[icon] Ceci n'est pas une vie (NOT logged in)
Recent Entries.
back 20
Extra links
Poll creator
LJ Sitemap

Subject:Merry Christmas!
Time:11:37 am
Umm, yes, OK, so 2009 wasn't a great year for me posting (though it was a pretty great - and busy - year otherwise). I even managed not to get round to posting a Merry Christmas message until after Christmas. I did, however, make the usual donation to Shelter in lieu of sending out cards again, and I do hope you all had (or are still having) a great holiday.

Now, lets see if it takes another year before I post again...
read 5 / write

Time:10:03 am
Rose count: 3Collapse )
read 3 / write

Subject:ssh keys
Time:06:48 pm
So, since everyone on Debian/Ubuntu systems should be busily redoing their ssh keys today, I thought I'd write a post about ssh keys. (Some parts of this post will be ubuntu specific, but keys can be used with Putty too under Windows, where Pageant, which comes with Putty, takes the role of ssh-agent. There's no pam-ssh equivalent that I know of under Windows though.)

There are two sorts of ssh keys; usually called host keys, and ssh keys. Host keys are always used when ssh'ing. The machine you connect to will have generated a key, and the first time you connect, your client should show you the fingerprint of the key so you can check that you are connecting to the right machine, and not someone pretending to be the right machine. It will also give big warnings should the fingerprint change, which is to be expected today since host keys will have been regenerated due to a security issue, so you'll have to tell your client to forget the old fingerprint.
Installing the security update will install fixed code, but you should still regenerate your host keys; this can be done by moving /etc/ssh/ssh_host* out of the way, and typing "sudo dpkg-reconfigure openssh-server". (You can use ssh-keygen directly if you prefer, but that seems the best way to redo what it would have done on install.)

Ssh keys are more secure than using passwords. This is for two reasons. Firstly, a challenge/response scheme is used when keys are in use, rather than just transmitting the password, and secondly they're longer (unless your password is more than a couple of hundred characters long...).

You can create a ssh key with: "ssh-keygen" (no args necessary, it will default to a 2048bit RSA key which is just fine.) You will be prompted for a file name and a password for the key. The default filename is probably fine, but make sure you set a password on the key. (You may think this is strange, but the password is only used locally to decrypt the key, and protects against someone getting hold of the keyfile somehow.) It will actually generate two files, a public and a private key. You can then use "ssh-copy-id <server>" to copy the public key to a server. Next time you log in, you will be prompted for the password to decode the key, rather than the password for the server.

This is an improvement in security, but convenience-wise it's just the same; you still enter a password. Enter ssh-agent. If you run ssh-agent on login (on many linux systems, the login manager will start an ssh-agent process for you when you log in), then you can use "ssh-add" (no args is fine) to add your key to it. You'll be prompted for a password to decrypt it, but can now use the key as long as ssh-agent is running without having to enter your password again. ssh finds the agent through environment variables, so if you somehow find you don't have the environment variables set, you can type "source ~/.ssh/agent-<machinename>" to set them up again. (For example, I ssh into my main machine from my laptop, and want to connect to the ssh-agent I have running on there, so I source ~/.ssh/agent-willow to connect, and can then ssh from that machine using the stored key.)

We can make things more convenient still, by installing libpam-ssh ("sudo aptitude install libpam-ssh" on Ubuntu). (Note that this works much better for me in KDE, gnome seemed to have its own ssh-agent replacement, but that didn't set .ssh/agent-willow, which made it more annoying for me.) Now edit /etc/pam.d/kdm or kdm-kde4, or whatever login manager you use (sudo nano /etc/pam.d/kdm or whatever), and add @include pam-ssh-auth above the include of common-auth, and @include pam-ssh-session above common-session. Now when you log in, you can enter either your regular password, or the password of your ssh key. If you enter the latter, ssh-agent will automatically be started with your key decoded and added as you log in, and you'll be able to use ssh with keys without any extra passwords. (Entering your normal password logs you in still, but doesn't add your key.)
read 4 / write

Time:09:15 pm
I saw this story: http://tech.slashdot.org/tech/08/03/28/0326209.shtml which says that 28.8% of Vista crashes were caused by NVidia's drivers. Now, I've developed drivers for both windows and linux before, both as part of my day job. Neither time was writing device drivers my whole job, more something that had to be done alongside my other development work, and although I expect NVidia probably has fulltime driver writers, I imagine many others are in the same position I was in.

There are many differences between writing drivers for windows and writing them for linux, but one major one has stuck with me, and prompted me to write this post. Generally the way it works is you find an example that's as close to your hardware as possible, and modify it to suit your needs (largely because the documentation sucks, so this is the only way you could - though the publicly available docs for linux are better in this regard, in my experience).

Microsoft provide a device driver development kit, with an example of each type of driver. These demonstrate how to hook into the right bits of the OS, and only that. (The one I was working from had a comment "// HACK HACK HACK", though didn't explain what wasn't really suitable for real world use.)

Linux, on the other hand, provides the full source code to all the drivers. Real life drivers, with all the error conditions handled properly. No hacks.

My drivers weren't for the same hardware, but my linux ones were easier to develop and worked solidly, whereas the windows ones occasionally caused the OS to lock up. (No doubt a bug in my driver, I'm not blaming MS here, just pointing out what I think is a very important factor in what determines the quality of a driver.)

PS. No, you won't have the linux drivers in your kernel or the windows ones on your system, the hardware was never publicly released in that form. (It actually ships with only DOS drivers. Still.)

Time:06:40 pm
I have a new house. It is in dire need of painting, but I shall be working on that over the coming weeks. (Well, it's painted, it's just that it's got stuff like dark blue walls.)

I have a little pond, with little fishies (NO SUSHI), so today I went over to the aquatics section of my local garden centre and told the guy that I'd just got a new house, and it had fish. This led to about half an hour of very useful and informative explanation about what I should be doing etc. I was very impressed. I bought a big bag of the right kind of food (to be meted out to the little fishies in small doses), and a liquid water testing kit. I shall do as he suggested and keep a log of test results each week, then I can take my log book in and they'll help me work out what it all means. I'd already been impressed by their display of fish there before, but the guy was so helpful and knowledgeable that I am even more impressed now. (Maidenhead Aquatics, at Coton Hill nursery, btw).

There are plenty of rosebushes, rosefans. They're not really out, being January, but rest assured: there WILL be rosecounts again. Appliances have been ordered, a phone line will be installed, and stuff is being moved in carload by carload (I'll have to get a van at the end for sofa and bed, but I'm staying in rented place until I have a fridge and internet at least).
read 5 / write

Subject:The wonders of DCOP
Time:06:45 pm
Current Mood:[mood icon] geeky
Many applications from KDE support a scripting interface called dcop. Today I found this especially useful. I have been using CppUnit to write test cases for my code, and using its QtRunner front end to run them. However, if a test fails, it would be really nice if you could click on it and have the source file open at the right point.

I used kdcop to browse the available dcop interfaces, and found that kdevelop supports KDevPartController, which has a method called 'editDocument'. You can run that method from with kdcop to experiment - it will prompt for the two arguments (filename and line number) and call it. This can also be done from the command line. The only complication is that you have to find which kdevelop instance to send the command to, but dcop with no arguments lists all available application instances, so we can find the first one with $(dcop | grep kdevelop) since they are all of the form kdevelop-N. So I was able to add just 2 lines to QtRunner's TestFailureInfo to build a QString with a command line of 'dcop `dcop | grep kdevelop | head -n 1` KDevPartController editDocument "filename" linenumber' and pass it to system(). (Actually editDocument's line numbers start from 0, so I did linenumber-1.)

So now, with a simple 2 line hack, I can browse testcase failures in kdevelop. Or at least, I could if any of my tests failed... ;)

I'm still quite tempted to make a test runner that uses dcop properly (ie. through the kde libs, rather than spawning 4 processes just to achieve it!), and monitors the output directory, dynamically loading and running .o files with testsuites in, so you can keep that running and as soon as you hit compile, any modified test suites automatically get picked up and run, as that would shut the "Oh, but you have to actually run your test suite, unlike in Java..." guy up ;) That's a little more work though.

Current Music:DarkBlueWorld - the Harratt Sessions
Subject:The snow pics meme
Time:06:50 pm
everybody else is doing it...Collapse )
read 11 / write

Subject:I give up
Time:05:37 pm
Current Mood:[mood icon] grumpy
I wanted to like Nevow, I've spent quite a long time trying to learn how to use it, but even once I'd downloaded the latest svn version, the tutorial code still wouldn't run. I'm now annoyed that it's wasted my time, so I'll just go back to implementing my own webserver in C++. (I had looked around at other python things, but since none of them even claim to do the comet stuff that Nevow claimed, I might as well go back to the language I'm most familiar with.)
read 1 / write

Subject:Nevow frustrations
Time:10:07 pm
Current Mood:[mood icon] frustrated
Before I get ranting, Nevow is capable of some very cool stuff. Some of the examples do some pretty cool things. Also, I've been on IRC, where I found jcalderone to be very helpful with the questions I've had.

I don't like asking big open ended questions though, as I doubt he's got the time to teach random people on IRC individually how to use it. Given this however, it's a real shame the docs for it are so useless. The example code apparently uses old deprecated ways of doing things, which means that as examples they're useless, since they don't demonstrate how you should do things. The tutorial is 'type this code, then this code, then run it' with no explanations of what it does or why, and for the last 6 months the tutorial only runs with development versions which you have to pull from svn. No mention of that fact on the tutorial itself, though, you're left to work that out from the 'module doesn't contain anything called LiveElement' type error message.

I'll press on a bit further, but unless I make a bit more progress, I think I'll be writing my own code to do similar things from scratch. It's a shame, because I'm sure they've solved many of the problems I'll come across already, but if they don't document it, it's of no use to anyone but themselves.
read 1 / write

Subject:Misc update
Time:09:05 pm
Just to add a pic of my own back garden to the many windy England pics around at the moment...
(it takes special wind to blow 3 fence panels over in one direction, but one in the other direction.)

Recently I have been playing with gizmoproject. It's like Skype, but not all proprietary (it's based on SIP, which IMHO is the loveliest VoIP protocol there is. That's from my experience of writing software for many VoIP protocols over the last 5 years or so.) There's an LJ special version, which integrates with the lj jabber thing and lets you voice post too, and it integrates with asterisk if any of you use that. The quality seems pretty good, now that I've got my headset adjusted properly. Leave a comment if you want to try it out sometime with me :) (I know skype seems generally more popular, but I like things that play nice with other software.)

I've also been brushing up my rusty python skills, and playing with Twisted and Nevow. Well, I might be a bit optimistic by saying my python's rusty. I wrote about a screenful of it several years ago, but it's a nice easy language to pick up.
read 4 / write

Current Music:Porcupine Tree, Deadwing
Subject:No boiler = coooold
Time:09:56 pm
I suppose I should try out this new posting form everyone was bitching about on the last lj news update. Sure it's a bit brighter than the old one but not so terrible, surely?

Anyway, my boiler died again, and this time I can't fix it. Just my luck that it happens as the weather suddenly starts getting frosty at night. Well, actually no, it's my own stupid fault. It's been flakey for ages and I really ought to have had it replaced months ago, rather than waiting until it actually died again. I am thinking I might go spend a couple of days with my parents, but at least muppster gave me the secret of fire a portable heater to borrow :)

Thanks muppster!

PS. Thanks also to the LJ team, I always wondered what Public and Private meant.
read 4 / write

Time:10:16 am
I finally got myself a portable Ogg player. It's pretty funky so far - only 20Mb built in storage, but it takes RS-MMC cards, so it's expandable. (It even came with a 64Mb one, but I'll probably pick up a 512Mb one sometime.)

It can also connect to the internet, and can run Opera and PuTTY, and can take photos (even including a LJ client thing so that I can post them directly from it). Oh, and I think it can make phone calls too - it's a Nokia N70. [If you're curious: Oggplayer PuTTY port Using LJ with LifeBlog Opera for mobile phones ]

I managed to use KMobileTools to extract the phonebook from my old V500, but haven't managed to use it to write the phonebook to the N70 yet (keeps complaining that the phonebook's full, when it has 0 entries). Still, gnokii might fare better.
read 6 / write

Subject:Mobile Phones
Time:09:22 am
I hadn't changed my mobile phone contract since I got my phone, years ago. It's not a bad deal (Everyday 50 on orange, 50p/day for 50 off peak same network minutes, but on peak or off network is pricey), but I don't use my phone much, and when I do it's often on peak. I've been looking around, and saw t-mobile's flext 20 rate (which is 15 pounds a month now, so cheaper than 50p/day). Out of curiosity I checked the price for data (0.73p per kb), then the price for the flext20+web'n'walk rate. The latter is also 15 pounds/month and includes unlimited data, and the non-data bit is identical. Why have two different prices for the same thing? (Other weirdness - on the flext20 rate alone you can get a Nokia 6280 included, which can do the web stuff, but on the flext20+wnw, you can't, but you can get the more expensive N70 instead, which would have cost an additional 20pounds on the flext20 alone.)

It's all very strange to me, but I phoned Orange and requested my PAC (and unlike when I've heard of other people doing this they didn't offer me any great deal :P ), so when it comes through in the post it looks like I'll be getting a new N70. Goodbye and good riddance silly little Motorola V500.

(t-mobile's PAYG looks quite good too, but I would like a new phone as the Moto's battery doesn't last very long, and being on contract means I should be able to use it when I pop over to Australia next year.) Sorry for the boring post, everyone.
read 24 / write

Subject:Widescreen art
Time:05:38 pm
I thought this was funny - Magritte meets Crocodile Dundee. From here.

read 8 / write

Current Music:TMBG, Istanbul (not Constantinople)
Time:06:03 pm
Current Mood:[mood icon] don-quixotic
Turns out Jonathan Creek lives just down the road from me, so today I went to visit.

He wasn't home, though. Probably off solving some bizarre murder somewhere.
read 2 / write

Time:02:56 pm
Yesterday on the train the drunk lunatic sat 2 seats across from me, and held a rather loud and obscene conversation with his imaginary friend who was apparently sat between us. The imaginary friend had apparently accused him of being gay, and the lunatic wasn't best pleased with that. I ignored him, but some other bloke came along to ask him to be quiet because there were children on board. The lunatic's response: "I am a child!" (someone had obviously served him alcohol though...).

Today I have been pimping my ride, pooping on sunbathers, matching pairs, running through forests collecting pie and solving crimes too. (http://www.gametoday.co.uk/)
read 1 / write

Time:08:47 pm
Current Mood:[mood icon] youthful
I'm 30 years old (have been for a while now if you weren't paying attention). I live in a country where it's legal to buy alcohol from the age of 18, and since I don't look particularly young for my age or anything, I've never been asked to provide proof of age for buying stuff. Never. Until today. The checkout lady in tesco wouldn't let me buy vanilla extract until I showed her my driver's licence. Vanilla extract! I know it does have some alcohol in it, but still. Vanilla extract!!
read 16 / write

Time:09:56 pm
After reading about jaq's recent rails day experience, this upcoming PyWeek thing looks quite interesting. I did once write a game from scratch in a weekend (which was published, and I got paid for), but that was a long time ago, and the game wasn't very good. I have also not done a lot of python programming (I have written about a screenful in total). Still, it could be fun.

On the other hand, my copy of CivIV:Warlords is here now, so I could just spend all my time playing that (or getting on with the game I'm already in the middle of writing in C++...).

Oh, and from sourpuss, this is very silly indeed: Amazon's customer reviews for milk.
read 3 / write

Time:10:10 am
Note to CD-WOW: Civilization IV is not the same thing as the Warlords expansion pack for Civilization IV. Pah. Now I must return it and wait longer for the expansion pack fun :(
read 1 / write

Subject:Waffle. Mmm, waffles.
Time:10:21 am
It's been rather warm lately, which has caused me some trouble with my computers. I can do basic stuff, but compiling/dvd encoding takes the cpu temperature high enough that the motherboard's overheat protection kicks in and shuts it down. This is a little annoying, but it seems to be a couple of degrees cooler today.

Nectar (the Sainsbury's reward thing) are doing weekly specials, and it was halfprice CDs and games until a few days ago, so I spent about half of my saved up reward points getting 17 CDs and Civ4:Warlords. I still have about 20,000 points:)

On Monday I have people coming round to upgrade Windows for me. No, I haven't joined the dark side, I'm getting my upstairs glass things replaced with doubleglazed upvc, because I can't easily get to the wooden frames to repaint them, and some of them are rotting. I need to get a new boiler too, as mine has packed up again.
read 2 / write

back 20