jeudi 20 avril 2017

Git is available again

When I setup gitolite on my server for Git access through SSH, of course I did test that cloning worked from outside my network. That was for my Paperweb project.

Later I configured port-knocking on the server to get rid of bot-based authentication attempts that were polluting my log files. Unfortunately, at this time, the “outside” server on which I have an account was down, so I could not leave my network to check that all was fine; from the inside of the network, all worked like a charm, though!

Same situation when someone asked me for the Paperweb code by e-mail because they could not get it the normal Git way. I had no idea that port-knocking was the problem: from my side of the firewall, all worked correctly…

Lire la suite

dimanche 20 novembre 2016

Bootable flash drive for both Linux and Windows: live Linux

Three years ago, I wrote a small series about having all my favourite tools on a USB flash drive when I am on the go. Some things have changed in these years, so the time has come to write fresh blog posts on the subject. My main aim is a full portable Linux OS, and this third part is about just that!

Lire la suite

Bootable flash drive for both Linux and Windows: boot loader

The following text is the second part of a reboot —as they say for films, now— of my 3-year-old series about having a universal Linux and Windows toolbox on a bootable USB flash drive. The main target is a full portable Linux OS, but I will also address the Windows OS, for those times when you have no choice ;-)

This part is about the boot loader and miscellaneous tools accessible from there.

Lire la suite

vendredi 18 novembre 2016

Bootable flash drive for both Linux and Windows: BIOS and EFI

This is a new take on my 3-year-old series on the same subject, with the aim of having a portable toolbox for anything PC, from booting Linux, to having my favourite productivity tools at all time, to being able to rescue a broken disk or OS, and so on. This toolbox takes the form of a standard USB flash drive, made bootable and filled with all that I need, yet still uncluttered, and usable as any USB flash drive for transferring data.

This first article is about the “bootable” part.

Lire la suite

samedi 24 septembre 2016

Import an old mbox file into Thunderbird

I tried to import an old e-mail file from year 2000 or so, using Thunderbird’s ImportExportTools extension. And it failed. I first tried to split the mbox file, but eventually I found that X-Mozilla… headers were at fault! So, the solution is simply to run this command on the file before importing  […]

Lire la suite

mardi 13 septembre 2016

Vive le fairphone 2 !

Le Fairphone 2 est un excellent téléphone. Je ne savais trop comment présenter cette acquisition… Quelqu’un l’a déjà fait, bien mieux que je ne saurais le faire. Allez-y, c’est très bien écrit : https://grisebouille.net/fairphone-un-telephone-pour-libriste/

samedi 10 septembre 2016

Baisse du volume sonore sur la théière riviera&bar Yunnan

Heureux possesseur d’une théière électrique riviera&bar Yunnan, je déplorais toutefois le volume strident de son alarme sonore, dont le rôle est d’informer l’utilisateur des différentes étapes : ébullition, infusion, maintien au chaud… Il suffit d’ailleurs de consulter la FAQ du fabriquant concernant cette théière pour s’en convaincre ; une seule question à ce jour : « Peut-on retirer les signaux sonores du produit ? »

C’était insupportable ; j’ai donc atténué le volume sonore de son « buzzer ».

Lire la suite

mercredi 8 juin 2016

Light-weight port-knocking to protect SSH

A bit more than a year ago, I hardened my SSH server, which resulted in the near-disappearance of automated SSH login attempts. Alas, the script-kiddie tools have finally caught up with the current state of cryptography; or at least with the level of cryptography that I dare require, and still maintain compatibility with most devices that I use.

Fail2ban, although dormant all this time, still ran like the ever-vigilant Argos, and resumed its usual work as the attacks came back. But I do not like relying solely on fail2ban. So I decided to add port-knocking as a protection.

Lire la suite

- page 2 de 12 -