Thursday, December 30, 2010

Strengthening PAM

If OpenBSD is one os the securest Operating  Systems out there .. then I think by default Debian should implement stronger passwords.

But I guess we will just have to do it ourselves.

Basically run (This is for Debian Lenny)

apt-get install libpam-cracklib

Edit  /etc/pam.d/common-password

Comment out line 24.

I.e. password   required   pam_unix.so nullok obscure md5

Further down you will see

password requisite pam_cracklib.so retry=3 minlen=8 difok=3
password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512


Remove the comments. And thats that.


Whats interesting is that Debian Squeeze, does this automagically.

Personally I would change minlen to 10  and difok to 6.


HTH

Brent

Friday, December 3, 2010

I learnt a new thing from my colleague today. Rewriting the from address for mail that is stuck in the Exim mail queue.

And the command is :

exim -Mes <message-id> <address>
Natually its listed in the Exim Bible Exim Cheat Sheet
 
Silly me for not refering to it.
:)

Friday, September 17, 2010

I just discovered sshpt. And man does it rock.

Dont get me wrong there are a LOAD of cluster management tools, but this has support for sudo, which in my environment I need, as we disable root logins.

The following modules / packages need to be installed
python-pycryptopp
python-paramiko

Just a heads up. When I uploaded a file, it look likes you have to put the path as well as the exact file name. It appears you cant just use
--dest=/path/
Else you end up with a file named 'sshpt_temp2'
 
HTH
 
Brent 

Saturday, September 11, 2010

Hurry Curry with Wget and Curl

If you want to manually test that your webservers compression is working (i.e. gzip), I worked out that you can run the following.

wget --header 'Accept-Encoding: gzip,deflate' http://www.example.com

curl -H 'Accept-Encoding: gzip,deflate' http://www.example.com

You will end up with the a whole bunch of gobbly gue, but if you pipe it to gunzip you will see your data.

The real reason for my investigation into this, was that I was looking for a method to speed up my download process.

I think making use of 'Accept-Encoding: gzip,deflate', works and works very well.

HTH

Brent

Monday, August 30, 2010

Icedove (Thunderbird) clicking link woes.

I run a mixture of Debian Testing and Unstable as my workstation, and some how I broke "opening a browser" on clicking a link in Icedove.

I dont know if I am responsible or if it was Debian but either way, heres some tips to get it working (N.B. I take no responsibility if you break your system. You may want to take a back up).

First things first check /etc/alternatives. Make sure x-www-browser is a symlink to /usr/bin/iceweasel (I found mine was set to chrome). But for me, run the following:

sudo update-alternatives --config x-www-browser
There are 4 choices for the alternative x-www-browser (providing /usr/bin/x-www-browser).

  Selection    Path                    Priority   Status
------------------------------------------------------------
  0            /usr/bin/google-chrome   120       auto mode
  1            /usr/bin/dillo           50        manual mode
  2            /usr/bin/google-chrome   120       manual mode
* 3            /usr/bin/iceweasel       70        manual mode
  4            /usr/bin/opera           90        manual mode

Press enter to keep the current choice[*], or type selection number:


did not fix my problem.

Next was to check icedoves registery.

Go Edit -> Preferences -> General -> Config Editor.
Copy and paste "network.protocol" in filter

Make sure
network.protocol-handler.app.http needs to be x-www-browser
network.protocol-handler.app.https needs to be x-www-browser

If you got all this ... then great.

The registery and value I found that I needed to be change was

network.protocol-handler.warn-external.http

All I did was right click and select "Toggle".

Close and start icedove, go to an email with a link, click it and then you will be prompted with an "Open application box", select /etc/alternatives/x-www-browser

And thats it.

HTH

Brent

Friday, August 20, 2010

Audacious clear playlist on opening.

I use Audacious as my music player of choice. Well I tried to at least, as I was always jumping between Rhythmbox.

The problem I had with Audacious, was that, like WinAmp, I couldn’t just right click on folder and use select "Open with Application". Cause every time Audacious would remember the previous playlist.

Today, I found the answer. Go to Audacious Preferences (Cntrl + P), select Playback, and just make sure "Clear current playlist when opening new files" is ticked.

HTH

Brent

My new blog ... bye bye hubpages

I never really got into this whole blogging thing .. but as time went by I thought if I could share my Linux experiences and lessons, then why not.

I created an account on Hubpages, they have a great interface to add and manage stories (hubs), but all my lengthy copy and pastes of code and configurations, had a floating ad (suppose they too have to make money).

So now im here. So lets see how this goes and hopefully I can get a cleaner, less flashy experience. :)

Brent