Author Archives: David

UDF on MacOS and Linux

Recently I wanted to have the ability to use SSH to log in to my Amazon Lightsail instances from my work laptop. For privacy reasons, I didn’t want to put my SSH private key permanently on the laptop and I didn’t want to put the public key for my laptop on the Lightsail instances.

Since I’m very comfortable with the unix command line, I decided to put a new (password protected) private key on a flash drive so I could use that key to log in to the Linux instances.

The problem is permissions.

SSH won’t let you use a private key file with open permissions. If the key file is world readable, it will display an error and refuse to use it. There isn’t a workaround that I’ve been able to find (other than recompiling SSH from source with modifications).

This mean that the most common flash drive file systems (FAT, FAT32, & exFAT) can’t be used. None of those file system formats support permissions.

I could have formatted the flash drive using the MacOS HFS format, and installed the necessary packages on my Ubuntu Laptop to support that, but I wanted to go for something more generic.

After some research, I decided to give the User Defined File system (udf) a try.

I did have to install UDF support on the Ubuntu system, but that wasn’t a big deal.

sudo apt-get install udftools

To format the flash drive on my Mac, I used this command:

sudo newfs_udf -m blk -v <label> /dev/disk<n>

Important to note, the device file (/dev/disk<n>) must be the device itself, not a partition of the device (on Mac systems a partition will be denoted with ‘s9’ after the device name where 9 is the partition number, for example /dev/disk4s1).

After the UDF file system is created on the flash drive, you must … eject the drive, physically remove the device, and re-insert it. The device will now show up on the system as “/Volumes/<label>”.

Interestingly, the owner of the mounted device is the currently logged in user.

macbook-pro:newkey david$ ls -l /Volumes/FLASHDRIVE/
total 3
-rw-------@ 1 david  staff  1073 Jul 11 10:11 aws-key

I copied the new SSH private key file to the flash drive, made sure the permissions were correct, and ejected the drive.

I then inserted the drive into my Ubuntu system. It mounted correctly right away.

I was then able to log in to my Lightsail instances using the command

slogin -i /media/<my linux user id>/<flash drive label>/<private key file> ec2-user@<aws hostname>

Interestingly, when the UDF formatted flash drive is mounted, the owner is the logged in user, but had the correct permissions.

user@linux:~#: ls -l /media/user/FLASHDRIVE/
total 2
-rw-------- 1 user  user  1073 Jul 11 10:11 aws-key

So far it’s been working well. I’m pleased with this little project.

The Box

This story comes by way of my brother Mitch…

My brother specializes in database analysis for non-profits. As such, he’s usually very involved in the organizations’ data centers.

One such organization he worked for many years ago had received a grant that included the ability to do a major upgrade to their data center. As part of the upgrade, they had to increase the cooling capacity of the HVAC system in their computer room.

They selected a contractor and had the upgrade installed. They then proceeded with the upgrade their computer systems. Everything was working fine. Until the next day.

They came into the computer room and found that it was over 80℉!

The obvious cause was that the HVAC system hadn’t been sized correctly or was malfunctioning.

The organizations policies required that they had to get 3 quotes before selecting a contractor do any repair work.

So they found 3 contractors. One of the contractors quoted $20,000 to completely replace the existing HVAC system. Another contractor quoted around $10,000 to upgrade the existing HVAC system.

The third contractor came in, looked around the room, picked up a box that was lying on the floor, placed it over the thermostat that was controlling the existing HVAC system, taped it to the wall, and said “No charge”.

Apparently the new HVAC system that had been installed was blowing cold air directly on the thermostat. So, when the system detected that the room was getting warm, it would turn the A/C on. It would immediately detect that the room was cool enough, and turn off the A/C. Clearly the A/C wasn’t running long enough to cool the room at all.

The moral of this story…

Sometimes the solution requires thinking outside the box…

Sometimes the solution requires thinking inside the box…

Sometimes the solution IS the box.

Cardboard Analyst

Have you ever had a problem that has you absolutely stumped … and you ask a co-worker for assistance or post a message to an online forum (like a midrange.com mailing list) for assistance.

Then, quite soon after you ask for assistance, you finally discover the answer yourself?

This is what I call the ‘Cardboard Analyst’ phenomenon (I’ve also heard it referred to as “Rubber Ducking”) … where the person (or people) you are asking for assistance don’t necessarily provide direct assistance, but force you to look at the problem from a different perspective.

It’s my theory (which may or may not be backed up by research) that forcing your brain to break the problem down into terms that you can describe to someone else, gives you a new perspective on the problem and new insight into what the problem actually is.

Personally, I’ve found that if I just try to explain what the problem is to someone (even my wife, who’s not super technical), I’m able to find the solution I want. Occasionally, I’ll be explaining a problem to someone in my office when my voice will trail off and I’ll start thinking about another avenue of exploration. Often I’ll thank the person I was talking to for their assistance … to which they will respond “Glad I could be of no help”.

Oddly enough, the person I am talking to has to be able to respond … often asking me questions that make me think about it. I once tried using our cat as a cardboard analyst … but it didn’t work 🙂 .

So next time you’ve got a problem that’s got you particularly stumped … try explaining it it someone. You’ll be surprised how much help someone can be even if they don’t have a clue what you’re talking about.Categories

This is a repost of an article that appeared on the IMHO blog.

Job Search Observations

As some of you may know, last year I started searching for a new job. Due to the pandemic, it wasn’t the best time to start such a search, but ultimately I was able to find a new position that I’m really happy with.

While most of my experiences with potential employers were positive, some were distinctly negative. This post is going to outline some of those negative experiences (without being specific) in hopes that companies may learn from them.

Continue reading

Speed Up Time Machine

If you’re using an Apple Mac computer, you may have observed that the fantastic backup system Time Machine, may run slowly. This is especially noticeable when you are doing the very first backup (when it has to backup the entire system).

I was frustrated by this a while ago when I purchased a new hard drive to do my backup’s on.

After a bit of digging, I found that time machine’s performance is throttled so as not to impact system performance.

There is a way to remove performance throttling using a system control statement.

debug.lowpri_throttle_enabled

If you use the sysctl command to set this to 0 (zero) then time machine will not be throttled. If it’s set to 1 (one), it will be throttled.

I created a little script called ‘speedup-timemachine’ that lets me turn the option on and off.

‘speedup-timemachine on’ will remove the throttling.

‘speedup-timemachine off’ will return the throttling.

Below is the script. Just copy the script, paste it into a text editor, save the script to a location on the path, and make it executable (chmod a+x scriptfile).

Continue reading

Thunderbird and ‘reply-to’

This is another one in the ‘Things to remember’ category.

For some reason, by default, Thunderbird does not use the ‘Reply-to’ header in emails. This headers tells mail software what address that replies should be sent to. It’s commonly used for mailing lists so that replies are sent to another address, such as the the mailing list itself, instead of the address that sent the message.

To change the default Thunderbird behavior, you have to tweak a setting.

Continue reading

Catching spam with repeated phrases

This is more of a ‘for future reference’ post than anything else.

Recently my mailing lists have been getting hit with stupid spam (what spam isn’t) that invokes bible related conspiracy spam. The messages reference bible verses multiple times.

To catch the spam, I put in a rule that matches bible references.

It’s a pretty simple rule … it looks for specific bible chapters followed by a number colon number.

body LM_BIBLE_MULTI /\s(matthew|revelation|john|corinthians|thessalonians|luke|romans|ezekiel|mark)\s+\d+:\d+/i
describe LM_BIBLE_MULTI Contains bible verses
score LM_BIBLE_MULTI 0.5

The thing about the spam I’m trying to catch is that it references the bible verses multiple times. The above rule only catches a single bible verse reference and adds the score.

To increase the score for each individual hit of the rule, you need to add the following to the rule:

tflags LM_BIBLE_MULTI multiple

This way, every time the LM_BIBLE_MULTI rule is hit, the score increases by 0.5. The more bible references in the email, the higher the spam score.

The multiple modifier for tflags is available in SpamAssassin 3.2 & higher.