Sunday, November 9, 2008
Installing Sun Java 6 JRE is simple. Just issue the following command from shell:
apt-get install sun-java6-jre sun-java6-bin sun-java6-plugin sun-java6-jdk
You will need to be root or use "sudo" to perform this operation. You can skip package sun-java6-jdk if you dont plan on doing development in Java.
Once these packages are installed you can use Alternatives to make sun java your default JVM. To do this issue following command from shell:
update-alternatives --config java
You will get a screen like following:
The * sign means that this JVM is default. Enter the number for Sun JRE which in my case is 3. Now you can check your java version using: java -version
Tuesday, November 4, 2008
Installation Instruction (from readme.txt)
- Copy VCdRom.sys to your %systemroot%\system32\drivers folder.
- Execute VCdControlTool.exe
- Click "Driver control"
- If the "Install Driver" button is available, click it. Navigate to the %systemroot%\system32\drivers folder, select VCdRom.sys, and click Open.
- Click "Start"
- Click OK
- Click "Add Drive" to add a drive to the drive list. Ensure that the drive added is not a local drive. If it is, continue to click "Add Drive" until an unused drive letter is available.
- Select an unused drive letter from the drive list and click "Mount".
- Navigate to the image file, select it, and click "OK". UNC naming conventions should not be used, however mapped network drives should be OK.
I have used it with ISO images and it works very well. dont know if it works with other formats
Sunday, October 5, 2008
In below example we will use knockd to, upon seeing a specific sequence of port knocks, open a "hole" in our firewall to allow ssh access from outside. Dont worry this is not insecure as you will be the only one knowing that port sequence, unless ofcourse you share that sequence with some one else :)
To accomplish this we will need to do following:
- install knockd
- configure it to allow ssh access on seeing a specific port sequence
- configure it to close ssh access on seeing a different port sequence
Open this file using “sudo nano /etc/knockd.conf”.The file will look something like this:
logfile = /var/log/knockd.log
sequence = 7000,8000,9000
seq_timeout = 5
command = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCE$
tcpflags = syn
sequence = 9000,8000,7000
seq_timeout = 5
command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCE$
tcpflags = syn
we need to change the sequence and seq_timeout lines for both, [openSSH] and [closeSSH] sections. This is just a precautionary measure as sequence 7000,8000,9000 is a very common and well known. So change the file to look as one below. You can use any sequence that you like but avoid commonly used ports. You can even use ports that are closed/blocked on ur system as knockd works on link layer and will see all the traffic destined for your system even for closed or blocked ports. Dont change command, tcpflags or logfile options. After you have changed the file save it.
Now you need to edit your /etc/default/knockd. Open that file using “sudo nano /etc/default/knockd”. Change it to match the following. This will ensure that knockd is always run as daemon at init i.e at system startup.
The “-i eth0” will ensure that knockd listens on eth0 for port knock sequence. You can change it to whatever interface that you want knockd to listen at.
Now start knockd. You need to do this just this one time.
sudo /etc/init.d/knockd start
Now you are up and running :). knockd will open ssh access for you on seeing the specific port knock sequence. To try this try SSHing this computer from any other machine connected to this computer on interface that you selected in /etc/default/knockd which in my case is eth0. Your firewall will not allow access. To get access you will need to knock at the doors of your computer and for that you will need knock client on the machine that you are using to do ssh. If you are using a linux machine install knockd package and if you are using windows machine you can use windows client from here.
To knock issue following command ( replace 192.168.1.2 with the IP of your computer)
knock 192.168.1.2 5000 7000 9000
This will open ssh access for you. Now use ssh to access your gateway. When you are finished issue following command to close the ssh access.knock 192.168.1.2 6000 7000 8000
Wednesday, September 3, 2008
sudo apt-get install ruby ruby1.8-dev irb rubygems build-essential libopenssl-ruby
This will install ruby and ruby gems on your machine. To install rails enter following on shell prompt
sudo gem install rails rake mongrel
this will install rails and mongrel, a rails web server, on your system. If you dont need mongrel you can remove mongrel from the above line.
To install mysql use apt-get. Issue command "sudo apt-get install mysql-server mysql-client libmysqlclient15-dev". This will install mysql server on your system. You can start the server using "sudo /etc/init.d/mysql start" and similarly stop it using "sudo /etc/init.d/mysql stop".
Note: RedHat users install package mysql-devel instead of libmysqlclient15-dev
To create and manage databases you can use command line utility 'mysqladmin' installed with mysql server. If you dont like command line then u can install MySql Administrator to manage mysql databases using GUI. To install MySql Administrator issue command "sudo apt-get install mysql-admin".
To connect to databases and execute queries you can use command line utitlity 'mysql' or you can install MySql Query Browser using "sudo apt-get install mysql-query-browser".
MySql Administrator and MySql Query Browser can be run from command line using commands 'mysql-admin' and 'mysql-query-browser' respectively or you can access them from Applications->Programming system menu.
Note: To install these apps you may need to enable universe repository for apt-get. To do this edit /etc/apt/sources.list and uncomment all lines of the form
deb http://xxxx.ubuntu.com/ubuntu/ hardy universe. To uncomment remove '#' from start of these lines.
Monday, September 1, 2008
Encrypted file-system can be easily created using cryptmount. On Ubuntu/Debian you can install cryptmount using “sudo apt-get install cryptmount”.
In this example I will demonstrate how to create an encrypted file-system on a flash drive and then use it on another machine. You will need root privileges on machines where you want to create or access this file-system. First we need to create the file system on the flash drive. To do this create an entry in the /etc/cryptmount/cmtab like this
This tells cryptmount that your file-system name is cryptusb and you want to store your file-system in /media/flash/cryptusb.fs and to mount it to /home/adnan/cryptusb. It also tells it that the filesystem type is ext3 and to use AES algorithm to encrypt/decrypt the file-system. You can change cipher filed to change the encryption algorithm. Its important that the keyfile and dev are flash drive paths because other wise your file system wont reside on your flash drive and hence you wont be able to use it on any other machine. man cmtab has more information on all the available fields and their valid values.
Now create the file(specified in dev field) which will contain this encrypted file system and the mount point.
$ dd if=/dev/zero of=/media/flash/cryptusb.fs bs=1M count=32
32+0 records in
32+0 records out
33554432 bytes (34 MB) copied, 0.673204 s, 49.8 MB/s
$ mkdir /home/adnan/cryptusb
Next generate the encryption key. You will need to specify key size in bytes
$ cryptmount --generate-key 32 cryptusb
generating random key; please be patient…
enter new password for target "manual":
Now issue following commands to prepare and format the file-system:
$ cryptmount --prepare cryptusb
enter password for target "cryptusb":
$ mkfs.ext3 /dev/mapper/cryptusb
$ cryptmount --release cryptusb
The file-system is now ready and can be mounted using command “cryptmount cryptusb”. To unmount use “cryptmount –u cryptusb”. To use this file-system on another machine just copy
to /etc/cryptmount/cmtab on other machine. Change path in dev and keyfile fields to path to cryptusb.fs and cryptusb.key if flash drive on this machine is not mounted as /media/flash. You can also change dir field if you want the file system to be mounted some where else. After adding this to /etc/cryptmount/cmtab save the file and issue follwing commands
$ cryptmount --prepare cryptusb
$ cryptmount --release cryptusb
and you are done. you can now mount and unmount the file system using cryptmount. You may face some problem accessing files and directories because of file permissions. You can always change file and directory permissions using “chmod” and “chown” commands. A simple workaround is to make root to be the owner of this filesystem. To do this mount this file system using “cryptmount cryptusb” then issuing command “chown root:root /home/adnan1/cryptusb”. Then you can access this file system as root on both machines. This way you wont have to change permissions whenever you take this filesystem from one machine to other.
Wednesday, August 20, 2008
Download Cryptmount, glibc, glibc-headers, glibc-devel and glibc-common and put them in the same directory. Now change ur working directory to that directory and issue command "rpm -Uvh glibc-2.8.90-11.i386.rpm glibc-common-2.8.90-11.i386.rpm glibc-devel-2.8.90-11.i386.rpm glibc-headers-2.8.90-11.i386.rpm"
This will install or update GNU C library on ur system. Now issue command "rpm -Uvh cryptmount-3.0-1.i586.rpm" and this will install cryptmount on ur system.
Sunday, June 15, 2008
Using Sqlite3 with rails is real easy. Grab the binaries from Sqlite3 download page. for windows you will require sqlite-3_5_9.zip and sqlitedll-3_5_9.zip. Unzip these files and add them to your PATH environment variable ( or u can simply put the unzipped files to your ruby/bin directory) and you are ready. All Sqlite3 functionality is accessible via sqlite3.exe which you just unzipped and added to path.
To use sqlite3 with rails install sqlite3-ruby gem using gem command. Finally you will need to specify sqlite3 as the connection in the database.yml file of your rails application. Given below is development section of a sample database.yml
Notice that there is no username or password fields as they are not required.
When you do rake db:migrate database file will be created if not already exists.
Note: as of rails 2.0 sqlite3 is the default database and you will need to -d command line option when creating a rails application using to change it or you will need to change database.yml manually.
Thursday, June 12, 2008
Here you can find a simple tutorial about REST or you can follow this link to see how to build RESTful applications in Rails
But this post is about "what went wrong" so I will try to stick to the topic :)
Generally people working in startups have stakes in them. This is what compensates for things like overtime and late or small salaries, and makes people, who are part of that startup, feel like they are doing it for nobody but themselves. And this was my and others (you know who) expectation from Sheritech but when things got documented we came to know that this was not the case. So obviously I started to look at things differently and i believe same is true for other people working there.
Startups require lot of hard work and little SLEEP. It is not possible for a startup to be successful when its CEO is almost never available (I believe you know the reasons for his unavailability :D). This thing wasted the best resource that we had and destroyed the office environment.
Startups require focus and determination. It is important to have a game plan before starting a new company. If one partner is thinking one thing and other is thinking another, it is never going to succeed.
Lastly and most importantly in any business owners/partners should be fair with each other and employees. You cant deceive people for long and it always ends badly when you try to.
The most important thing that I learnt from Sheritech and which I want to share is "Never ever work for your friend" because if you do you lose both.