The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for February 26th, 2019

Any opinion on RAD Server vs Node.js/LoopBack vs TMS XData vs other?

Posted by jpluimers on 2019/02/26

Interesting thread still: [WayBack] Any opinion on RAD Server vs Node.js/LoopBack vs TMS XData vs other? – Kyle Miller – Google+

Tools mentioned there (not limited to Delphi):

–jeroen

Read the rest of this entry »

Posted in Delphi, Development, Software Development | Leave a Comment »

Don’t complain about the multitude of “places”/services that your fav G+ers are going…

Posted by jpluimers on 2019/02/26

Great post: [WayBack] Don’t complain about the multitude of “places”/services that your fav G+ers are going and how that makes your life miserable. We all met here by acciden… – Jan Wildeboer – Google+:

Don’t complain about the multitude of “places”/services that your fav G+ers are going and how that makes your life miserable. We all met here by accident, had a good time, mostly. And now we move on.

There is no “one size fits all” replacement out there. Instead, look forward to meeting new people and old friends at whichever place you are going to.

Find me on Twitter, Mastodon and infrequently on Pluspora. Or maybe at a (hopefully open and distributed) new place that doesn’t even exist yet.

[WayBack] OK, maybe Diaspora can become my “new home”, at least for sharing my blog posts and allowing comments. – Thomas Mueller (dummzeuch) – Google+

[WayBack] Diaspora API Dev Progress Report 30 by Open Source and Fediverse Advocate/Developer exploring longvetity and software from a 1st person point of view

–jeroen

Posted in G+: GooglePlus, LifeHacker, Power User, SocialMedia | Leave a Comment »

Thomas Mueller has started to write some documentation on the internal workings of GExperts…

Posted by jpluimers on 2019/02/26

From a while ago, for my link archive:

[WayBack] I have started to write some documentation on the internal workings of GExperts. For now, it covers only a very small part of the IDE form enhancement… – Thomas Mueller (dummzeuch) – Google+

Back then, this was done:

–jeroen

Posted in Delphi, Development, GExperts, Software Development | Leave a Comment »

sed in a bash script: backslash escape anything that looks suspicious

Posted by jpluimers on 2019/02/26

Did I ever tell I dislike regular expressions and old-skool shells?

They’re not good for anything but basic commands, so if you try any scripts in them, you’re basically lost.

If you disagree, please read [WayBack] Don’t write Shell scripts. I would recommend Python, but I tried “pip search mysql”…. – Kristian Köhntopp – Google+) and [WayBack] How did this shit ever work? by the same author.

On the other hand: on many system, the baseline isn’t much more than a shell and a very limited tool set.

With nx like systems that usually comes down to sed and a shell like bash.

Since I wanted to modify an openssh hardening script to cover more permutations that was using sed in a bash script, I had not much choice but to bite the bullet.

TL;DR:

When you use any of the below characters, prepend them with a backslash as they have a bash meaning in addition to a sed meaning.

  • ? becomes \?
  • ( becomes \(
  • ) becomes \)
  • | becomes \|

The script

Hopefully by now it’s [Archive.is] been merged into https://github.com/comotion/gone/blob/github/modules/ssh. If not, it’s at https://github.com/jpluimers/gone/blob/jpluimers-ssh-hardening-patch/modules/ssh.

The diff: [Archive.is] https://github.com/jpluimers/gone/commit/329bf12a320704080e68eee90f4c099e92d8388d?diff=unified

The relevant portion (which also uses backslashes as line continuation and wrap a command over multiple lines [WayBack]):

sed -i \
-e 's/#\?MaxAuthTries *[0-9]*.*/MaxAuthTries 2/' \
-e 's/#\?PermitRootLogin *\(yes\|no\).*/PermitRootLogin no/' \
-e 's/#\?UsePrivilegeSeparation *\(yes\|no\|sandbox\).*/UsePrivilegeSeparation sandbox/' \
-e 's/#\?StrictModes *\(yes\|no\).*/StrictModes yes/' \
-e 's/#\?IgnoreRhosts *\(yes\|no\).*/IgnoreRhosts yes/' \
-e 's/#\?PermitEmptyPasswords *\(yes\|no\).*/PermitEmptyPasswords no/' \
-e 's/#\?ChallengeResponseAuthentication *\(yes\|no\).*/ChallengeResponseAuthentication yes/' \
-e 's/#\?KerberosAuthentication *\(yes\|no\).*/KerberosAuthentication no/' \
-e 's/#\?GSSAPIAuthentication *\(yes\|no\).*/GSSAPIAuthentication no/' \
-e 's/#\?GatewayPorts *\(yes\|no\).*/GatewayPorts no/' \
-e 's/#\?X11Forwarding *\(yes\|no\).*/X11Forwarding no/' \
-e 's/#\?PrintMotd *\(yes\|no\).*/PrintMotd no/' \
-e 's/#\?PrintLastLog *\(yes\|no\).*/PrintLastLog yes/' \
-e 's/#\?TCPKeepAlive *\(yes\|no\).*/TCPKeepAlive no/' \
-e 's/#\?PermitUserEnvironment *\(yes\|no\).*/PermitUserEnvironment no/' \
-e 's/^\(HostKey .*ssh_host_dsa_key\)/#\1/' \
sshd_config

More on sshd hardening

In case I have to revisit the script again, here are some more links on ssh and hardening from my blog posts:

–jeroen

 

 

 

Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, sed, sed script, Software Development | Leave a Comment »