| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

Last 100 entries

I Want To Be A Redneck!; Reverse Racism; The Lost Art Of Nomography; IBM Data Center (Photo); Interesting Account Of Gamma Hack; The Most Interesting Audiophile In The World; How did the first world war actually end?; Ky - Restaurant Santiago; The Black Dork Lives!; The UN Requires Unaninmous Decisions; LPIR - Steganography in Practice; How I Am 6; Clear Explanation of Verizon / Level 3 / Netflix; Teenage Girls; Formalising NSA Attacks; Switching Brakes (Tektro Hydraulic); Naim NAP 100 (Power Amp); AKG 550 First Impressions; Facebook manipulates emotions (no really); Map Reduce "No Longer Used" At Google; Removing RAID metadata; New Bike (Good Bike Shop, Santiago Chile); Removing APE Tags in Linux; Compiling Python 3.0 With GCC 4.8; Maven is Amazing; Generating Docs from a GitHub Wiki; Modular Shelves; Bash Best Practices; Good Emergency Gasfiter (Santiago, Chile); Readings in Recent Architecture; Roger Casement; Integrated Information Theory (Or Not); Possibly undefined macro AC_ENABLE_SHARED; Update on Charges; Sunburst Visualisation; Spectral Embeddings (Distances -> Coordinates); Introduction to Causality; Filtering To Help Colour-Blindness; ASUS 1015E-DS02 Too; Ready Player One; Writing Clear, Fast Julia Code; List of LatAm Novels; Running (for women); Building a Jenkins Plugin and a Jar (for Command Line use); Headphone Test Recordings; Causal Consistency; The Quest for Randomness; Chat Wars; Real-life Financial Co Without ACID Database...; Flexible Muscle-Based Locomotion for Bipedal Creatures; SQL Performance Explained; The Little Manual of API Design; Multiple Word Sizes; CRC - Next Steps; FizzBuzz; Update on CRCs; Decent Links / Discussion Community; Automated Reasoning About LLVM Optimizations and Undefined Behavior; A Painless Guide To CRC Error Detection Algorithms; Tests in Julia; Dave Eggers: what's so funny about peace, love and Starship?; Cello - High Level C Programming; autoreconf needs tar; Will Self Goes To Heathrow; Top 5 BioInformatics Papers; Vasovagal Response; Good Food in Vina; Chilean Drug Criminals Use Subsitution Cipher; Adrenaline; Stiglitz on the Impact of Technology; Why Not; How I Am 5; Lenovo X240 OpenSuse 13.1; NSA and GCHQ - Psychological Trolls; Finite Fields in Julia (Defining Your Own Number Type); Julian Assange; Starting Qemu on OpenSuse; Noisy GAs/TMs; Venezuela; Reinstalling GRUB with EFI; Instructions For Disabling KDE Indexing; Evolving Speakers; Changing Salt Size in Simple Crypt 3.0.0; Logarithmic Map (Moved); More Info; Words Found in Voynich Manuscript; An Inventory Of 3D Space-Filling Curves; Foxes Using Magnetic Fields To Hunt; 5 Rounds RC5 No Rotation; JP Morgan and Madoff; Ori - Secure, Distributed File System; Physical Unclonable Functions (PUFs); Prejudice on Reddit; Recursion OK; Optimizing Julia Code; Cash Handouts in Brazil; Couple Nice Music Videos; It Also Works!; Adaptive Plaintext; It Works!; RC5 Without Rotation (2)

© 2006-2013 Andrew Cooke (site) / post authors (content).

Remote Password Safe (for SUSE)

From: "andrew cooke" <andrew@...>

Date: Thu, 5 Apr 2007 14:11:04 -0400 (CLT)

I use password safe (actually a program called password gorilla) to store
all my passwords.  However, I work regularly on at least two different
computers and it's frustrating having to constantly re-synch password
database files.

http://www.fpx.de/fp/Software/Gorilla/
http://passwordsafe.sourceforge.net/

One solution to this problem is to use a USB disk, but that means plugging
it in and out.  Another solution would be to rewrite password safe (which
now has a Java version).  with POrqi and Mule that would probably be quite
simple, but it's still going to be a fair amount of work just getting
access to the source, persuading people to use it, etc.

Neither of those seemed very appealing so I thought further.

Since the database is encrypted it can be made public, but that doesn't
help if you want to add passwords unless there's a way to also have write
access.  So yet another solution would be some kind of public file system.
 However, while the database is secure, there is an obvious attack by
over-writing the database (or denial of service by simply deleting it). 
So the file system cannot be completely public.

So, I needed a public file system with some kind of basic protection from
reads: webdav!  Obviously this only works if you have a web server you can
use (and configure), but it seems to be a reasonable, secure solution.

So below I'll explain what I did:

- Enable webdav on my web server
  (In Suse this is done via Yast - enable the dav and dav_fs modules in
  the HTTP configuration)

- Configure webdav.  I was already using the userdir module, so I
  decided to place things in a sub-directory of my public_html

    <Directory /home/*/public_html/dav>

        DAV On
        AuthType Basic
        AuthName dav
        AuthUserFile /etc/apache2/passwd
        AllowOverride None
        Options None

        <LimitExcept GET HEAD OPTIONS>
            Require user dav
        </LimitExcept>

    </Directory>

  Obviously you need to configure dav with a suitable password too.

  Note that this provides public read access, just in case I forget
  the password while I am away :o)

  Also, my server uses SSL, so those passwords are safe from prying
  eyes.

- Install wdfs (alternatively you could use davfs, but Suse has wdfs
  packages pre-built).

- Mount the directory:

    mkdir passwords
    wdfs passwords -a URL -u dav -p PASSWORD

- Then start password gorilla with that database.  Easy!

- To dismount:

    fusermount -u passwords

Andrew

Updated Apache Config

From: "andrew cooke" <andrew@...>

Date: Thu, 5 Apr 2007 18:40:34 -0400 (CLT)

The above didn't give me read access.  This works:

    <Directory /home/*/public_html/dav>

        DAV On
        AuthType Basic
        AuthName dav
        AuthUserFile /etc/apache2/passwd
        AllowOverride None
        Options Indexes MultiViews
        Order allow,deny

        <Limit HEAD GET OPTIONS>
            Allow from all
        </Limit>

        <LimitExcept HEAD GET OPTIONS>
            Require user dav
            Allow from all
        </LimitExcept>

    </Directory>

Comment on this post