Comment-line in emacs

Posted by on

To comment/uncomment a line in emacs, add this to your ~/.emacs

;; comment line
(defun comment-or-uncomment-region-or-line ()
    "Comments or uncomments the region or the current line if there's no active region."
    (interactive)
    (let (beg end)
        (if (region-active-p)
            (setq beg (region-beginning) end (region-end))
            (setq beg (line-beginning-position) end (line-end-position)))
        (comment-or-uncomment-region beg end)
        ;(next-line)
	))
(global-set-key (kbd "M-#") 'comment-or-uncomment-region-or-line)

(courtesy of Gerstmann on StackOverflow)

Using ssh agent for sudo authentication on debian

Posted by on

Using this ubuntu guide with 2 changes.

1. Change the configure line to

./configure --libexecdir=/lib/x86_64-linux-gnu/security/ --with-mantype=man

2. Instead of editing the sudoers file, create a file under sudoers.d (more modular):

echo "Defaults env_keep += SSH_AUTH_SOCK" > /etc/sudoers.d/ssh_auth

Also note that the latest version of this module on sourceforge is more recent than linked.

Cleaning up repos in cobbler

Posted by on

Here’s a cobbler snippet that disables the default repomirror (presuming you are serving the rpms yourself) and adds the updates channel


# disable Centos Base Repo (get updates elsewhere)
sed -i -e 's/^/#/g' /etc/yum.repos.d/CentOS-Base.repo
# download updates repo file
wget -O - http://$http_server/cobbler/repo_mirror/Centos6-UPDATES/config.repo > /etc/yum.repos.d/Centos6-Updates.repo
sed -i -e 's/\${http_server}/$http_server/' /etc/yum.repos.d/Centos6-Updates.repo

Change the name of the update repo to suit & include it the post section of your .ks template.

Including the update channel in the cobbler profile broke for me – and others too (freezes when it tries to install dbus).

 

cliget :: Add-ons for Firefox

Posted by on

Download files using curl or wget. This addon generates curl/wget commands that emulate the request as though it’s coming from your browser allowing you to download protected files directly to a separate machine (e.g. server).

via cliget :: Add-ons for Firefox.

Very useful for downloading ISOs directly to your server that you have to log in and traverse various forms (eg Oracle Enterprise Linux).

 

SSH’ing via a gateway host using Putty

Posted by on

(or Kitty to be more exact, which is Putty on steroids)

1. Set up key authentication to your host with PuttyGen & Pageant (ssh-agent for Putty) – or KittyGen & Kageant if you’re using Kitty. Paste your public key into authorized_hosts on the gateway & destination box.

2. Set up your configuration, IP address in session should be of destination (see screenshot, this is an internal IP).

2014-06-21 17_48_43-KiTTY Configuration

3. Go to Connection -> SSH -> Auth. Check Allow agent forwarding.

4. Connection -> Proxy. Enter your gateway IP in Proxy hostname & exclude Hosts, choose Proxy type local & put your username in the box.

In telnet command put

klink.exe %user@%proxyhost -nc %host:%port \n

(or plink.exe if using putty). This will be run first to tunnel your connection through.

2014-06-21 17_52_38-KiTTY Configuration

5. Done!

OpenSSL / CVE-2014-0160

Posted by on

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

via CVE – CVE-2014-0160.

Centos were very quick to get the update out for this (don’t forget to restart your daemons). I wonder of this is due to their partnership with Redhat?