The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming

    20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now

    20140424-Windows-7-free-disk-space

    More Photos
  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,485 other followers

Archive for the ‘*nix’ Category

20 years ago today: Here’s a nickel kid. Go buy yourself a real computer.

Posted by jpluimers on 2015/06/24

An eternal Dilbert strip that is based on the tiny Here’s a nickel kid. Go buy yourself a real computer fragment from single.h:

#if _FP_W_TYPE_SIZE < 32
#error "Here's a nickel kid. Go buy yourself a real computer."
#endif

Read the rest of this entry »

Posted in *nix, ARM, Assembly Language, Delphi, Delphi 1, Development, Fun, Geeky, History, MS-DOS, Power User, Software Development, Windows, Windows 8.1, Windows 95, Windows NT, x86 | 2 Comments »

Research notes on Diffie Hellman over WebSockets over a MittM http proxy to setup an encapsulated secure channel

Posted by jpluimers on 2015/06/17

Inspired by CloudFlare Keyless SSL, I have this idea of using Diffie Hellman over WebSockets over a MittM based http proxy (which intercepts and decrypts HTTPS traffic) like mitmproxy (but them from a commercial vendor to inspect web traffic) to setup an encapsulated secure channel.

I know SSH uses Diffie Hellman to setup a secure channel over a binary TCP connection.

Binary communication over HTTP usually means WebSocket.

I don’t want WebSSH (which does use WebSockets, but is probably filtered by the MitM proxy anyway).

Maybe either of these open source tools will work:

If these don’t work, I need to do more research.

Since I use C# and .NET for much of my work, I started the WebSocket over HTTP C# query.

c# – How to use proxies with the WebSocket4Net library – Stack Overflow.

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, HTTP, Internet protocol suite, Linux, Power User, SSH, SuSE Linux, TCP, WebSockets, Windows, Windows-Http-Proxy | Leave a Comment »

reboot fixes “pam_systemd(sshd:session): Failed to create session: Connection timed out” need to find the cause.

Posted by jpluimers on 2015/06/11

In case I get something similar to this again:

Mar 11 12:54:06 filesrepo sshd[22021]: Accepted publickey for SOMEUSER from xxx.xxx.xxx.xxx port xxxxx ssh2: RSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
Mar 11 12:54:06 filesrepo kernel: type=1006 audit(1394542446.943:117): pid=22021 uid=0 old auid=4294967295 new auid=1019 old ses=4294967295 new ses=116 res=1
Mar 11 12:54:06 filesrepo sshd[22021]: pam_unix(sshd:session): session opened for user SOMEUSER by (uid=0)
Mar 11 12:54:06 filesrepo dbus[421]: [system] Activating systemd to hand-off: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Mar 11 12:54:31 filesrepo sshd[22021]: pam_systemd(sshd:session): Failed to create session: Connection timed out
Mar 11 12:54:31 filesrepo dbus[421]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Mar 11 12:54:31 filesrepo dbus[421]: [system] Failed to activate service 'org.freedesktop.systemd1': timed out
Mar 11 12:54:32 filesrepo svnserve[22061]: DIGEST-MD5 common mech free
Mar 11 12:54:32 filesrepo sshd[22021]: pam_unix(sshd:session): session closed for user SOMEUSER

I have been noticing this for last few days but I thought systemd update should solve this (bug report was raised against systemd)

I updated system today (I have not given it a reboot yet) and I still see those logs.

Rebooting fixed this issue.

But I’m not sure about the cause.

–jeroen

via: [closed] pam_unix(sshd:session) timeouts / Networking, Server, and Protection / Arch Linux Forums.

Posted in *nix, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »

revue: getting Tumbleweed on it.

Posted by jpluimers on 2015/06/09

Now that github stopped showing my README.rst as reStructuredText here is the htmlpreview link of the pandoc rendered reStructuredText:

revue: getting Tumbleweed on it.

It is about installing and configuring Tumbleweed which is a tad bit more frustrating than I hoped for.

In practice unixoids aren’t as heavenly as many geeks pretend them to be.

I got the htmlpreview solution via css – How to see an html page on github as a normal rendered html page to see preview in browser, without downloading? – Stack Overflow.

I might try the github pages in the future.

Sourcecode of htmlpreview is at htmlpreview/htmlpreview.github.com.

–jeroen

via:

Posted in *nix, Development, DVCS - Distributed Version Control, git, GitHub, Linux, openSuSE, Power User, Software Development, Source Code Management, SuSE Linux | Leave a Comment »

Enabling GIT_CURL_VERBOSE to research “unable to get local issuer certificate”

Posted by jpluimers on 2015/05/28

A while ago, I was fighting a corporate web proxy playing Man-in-the-Middle on all https sessions.

Though playing MitM on your employees is a debatable thing to do (especially without informing the employees, and illegal in certain countries, I had to get a GIT connection to the outside world working.

This helped tracking it down: GIT_CURL_VERBOSE “unable to get local issuer certificate”.

What I finally did was this:

  1. obtain the CA certificate that issues the MitM certificate in base-64 CRT form (which is the same as the PEM form):
  2. added it at the top of either of these files:
    • "%ProgramFiles%\Git\bin\curl-ca-bundle.crt"
    • "%ProgramFiles(x86)%\Git\bin\curl-ca-bundle.crt"
  3. added it to the top of either of these files:
    • "%ProgramFiles%\Mercurial\cacert.pem"
    • "%ProgramFiles(x86)%\Mercurial\cacert.pem"

–jeroen

PS: These were the failures I was getting:

Read the rest of this entry »

Posted in *nix, cURL, Development, DVCS - Distributed Version Control, git, PKI, Power User, Security, Source Code Management | Leave a Comment »

 
Follow

Get every new post delivered to your Inbox.

Join 1,485 other followers

%d bloggers like this: