBSD LiveCD
- PC-BSD
- PC-BSD PBI's Status
- DesktopBSD
- BSDwiki
- Distrowatch
- MidnightBSD
- BSDForums
- BSDFreak
- BSDZone
- BSD Links
- 386BSD
- RoFreeSBIE
- BSDatwork
- Linux-BSD-Central
- Welcome to www.bsd.org
- BSDstats Project
- ComixWall ISG
- BSD Magazine
- jggimi OpenBSD LiveCD
- OpenBSD.nu - BSD News Watcher
- OpenBSD Freshest snapshot
FTP mirrors - OpenPorts.se - The OpenBSD
package collection - BSDanywhere - Live OpenBSD CD
- Flashdist :: Alternatives
- BowlFish - OpenBSD
- MarBSD - OpenBSD LiveCD
Previous Posts
- Find OpenBSD folks on Google Plus
- Blogging From My Cell
- No More Website
- Lynx and URL Shortening
- Midnight Commander
- GoogleCL Wordwrap Test
- 2011 OpenBSD Puffy Desktop Calendar
- GoogleCL on OpenBSD
- End of the Year Hodge-Podge
- PKG_PATH Tweaking
Archives
- Aug 3, 2003
- Aug 14, 2003
- Aug 29, 2003
- Sep 25, 2003
- Sep 27, 2003
- Oct 1, 2003
- Oct 5, 2003
- Oct 12, 2003
- Oct 22, 2003
- Oct 26, 2003
- Nov 4, 2003
- Nov 18, 2003
- Nov 20, 2003
- Nov 22, 2003
- Dec 15, 2003
- Dec 19, 2003
- Jan 21, 2004
- Feb 8, 2004
- Mar 11, 2004
- Mar 19, 2004
- May 11, 2004
- May 27, 2004
- Jun 14, 2004
- May 3, 2005
- May 5, 2005
- May 6, 2005
- May 9, 2005
- May 13, 2005
- May 15, 2005
- May 17, 2005
- May 18, 2005
- May 20, 2005
- May 23, 2005
- Jul 4, 2005
- Sep 25, 2005
- Oct 11, 2005
- Dec 28, 2005
- Mar 22, 2006
- Jun 4, 2006
- Jun 9, 2006
- Jul 3, 2006
- Jul 10, 2006
- Jul 16, 2006
- Aug 30, 2006
- Sep 6, 2006
- Nov 11, 2006
- Nov 13, 2006
- Nov 16, 2006
- Nov 17, 2006
- Nov 25, 2006
- Nov 30, 2006
- Feb 2, 2007
- Feb 3, 2007
- Mar 23, 2007
- Jun 1, 2007
- Jun 15, 2007
- Jul 13, 2007
- Aug 17, 2007
- Aug 19, 2007
- Sep 1, 2007
- Sep 16, 2007
- Sep 17, 2007
- Dec 19, 2007
- Jan 2, 2008
- Jan 7, 2008
- Jan 24, 2008
- Feb 4, 2008
- Feb 6, 2008
- Feb 23, 2008
- Mar 24, 2008
- Apr 16, 2008
- May 6, 2008
- May 31, 2008
- Jul 4, 2008
- Jul 9, 2008
- Nov 14, 2008
- May 16, 2009
- Aug 10, 2009
- Aug 23, 2009
- Aug 24, 2009
- Oct 15, 2009
- Oct 18, 2009
- Oct 31, 2009
- Nov 1, 2009
- Nov 8, 2009
- Nov 10, 2009
- Nov 14, 2009
- Nov 17, 2009
- Nov 22, 2009
- Nov 24, 2009
- Dec 1, 2009
- May 7, 2010
- May 8, 2010
- Oct 10, 2010
- Dec 24, 2010
- Jan 8, 2011
- Jan 9, 2011
- Jan 26, 2011
- Jul 10, 2011
- Jul 12, 2011
- Aug 22, 2011
