Older blog entries for hands (starting at number 14)

new toy ordered

I managed to resist for a while, but after thinking about it for a couple of weeks, I've cracked and ordered a Pandora, which is a tiny palm-top cum gaming console, with an OMAP3530 (ARM Cortex A8) running at 600MHz, a smidgen larger than a Nintendo DS.

I'm not really interested in the gaming side, but am thinking that now that DisplayLink seems to be somewhat supportable on Linux I'll be able to plug it into a decent monitor when I'm home, and that the 10 hour battery life and pocket size will be great when I'm not.

Hopefully it'll be built and shipped in time for Xmas.

Syndicated 2009-10-28 20:26:30 from chezfil

hello from sunny cáceres

Just a quick note for those planning on walking from the railway station to Debconf/camp.

Ignore the bit here about turning into Calle de Muñoz Torrero -- the walk-in entrance is in Avenida de Pablo Naranjo Porras.

The instructions should probably read something like:

... turn left into the Avenida de Bondad, follow that straight for 200 metres (enjoying the view to the lakes on the left) until you reach Avenida de Pablo Naranjo Porras, which you should turn right into and follow for about 600m. The venue is on the left hand side of the road, through some iron gates. There is a sign with Residencia Muñoz Torrero standing inside the open gates -- go past the sign for about 50m and the reception will be on your left near a similar sign.

I'll check the fine detail of that and update the web-site to match (once we get less restricted Internet sorted out)

Having said that, Calle de Muñoz Torrero is apparently the best thing to say to a local taxi to get here. So if you ask for that you'll find yourself standing outside a large green gate, with a park on the other side of the road -- stay on the same pavement as the gate, and walk anti-clockwise around the block until you find the gates mentioned above,

Syndicated 2009-07-15 16:03:55 from chezfil

Securing passphrase-less ssh, using ssh-agent, command=, sudo and rrsync

I just came across yet another example of someone assuming that it's OK to create a passphrase-less ssh key and grant it root access on a remote machine.

Prompted by that, I've written how to do passphraseless-ssh properly.

One trick that I mention is having a script like this:

  #!/usr/bin/ssh-agent /bin/sh
ssh-add
ssh -A remote-server ~/bin/kick-off-job

allowing the remote machine to access us, but only when we're talking to them.

Syndicated 2009-06-26 09:13:44 from chezfil

going to debconf9

I've known I was going for ages, but yesterday I finally got train tickets despite renfe's efforts to stop me. I'm flying London Gatwick to Lisbon on TAP, then getting the TRENHOTEL train to Cáceres, arriving at 05:05 on the 15th, afterwards reversing the journey, leaving Cáceres at 01:53 on Aug 1st.

If you're in the UK (or if you are losing the will to live fighting with renfe's hopeless website) you should probably get in touch with http://spanish-rail.co.uk/, which turns out to consist of one person (Mercelo Saito) who is a nice chap, but is currently rather busy, so if you fail to get him on the phone (+44 (0)20 7725 7063) your best bet is to mail info@spanish-rail.co.uk telling him what tickets you are after, and a phone number where he can call you back.

It seems that the renfe system's meltdown is due to the combined effects of going from 30-day to 90-day advance booking, and a festival that's occurring on the east coast somewhere. Mercelo thought that it's possible that the discount tickets could well still be available, but that the system that lets you get these was totally unavailable over several days of trying, so I ended up deciding to pay the extra so that I could get the tickets in my hand.

spanish-rail.co.uk are the official agent of renfe in the UK, and as such have a renfe ticket printing machine, so they can print tickets on the spot. If you do turn up in person, they're in a managed office building (Regent House) with no sign on the outside of the building, so don't assume (like I did) that you'll be able to walk down the street and see a shop-front with "Spanish Rail" emblazoned across it.

Syndicated 2009-06-23 12:56:28 from chezfil

Booting USB sticks via grub4dos lets you boot (some) CD images

Having spent about 3 days getting my new USB stick to boot exactly similarly regardless of whether the machine supports USB-HDD or only USB-ZIP, as well as letting you to choose between a few fun things to boot (including debian-installer, which on a stick big enough to carry a DVD image makes it rather useful) I thought I'd better describe how to build my attempt at the ultimate-usb-stick.

The next trick is going to be getting debian-live and debian-installer ISO's to be clever enough to look around for an ISO image, and if found, loop mount it, rather than just getting in a strop when they realise that they don't know where they came from.

Syndicated 2009-06-15 00:20:30 from chezfil

HTTPS VirtualHosts

Until a couple of weeks ago, I was under the impression that one could only have a single HTTPS site per IP address, but it seems I was wrong.

The procedure is described here on the CACert wiki.

In short, you need multiple SubjectAltName fields on your server's certificate, such that all the VirtualHost names that you want to work are either directly mentioned, or will match via wildcards.

The page above includes a link to a nice script that generates a key and CSR (Certificate Signing Request) ready to be pasted into CAcert's Server Certificate page.

Note: the CN is pretty much ignored by some browsers, so you'll want to put the machine's main name as one of the SubjectAltNames as well.

BTW if you get a warning like:

    [warn] _default_ VirtualHost overlap on port 443, the first has precedence

you probably need to add

    NameVirtualHost *:443

to your /etc/apache2/sites-enabled/ssl before the <VirtualHost *:443> line.

Of course, this glosses over the details of doing things like setting your name and address in the certificate, but since CAcert will strip all that out anyway, it only matters if you wanted to get it signed by someone else. Even so, this should get you started -- you can always edit those details into the csr script.

Syndicated 2008-12-08 19:26:23 from chezfil

There's probably no god. Now stop worrying and enjoy your life

Alain Williams just sent me a link to the Atheist Bus Campaign which was started to raise £5,500.00 GBP in order to buy adverts on the sides of busses in London.

As I write they have raised £111,832.43, so over 20 times what they needed for the London busses. I'm so impressed with this that I gave them £100.00

Update: I note the campaign's page, where among other things they link to a clip from the BBC's Have I got news for you which is rather amusing about this, particularly the last joke. Also, Justgiving's blog seems in awe about how this has taken off. As they mention, there's even a wikipedia page about this.

Syndicated 2008-10-28 00:00:00 from chezfil

Virgin Media (ex. NTL) support Linux just fine, despite their claims not to.

Today I helped a friend sign up with Virgin Media's broadband service. He was having trouble, as their front-page at http://activation.virginmedia.com/ does a brain-damaged test, and tells you that they only support Windows and MacOS X and that if you have anything else you'll need to phone them at a pound a minute so you can talk to some idiot until you lose the will to live (or some such).

After a brief rummage, I noticed that if instead of doing what they tell you to do, you go to https://autoreg.autoregister.net/ you get prompted for whether you're signing up for Broadband or Dialup, and on clicking Broadband, you're lead through the sign-up procedure with no complaints about compatibility, and within 5 minutes he was online with his GNU/Linux (Ubuntu) system and Firefox browser.

This makes me wonder why Virgin Media bother putting extra effort into turning users away when in fact the sign-up procedure would work perfectly if they hadn't bothered with the stupid browser test.

Syndicated 2007-12-21 00:00:00 from chezfil

Linus' new T-Shirt

Nice to see the British Computer Society finally run Linus to ground after 7 years, so that they could pin the Ada Lovelace Medal on him, but I reckon he looked even more pleased when he got a new T-Shirt:

Syndicated 2007-09-04 23:00:00 from chezfil

In case you're wondering...

In case you're wondering...

The answer is: No

Syndicated 2007-06-09 23:00:01 from chezfil