main

main@lists.alug.org.uk

10369 discussions

Some success with seahorse and gnome-keyring-daemon at last
by Chris G 30 Dec '09

30 Dec '09

Well, after searching and asking and digging around in the code I have finally got things working as I believe they should work. That is I have a default keyring being automatically opened for me when I log in. It took me a while because firstly there isn't much documentation telling you how you're supposed to use it and secondly because (in xubuntu 9.10 at least) it's broken so it doesn't work even if you do things right. There are two problems:- 1 - By default ssh-agent gets started as well as gnome-keyring-daemon, as they're both trying to do the same thing this isn't a good idea. I've stopped ssh-agent being started automatically by deleting the use-ssh-agent line from /etc/X11/Xsession.options. I'm sure there should be a GUI way of changing this but I don't know what it is. 2 - Although gnome-keyring-daemon is started automatically it isn't set up to listen on the ssh socket. To fix this I have added the following to my .xprofile:- eval $(gnome-keyring-daemon --start) export SSH_AUTH_SOCK export GNOME_KEYRING_SOCKET This second is definitely a bodge but at least it gets things working, there are several bugs reported around this area in more than one linux distribution - in fact that's how I eventually found out how to sort it out. So, now my login password is *also* used to unlock the default keyring and ssh can interrogate that keyring to get my private key to log in to other systems. .... and it really is just about passwordless, or at least I don't have to enter any more passwords after login, but my private keys are kept reasonably safe. I suppose having my login password the same as my key passphrase is a bit less than perfect but this is only for connections going outwards from my home system so isn't very critical really. Now I'm off to those external systems to make them a bit more secure as regards logging into the home system. It's a pity there aren't any 'hooks' in ssh-agent and login that would allow you to do the same for direct ssh logins as happens with Gnome/KDE, then you could do the same sort of thing and enter only one password for connecting onwards. -- Chris Green

4 6

Efficient power supplies - especially at very low powers - suppliers?
by Chris G 30 Dec '09

30 Dec '09

While this isn't particularly Linux related it is PC related and I'd guess some people here may be knowledgeable in this area. I'm trying to cut down my PCs' power consumption, one way has been to offload 'server' functions from my desktop machine to a much lower power server machine. That's now done and I'm looking at other ways to reduce power consumption. I've been looking at the power consumption of my desktop machine and noticed that when in standby it consumes about 20 watts. So I checked how much it consumed when powered down completely (but still conencted) and it *still* consumed 20 watts. I.e. the power supply and motherboard even when completely idle take 20 watts. I suspect that this is mostly power supply losses. When powered up, even though it's quite a fast machine (quad core processor, 8Gb of memory, two big disk drives) it only takes 50 watts so the power supply isn't all that inefficient when it's working. So how can I search for power supplies that don't take much power when completely idle? Typical 'efficient' 300 watt and 400 watt power supplies are better than 80% efficient but that means they may well still consume 20 watts when doing nothing. Efficiency *doesn't* necessarily equate to low 'off' power. -- Chris Green

3 4

Re: [ALUG] Windows software for managing remote Linux SVN server?
by Srdjan Todorovic 21 Dec '09

21 Dec '09

On 18/12/2009, mick <mbm(a)rlogin.net> wrote: > On Thu, 17 Dec 2009 11:32:32 +0000 > Srdjan Todorovic <todorovic.s(a)googlemail.com> allegedly wrote: > >> Hi all, >> >> I'm looking for some simple to use Windows software that can >> administer a remote SVN server that runs on Linux. >> > > Best not ask here about windows software, you'll upset the faithful..... > > :-) Well I've mentioned Linux and SVN, so hopefully that will keep the zealots happy. :) Srdjan

2 1

Windows software for managing remote Linux SVN server?
by Srdjan Todorovic 21 Dec '09

21 Dec '09

Hi all, I'm looking for some simple to use Windows software that can administer a remote SVN server that runs on Linux. Specifically, I'm looking for something that can create a repository, and setup users and change passwords. Normal SVN activities (code browsing/checking in/merging/diffing etc) will be run as normal. I'm currently looking into http://www.sublimesvn.com/ but I'm not sure I like the licensing (why would each developer have to be licensed?). Thanks Srdjan

2 2

Wireless Internet Link Security
by Ian 20 Dec '09

20 Dec '09

Hi Folks, The lady of the house wants a wireless internet connection for her laptop for Christmas as she is fed up with "tripping over cables everywhere!". I have purchased a router and laptop dongle and am experimenting with it so it is ready for The Big Day. One thing which is confusing me is the security modes it offers. It gives me the choice of using any of the following 5 modes: No Security WEP WPA-PSK (TKIP) WPA2-PSK (AES) WPA-PSK (TKIP) + WPA2-PSK (AES) or Mixed Mode I do not expect Security to be a big problem but I may as well set it up the best I can right from the start. Assuming the laptop dongle can also be configured for all five security modes mentioned above which is the best mode to use? (Sorry if the above seems a dumb question to all you experienced network admin bods but this is the first time I have touched a wireless Router and am not sure what I am doing) Ian.

3 3

How best to run a 'pull' backup using passwordless login?
by Chris G 20 Dec '09

20 Dec '09

As part of my sort out and tidy up of security, backups, etc. I've decided that it would be better to run my off site backups as 'pull' backups driven from the remote systems. This way an intruder into my home system won't see any evidence of these backups happening and hence won't be tempted to do anything to them. This requires (unless someone else has some bright ideas) that the remote system has a passwordless login to enable it to do the backup (or I put the password in the script, which comes to the same thing). For this to be (reasonably) secure it needs to be set up so that the *only* thing you can do with that login is a backup. So, finally to my question, what's the tidiest/easiest way of doing this? I can see two possible ways:- A dedicated login with the program to be executed when you login set to do the backup. A 'ForceCommand' in ssh that executes the backup when certain criteria are met. I think I prefer the second as it makes handling permissions etc. easier. E.g. I want to backup files belonging to user xxxx, if I can login as user xxxx then I don't need to worry about the files all being readable by the backup. This requires careful setting up of the sshd_config file though so that remote logins to user xxxx run the backup but one can still login to user xxxx locally. Can anyone see any serious flaws in the above and/or easier ways of doing it that are still reasonably secure? -- Chris Green

4 3

Gnome, seahorse, gnome-keyring-daemon - any good howtos or overviews anywhere?
by Chris G 18 Dec '09

18 Dec '09

I'm considering (though I'm rapidly going off the idea at the moment) using seahorse and gnome-keyring to manage passwords/keys etc. None of the manuals gives a clue as to what they all actually *do*. All you get is information about the mechanics of entering data into seahorse etc. which is pretty straightforward and obvious anyway. I want to know how it actually works to make keeping keys etc. easier and to make logging in to other systems easier. At present I do things manually by editing and copying the various files in $HOME/.ssh directly myself. I don't run ssh-agent, I *assume* that gnome-keyring is a sort of replacement for that but can't find anything that tells me anything actually useful. What concerns me slightly is that it's all a total waste of time if it's only protected by my login password which I think, by default, it is. I.e. if I understand things right (and I'm not at all sure about this) when I log in to the X gui and enter my password then gnome-keyring (and/or seahorse) extracts my key[s] from somewhere and then when I ssh to other systems that key is used and I don't have to type it in. Have I got that anything like right? If this *is* the way that it works how is it even remotely more secure than simply using password login on those systems I ssh into? If not can someone clarify a bit for me, or, as I said, point me at some sort of overview document that explains things. -- Chris Green

4 13

email addresses starting with asterisk?
by Peter Alcibiades 18 Dec '09

18 Dec '09

Helping a friend change computers, we found that the email login did not work, and after a series of conversations with the provider were told to log in to get messages using *(a)mydomain.com This did indeed work, and the effect appears to be that mail sent to any name at mydomain.com is picked up by the login, and also that any name used results in mail being accepted. So for instance you can apparently send to alexander(a)mydomain.com bacchus(a)mydomain.com calypso(a)mydomain.com and so on, and it will all arrive when you log in for messages as *(a)mydomain.com. Why would anyone set up an email system like this? Does it not make a lot more sense to have specific email addresses, both to reduce spam, and to allow you to segregate, for instance, home and business email? This is the same case where there was the incomprehensible networking with two cards and class B addresses for a three machine network. When set up in the usual way with a five port router modem, it all worked perfectly fine with a lot fewer cables. Very strange. Peter

5 4

Questionnaire software - any suggestions?
by Chris G 17 Dec '09

17 Dec '09

I want to build an on-line questionnaire, a very basic one, are there any ready made applications in the Linux/Open Source world for doing this? I can't find anything obvious in the Ubuntu repositories. -- Chris Green

5 8

[ALUG Announce] POSTPONED: December's 3rd Monday Monthly Ipswich Social Meeting
by samwise 16 Dec '09

16 Dec '09

ALUG Announce Please send announcements to Announce(a)lists.alug.org.uk Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce ----- The monthly "Third Monday" ALUG Ipswich Social Meeting has been postponed until January. Off-list five us of have agreed on an ALUG Christmas meal on the evening of Tuesday January 5th 2010 (the only day everybody's calendars agreed!). If anyone would like to join us then, please drop me a line. With no other suggestions, I'll probably try making a booking soon at Mr. Wings - the chinese restaurant we went to last time. Thanks, Peter. ----- Send discussion replies to main(a)lists.alug.org.uk (Reply-To set) Unsub, change settings via http://lists.alug.org.uk/mailman/listinfo/announce

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

main