| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next


Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

C-ORM: docs, API.

Last 100 entries

Consciousness From Max Entropy; Democrats; Harvard Will Fix Black Poverty; Modelling Bicycle Wheels; Amusing Polling Outlier; If Labour keeps telling working class people...; Populism and Choice; Books on Defeat; Enrique Ferrari - Argentine Author; Transcript of German Scientists on Learning of Hiroshima; Calvert Journal; Telephone System Quotes for Cat Soft LLC; Owen Jones on Twitter; Telephone System Quotes for Cat Soft LLC; Possible Japanese Authors; Complex American Literature; Chutney v5; Weird Componentized Virus; Interesting Argentinian Author - Antonio Di Benedetto; Useful Thread on MetaPhysics; RAND on fighting online anarchy (2001); Now Is Cat Soft LLC's Chance To Save Up To 32% On Mail; NSA Hacked; Call Center Services for Cat Soft LLC; Very Good LRB Article on Brexit; Nussbaum on Anger; Credit Card Processing for Cat Soft LLC; Discover new movies on demand in our online cinema; Tasting; Credit Card Processing for Cat Soft LLC; Apple + Kiwi Jam; Hit Me; Increase Efficiency with GPS Vehicle Tracking for Cat Soft LLC; Sudoku - CSP + Chaos; Recycling Electronics In Santiago; Vector Displays in OpenGL; Call Center Services for Cat Soft LLC; And Anti-Aliased; OpenGL - Render via Intermediate Texture; And Garmin Connect; Using Garmin Forerunner 230 With Linux; Payroll Service Quotes for Cat Soft LLC; (Beating Dead Horse) StackOverflow; Current State of Justice in China; Now Is Cat Soft LLC's Chance To Save Up To 32% On Mail; Axiom of Determinacy; Ewww; Fee Chaos Book; Course on Differential Geometry; Increase Efficiency with GPS Vehicle Tracking for Cat Soft LLC; Okay, but...; Sparse Matrices, Deep Learning; Sounds Bad; Applebaum Rape; Tomato Chutney v4; Have to add...; Culturally Liberal and Nothing More; Weird Finite / Infinite Result; Your diamond is a beaten up mess; Maths Books; Good Bike Route from Providencia / Las Condes to Panul\; Iain Pears (Author of Complex Plots); Plum Jam; Excellent; More Recently; For a moment I forgot StackOverflow sucked; A Few Weeks On...; Chilean Book Recommendations; How To Write Shared Libraries; Jenny Erpenbeck (Author); Dijkstra, Coins, Tables; Python libraries error on OpenSuse; Deserving Trump; And Smugness; McCloskey Economics Trilogy; cmocka - Mocks for C; Concept Creep (Americans); Futhark - OpenCL Language; Moved / Gone; Fan and USB issues; Burgers in Santiago; The Origin of Icosahedral Symmetry in Viruses; autoenum on PyPI; Jars Explains; Tomato Chutney v3; REST; US Elections and Gender: 24 Point Swing; PPPoE on OpenSuse Leap 42.1; SuperMicro X10SDV-TLN4F/F with Opensuse Leap 42.1; Big Data AI Could Be Very Bad Indeed....; Cornering; Postcapitalism (Paul Mason); Black Science Fiction; Git is not a CDN; Mining of Massive Data Sets; Rachel Kaadzi Ghansah; How great republics meet their end; Raspberry, Strawberry and Banana Jam; Interesting Dead Areas of Math; Later Taste; For Sale

© 2006-2015 Andrew Cooke (site) / post authors (content).

Remote Password Safe (for SUSE)

From: "andrew cooke" <andrew@...>

Date: Thu, 5 Apr 2007 14:11:04 -0400 (CLT)

I use password safe (actually a program called password gorilla) to store
all my passwords.  However, I work regularly on at least two different
computers and it's frustrating having to constantly re-synch password
database files.


One solution to this problem is to use a USB disk, but that means plugging
it in and out.  Another solution would be to rewrite password safe (which
now has a Java version).  with POrqi and Mule that would probably be quite
simple, but it's still going to be a fair amount of work just getting
access to the source, persuading people to use it, etc.

Neither of those seemed very appealing so I thought further.

Since the database is encrypted it can be made public, but that doesn't
help if you want to add passwords unless there's a way to also have write
access.  So yet another solution would be some kind of public file system.
 However, while the database is secure, there is an obvious attack by
over-writing the database (or denial of service by simply deleting it). 
So the file system cannot be completely public.

So, I needed a public file system with some kind of basic protection from
reads: webdav!  Obviously this only works if you have a web server you can
use (and configure), but it seems to be a reasonable, secure solution.

So below I'll explain what I did:

- Enable webdav on my web server
  (In Suse this is done via Yast - enable the dav and dav_fs modules in
  the HTTP configuration)

- Configure webdav.  I was already using the userdir module, so I
  decided to place things in a sub-directory of my public_html

    <Directory /home/*/public_html/dav>

        DAV On
        AuthType Basic
        AuthName dav
        AuthUserFile /etc/apache2/passwd
        AllowOverride None
        Options None

        <LimitExcept GET HEAD OPTIONS>
            Require user dav


  Obviously you need to configure dav with a suitable password too.

  Note that this provides public read access, just in case I forget
  the password while I am away :o)

  Also, my server uses SSL, so those passwords are safe from prying

- Install wdfs (alternatively you could use davfs, but Suse has wdfs
  packages pre-built).

- Mount the directory:

    mkdir passwords
    wdfs passwords -a URL -u dav -p PASSWORD

- Then start password gorilla with that database.  Easy!

- To dismount:

    fusermount -u passwords


Updated Apache Config

From: "andrew cooke" <andrew@...>

Date: Thu, 5 Apr 2007 18:40:34 -0400 (CLT)

The above didn't give me read access.  This works:

    <Directory /home/*/public_html/dav>

        DAV On
        AuthType Basic
        AuthName dav
        AuthUserFile /etc/apache2/passwd
        AllowOverride None
        Options Indexes MultiViews
        Order allow,deny

        <Limit HEAD GET OPTIONS>
            Allow from all

        <LimitExcept HEAD GET OPTIONS>
            Require user dav
            Allow from all


Comment on this post