Podcast Review: Podiobook.com - Author Scott Sigler

While I listened to this book as a podcast, via Podiobooks, as the name describes they are audiobooks delivered in podcast format.  I have found quite a few great books at Podiobooks so I wanted to feature not each book, but rather authors.  I say this because there are a few authors like Scott Sigler who have a small catalog that would take me many posts to review all of the books I've read from him.  So this podcast review is for the author and his collection of works available at Podiobooks.

First point would be the presentation.  I mean to say the voice acting, audio production and the ability to create the setting though voice which by old school definition might be described as "story telling".  On this, Scott would get an 11 out of 5.  I have to say that it is very clear that Scott is pumped about his own material and it comes across in his work.  There are many authors who should NOT read their books, in this case I would suggest that they should get Scott to read it for them.  Amazing voice characters,  fantastic pacing and just enough background sound effects to bring the edge of dept to a two dimensional presentation.

Scott has written quite a few books, some not available at Podiobooks.  I would recommend you visit his website to get details on his complete works.  I cannot rave enough about how great his work is, a few of his books are actually available in print.  I am personally waiting to get the collection of books I've read in hardback series.  If paperback makes you happy, go for it.  I really strongly suggest Scott Sigler's works to anyone who is looking for a high energy fiction "listen".

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Dropbox on a Headless Server

I know there are a few guides for Dropbox on a headless server.  I noticed that my experience wasn't 100% as advertised, so I wanted to post here on what my process was (repeated on 3 servers for accuracy)

First the requisites for this activity.  You must have a ssh account and my advice is to make sure you have the same disk space free on the server that you are using in your Dropbox account.  For the free version, that means 2Gb of disk space.

Next I need to install the application, this is done on the server account.  I had in all 3 cases to launch the "nautilus" application one time.  So I connect with the "ssh -X" for allowing X11 export over the connection.  Once connected the next thing was to get the dbcli.py script from the Dropbox Wiki.  On the server I used:
   wget http://dl.getdropbox.com/u/43645/dbcli.py
   chmod 755 dbcli.py
This gives the application in the home dir with executable permissions.  Now run the script with:
   python dbcli.py install     <--- mine was x86 the other is x86_64
This step will download the tarball and start to set things up.  Mine hung after it downloaded everything and put it in the right place.  I then escaped with ctrl+c.  I then launched nautilus with:
   nautilus
This brought up the view of the home folder and then the splash screen for setting up the Dropbox account.  I entered my account details and let the folder sync the first time.  Once done, I closed nautilus and disconnected from the server to forcefully break the 2nd Dropbox icon it put in my computer's systray.  I then reconnected WITHOUT x11 forwarding and launched the daemon in the background with:
  ./.dropbox-dist/dropboxd &
This should fire up the daemon to run in the background.   After that you can check the status of the daemon with the dbcli.py script with:
  python dbcli.py status
That should report "up to date" as long as it is running and healty.

You might need to restart the daemon if the server machine reboots.  But for my headless servers that doesn't happen very often.  I have seen this work perfectly with the syncing that Dropbox does and works just as expected and seen with any other desktop machine.  I really enjoy this idea since there is a disk space use limit built into the account.  Also, this provides a truely off-site backup storage to ensure against any disaster recovery issues.  So with my last post about using gpg to encrypt files and edit them, it means that even if the server security is compromised, they won't get any data from my files unless they have a supercomputer and 20 years :)

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

vim + gpg + dropbox = secure passwords

Finally accomplished a multi-system synchronized encrypted password file.  Let me tell the short and then the long version.

The short version is
1.) gpg encrypt a text file
2.) store it in a shared dropbox folder
3.) add vim gnugpg plugin.

The long version of the story is that Dropbox has added a functionality to share a folder with other Dropbox users.  I have a Dropbox account for each operating system that I use (3).  So I can modify on one machine and it will get pushed to all the other machines.  I also found the dbcli.py script which lets me run dropbox on a headless machine.

I already have 2048 bit pgp keys created.  I used that key to encrypt a text file to myself.  The file I had was a text file that I was using to record my passwords.  With the command "gpg --encrypt filename"  will produce an encrypted copy with the *.gpg extension.  This new file I placed in the shared dropbox folder and created a symbolic link to it in my home directory.

Then after creating the folder ~/.vim/plugin and moving the gnupg.vim into that folder I was able to open and edit the gpg encrypted file after typing my passphase for the key.  This extension turns off the auto-backup feature of vim to prevent a clear text copy from being anywhere but ram.  Once writes to the file are made, it will re-synchronize with the other computers automatically.

With this new process I am able to view, search and edit my password file even on a mac (with vim and gpg installed).  Of note, I also have a Truecrypt volume in this same shared folder and once a month I do a plain text export into the hidden volume of a Trucrypt drive.  This allows me additional access even if I do not have the permissions to install all the needed components.

Now I can use strong secure and unique passwords for every online service I have.  I even took the opportunity to generate a few passwords and keep them in the password file directly in the case I needed to update a login without command line access to pwgen.

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Password Generation for security

Security and safe passwords are very important in today's online world.  I used to have unique passwords for "levels" of security.  Realizing that if some service from low level was compromised that access to the next level would be easy.  I realized that the best way would be a strong secure password for each online service was the best way to go.  This way there is no way to "escalate" privilege level from one online service to another.

Since I already have a method for recording my passwords, which I'll get into during another post, I though I'd share the command that I use to create new passwords.  I use the package "pwgen".  The output of this command as quoted by Bessy produces quite a few unique passwords which satisfy most secure password definitions.  Most are produced with a portion of it that can be pronounced as a word, which make them in the realm of possibility to actually remember.

Output looks like:

cafeninja@vegeta:~$ pwgen --alt-phonics --capitalize 9 10
joo0kai2Y loh6Chi6y Chei4pei8 AiNoch2ua eeXeeF8Ee veeh3Eer4 Vah2fee8v ve4uegh7E Oa6chahmo Ish2voc2c

Using this tool I can make secure passwords for any account online.  I recently used this command repeatedly as I converted my multitude of online passwords from levels (5 different passwords) to a single password for each.

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

New assistant Bessy

I just wanted to introduce you all to my new partner, Bessy.  Bessy is my daily reminder that text and the terminal is where it all began.

If you are a Unix fan, Windows geek who remembers DOS, Linux hacker who recalls the days when X11 just didn't work it doesn't matter.  All of the computer love that we all have was once born of a terminal window.

Bessy normally offers me a daily smile by giving a nugget of wisdom in this text display that is a harkening of the computer future that was to come.  I hope you all can take just a moment to reflect and recall that since the time we were stepping on the move all the way to first-person-shooters like Doom III has been a short and hurried history.

You may see more of Bessy from time to time as she helps me promote the ease and friendliness of the command line to all.  The major difference is the ability to use a real terminal with all of it's power, simplicity and grace.

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Karmic testing - Easier PPA additional and install

So I read on the Ubuntu Geek blog, that in Ubuntu 9.10 Karmic there is a new command for adding a ppa repo that will update the sources.list and import the gpg key.  So, clever me, thought of a way to make a few nice aliases and run this all together.  Let me demonstrate

1.) add the repo.  
sudo add-apt-repository
2.) update the repos
sudo apt-get -qq update
3.) install the application
sudo apt-get install

So I made aliases for those three.
alias repo='sudo apt-get-repository'
alias update='sudo apt-get -qq update'
alias ins='sudo apt-get install'

And using a different example from Ubuntu Geek, the command I give looks like:
"repo ppa:jonabeck && update && ins ifuse"

This single, short command will update the sources.list, update the repos and install the ifuse package with only the normal prompts if they apply.  Please see the manpage for each of these commands as well as alias in the case that you want to learn more about each.

 --
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Karmic testing - Bluetooth Proximity (bluesproximity)

During my Ubuntu 9.10 testing, one of the things that I regularly do is crawl through my modified Apt sources list to see what if anything has graduated from PPA into the official repos.  The other benefit is to see what applications have been added to the repos that are similar to the ones I use already.   Change is sometimes good.

Today, I was going using the new "Ubuntu Software Center" to see what I might find that I had been missing as well as to check out the interface.  What I discovered, installed and used (all in under 5 min) was the Bluetooth Proximity application.  This does exactly as advertised.  Any previously paired device can be used, distance for screen locking and unlocking are adjustable.


I have to say it "just works" and locks the screen as soon as I am more than 6 meters away from the computer and doesn't unlock it until I'm closer than 4 meters.  No more forgetting to lock my screen when I step away, and no more typing my pass when I return.  The default screen saver settings remain and the proximity meter can be turned off and on.

I had heard of a way to do this in previous versions that was a bit of a hack and required a collection of scripts.  Now, in one easy to use gui front end, the entire package can be set up.  If you frequently step away from your computer for just a few minutes, I would highly recommend the is application.

--
CafeNinja

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.