testA few posts ago I mentioned how happy I was with Slicehost. In the last 85 days, which is my current uptime, I have had 14 minutes that the website was unreachable and 4 minutes that the machine could not be pinged.
If that reliablilty doesn’t encourage you to get a slice account than I don’t know what will.
Being able to find emails that do not currently have labels is a feature that has been requested a number of times and for me would be very very nice. On some of my accounts I have gone through and setup filters for absolutely every type of email I get, but those accounts get less random email. The email coming in is more predictable like friends or certain mailing lists. For my main DIGITAL39 account I get a lot of random email, and a lot of predictable email. I am also using it to archive email from accounts I no longer have. So I looked at my email today and I found out that 4370 out of 8735 (remember these are threaded so it is actually a lot more email) were not labeled. You could go through all of the email and move all of the ones without labels to another label called _FILTER_ or something with a symbol in the front so it will be at the top of the labels list. However there is a better way, which still takes time, but nearly as much.
Create a new label “..filter..” and go into “All Mail”. Click the “All” link to select all of the email and then click the link to select all of the emails in “All Mail”. Label all of the emails with the new “..filter..” label. Once all of that has been done, go down through your existing labels and select all emails and remove the “..filter..” label. After you go through all of these steps you will be able to click on the “..filter..” label and see only email that does not currently have a label.
This doesn’t help for new email coming in, but it will allow you to setup filters for email that has not been filtered or labeled yet. You can easily label incoming mail with this label to make sure you catch new email. One account that I have that has thousands and thousands of emails I have done this with and there is only 1 or 2 emails a week that slip through without a filter.
I am very happy with Charter’s 10meg connection
Drives and cages are in. I am sorry for the bad picture my camera broke and I had to use a flashlight and cell phone. I still have the parts in burnin, which I started out with a very very long ext3 format with block checking. Since there will be no need for a CD/DVD I have the drive sitting on top until I install a distro.
Originally I was going to use FreeNAS, and I have looked into NASLite and Openfiler, but decided to make my own distro. I may actually make it public in the end, but I just didn’t feel that I would use FreeNAS forever and therefore did not want to use UFS as the file system. I am also considering using it as a desktop since I have so much power to spare, but that would only be for a little while.
P.S. I know how ghetto a flashlight and cell phone is
I’m not sure how many of you are familiar with Slicehost, but it is a VPS solution that is affordable and very stable. Slicehost does not oversell system resources, so when you purchase a “slice” you aren’t getting some bogged down server loaded with virtual environments. I have been using them for many months now and I encourage people to sign up. I have 2, 512mb RAM Slices that have 20gb hard drives and each get 200gb of bandwidth each costing $38/mo. I run Pingdom on each one and there have only been a few occasions that I have been emailed about downtime and most of those were self inflicted. This website was taken down and just moved over, but since it has been on Slicehost the slice has been up 100%. One of my client’s has a Slice as well and his has not dipped below 99.9% for the past 3 months and the only times it went below that were for events unrelated to the virtual environment. All Slices are prorated so if you only use one for an hour the money would be refunded, or if you start a new one mid month you are only charged for the percentage of the month you used.
For those of you wondering what distros you can choose from:
If you decide to try them out, I would appreciate it if you used my referral link below.
I received the drive cage and loved it so I ordered some more parts for my file server. In all this is what I have (drives were just ordered).
I went ahead and bought a 9th hard drive so that the model and firmware would be the same if a drive happened to die. I am going to be doing a burnin on all the hardware when the drives arrive to make sure anything that is bad will fail so I can RMA it. I changed from Areca to Adaptec for my RAID card and they just sold out of the Adaptec. Hopefully the price will not go back to $500. After being formatted and put in a RAID6 array I will have 4.09TB of storage space.
It looks like our electronic devices can be searched by customs when entering the US. This somewhat violates the 4th amendment, however there is a border exception to the 4th amendment and unless I am wrong you are not officially in the US until you pass customs/border so the amendment would not apply.
A lot of company policies state that you should not be holding confidential information on laptops in the first place, but email, and browser cache can contain that information. To help prevent the information from intranets from being cached you can install JohnnyCache. JohnnyCache lets you enter in a url pattern and will prevent disk and memory based cache from being accessible when viewing a site matching that pattern. I highly recommend you install this extension regardless of your traveling habits.
I am going to be writing additional posts about handling these searches. These posts are going to be directed at protecting corporate information and personal information.
For a long time I have been planning to build a massive NAS to store all my projects and photographs and my Linux distro collection. When I bought a lot of network equipment a while back a 5U case was included that I decided to use instead of ordering something. The case has 12 standard 5.25 bays and 1 slim 5.25 bay. It fix extended ATX motherboard and is quite long, so it gives me plenty of space. To make efficient use of the space I am putting in hotswap drive bays that will fit 5 hard drives in 3 bays, giving me a total capacity of 15 drives. I have also found a RAID card that supports RAID6, online expansion and all the goodies, and runs about $435. This is more than I wanted to spend, but RAID6 and an oncard processor is worth it. The machine will run FreeNAS and will allow me to have only 1 hard drive in all of my other machines. As of right now I have ordered and installed the following:
I just ordered a IDE->CF card adapter and one of the drive bays to make sure it is what I want. If I like the drive bay, the remaining parts I need are the RAID card, and 8 Western Digital 750GB hard drives. In RAID6, I will have 4.09TB of total space, if I went with RAID5 I would have 4.77TB. While RAID5 is good, I would feel better if I knew I could lose 2 drives and still have all my data safe. I mean this is going to be backups of my systems, and all the files that are most important to me. I may need to upgrade the power supply along the line, but for the time being I should be fine as it has a 420w PSU. I will post pictures when I get my new camera.
Last year I brought up the double bang trick. There is another with the bang and asterisk keys. This combinations takes just the parameters from the previous command.
Enjoy!
Tonight I decided I should do some locking down of ssh and I wanted to share with you the final result of what I did. The first thing we need to do is create the public key. For this post we will use localmach for the local machine and remotemach for the remote machine.
Before beginning the following should be set on the remotemach in /etc/ssh/sshd_config
On the local machine type the following
This will create a 2048bit RSA key. It will ask you where you would like to put these keys, in Linux the default is ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub
We now need to copy this key to the remote server, remotemach.
What this does is log into the remote machine and add the key to /home/user/.ssh/authorized_keys. I am going to skip the password part for now so we don’t lock ourselves out. The next thing you want to do is run the following commands on the localmach.
If you changed the name of the file from id_rsa you will need to specify which identity you want to add for ssh-add. With ssh-agent running and the identity added you should now be able to login without a password.
If you were able to login without the use of a password, you can proceed to editing the /etc/ssh/sshd_config. If you were not able to login without a password repeat the procedure and see if you are able to fix it. I did have trouble once or twice and repeating it fixed whatever was wrong.
Open /etc/ssh/sshd_config and find the PasswordAuthentication configuration directive and make sure it is set to no and uncommented.
Another recommendation is to make sure root cannot SSH into the server directly.
You can now run the following command to commit the changes to the current sshd process
What does all this do?
1. Disables direct login from the root user, which has always been a recommendation. If you are not aware of this you should be reading up on the use of sudo
2. Removes the ability to login to the server with a password, you can only login to the server using a public key.
3. Limit the machine that you can login from. The remotemach must have the key for the localmach in the authorized_keys file before authentication can be performed.
4. Greatly reduce the ability to bruteforce ssh.
In the coming days I am going to check to see if you can copy a key to any machine and have it work, if that is the case it might be better to turn the password authentication back on for situations that command high security.
If you chose to enter a password when creating your key and you did not setup ssh-agent and ssh-add you will be prompted for a password to decrypt the key. Do not confuse that with a standard password based login, which you are probably used to.
