Tag Archives: geek

SSH Login Notifications using Pushbullet

Pushbullet is a great app that allows you to share notifications to and from your phone/computer. I recently saw Dead Man’s Snitch (a service which alerts you about cron jobs) and figured I could probably replicate the most important functionality for me using Pushbullet. After all, being a poor student is all about saving as much money as possible!

Playing around with the Pushbullet API whilst setting up backup notifications for my servers, I wondered if I could get a push notification every time (hopefully) just me logged in via SSH.

I ended up with the following bash script that can be added to your bash login script (~/.bash_profile)

1
2
3
4
5
#!/bin/bash
IP=($SSH_CLIENT)
name=$(whoami)
string="SSH Login from $IP for $name"
/home/admin/pushbullet/pushbullet push all note "$string"

It uses this library from Github, but could do it without the library at all if you’re not as lazy as I am. More Pushbullet goodness soon!

pushbullet

Advertisements

Namecheap SSL Tutorial (Lighttpd)

Namecheap’s cheap SSL certificates work great on desktop, but are missing the root cert therefore gave me an untrusted error on Android (and I assume iOS).

I spend a while trying to figure out how to fix this, and I finally have!

From the zip file they send you, combine the files using cat like this. The order is important for the mobile devices.

cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > bundle

Add your private key and certificate from Namecheap (domain_tld.crt file) to a single file, too.

cat privatekeyhere.key domain_tld.crt > certificate.pem

Use whatever names you want for the outputted files. Just make them consistent. You should probably make sure only your web-server/root user can read them to keep them secure.

Finally in your lighttpd.conf add something like the following to enable SSL globally for your server.

$SERVER["socket"] == "ip.address:443" 
{

server.document-root = "/var/www/"
ssl.engine = "enable"

ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"

ssl.ca-file = "/path/to/bundle"
ssl.pemfile = "/path/to/certificate.pem"

}

To force SSL connections only, you’ll want to add something like this:

$SERVER["socket"] == ":80" 
{
        $HTTP["host"] =~ "(.*)" 
        {
                url.redirect = ( "^/(.*)" => "https://%1/$1" )
        }
}

Thanks to Ben Green, SSL247, and Bill Patrianakos for all pointing me in the right direction 🙂

The backlogged road is long!

I am slowly making progress through my backlog. Maybe by 2045 I’ll complete it…. From the first list of games to play that I posted after exams ended in May, I tried to spend time on Bad Rats (but it kept crashing), played some Hack Slash and Loot (doubt I’ll make it to an hour, I really don’t like it that much) and started on Indiana Jones and the Fate of Atlantis.

I’m quite enjoying Fate of Atlantis and it’s reminded me how much I enjoy old LucasArts point and click adventures. I’ll have to stop off at Monkey Island soon. They’re just so much fun! Anyway whilst I continue to play OpenTTD and ignore my backlog, I thought I’d create a top games list for each of my backlogged console platforms. Here goes!

openttd

WiiU

  • Lego Hobbit (15h)
  • Earthbound (30h)
  • Pikmin 3 (15h)

I’ve done a few days in Pikmin 3, and I’ve completed a chunk of LEGO Hobbit. I’ll probably just keep doing time trials in Mario Kart 8, though. Add me on Miiverse if you want to: geekyjames.

3DS/DS

  • Phoenix Wright Dual Destinies (30h)
  • Professor Layton and the Miracle Mask (25h)
  • Magical Starsign (40h)

I’m on the 3rd case in Dual Destinies, likely going to have to restart Miracle Mask due to forgetting the story and hopefully able to get over the slooooow text in Magical Starsign although I couldn’t last time I tried.

Vita/PSP

Heh, the screenshots do it better justice… Let’s just say I’ve not started any of these really… I should pick one at random and aim to complete it. The random number generator said 3, 7, and 23… which are… Final Fantasy Tactics, Lemmings (I can finish that!), and Hotline Miami. I’ll give that my best shot…

PS3

Assassins Creed series, Ni No Kuni, Burnout CRASH… So many Playstation Plus games, that honestly makes me wonder why I bother paying around £40 a year for games that I’m likely not going to play since I still buy games on the PSN Store… At least I didn’t buy a single game in the latest steam sale!

Time to crack on, shame I’m back at work for nine days starting this week… At least I’ve finally moved house, and have few responsibilities if any until October when uni starts back up!

Setting up voicemail to email

Ever been annoyed at how long it takes to retrieve your messages from Vodafone, Giffgaff, EE, or whoever runs your phone service? Me too. Press 1 to delete. Sorry, you need to listen to more than half to do that….. Yeah…. It’s annoying. It’s much easier to just receive an MP3 file in your inbox immediately after the message is left.

Sample Voicemail Email

I found a cheap (£1.20/month) solution, which is actually pretty handy. You buy an incoming geographic UK landline from Andrews and Arnold in whichever area code you’d like. Set it up so that it directs straight to voicemail (or busy, if you want to take calls on this new number too. It’s up to you.) If you’re reading this then feel free to leave me a message!

AA Voip Settings

Once this is working, set your phone to direct on busy/failed/no service to forward the call to your new number rather than their voicemail service. That’s it!

AA Voip Settings

This is possible with an iPhone. It’s a little bit more annoying to set up, as Apple do not expose the more detailed call forwarding options within their interface. However, knowledge of the GSM commands means that you can set this up using the dialer. These codes can be found on Wikipedia with more detail of how they work. For a record, here are the (untested by me) activation codes that should work in Europe for iPhones.

If Busy

*67*[phone number]#

If Not Answered

*61*[phone number]#

If Out of Reach (No Service)

*62*[phone number]#

AWStats Alternative: GoAccess

I didn’t really want to bother with installing AWStats and setting up the cgi stuff that goes with it, as well as setting the web server to ensure the stats stay hidden. I just want to get a rough idea of who’s visiting my site and when. I’m usually happy with running a terminal window with tail -f, but sometimes a bit more analysis is needed.

Today I found a cool alternative, GoAccess.

GoAccess Main Screen

It has a nice simple and usable interface based on Curses (It’ll be familiar if you used Irssi, Mutt, or the like) and gives all the needed information at a glance. It can even output HTML reports if you really want them.

I tried installing the version from the Debian repositories but found (as usual) that it was terribly out of date. I think they had a package for version 0.5, when 0.7.1 is the latest.

If you simply head off to GoAccess’s webpage, and follow the instructions for compiling from source you’ll be up and running in no time at all. Just a note that I had issues downloading and compiling from the Sourceforge download; the resulting program would just crash and segfault. This went away when I checked out the development github code and compiled that way.

If you have issues with dependencies, try installing the following packages which should cover most of the dependencies in one command.

sudo apt-get install dh-autoreconf build-essential libglib2.0-dev libncurses5-dev libncursesw5-dev libgeoip-dev

If you’re using Lighttpd like me, when you first run GoAccess make sure to select the NCSA Combined Log Format otherwise you’ll be missing portions of your data.

GoAccess Log Confirguration Settings

Easter, The Shard, and Netbooks

It’s been a while since I last updated with a new post. Since then I’ve been using Crunchbang Linux as my main operating system, visited the Top of the Shard, bought a cheap netbook to carry around with me at uni so I don’t have to spend ages looking for a computer when I (rarely, albeit) need one. I’ve also sold off quite a few of my old DS and PS3 games that although I wanted to play at some point the chances are that I never will. I even went for a bike ride last week…

Crunchbang is awesome. I’m currently using a Dell Mini 9 (Atrocious first gen intel atom, 1gb of memory) and yes it’s a bit slow. The thing is I paid less than £90 for it. The battery is still fine, I most likely will update the memory soon but it just works! Chrome is perfectly useable, I can happily read the notes that I export from my smart pen (I can’t however connect it directly. I have a Windows VM running on my desktop for that) and create my revision wiki and mind maps that I need to. It’s actually a good thing that it doesn’t play video very well. The only thing I’ve gotten to play is OpenTTD (again, a good thing).

Dell Mini 9

Dell Mini 9 Netbook

Windows on this netbook would suck. It only has a 16gb SSD, and when it arrived from eBay with a fresh install of Windows 7 it had 3gb free space… Who thought that was a good idea?! I installed Crunchbang from a USB key and have been happy ever since. When I’m back at home I’ll connect it to my local bridged network and run Synergy so I can share my desktop keyboard and mouse with the netbook on my desk.

We went to the Shard on Easter Sunday. Apparently we picked the best time and day possible. It was clear to the horizon when we went up at 10am, but started to get cloudly soon afterwards. Got some awesome pictures as seen below!

Me and Amelia

Me and Amelia 😀

Trains

Mm Trains!

Perfect Timing

Perfect Timing!

Nice view! Nice Day

Nice view! Nice Day

This thing is imposing!

This thing is imposing!

Back to Bangor at the end of the week! Six weeks or so till my next set of exams…

Connectify’s NXDOMAIN Misdirections

I use Connectify Pro on my Windows box to share my internet connection to a wireless access point so I can access the internet on my Kindle, and 3DS. It’s simple and it allows me to play Mario Kart online so it’s great. I just didn’t expect Connectify to take over my DNS setttings and redirect me to pages filled with ads.

Connectify DNS Shenanigans

I bought a new domain today, and was presented with a page filled with ‘Related Links’. Hmm. I did some digging and found out that Connectify’s default internal DNS server returns invalid responses. Take a look the screenshots.

Fake Ad Filled Page courtesy of Connectify

Clearly non-existant-lol.co.uk doesn’t exist. Using Connectify’s DNS Resolver I get a page apparently from DomainSponsor. It’s definitely Connectify; turn Hotspot mode off, DNS resolution goes back to normal, and I get a standard page/server not available error.

Using Google’s Public DNS solves the issue as shown in the first screenshot. Amusingly, Connectify’s support pages state the following:

NXDOMAIN is a setting which causes the DNS server to automatically detect and redirect DNS  requests for nonexistant domains to a Connectify page.  This protects the user from ISP’s sending them to their own potentially fake web pages.

So instead of a scary ISP page filled with ads, you’ll just get Connectify’s instead. Nice of them to think about you, isn’t it? It’s not something you can disable directly within the Connnectify application, instead you have to open the program with specific command line switches.

An easier solution is the remove the reference to your local machine from within network settings and insert 8.8.8.8/8.8.4.4 to bypass your local machine entirely. You should then be able to go back to your standard browsing experience minus dodgy nonexistent domains serving you ads. You can of course use any other DNS server that use trust if Google isn’t you thing!

Google DNS Settings

Pebble Watch has finally arrived!

Eleven months after I first backed the Pebble Smart Watch on Kickstarter it’s finally on my wrist. I love it already, it’s just such a slick gadget. I’m using a free app from the Play Store (Pebble Notifier) to funnel more than the default notifications from my watch to the watch. This app is pretty cool because a) it’s free! b) it lets you choose which notifications are sent.

Pebble Smart Watch

So now I get my away messages from IRC sent directly to my phone. Pretty neat? I think so too. Text messages just work, Gmail is a bit iffy if you use the standard Pebble app but with Pebble Notifier it just works well. If you enable “Google Search”, you’ll even get your Google Now cards (generally just the title as I’ve seen so far) straight to your wrist.

Since the recent release of the SDK many new watch faces (several neat Pokemon ones!), and even a few games have appeared for Pebble. Snake is pretty cool (but I read somewhere it’s known for draining the battery so I promptly uninstalled it..) You can find all these available for download at My Pebble Faces. My favourite face so far has to be “91 Dub” but it’s apparently unavailable to download now (even though I managed it this morning…?)

Pebble Smart Watch

If you have any queries leave a comment below or jump on IRC and have a chat! I’ll have a good play with it this week and post again soon with some more impressions after my first week with the watch!

One last thing… If you’re still waiting for your watch to arrive and you’re in the UK try using this Royal Mail tracker rather than the one on their front page. It gives you a load more details!

Using a Linux computer in University halls

If you run Linux on a PC or laptop in halls of residence you may of realised that most universities are using 802.1x authentication on their networks. It’s great, secure all that. It can just be a pain to set up. I’m currently in halls at Bangor University and couldn’t figure out how to get it all working in Ubuntu or Crunchbang. To be fair, it’s pretty unreliable in Windows too… “Unable to authenticate!”… Grr but I digress.

I found this guide on Aberystwyth University’s website, and it worked great. Basically you need to download and make sure that wpa_supplicant is installed (It should be in pretty much all modern Linux distros), then create a config file for it using the details on the page linked. I’ll paste them below in case they ever take the page down.

Start up a command line interface and create a directory by typing:

mkdir /var/run/wpa_supplicant

Using a text editor create a wpa_supplicant.conf file in /etc/wpa_supplicant. Inside this file enter the following lines:
# BEGIN wired network configuration

ap_scan=0

ctrl_interface=/var/run/wpa_supplicant

network={ 
      key_mgmt=IEEE8021X 
      eap=PEAP 
      phase1="peaplabel=1" 
      phase2="auth=MSCHAPV2" 
      identity="your University email address" 
      password="your University password" 
}

# ENG wired network configuration

Open a command terminal window and type:
sudo chmod 600 /etc/wpa_supplicant/wpa_supplicant.conf

Edit /etc/network/interfaces with the following. (The bits in bold)
#BEGIN

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
wpa-driver wired
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

#END

Restart your network card by typing
sudo /etc/init.d/networking restart

You should now be connected to the University network

You’ll have to do a bit of experimenting with the identity field. Aber wants your entire uni email whereas at Bangor I just needed my username for it to work. Try both until it works. I’m fairly certain these settings are going to be fairly universal for all uni’s who utilise 802.1x authentication systems.