tech log on gentoo, linux, and random stuff

Archive for July 2009

sys-auth/pam_ssh and net-misc/keychain

with one comment

I’ve been using gentoo’s net-misc/keychain for a while now for password-less ssh. I followed gentoo doc’s recommendation and added to my ~/.zlogin the following lines:

keychain id_rsa id_rsa_nopass --quiet source ~/.keychain/$HOST-sh

The only beef I’m having with this setup is that after each reboot, I have to type in both my password (for login) and the keyphrase of my ssh identity file (b/c keychain), which is kind of repetitive, if you know what I mean ;)

So there’s a little “aha!” moment when I found pam_ssh in today’s updates on gentoo-portage. In fact, it’s as simple as adding ssh into the USE flags of sys-auth/pambase and emerge -1 pambase. No more repetitive password entries!

Written by zsh

July 27, 2009 at 10:40 pm

Posted in /etc, gentoo

Tagged with , ,

lafilefixer, kexec

with one comment

have been troubled by the missing libogg.la for a while (sox never builds). google ‘libogg.la, gentoo’ points to a heated discussion in bugs.gentoo.org of whether or .la files should be included — apparently somebody intentionally removed it in the libogg build. No Comment! but I guess someone else stated my opinion quite clearly: a broken build a week is the best way to piss off end users. Anyway in that same thread there’s a fix: just `emerge lafilefixer` and do `lafilefixer –justfixit`

now onto a different topic. I’ve included kexec in the past several kernel builds, but never looked into it. It’s actually quite easy to use. just `emerge kexec-tools`, mod `/etc/conf.d/kexec`, and `rc-update add kexec boot`. Now the `reboot` command will just reload the kernel image specified in the conf file without rebooting the physical machine. (clearly, removing the kexec service shall return you to a normal `cold’ reboot)

Written by zsh

July 25, 2009 at 11:37 am

Posted in /etc, gentoo

using Creative WebCam Notebook (041e:401f) in Skype

leave a comment »

LD_PRELOAD=/usr/lib/libv4l/v4l1compat.so skype

needs media-libs/libv4l

cf. this link

Written by zsh

July 20, 2009 at 10:02 pm

create socks5 proxy using window-less openssh from cygwin

leave a comment »

After half day’s work, my dad and I successfully revived a 7-year-old Toshiba Satellite 3000 S353 laptop, and he happily confiscated it as his travelling laptop. However, in considering that most online banks in China still require some IE activeX controls, he insisted that I replace the ArchLinux in it with WinXP, and since he has grown accustomed to the ssh tunnelling between his desktop and mine for him to browse all those news sites blocked by the GFW, he asked if I can do the same thing on the new windows.

So here’s the thing. We’ll need a cygwin environment, in particular its openssh, psmisc, run and any POSIX compliant shell (e.g., ash). Suppose the cygwin environment is installed in d:\cygwin, create ssh-proxy.bat batch script as follows:

    REM ssh-proxy.bat
    REM this will create a socks5 proxy at localhost:9999
    REM @echo off

    cd cygwin\bin

    REM give remote server two sec to close an already-open connection
    killall ssh && sleep 2

    REM use explicit invocation:
    REM run /bin/ssh -Nf -D9999 user_name@your.ssh.server
    REM or a `tunnel' profile in ~/.ssh/config:
    run /bin/ssh -Nf tunnel

and if you opt to use the ssh profile `tunnel’, put the following in ~/.ssh/config (windows absolute path d:\cygwin\home\USER\.ssh\config):

    # ~/.ssh/config
    Host tunnel
    HostName your.ssh.server
    User user_name
    Compression yes
    DynamicForward 9999
    # use pub-key auth for password-less connection. cf. SSH_CONFIG(5)
    #IdentityFile ~/.ssh/some_private_id_file

Now for each internet session, just run ssh-proxy.bat once when you need the proxy. The run command used in the batch script prevents the ssh command from creating a console window. It’s almost transparent for web browsing if you combine it with foxyproxy and Firefox.

As an afterthought, I probably could have done it with putty and AHK, suppose AHK can hide the putty window, but that’d take me sometime to learn the AHK syntax.

Written by zsh

July 7, 2009 at 1:01 am