ssh-copy-id behavior

Keep an eye out for this one. When using ssh-copy-id to copy my public key to a remote host, I found that it had not properly appended my id to the remote ~/.ssh/authorized_keys file. It concatenated it on to the end, with no linefeed. Just be sure to check for that!

Original remote ~/.ssh/authorized_keys

ssh-dss AAA...== forest@machine

After ssh-copy-id did its work:

ssh-dss AAA...== forest@machinessh-dss AAAAB...gdA== forest@laptop

Ubuntu batch photo processing

Way-cool batch photo processing on Ubuntu, GNU/Linux, Windows, and Mac with Phatch.

Enabling Apache’s PHP execution in User Directories on Ubuntu Lucid

Ubuntu Lucid ships with PHP disabled for user directories. That’s a sensible security default, but it won’t allow your developers to get their work done. And if you’re working with Drupal, you’ll need all the steps listed here.

First, you’ll need to install Apache:
sudo apt-get install apache2

Then the compiled PHP binary (or “shared object” in Apache lingo):
sudo apt-get install php5

You may need to do sudo /etc/init.d/apache2 restart or sudo service apache2 restart to have it pick up the updated configuration file that loads the PHP5 module. Try visiting your own box at “localhost” to see if you get a nice “welcome” page. You can put an “info.php” file in /var/www to test if PHP is working (the contents of your info.php file are simply <?php phpinfo(); ?>), and visit that in your browser.

Once you’ve gotten PHP running under Apache, edit /etc/apache2/mods-available/php5.conf and comment out the lines as instructed:

<IfModule mod_php5.c>
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler application/x-httpd-php
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    # To re-enable php in user directories comment the following lines
    # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
    # prevents .htaccess files from disabling it.
#    <IfModule mod_userdir.c>
#        <Directory /home/*/public_html>
#            php_admin_value engine Off
#        </Directory>
#    </IfModule>

If you’re developing with Drupal, the following step may also be necessary: In /etc/apache2/mods-available/userdir.conf, you should allow Drupal’s local .htaccess file to override the Apache-wide configuration file, with:

        <Directory /home/*/public_html>
                AllowOverride All
                #AllowOverride FileInfo AuthConfig Limit Indexes
                #Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec

Restart Apache with sudo /etc/init.d/apache2 restart and you might be done!

SSH public RSA key errors

Seen these before when trying to login via SSH with your new RSA public key?

Nov 2 12:09:17 hostname sshd[12712]: error: buffer_get_ret: trying to get more bytes 257 than in buffer 73
Nov 2 12:09:17 hostname sshd[12712]: error: buffer_get_string_ret: buffer_get failed
Nov 2 12:09:17 hostname sshd[12712]: error: buffer_get_bignum2_ret: invalid bignum
Nov 2 12:09:17 hostname sshd[12712]: error: key_from_blob: can't read rsa key
Nov 2 12:09:17 hostname sshd[12712]: error: key_read: key_from_blob AAAAB3N[...] failed

In my case these were the result of copying a public key from e-mail, which tends to mangle long text lines. I usually don’t have this problem because I use the ssh-copy-id script to copy my keys to a remote host before attempting to log in.

mysqldump: dump rows matching certain criteria, or limit number of dumped rows

To limit the number of rows dumped by mysqldump, you can do:

mysqldump -u [user] -p[password] --where="true LIMIT 5" [database] [tablename] > outputfilename.sql

You could select other criteria as well:

mysqldump -u [user] -p[password] --where="userid > 24" [database] [tablename] > outputfilename.sql

Removing wine menu entries and file associations on Ubuntu

From the Wine FAQ, this works for me on Ubuntu Lucid, using Wine 1.2.2:

rm -f $HOME/.config/menus/applications-merged/wine*
rm -rf $HOME/.local/share/applications/wine
rm -f $HOME/.local/share/desktop-directories/wine*
rm -f $HOME/.local/share/icons/????_*.{xpm,png}
rm -f $HOME/.local/share/icons/*-x-wine-*.{xpm,png}

And the file associations:

rm -f $HOME/local/share/applications/wine-extension-*

Finally, if you’d like to remove installed Wine applications entirely for a single user, say, yourself:

rm -rf $HOME/.wine

Life insurers deciding whether to use tracked Web data

Interesting. So apparently I missed that life insurers are looking at using tracked Web data (such as that collected by Acxiom) to evaluate whether or not to insure people. Of course Acxiom says that it “wouldn’t” share this info with insurers, but it makes more sense to me that they would follow the money instead, changing their rules if necessary.

Acxiom recently told investors it takes in three billion pieces of information daily as businesses seek to “monetize” information about their customers. Some retailers share information about purchases made by people, including item description, price and the person’s name.

Increasingly, information comes from people’s online behavior. Acxiom says it buys data from online publishers about what kinds of articles a subscriber reads—financial or sports, for example—and can find out if somebody’s a gourmet-food lover from their online purchases. Online marketers often tap data sources like these to target ads at Web users.

Wikileaks: Microsoft speaks out against Open Source in Thailand

A view behind the curtain — this is what it looks like when the State Department helps to promote proprietary software. From a Wikileaks cable:

Microsoft-Thailand’s Corporate Affairs Director identified software copyrights as a big issue. On the one hand, he praised the Thai government (RTG) for strengthening its IPR enforcement and education efforts, and said Microsoft was “very pleased” that Thailand’s software piracy rate has decreased by two percent a year since 2006. On the other hand, he expressed concern over the RTG’s Creative Economy policy of promoting the “open source” software model over the “commercial source” model as a means to curb piracy.

I guess I’m confused. Wouldn’t promoting open source be an excellent way to combat piracy?

Passwords are like underwear

Have you ever heard the saying, “passwords are like underwear?” Yep. That’s because

  • you shouldn’t leave them lying around;
  • you should change them often; and
  • it’s best if you don’t share them with your friends.

You’ve heard the advice about choosing good passwords. They should be long — like sixteen characters (!) — contain at least one number, a mixture of capitals and lowercase, and at least one symbol. They shouldn’t contain the name of your pet or loved one, or the date of your anniversary of starting at your place of employment, et cetera.

Then there’s the other bits of advice. For one thing, you’re supposed to use different passwords for different accounts. Your Yahoo e-mail password should never be the same as your bank password, for example.

Also, you’re not supposed to write out your password and put it on a piece of paper in your drawer, or worse, on a sticky note on your monitor.

So, you might ask, “If they tell me to make my passwords basically unreadable and difficult to memorize, change them every 45 days or so, use different passwords for everything I ever sign up for, and never write any of them down in a visible place, will I be spending my life memorizing and creating passwords?”

The answer is… yes, you will.

At present I have over 400 passwords, and actively use maybe twenty or thirty of those. How am I supposed to remember all of them?

The answer: I don’t. I use a password manager to keep all my passwords in one place, and keep them secure. I have created a strong password to protect that database, so I don’t have to remember 400 passwords, I just have to remember one.

Try this out. I can recommend several good utilities if you’re interested.

I personally like KeePass Password Safe. This generates secure passwords for me and allows me to categorize them in an encrypted database. I synchronize that password database between several different computers by saving it in my Dropbox. Dropbox gives you a synchronized folder. When you save files to your Dropbox folder, you can access any of those files, from any of your devices. You can install a 2GB Dropbox for free from (or get an extra 250MB by using my Dropbox referral link).

A buddy of mine at work recommends RoboForm, and has used it for years with success. They have a Pro version (very affordable at $9.95 for unlimited devices), or a free trial you can use. I heard from her recently that with your purchase, they also offer a sync service, which you can use to keep all your passwords synchronized between different devices.

Another friend of mine likes LastPass, the online password manager and form filler. You’ve no doubt heard about their widely publicized security breach earlier this year. However they appear to have remedied the issue quite promptly, and to have learned from the issue.

Swedish Man caught splitting atoms in his home

"Richard Handl told The Associated Press that he had the radioactive elements radium, americium and uranium in his apartment in southern Sweden when police showed up and arrested him on charges of unauthorized possession of nuclear material."