Go to advanced search

by technion
Fri Nov 27, 2015 4:18 am
Forum: Raspbian
Topic: Predictable SSH host keys
Replies: 18
Views: 38693

Re: Predictable SSH host keys

https://github.com/RPi-Distro/repo/issues/6 That issue has been closed, first asking for proof, then making an incorrect assertion regarding key generation. ssh-keygen utilises OpenSSL's rsa_generate_key_ex, which ultimately calls BN_generate_prime_ex, using a horrible series of gotos and pointer a...
by technion
Mon Dec 29, 2014 5:04 am
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

Re: PSA - NTP vulnerability

My config looks like this: server 127.127.20.0 mode 17 minpoll 3 iburst true prefer fudge 127.127.20.0 flag1 1 time2 0.20 I'm unsure where you're getting "flag3" from, it wasn't shown in any of the references I used. I'm not familiar with ntptime, the output I've looked for is this one: $ ntpq -p re...
by technion
Sun Dec 28, 2014 5:31 am
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

Re: PSA - NTP vulnerability

I can only suggest the help file is not up to date or something. [email protected] ~/ntp-4.2.8 $ more config.log This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by ntp4 configure 4.2.8, which was generated by G...
by technion
Fri Dec 26, 2014 10:49 am
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

Re: PSA - NTP vulnerability

I built the "open collector" NTP server, modified to all fit inside the original Adafruit box with an external GPS antenna. http://open.konspyre.org/blog/2012/10/18/raspberry-pi-time-server/ That site you linked provides exactly the process you download the source and compile it with all the correc...
by technion
Fri Dec 26, 2014 10:47 am
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

Re: PSA - NTP vulnerability

Can you tell how you did the compile? With the default ./configure, make, make install I get this error in syslog: By default, nothing we need is compiled. This is also why the package distributed with the OS is useless. $ ./configure --enable-linuxcaps --enable-all-clocks --enable-parse-clocks --e...
by technion
Mon Dec 22, 2014 6:06 am
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

Re: PSA - NTP vulnerability

I've been running 24 hours now on version 4.2.8 stable and things are looking good. Only catch is the default install path changed from /usr/local/bin to /usr/local/sbin between -dev and stable, so watch out for init scripts that start the old version on boot! The Rapsbian distributed edition never ...
by technion
Sat Dec 20, 2014 4:57 am
Forum: Automation, sensing and robotics
Topic: Robust sensors
Replies: 0
Views: 417

Robust sensors

Hey guys, I've done a lot with the DHT22. I forked the library to try and make it more reliable ( https://github.com/technion/lol_dht22 ), I've played with capacitors of varying sizes, etc. At no point though, would I be comfortable trusting something important to this sensors. It's not unusual for ...
by technion
Fri Dec 19, 2014 11:46 pm
Forum: Networking and servers
Topic: PSA - NTP vulnerability
Replies: 17
Views: 4103

PSA - NTP vulnerability

Hey guys, I know a number of us (like me!) are using Raspberry Pis as NTP servers - so I just wanted to bring this alert to your attention: Vulnerability Note VU#852879 Network Time Protocol daemon (ntpd) contains multiple vulnerabilities http://www.kb.cert.org/vuls/id/852879 I originally had to bui...
by technion
Tue May 27, 2014 9:27 am
Forum: Advanced users
Topic: protection
Replies: 13
Views: 2415

Re: protection

i would hate to have to make the user have a usb dongle, but that may be the only solution ... that is the only thing they cannot duplicate if i understand correcty Honestly I hate these sorts of questions. There's no easy answer because it's the question that's wrong. Here are two facts: Those stu...
by technion
Sat Feb 22, 2014 5:49 am
Forum: Networking and servers
Topic: Redundancy 2 - lightweight cloud computing software
Replies: 2
Views: 2175

Re: Redundancy 2 - lightweight cloud computing software

Hey, great looking app. I had some queries about the code. if (strpos($pUser,"<") === false && strpos($pPass,"<") === false) Why can't a password contain a < ? //Is the password and the repeated the same? if (strpos("<",$pUser) !== false || strpos("<",$pEmail) !== false || strpos("<",$pPass) !== fal...
by technion
Thu Feb 13, 2014 3:48 am
Forum: Networking and servers
Topic: MS Exchange
Replies: 5
Views: 5998

Re: MS Exchange

"Some sort of ActiveSync server" is one thing, but you certainly won't get Exchange to run on a Pi. It's the wrong OS, and it's unusable with < 12GB RAM.
by technion
Tue Feb 11, 2014 3:06 am
Forum: Automation, sensing and robotics
Topic: Adafruit DHT temp/humid sensor
Replies: 76
Views: 38661

Re: Adafruit DHT temp/humid sensor

Hey guys, I hadn't seen this thread in a long time, but I note that I started this thread when I couldn't find a workable solution, and subsequently produced the code several people have found since. As people have said, it does eventually work, but while "repeat until it works" does appear to alway...
by technion
Sat Jan 04, 2014 2:57 am
Forum: Other projects
Topic: Truecrypt Seems to work pretty well
Replies: 44
Views: 37052

Re: Truecrypt Seems to work pretty well

If I assume you are going to store important data there, creating the image in /tmp is a terrible idea. Your home directory would probably be a better place for it.

It's good to see people investing in alternatives to AES.
by technion
Sat Jan 04, 2014 2:51 am
Forum: Other projects
Topic: NTP PPS
Replies: 285
Views: 110352

Re: NTP PPS

Just to chime in that my RPi has been a member of the pool for a while now, and according to the monitor run by the NTP pool project, it's scored 20/20 for as far back as records go.

I can see over 12000 IP addresses on ntp's client list - so it's getting hit a lot.
by technion
Fri Jan 03, 2014 2:41 am
Forum: Other projects
Topic: RNG Generator
Replies: 3
Views: 938

Re: RNG Generator

technion wrote: (yes, I'm aware the pi has a hardware PRNG, but using a closed device defeats my goal)
by technion
Tue Dec 31, 2013 4:58 am
Forum: Other projects
Topic: RNG Generator
Replies: 3
Views: 938

RNG Generator

Hey guys, (yes, I'm aware the pi has a hardware PRNG, but using a closed device defeats my goal) I stumbled upon this this morning: https://mywebspace.wisc.edu/lnmaurer/web/minirng/minirng.html#FurtherWork Specifically, it's a hardware based random number generator. It is however, a standalone, nove...
by technion
Tue Oct 22, 2013 9:51 am
Forum: Networking and servers
Topic: PI in COLO Encryption?
Replies: 4
Views: 832

Re: PI in COLO Encryption?

Honestly, a "datacentre" should be one of the most secure places on earth. If you actually need to concern yourself with someone walking in and picking up your Pi and walking away with your data, find a new DC.
by technion
Tue Sep 03, 2013 7:07 am
Forum: Networking and servers
Topic: Pi repository webserver project
Replies: 12
Views: 2075

Re: Pi repository webserver project

I'll point out that in general, publishing email addresses in cleartext mailto: links is going to frustrate and turn off a lot of people from adding themselves to the site.
by technion
Tue Sep 03, 2013 5:22 am
Forum: Networking and servers
Topic: Noob Wordpress or Joomla question
Replies: 15
Views: 3170

Re: Noob Wordpress or Joomla question

This may sound like a dumb question but..
Why are you bent on using Wordpress when you are struggling so much on the issue of "what is it" ?
by technion
Fri Aug 30, 2013 7:06 am
Forum: Networking and servers
Topic: Noob Wordpress or Joomla question
Replies: 15
Views: 3170

Re: Noob Wordpress or Joomla question

I imagine building a webpage with either one is a rather graphics intensive operation. Does it help if I just clarify this point - building the website, in so far as the Wordpress side of things, involves 0 graphics. None of my high end webserver hardware has a GUI installed. What you are asking ab...
by technion
Thu Aug 29, 2013 4:37 am
Forum: Networking and servers
Topic: Best Web Server?
Replies: 5
Views: 4826

Re: Best Web Server?

Hi,

There's no "one click" here, but honestly, the LAMP install process is well and truely documented, and with a copy and paste you and operate in 2-3 lines, how "hard" is it really?
by technion
Wed Aug 14, 2013 6:40 am
Forum: Networking and servers
Topic: Raspberry Pi load balanced server - page load time?
Replies: 12
Views: 2460

Re: Raspberry Pi load balanced server - page load time?

Google Analytics refers to the time it took to load the _entire_ page. When I viewed the link, it took about five seconds to load visually. However, if you use IE's network monitor, you can see it spends about 40 seconds trying to access a URL at scorecardresearch.com - probably an embeeded link or ...
by technion
Sun Aug 11, 2013 4:38 am
Forum: Networking and servers
Topic: My Pi server...
Replies: 15
Views: 5379

Re: My Pi server...

That's exactly the key here, deciding "what are you trying to achieve". Trying to push the envelope using a device like this - and demonstrating to hobbyists that you've been able to achieve acceptable performance for certain environments, is admirable. Complaining you made a business investment and...
by technion
Fri Jul 26, 2013 3:45 am
Forum: Beginners
Topic: Wordpress permission after installing
Replies: 3
Views: 487

Re: Wordpress permission after installing

The problem is that Wordpress' general model isn't itself secure. You've done about the only thing you can if you want to be able to update plugins and get Wordpress to update itself. I appreciate, that's expected from a Wordpress administrator's point of view, but it's also a terrible security solu...
by technion
Mon Jul 22, 2013 10:34 pm
Forum: Advanced users
Topic: okay, I've written a driver
Replies: 17
Views: 3290

Re: okay, I've written a driver

Well, since you're also working with GPIO, requiring privileges is probably the smart thing to do. I haven't gotten that far (yet); I just wanted to read the hardware clock without being root. Requiring root privileges for an application is never the smart thing to do - just sometimes it's the only...

Go to advanced search