Category Archives: Technology

UDF on MacOS and Linux

Recently I wanted to have the ability to use SSH to log in to my Amazon Lightsail instances from my work laptop. For privacy reasons, I didn’t want to put my SSH private key permanently on the laptop and I didn’t want to put the public key for my laptop on the Lightsail instances.

Since I’m very comfortable with the unix command line, I decided to put a new (password protected) private key on a flash drive so I could use that key to log in to the Linux instances.

The problem is permissions.

SSH won’t let you use a private key file with open permissions. If the key file is world readable, it will display an error and refuse to use it. There isn’t a workaround that I’ve been able to find (other than recompiling SSH from source with modifications).

This mean that the most common flash drive file systems (FAT, FAT32, & exFAT) can’t be used. None of those file system formats support permissions.

I could have formatted the flash drive using the MacOS HFS format, and installed the necessary packages on my Ubuntu Laptop to support that, but I wanted to go for something more generic.

After some research, I decided to give the User Defined File system (udf) a try.

I did have to install UDF support on the Ubuntu system, but that wasn’t a big deal.

sudo apt-get install udftools

To format the flash drive on my Mac, I used this command:

sudo newfs_udf -m blk -v <label> /dev/disk<n>

Important to note, the device file (/dev/disk<n>) must be the device itself, not a partition of the device (on Mac systems a partition will be denoted with ‘s9’ after the device name where 9 is the partition number, for example /dev/disk4s1).

After the UDF file system is created on the flash drive, you must … eject the drive, physically remove the device, and re-insert it. The device will now show up on the system as “/Volumes/<label>”.

Interestingly, the owner of the mounted device is the currently logged in user.

macbook-pro:newkey david$ ls -l /Volumes/FLASHDRIVE/
total 3
-rw-------@ 1 david  staff  1073 Jul 11 10:11 aws-key

I copied the new SSH private key file to the flash drive, made sure the permissions were correct, and ejected the drive.

I then inserted the drive into my Ubuntu system. It mounted correctly right away.

I was then able to log in to my Lightsail instances using the command

slogin -i /media/<my linux user id>/<flash drive label>/<private key file> ec2-user@<aws hostname>

Interestingly, when the UDF formatted flash drive is mounted, the owner is the logged in user, but had the correct permissions.

user@linux:~#: ls -l /media/user/FLASHDRIVE/
total 2
-rw-------- 1 user  user  1073 Jul 11 10:11 aws-key

So far it’s been working well. I’m pleased with this little project.

The Box

This story comes by way of my brother Mitch…

My brother specializes in database analysis for non-profits. As such, he’s usually very involved in the organizations’ data centers.

One such organization he worked for many years ago had received a grant that included the ability to do a major upgrade to their data center. As part of the upgrade, they had to increase the cooling capacity of the HVAC system in their computer room.

They selected a contractor and had the upgrade installed. They then proceeded with the upgrade their computer systems. Everything was working fine. Until the next day.

They came into the computer room and found that it was over 80℉!

The obvious cause was that the HVAC system hadn’t been sized correctly or was malfunctioning.

The organizations policies required that they had to get 3 quotes before selecting a contractor do any repair work.

So they found 3 contractors. One of the contractors quoted $20,000 to completely replace the existing HVAC system. Another contractor quoted around $10,000 to upgrade the existing HVAC system.

The third contractor came in, looked around the room, picked up a box that was lying on the floor, placed it over the thermostat that was controlling the existing HVAC system, taped it to the wall, and said “No charge”.

Apparently the new HVAC system that had been installed was blowing cold air directly on the thermostat. So, when the system detected that the room was getting warm, it would turn the A/C on. It would immediately detect that the room was cool enough, and turn off the A/C. Clearly the A/C wasn’t running long enough to cool the room at all.

The moral of this story…

Sometimes the solution requires thinking outside the box…

Sometimes the solution requires thinking inside the box…

Sometimes the solution IS the box.

Speed Up Time Machine

If you’re using an Apple Mac computer, you may have observed that the fantastic backup system Time Machine, may run slowly. This is especially noticeable when you are doing the very first backup (when it has to backup the entire system).

I was frustrated by this a while ago when I purchased a new hard drive to do my backup’s on.

After a bit of digging, I found that time machine’s performance is throttled so as not to impact system performance.

There is a way to remove performance throttling using a system control statement.

debug.lowpri_throttle_enabled

If you use the sysctl command to set this to 0 (zero) then time machine will not be throttled. If it’s set to 1 (one), it will be throttled.

I created a little script called ‘speedup-timemachine’ that lets me turn the option on and off.

‘speedup-timemachine on’ will remove the throttling.

‘speedup-timemachine off’ will return the throttling.

Below is the script. Just copy the script, paste it into a text editor, save the script to a location on the path, and make it executable (chmod a+x scriptfile).

Continue reading

Thunderbird and ‘reply-to’

This is another one in the ‘Things to remember’ category.

For some reason, by default, Thunderbird does not use the ‘Reply-to’ header in emails. This headers tells mail software what address that replies should be sent to. It’s commonly used for mailing lists so that replies are sent to another address, such as the the mailing list itself, instead of the address that sent the message.

To change the default Thunderbird behavior, you have to tweak a setting.

Continue reading

Catching spam with repeated phrases

This is more of a ‘for future reference’ post than anything else.

Recently my mailing lists have been getting hit with stupid spam (what spam isn’t) that invokes bible related conspiracy spam. The messages reference bible verses multiple times.

To catch the spam, I put in a rule that matches bible references.

It’s a pretty simple rule … it looks for specific bible chapters followed by a number colon number.

body LM_BIBLE_MULTI /\s(matthew|revelation|john|corinthians|thessalonians|luke|romans|ezekiel|mark)\s+\d+:\d+/i
describe LM_BIBLE_MULTI Contains bible verses
score LM_BIBLE_MULTI 0.5

The thing about the spam I’m trying to catch is that it references the bible verses multiple times. The above rule only catches a single bible verse reference and adds the score.

To increase the score for each individual hit of the rule, you need to add the following to the rule:

tflags LM_BIBLE_MULTI multiple

This way, every time the LM_BIBLE_MULTI rule is hit, the score increases by 0.5. The more bible references in the email, the higher the spam score.

The multiple modifier for tflags is available in SpamAssassin 3.2 & higher.

Regular Expressions in RPG

One of the things that RPG isn’t particularly good at is string scanning & manipulation.

Many other programming languages support using Regular Expressions (or regex, as they are often referred to). Java, PHP, Node.JS, Python, & Perl have support for regex’s built in.

Regular expressions are a very powerful tools for parsing, analyzing, and manipulating text. It should be noted, however, that with such power also comes the possibility for complexity. Some regular expressions can get VERY VERY complex. See the end of this post for a VERY complex expression.

A true regex master can create a functioning expression that is indistinguishable from modem line noise.

– Unknown (maybe me)
Continue reading