...making Linux just a little more fun!

next -->


By Kat Tanaka Okopnik

This month's answers created by:

[ Ben Okopnik, Faber Fedor, Kapil Hari Paranjape, Karl-Heinz Herrmann, Lew Pitcher, Neil Youngman, Raj Shekhar, Ramon van Alteren, Rick Moen, Mike Orr (Sluggo), Steve Brown, Suramya Tomar, Thomas Adam ]
...and you, our readers!

Gazette Matters

Editor's Note

Hello, world!

(Especially that subset that contains the LG readership. ;)

We have a big Mailbag for you this month - we've finally caught up!

Thanks to a lot of fantastic work on Ben's part, and a lot of troubleshooting (and creative breaking) on mine, the Mailbag also has a hot new look. We'd love to hear feedback from you on your opinion of it.

-- Kat Tanaka Okopnik, Mailbag Editor

Experimental "projects" page

Benjamin A. Okopnik [ben at linuxgazette.net]
Thu, 12 Oct 2006 11:15:19 -0400

Hi, all -

I've just put up an "LG projects" page (it's not yet linked anywhere); please take a look at it, let me know what you think. I've found it tremendously useful already for "externalizing" the project ideas I've been carrying around in my head for a long time - now, I don't have to remember all that stuff any more (whee!!!) :)

[ In service to anthropology, I've added The Missing Link. -- Kat ]


I'd appreciate any comments on improvements, changes, etc.

* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

[ Discussion continued (5 messages/3.27kB) ]

Still Searching

Shoe string hosting

Bob van der Poel [bvdp at xplornet.com]
Thu, 07 Sep 2006 19:04:47 -0700

Or maybe the subject should read "I'm cheap, I want a host, but don't want to get ripped off and feel poorly about my choice".

Seriously, I've been looking at a bunch of low-cost hosting services. There are a whole bunch in the sub-$5.00 per month range ... and they all seem to be pretty much equal. Some of the review sites even give them decent ratings.

But, for everyone which a decent rating it's not hard to find a "never, ever use this host" review.

So, any of you folks using a cheap host you're happy with?

Oh, this is just for my personal stuff. I think I need less than 100meg storage and a few gig/month bandwidth. I can register my own domain, or get the free one included in most of the packages (is this a good/bad idea).

Hopefully someone has some experience to share.

Bob van der Poel ** Wynndel, British Columbia, CANADA **
EMAIL: bvdp at xplornet.com
WWW:   http://users.xplornet.com/~bvdp

Our Mailbag


Himanshu Thappa [himanshut at KPITCummins.com]
Sat, 16 Sep 2006 02:10:33 +0530

Hi James

Plz tell me what LD_Library_path does?tel me asap.

With Regards

Himanshu Thappa
Architecture Engineer
KPIT Cummins GBS Ltd.
Ext No. 5648
Mob. 09881407689

[ Discussion continued (12 messages/13.45kB) ]

fonts puzzle, and puzzling gmail page upon login from firefox

Benjamin A. Okopnik [ben at linuxgazette.net]
Thu, 31 Aug 2006 21:16:29 -0400

[I wrote this earlier, but it didn't go out then. Posting it anyway, despite Peter having solved it, since I figure it'll be useful to our readers.]

On Thu, Aug 31, 2006 at 11:23:23AM -0700, Peter Knaggs wrote:

[ skipping the GMail question ]

>  Another question: I've come across this after updating
>  Debian testing: I seem to be loosing fonts, or at least
>  the helvetica font I need for vncviewer and imagemagic:
>  For example, "display image.jpg" gives me:
> display: unable to load font
> `-*-helvetica-medium-r-normal--12-*-*-*-*-*-iso8859-1'.
> display: unable to load font
> `-*-helvetica-medium-r-normal--12-*-*-*-*-*-iso8859-1'.
>  And vncviewer gives me this:
> $ vncviewer wherever:2
> VNC server supports protocol version 3.7 (viewer 3.3)
> Password:
> VNC authentication succeeded
> Desktop name "wherever:2 (myusername)"
> Connected to VNC server, using protocol version 3.3
> VNC server default format:
> 16 bits per pixel.
> Least significant byte first in each pixel.
> True colour: max red 31 green 63 blue 31, shift red 11 green 5 blue 0
> Warning: Cannot convert string
> "-*-helvetica-bold-r-*-*-16-*-*-*-*-*-*-*" to type FontStruct
> Warning: Unable to load any usable ISO8859 font
> Warning: Unable to load any usable ISO8859 font
> Warning: Missing charsets in String to FontSet conversion
> Warning: Unable to load any usable fontset
> Error: Aborting: no font found
>  I tried searching for explanations, and as far as
>  I can tell I've got all the font packages installed.

First, I'd suggest checking to see if you system agrees with you about that.

ben at Fenrir:~$ xlsfonts -fn "-*-helvetica-bold-r-*-*-16-*-*-*-*-*-*-*"
ben at Fenrir:~$ xlsfonts -fn '-*-helvetica-medium-r-normal--12-*-*-*-*-*-iso8859-1'
Mine certainly recognizes those patterns, and can match them from the installed fonts (which is why, I suppose, I don't have that problem. :)

If yours can't - and I suspect that this is what you'll find - then you need to do a little investigative work to find out what's happening. First, you'll need to find out what X considers your font directories:

[ ... ]

[ Discussion continued (7 messages/13.59kB) ]

Hi, I have one doubt

k.Ravikishore [ravikishore.k at hclsystems.in]
Sat, 23 Sep 2006 16:35:28 +0530

How to create a bash shell script that removes all files whose names end with a "~" from your home directory and subdirectories.

----------------------------- HCL Systems, Hyderabad, India

[ Discussion continued (2 messages/2.50kB) ]

Nokia tablet article

Mike Orr [sluggoster at gmail.com]
Thu, 26 Oct 2006 10:11:15 -0700

[For the Mailbag, regarding my Aug 9 letter about a Nokia tablet article.]

The more I looked into the Nokia Internet Tablet 770, the more I became concerned about its speed, capacity, and cost of add-ons I considered essential. I finally ended up going to the dark side and getting a Macintosh laptop. [1] So if anybody wants to do an article on the Nokia or on Linux or Open Source use in palmtops in general, we're looking for one.

[1] Well, it's not that dark, it's only twilight compared to a certain other OS. But it was strange reading a 6-page license agreement when I hadn't used proprietary software for nine years. And I still use Linux at work. :)

Mike Orr <sluggoster at gmail.com>

[ Discussion continued (4 messages/4.82kB) ]

FFMPEG Installation

Suramya Tomar [suramya at suramya.com]
Tue, 10 Oct 2006 17:04:22 -0400

Hey Everyone, Got the questions below via email and I was hoping one of you might have an answer for him (The stuff in brackets are my questions):

1. If /tmp partition is mounted with noexec and nosuid flags, is it not possible to run ./configure? If so how can we bypass this?

(I remember reading somewhere that mounting /tmp with noexec and nosuid is a good security precaution, but if it causes trouble with the ./configure then is it worth it?)

2. How to modify (RPM - atrpms.net) installation of FFMPEG to include the amr_nb / amr_wb fixes in order for me to be able to convert 3GPP video to FLV.

Thanks for the help.

- Suramya

-------- Original Message --------

Subject: Re: FFMPEG Installation
Date: Tue, 10 Oct 2006 17:57:20 +0100
From: <markw2@fireflyuk.net>
To: TAG <tag@lists.linuxgazette.net>
To: Suramya Tomar <suramya at suramya.com>
References: <004901c6ea0e$05b24a10$0502a8c0 at MARKDESKTOP> <452BC78B.9040008 at suramya.com>

Hi Suramya, thanks for your reply. It's really appreciated.

Please feel free to forward my e-mail to this group as it would be great to have a solution to this.

Thanks again and best regards


PS. Would you know of any guide/tutorial that explains how to create/modify RPM's, where files are stored and where spec files can be found, once they are installed on a system?

----- Original Message -----

From: "Suramya Tomar" <suramya@suramya.com>
To: TAG <tag@lists.linuxgazette.net>
To: <markw2 at fireflyuk.net>
Sent: Tuesday, October 10, 2006 5:17 PM
Subject: Re: FFMPEG Installation

[ ... ]

[ Discussion continued (2 messages/8.07kB) ]

More suggestions on my perl app... And, an announcement!

clarjon1 [clarjon1 at gmail.com]
Tue, 1 Aug 2006 20:50:57 -0400

Hello, gang! I've worked on my perl program a bit, and added stuff like command line switches to it. I've gotten it set up so that, if I don't enter a switch, it will display the contents of the 'calendar' file, and if there is a command line switch, it won't. Nothing fancy...

I've attatched it, because I don't want to spend a lot of time stripping out a lot of comments. Hope you don't mind. Here's what I want to do (other than update the TODO in it):

1) More interactive: Nothing like Ncurses, just something along the lines of if I add my -A switch (for Add), and I don't specify any input, that it will allow me to enter input rather than just add a blank line. 2) Make it use arrays! That is, be able to read arrays from disk. Or would I just be better off telling it to use postgres as a database? Either way, I don't know what to do. 3) Make it able to search for a specific item, and/or sort by specific items. Very useful, dunno if it's worth the time and effort, really.

That's all I can think of at the moment.

Oh yeah, the announcement!

I'm going to Los Angeles, California on the 8th this month, to attend the DCLA conference there. I'm going to be in a plane on Monday! Very nervous, I am. I believe that we will be driving a 2hr drive down to Toronto, Ontario, and then taking a flight from there all the way to LA (hope I get a window seat!!)

Any LG people in LA? Maybe we could meet (unlikely, but would be nice :D)

Apparently, the hotel is nearby the conference (a Hilton, I've heard)

* Clarjon1 at jon.clarjon1.linux goes off, being excited...

[ Discussion continued (6 messages/10.84kB) ]

Debian Installation

Neil Youngman [ny at youngman.org.uk]
Sun, 1 Oct 2006 19:49:09 +0100

Well I've had enough of the creeping bit rot in my Mepis installation and I want to be rid of Mepis. I'm trying to go back to a plain vanilla Debian installation. I've also recently upgraded my system with a SATA conroller and a 200GB hard disk, onto which I tried to install Debian with the Debian 3.1 net installer.

The default install hung, so I went for the "expert" install and got an installation on the SATA disk. It's definitely there, I can see it, but I can't boot from it.

It's on /dev/sda5, and grub loads the kernel up, but the kernel panics because as far as it's concerned /dev/sda5 doesn't exist. I can only assume that the kernel it has installed doesn't have the right module (SiI3112) installed for the SATA controller.

Is there a way to check what modules are built into this kernel?

Is there a simple way around this?

Is it best just to build my own kernel to replace the one that has been installed?

Neil Youngman

[ Discussion continued (26 messages/45.25kB) ]

Process monitor

Brian Sydney Jathanna [briansydney at gmail.com]
Tue, 26 Sep 2006 14:56:13 +1000


I am facing a problem with one of my services which needs to be constantly monitored and restarted in case it dies. I was just wondering if there is a command / program / script which can be placed in crontab to monitor a process and restart it if its dead. Thanks in advance.


[ Discussion continued (6 messages/7.64kB) ]

John Karns's post tripped some spam filters

Rick Moen [rick at linuxmafia.com]
Mon, 14 Aug 2006 00:56:47 -0700

Hmm, John's post got held by Mailman, claiming that SpamAssassin had marked it as "possible spam". Let's have a look at what got into Mailman and SpamAssassin's tiny little brains:

 Received: from [] (port=33475 helo=localhost.localdomain)
 	 by linuxmafia.com with esmtp   (Exim 4.61 #1 (EximConfig 2.0))
 	 id 1GCMEs-0005t8-Hg   
 	for <tag at lists.linuxgazette.net>; Sun, 13 Aug 2006 13:07:21 -0700
 Received: by localhost.localdomain (Postfix, from userid 1000)
 	id 371D323055; Sun, 13 Aug 2006 15:07:01 -0500 (COT)
 Received: from localhost (localhost [])
 	by localhost.localdomain (Postfix) with ESMTP id 31E942303E;
 	Sun, 13 Aug 2006 15:07:01 -0500 (COT)
 Date: Sun, 13 Aug 2006 15:07:01 -0500 (COT)
 From: John Karns <jkarns@etb.net.co>
 To: TAG <tag@lists.linuxgazette.net>
 X-X-Sender: jkarns at localhost.localdomain
 To: jeff at jeffroot.us
 cc: tag at lists.linuxgazette.net
 In-Reply-To: <17630.47578.208478.397536 at localhost.localdomain>
 Message-ID: <Pine.LNX.4.61.0608131345520.21008 at localhost.localdomain>
 References: <17621.16287.466717.206264 at localhost.localdomain>
  <20060806022547.GA3848 at linuxgazette.net> <17621.34053.297464.620391 at localhost.localdomain>
  <20060807030821.GA3903 at linuxgazette.net> <Pine.LNX.4.61.0608091621130.12020 at localhost.localdomain>
  <20060809214806.GA4892 at linuxgazette.net> <Pine.LNX.4.61.0608121407330.836 at localhost.localdomain>
  <17630.47578.208478.397536 at localhost.localdomain>
 MIME-Version: 1.0
 X-SA-Do-Not-Run: Yes
 X-EximConfig: v2.0 on linuxmafia.com (http://www.jcdigita.com/eximconfig)
 X-SA-Exim-Mail-From: jkarns at etb.net.co
 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on linuxmafia.com
 X-Spam-Level: *
 X-Spam-Status: No, score=3.5 required=4.0 tests=AWL,BAYES_00,FORGED_RCVD_HELO,
 	autolearn=no version=3.1.1
 Subject: Re: [TAG] Talkback:127/howell.html
 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
 X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200)
 X-SA-Exim-Scanned: Yes (on linuxmafia.com)
The weird thing is, it was Mailman that objected to your message and held it for my manual approval, claiming that SpamAssassin had flagged it as "possible spam" -- yet, as you can see, SA's score was 3.5, well below the 4.0 spamicity threshold I set in SpamAssassin. I'm not sure what's going on there.

In any event, spamicity = 3.5 is eyebrow-raising enough in itself, so let's see what all those failed tests in the X-Spam-Status line are:[1]

AWL: Auto-WhiteList. This is a simple "address or IP that has been heard from in the somewhat recent past" database, giving ones not heard from recently a small boost to the maybe-distrust-this spamicity score.

BAYES_00: A "Bayesian" statistical test on the body text. The "BAYES_00" result means that the Bayesian estimate of probability is that there's only a 0-1% likelihood of your post being spam, and that result actually reduces the post's spamicity score.

[ ... ]

[ Discussion continued (3 messages/9.40kB) ]

Debian forks cdrtools

Benjamin A. Okopnik [ben at linuxgazette.net]
Mon, 4 Sep 2006 12:44:39 -0400

On Mon, Sep 04, 2006 at 02:19:37PM +0530, Kapil Hari Paranjape wrote:

> Hello,
> Some news.
> I suppose this was bound to happen sooner or later. Debian
> maintainer's J. Jaspert and E. Bloch lost patience with J. Schilling
> and have forked "cdrtools" to create cdrkit. Some details at
> 	http://debburn.alioth.debian.org/FORK 
> (The forked tar.gz can be found in http://debburn.alioth.debian.org/).
> Other reasons for the fork can be found on
> http://bugs.debian.org/cdrecord and on the Linux Kernel mailing lists.

Good for them and everyone else, I say. I've been struggling with (and quietly cursing at) Joerg Schilling's DVD-writing software for a long time. On the one hand, it's the only DVD-writer that I could get to work on this strange DVD drive I have (Matshita DVD-RAM UJ-820S) - but it would only let me write at 1x due to nothing more than some strange conceit of the author's. As I recall from his explanation on a web page, he had decided that the Linux /dev implementation sucks, and until it was rewritten to be more like that of BSD, he wouldn't do anything to make 'cdrecord' work reasonably. Elsewhere, in every instance that I've seen him involved in a discussion about any technical issue, I was struck by his inflexibility ("bull-headedness" would be too strong of a term, since he is highly technically competent, but the stubborn refusal to even consider any viewpoint other than his own was... less than admirable.)

Now, according to the Debian bunch, he's exhibiting that same kind of intransigence and blind adherence in an area which is clearly not his strong point - licensing issues. [shrug] His right as the author, of course... but this is exactly the reason that forking is such a useful method. This is, in my opinion, as good as Open Source gets.

(BTW: has anyone else noticed that the largest, toughest, most dangerous monster in QuakeII is called 'Jorg'? I'm just sayin'. :)))

* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

[ Discussion continued (2 messages/5.36kB) ]

navigation using ubuntu

Benjamin A. Okopnik [ben at linuxgazette.net]
Thu, 14 Sep 2006 14:53:08 -0400

Hi, Steve -

On Thu, Sep 14, 2006 at 11:04:27AM -0700, srankin wrote:

> Hi Ben
> I've started using Ubuntu which is so great compared to Windoze and if I
> can manage to run some navigational software I could eliminate Windoze
> altogether. (It would be like getting rid of an abcessed tooth). Any
> ideas? Will Wine run Nobeltec? Or do you know of any Nav software
> available in open source?

I've actually posted about this on the 'origamiboats' list a while back, but I'll repeat it and expand on it a bit. If you don't mind, I'm also going to CC this exchange to The Answer Gang at the Linux Gazette; this is actually a question that I get asked on a regular basis by other sailors who use Linux, and I believe a number of people could benefit from the answer.

I've checked out a number of programs intended for navigational use under Linux; all of these have been useful to some degree, and some, like SeeMyDEnc (http://www.sevencs.com/index.php?page=123) are becoming more and more useful day by day, as NOAA and other chart-producing agencies convert more and more of their charts to the S-57 and other modern charting formats; in fact, S-57 charts and viewers have become so good that they are now treated as a legal equivalent of paper charts in commercial shipping regulations (!). These converted charts, incidentally, are available free of charge at http://chartmaker.ncd.noaa.gov/ - a service that's worth thousands of dollars to cruisers, given the average cost of paper charts.

Anyway, the two programs that I use most of all in my navigation are 'xtide' and Mayko's 'mxmap'; the former shows a list of currents and tides for any location in the world, while the latter is a very featureful chart viewer. 'mxmap' reads BSB charts, does GPS tracking, allows you to construct/follow routes, set markers, "scribble" on the charts, and do lots of other goodies. It also allows you to use, e.g., a scan of a map or a chart - you just set the lat/long of diagonally opposing corners, and away you go.

The only problem with 'mxmap' is that it is unmaintained; the developers (Mayko), as far as anyone seems able to tell, have disappeared off the face of the earth leaving us with this really nice piece of software. Maybe they went cruising. :)

Since Ubuntu is Debian-based, you should be able to install 'xtide' via the standard installation mechanism ('apt-get install xtide' as root); "xmap" can be found at http://fresh.t-systems-sfr.com/linux/src/ (look for three files with 'xmap' in the name - one of them is a bunch of sample maps, the other two are static and dynamic versions of the program.)

* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

[ Discussion continued (6 messages/6.93kB) ]

mass-editing MP3s

Faber J. Fedor [faber at linuxnj.com]
Wed, 6 Sep 2006 11:11:07 -0400

Ben's response to this question was published as http://linuxgazette.net/131/lg_tips.html#2-cent-tips.05 --Kat

Does anyone know of an app/script that will automagically set ID3 tags in my MP3s files using freedb?

I got one of those pod thingies that are so popular with the kids these days and discovered that quite a few of my MP3s don't have ID3 tags on them. I have no idea how that happened since I've ripped every CD with grip (which means my MP3s directory hierarchy follow the standard format of artist/album/song.mp3).

Googling "mass edit mp3s" brings up mostly Windows apps. I gather most of those will let me makes changes to ID3 tags across a group of MP3s (say changing "Bush, Kate" to "Kate Bush" en masse) as opposed to what I want (look up the info on freedb and apply that info to the MP3s).

I did come across something on IBM Developer Works that uses a couple of Perl modules (we now have Ben's attention!) and freedb but I couldn't get it to work properly, meaning a) I couldn't understand the docs and b) I couldn't redirect the output to a file to see wtf it was doing.

Since I don't want to rip and encode all of those CDs again, I'll happily roll my own, but I thought I'd check with you guys to see if I've missed an existing solution.

Faber Fedor
Linux New Jersey, Inc.

[ Discussion continued (3 messages/3.26kB) ]

gmail setup

John Karns [johnkarns at gmail.com]
Thu, 7 Sep 2006 08:56:21 -0500

Hi All,

I'm getting lots of bounce notices regarding incoming mail from gmail. I'm baffled. Would this be generated by my host?

1) I'm popping with fetchmail.

2) Due to postfix (yuck) sending mail to the bit-bucket, I've tried bypassing it and specifying procmail as the mda in .fetchmailrc.

I don't understand why it cites failure to establish an smtp connection with jkarns at localhost:

TEMP_FAILURE: Could not initiate SMTP conversation with any hosts: [localhost (1): Connection refused]

It would make a little more sense to me to see msgs like this being generated by postfix on my host, but don't see what POPping from gmail should be related in any way to an smtp connection.

Any suggestions / help much appreciated.

Here's an example:

[ ... ]

[ Discussion continued (9 messages/19.42kB) ]

Suspend Hibernate etc. (Was 2-cent Tip: Unicode conversion)

Kapil Hari Paranjape [kapil at imsc.res.in]
Sun, 10 Sep 2006 14:53:20 +0530

On Fri, 08 Sep 2006, Benjamin A. Okopnik wrote:

> On Wed, Sep 06, 2006 at 07:53:12PM -0500, John Karns wrote:
> > [1]* works wonderfully on this aging Dell I8100, best I've ever had a
> > laptop run under Linux - at the end of the day I just suspend to RAM -
> > haven't done a shutdown or reboot now in 14 days!  Probably mostly thanks
> > to the improvements in the kernel suspend code, but they seem to have the
> > ACPI scripting functioning very well too.  Hibernate hasn't proven to be
> > quite as smooth though.
> Mine just don't work, period. Bleagh. :((( To the best of my ability to
> figure it out, the ACPI on this Acer 2012 is so horrendously broken
> that it's not even worth trying to fix (although I'd downloaded Intel's
> ACPI compiler/decompiler, dutifully fixed all the errors, and shoved it
> all back in, it didn't seem to make any difference.) Well, this laptop
> is getting toward the end of its useful life... we'll see how the next
> one goes.

Continuing my experiments with suspend/hibernate etc...

For 2.6.17-rc1 upwards you should try out "uswsusp" which tries to sort out problems with prior suspend(s).

My current situation is quite happy vis-a-vis both suspend to disk suspend to ram. I use the "stock" Debian linux-image-2.6.17-2-686 (version 2.6.17-8) and initramfs-tools (version 0.77b) with aforementioned uswsusp (0.2-3).

Everything "works" out of the box except for a minor hiccough with suspend-to-ram which required some hacking as follows.

	a. Save current device config to disk 
		cat /proc/bus/pci/00/02.0 > /var/lib/acpi/vid_0
		cat /proc/bus/pci/00/02.1 > /var/lib/acpi/vid_1
	b. Suspend-to-ram
		echo -n mem > /sys/power/state
	c. Restore device state on resume
		cat > /proc/bus/pci/00/02.0 < /var/lib/acpi/vid_0
		cat > /proc/bus/pci/00/02.1 < /var/lib/acpi/vid_1
The developers of suspend are undecided on whether they should wait for the kernel to fix this or just make the change to s2ram since the problem seems to be for specific hardware combinations like the thinkpad R51 with intel graphics (or perhaps only for that combination!).

I should perhaps also mention that suspend worked fine on my laptop with Ubuntu Dapper which I tested out.

Generally, I have found that "suspend-to-disk" works out-of-the-box with all laptops that I have come across; "suspend-to-ram" seems more tricky. Given my experience, I would say that Ben is singularly unlucky :-(


Kapil. --

[ Discussion continued (3 messages/8.71kB) ]

Bring it up later on CD?

barb [jojodancer1 at cox.net]
Tue, 29 Aug 2006 16:05:03 -0700

I have assigned the subject for this thread, as it came in with none. --Kat

hi, if I download a entire web site and burn it onto my cd, later on if the site is not availablecan I bring it up on my cd that I burned earlier? barb

[ Discussion continued (2 messages/2.38kB) ]

SSH configuration stuff

Faber Fedor [faber at linuxnj.com]
Fri, 15 Sep 2006 14:20:08 -0400

On 9/15/06, Bradley Chapman <kakadu at gmail.com> wrote:

> Recently I decided to take the plunge and enable SSH on my firewall
> machine, to allow me to get into it remotely. Having done so, I'm now
> agonizing over whether or not I've configured it correctly.

Send us your IP Address and the root password and we'll let you know. :-) Just kidding!

Everything looks fine to me. I would suggest you move the default port to another address: something high (< 64000) and random. A cracker seeing something open on port 22 will do an SSH attack, but on port 54256 he won't know what program to use.

> So far as I can tell, I have asymmetric public-private key
> authentication working correctly, but I am still asked for the account
> password when I SSH into the machine.

IIUC, I think it's asking for your passphrase, the one you used to generate the key-pair, no? To get around that, you have to generate keys with no pass-phrase (which is considered A Bad Thing).

Not only that, but despite

> setting PermitRootLogin to 'no', and AllowUsers to 'user' (the name of
> the account I set up), when attempting to login as either root or any
> other user on the machine, the ssh client simply asks for the account
> password three times and then fails, instead of failing immediately -
> is it supposed to do that?

Yes, it's supposed to do that. With that behaviour (prompting for the password three times), the cracker isn't sure if A) root logins are disabled or B) he has the wrong password. If it failed immediately, he would know that A was true. Anything to slow the little buggers down.

> TIA,




Faber Fedor Linux New Jersey, Inc. 908-320-0357 http://www.linuxnj.com

[ Discussion continued (5 messages/8.96kB) ]

How to boot linux (FC5) without a bootloader...

Chanchal Mitra [ck.mitra at gmail.com]
Sun, 1 Oct 2006 22:56:16 +0530


You know what I mean. I have only one OS setup on my harddisk and I have no use for grub or lilo. How do I boot directly into linux?

I noticed in the kernel sources there is a file named bootsector. I cannot find any information on how to use it.

It must be simple to do but the question is how?

I am using fedora core 5, arch: x86_64. All updated using yum.

Thanks in advance.


[ Discussion continued (2 messages/2.30kB) ]

IE6 under IceWM

Bob van der Poel [bob at mellowood.ca]
Mon, 09 Oct 2006 17:19:08 -0700

Hi. I've dl'd and installed the IE6 running under Wine from http://www.tatanka.com.br/ies4linux/page/Main_Page This is useful step in testing web page development ... I don't care enough about it to actually test with a real windows machine, but if I can test locally using IE6 it is not a big deal.

Under gnome or KDe it works just fine. But, it crashed (or stalls) under icewm. I have tried to start from a terminal and from the toolbar. Under a terminal I get the Wine debug prompt, and a "loading" window. But that is about it.

I am thinking there is a path difference or something. But, I have checked and don't see and obvious differences.

I have checked on the tatanka page and don't see anything on this topic. And a request to the IceWM users list has drawn a blank as well. Maybe one of you guys has an idea on this?

Bob van der Poel ** Wynndel, British Columbia, CANADA **
EMAIL: bob at mellowood.ca
WWW:   http://www.mellowood.ca

[ Discussion continued (3 messages/3.90kB) ]

fonts puzzle, and puzzling gmail spyware page upon login from firefox

Peter Knaggs [peter.knaggs at gmail.com]
Thu, 31 Aug 2006 11:23:23 -0700

Hi All,

Has anyone else come across this gmail "spyware" page when trying to log into gmail using Firefox?

[ Snipped image ]

As you can imagine, it plays havoc with the gmail notifier extension, as well as making me doubt my ability to read, each time I try to log in. (Trying to type in the contents of the squiggly message displayed in the box seems to be a task my brain is almost incapable of handling early in the morning). So I'm wondering, is this something Firefox is doing to annoy gmail? Or just something gmail has started doing to annoy all their users?

Another question: I've come across this after updating Debian testing: I seem to be loosing fonts, or at least the helvetica font I need for vncviewer and imagemagic:

For example, "display image.jpg" gives me:

display: unable to load font
display: unable to load font
And vncviewer gives me this:

$ vncviewer wherever:2
VNC server supports protocol version 3.7 (viewer 3.3)
VNC authentication succeeded
Desktop name "wherever:2 (myusername)"
Connected to VNC server, using protocol version 3.3
VNC server default format:
 16 bits per pixel.
 Least significant byte first in each pixel.
 True colour: max red 31 green 63 blue 31, shift red 11 green 5 blue 0
Warning: Cannot convert string
"-*-helvetica-bold-r-*-*-16-*-*-*-*-*-*-*" to type FontStruct
Warning: Unable to load any usable ISO8859 font
Warning: Unable to load any usable ISO8859 font
Warning: Missing charsets in String to FontSet conversion
Warning: Unable to load any usable fontset
Error: Aborting: no font found
I tried searching for explanations, and as far as I can tell I've got all the font packages installed. I attach the output from running
    dpkg --get-selections > /tmp/dpkg--get-selections
in case it could be helpful.

[ snipped ]

I have a machine running Debian stable, and both "display" and "vncviewer" are working fine, but comparing the strace hasn't gotten me very far. I was wondering if anyone would have any hints, I've not much experience / understanding of X11 fonts.

Thanks, Peter.

[ Discussion continued (3 messages/7.60kB) ]

E-mail server issues

David Sugar [DSugar at boyslatinmd.com]
Mon, 14 Aug 2006 14:54:07 -0400

I am having an issue sending out e-mails from my linux box. Here is the issue:

I am getting the message

"host map: lookup (boyslatinmd.com): deffered"
The linux machine is named reeses.boyslatinmd.com ( internal address)

All mail for the boyslatinmd.com domain is handled by email.boyslatinmd.com ( internal address)

I have tried setting up domain routing using sendmail and nothing seems to work using either the ip address or host name. I have even tried sending mail directly to the internal ip address and it doesn't work. Please help ASAP as I am trying to get a helpdesk server setup before the school year in about 2 weeks.

Thanks for the help.


David Sugar
Administrative Technology Coordinator
The Boys' Latin School of Maryland
822 West Lake Avenue
Baltimore, MD 21211
410-377-5192 x.

[ Discussion continued (2 messages/3.66kB) ]

create/design & edit listing

M.L. Morrison [mlmorrison2 at hotmail.com]
Tue, 17 Oct 2006 12:36:14 -0400


I'm an admitted newbie and need help cresting my listing for ebay and similar type sales.

Creative writing that gets to the point and noticed is the main thing I need help with.

Please send info. Thanks so much!

[ Discussion continued (2 messages/1.80kB) ]

Pointers to Perl CGI Resources

Ramanathan Muthaiah [rus.cahimb at gmail.com]
Wed, 18 Oct 2006 19:40:59 +0530

Hi Gang,

I could have Googl-ed to find plentiful of answers but decided otherwise to seek wisdom here.

My plans are to develop simple web-based application using Perl scripts and MySQL as back-end for data storage. Am planning to host the application using Apache http server. Am aware that Perl modules (DBI) are needed to interact with database. I have little knowledge of db design.

My question :

Am lost here, how to start this whole activity ? Reason is, am not comfortable in embedding the Perl scripts with HTML tags and regular functions for data management needs.

Intention is to keep the, scripts providing the front-end and back-end processing, separate and not mix all in the same script(s).

Looking forward to your suggestions.


[ Discussion continued (7 messages/10.45kB) ]

"New" Windows Vista features vs. OS/X

Benjamin A. Okopnik [ben at linuxgazette.net]
Sun, 1 Oct 2006 13:21:10 -0400

Somebody took the audio from a Micr0s0ft Vista "we're so brilliant, we've invented all this new stuff" shill session and overlaid it on a video of themselves doing it all on their OS/X desktop - with a few additional twists. High amusement factor, including Bill G's 1977 "jailbird" photos.


* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

frame rate of VCD and DVD

Mulyadi Santosa [mulyadi.santosa at gmail.com]
Fri, 20 Oct 2006 17:34:54 +0700

Dear gang...

I face a trouble here. Does anyone know the frame rate of VCD and DVD? Also, what is the fps (frame per second) of movie trailers spreading on Internet? What is the right way to calculate the fps?

My another problem is, suppose I have a video clip which has 30 fps. What should I do if I want to double the fps (i.e 60 fps)? Is there any tool available to do this?

Any hints would be greatly appreciated... Thanks in advance.



[ Discussion continued (17 messages/23.68kB) ]

DNS security

Ronald Nelson [rnelson at kennesaw.edu]
Thu, 28 Sep 2006 11:26:24 -0400

I am a member of the network group at a university in Atlanta Georgia, some time ago we had a minor DOS from off campus to our main DNS server, at that time we decided to only allow outside connections from our service provider (Peachnet) and block all others with our firewall. We seem now to have a problem with the root "EDU" servers.

edu.                    172800  IN      NS      M3.NSTLD.COM.
edu.                    172800  IN      NS      A3.NSTLD.COM.
edu.                    172800  IN      NS      C3.NSTLD.COM.
edu.                    172800  IN      NS      D3.NSTLD.COM.
edu.                    172800  IN      NS      E3.NSTLD.COM.
edu.                    172800  IN      NS      G3.NSTLD.COM.
edu.                    172800  IN      NS      H3.NSTLD.COM.
edu.                    172800  IN      NS      L3.NSTLD.COM.
They cannot resolve anything in our domain including our primary DNS server. Do we need to include these servers in our rule base ? How do we protect against a DOS attack on our DNS servers ?

thanks Ron Nelson 770 403-2135

[ Discussion continued (2 messages/6.04kB) ]

Talkback: Discuss this article with The Answer Gang

Bio picture

Kat likes to tell people she's one of the youngest people to have learned to program using punchcards on a mainframe (back in '83); but the truth is that since then, despite many hours in front of various computer screens, she's a computer user rather than a computer programmer.

When away from the keyboard, her hands have been found full of knitting needles, various pens, henna, red-hot welding tools, upholsterer's shears, and a pneumatic scaler.

Copyright © 2006, Kat Tanaka Okopnik. Released under the Open Publication license unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 132 of Linux Gazette, November 2006

next -->