PyBlosxom |
/Linux/audio:
Switching Between Multiple Soundcards
As a fan of USB audio devices, something that has caused me dissatisfaction for a very long time in my Debian Linux desktop environment has been the inability to gracefully and easily switch between multiple installed sound cards.
I just installed the pavucontrol module[1] and perhaps this is a thing of the past, at least for Gnome / Pulseaudio users. After installing pavucontrol I get a second loudspeaker / mixer icon in my desktop tray, which is a little confusing, and both mixers seem to interact and have some control over sound volumes. Not elegant, but the key addition inside the pavucontrol "Sound Preferences" dialog is an "Output" pane that lists my available audio outputs: "Internal Audio" and "Audio Adaptor" (USB headset), with a radio button beside each.
Clicking on the radio buttons transparently switches the audio back and forth between my laptop speakers and my USB headset. Outstanding.
[1] http://0pointer.de/lennart/projects/pavucontrol/
posted at: 12:28 | path: /Linux/audio | permanent link to this entry
/Hosting/Amazon/EC2:
Amazon AWS: Information You Need to Give Your System Administrator
Amazon AWS is designed to be able to give someone else the necessary privileges to control one's Amazon servers, without giving up the password of your Amazon AWS account. Here are a couple of very thorough treatments on the subject of Amazon AWS credentials: [5][6].
In order to broadly manage your account and its servers, there are two sets of keys your System Administrator is probably going to need to access and control your servers and data stores:
These two methods of authentication are also explained in the "Authentication" section of [1], and both sets of keys can be obtained from "Your Account" --> "Access identifiers" in your Amazon AWS account.
The "Access Key / Secret Access Key" is comprised of two long strings, much longer then what one typically thinks of as a "password". This is what a System Administrator needs most of the time for most Amazon AWS management tasks. The ElasticFox Firefox Extension[4], for instance, uses these for authentication. Following are examples of what these keys look like:
Access key: AKIAJQXQL474IJIOJATA
Secret Access Key: XQbln80m5ms8a4xUSxPd7xmyF/7IM9hM24bv9aez
The "X.509 certificate" is a pair of encryption keys (each of them much longer then either elements of the "Access Key / Secret Access Key") primarily used by the Java-based Amazon EC2 API Tools[2], as explained here[3].
The certificate looks like this:
-----BEGIN CERTIFICATE----- MIICdzCCAeCgAwIBAgIGAOfo0EVXMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wODA5MjcyMzU3MDdaFw0wOTA5 MjcyMzU3MDdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMdWx3MTFzaTFjYzhrMIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmtXexIvZGTtVvRaulv5ibeJR04W9L r1ET/hmfQDMrhojGURI+7HYWUtZwxBEUfU/L7JkSEgvtgpCpB4ulLAtzpNcd/aJ0 lL7gF6B0szIx3LSNX/uidt9JkFUNeCyJygMbGMQsK/V496KqHIbwaHKvB4gqGM5r Tpxuqv1Tu6SvQwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUPWGfgV0fN+glJXzs VPxSI3IcI4UwDQYJKoZIhvcNAQEFBQADgYEAcC6rIJiRSwSSx4+pDo/xcXsqX6jD /w9gnE/BnAvAtPyR5sH5x3ksGgmH0Z3VFtFk0Zika/EYACCFVpA76dRQeszYamPJ gaPwAZo6g7DK4YhWWX9b3p2waTWASUxzbb0ivRiL1bC5zLwin2MfAzMcwI4oYx1B BCvS2d6fGxuuXrQ= -----END CERTIFICATE-----
And the private key looks like this:
-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMaAtxIVZslDohGnIIXJ/V8HTvzm w7/wROrIDIAN7QIGW4G14y7Sy3IHM56Y89pCFuvtzOwX7dAKjAIho8SE1IWiG4XxojGrXkA4Y8HS 5rxUtj3DrAV+y60QEnwLQzICYPnSqG7w239J1TpPDBnCprec+qziUNu2iAhXMbbJCei9AgMBAAEC gYBrivykDXg8finmCneyRDbDL0B5/8P5zwBneq5bCjBnsm4NHi/RBF84jfJHcHJcwwWMGK+3EVfE KJKl7Pe+1oAUWd423ARd1AsPfjQhBZ/RXXhNpXovPz7PTFLOnzQbOmtkl59xPo67bIs2gWlu/0jj 6MXqGLpEp1JI1Z2mnFI6OQJBAOfDLRdUGekgBz5ZKpu8skzSvnVGxL/YGRpXOPKm08RuTMqRPvhW cn39nQZcjb9UYzdq2Av6cqwXFdMjcXBZw4MCQQDbQxndNYWmwH9ATH8Bg/D8/U0ciDO22NMj/Yti ToLLC0xStt6KXWFjyD/aAwz+3dmVSyvJK1s6stE0xUKiuq6/AkEAmdiF5iZ9zLLmHA00q4znDvgW VeNUV8UrZMDhnLIBgTN25kDkfBVmixv/UGm/7nImKnNSVyE5XeM1KaMtelcb4QJAE1xyfTkLqzTW R7w5fs3CyuQnGfzg7CVrR4NM+opKPFmsDKW/MuKaBfCZyst4K001uFwh6qqcbKt7k7hTcQEhCwJA EdAIyKc80eU5KpkWNwbEL3AqK4MYdihXN2/qAt+KVNNUYROzudpDuW1K96p28CaoavV0n81BWX7p UvidCsHK+g== -----END PRIVATE KEY-----
[1] http://clouddb.info/2009/05/17/using-and-managing-aws-part-3-aws-security/
[2] http://developer.amazonwebservices.com/connect/entry.jspa?externalID=351
[3] http://developer.amazonwebservices.com/connect/entry!default.jspa?categoryID=100&externalID=1791&printable=true
[4] http://developer.amazonwebservices.com/connect/entry.jspa?externalID=609
[5] http://alestic.com/2009/11/ec2-credentials
[6] http://www.elastician.com/2009/06/managing-your-aws-credentials-part-1.html
posted at: 06:31 | path: /Hosting/Amazon/EC2 | permanent link to this entry
/Security/circumvention:
Downloading Files When You Are Being Blocked
I live in China, and I have to deal with file downloads being blocked all the time. Particularly of the Canadian and US news podcasts I am fond of watching. For the record, it is hard to tell whether the Chinese are censoring, or whether the providers are trying to save bandwidth by blocking all of China. I think there is a little bit of both going on. So here is how I deal with it.....
A lot of things are not blocked, and for that I use Miro[1]. Miro has a lot of nice features for video podcatching. In my often bandwidth-starved situation, chief among them is that Miro is pretty good at resuming interrupted downloads, even after an over-night shutdown.
For blocked podcasts, I have an encrypted SSH tunnel setup from my desktop to one of my servers in the USA. Setup ssh, autossh, and proxychains per these posts[2]. With my tunnel setup, I use a second piece of podcatching software called gpodder[3], which I start in a terminal like this:
proxychains gpodder&
to force all gpodder traffic through my encrypted tunnel. Then use gpodder per normal to download blocked podcasts. However....
In China, there are often extended periods of time when the powers-that-be use the Great Firewall to interfere with these kind of downloads. Sometimes there are repeated network interruptions that cause large files to fail before there download completes. Sometimes this seems to be combined with bandwidth throttling, where each network connection I make is limited to 5 kb/s of download, which makes the download VERY long, and even more prone to interruptions.
For these particularly difficult situations, I just use gpodder to pull down the list of files from the podcast feeds. Then I use a Firefox plugin called "SQLite Manager"[4] to open gpodder's datebase in ~/.config/gpodder/database.sqlite. In the table called "episodes" can be found a record for each podcast that has been pulled down from the feed. From that record I can extract the actual URL of the file for the podcast, so that I can then download it with wget[5], which is an extremely robust command-line file downloader.
Then I can start the download in a terminal like this:
proxychains wget http://www.url.com/path/to/file/filename.something
Continuing a partially download podcast is as simple as:
proxychains wget -c http://www.url.com/path/to/file/filename.something
(Note the "-c".) It is also worth trying the above wget line first without proxychains, as sometimes only the feed URL is blocked, but the server where the actual files reside is not blocked.
[1] http://www.getmiro.com
[2] http://blog.langex.net/index.cgi/Admin/SSH-Proxy/
[3] http://gpodder.org/
[4] https://addons.mozilla.org/en-US/firefox/addon/5817
[5] http://www.gnu.org/software/wget/
posted at: 07:14 | path: /Security/circumvention | permanent link to this entry
/Security/password:
The Simplest Encrypted Password Store
I have been using keepassx[1] as a partial solution. keepassx runs on Linux, Macs, and Micro$oft operating systems, and allows you to lock the file not only with a password, but also a key file. A really nice piece of software. But I was looking for something command-line oriented, that I could access via SSH on one of my servers with a public IP.
The very simplest solution[2] seems to be vim[3], a turbo-charged version of the venerable Unix "vi" editor that includes a gnupg plugin (enabled by default on Debian).
To create an encrypted file with vim, just type:
vi -x test.gpg
and you will be prompted for the password that will be used to lock the file. Edit and save. Thereafter, if you
vi test.gpg -or-
view test.gpg
to edit or view the file, you will have to give your password to decrypt it.
Don't be afraid of vi! You only need to know a few keystrokes to get the basic stuff done. When you first open a file for editing, most keystrokes will be ignored because you are in view mode:
"i" to enter insert mode
"R" to enter overwrite mode
Esc key to return to read-only mode
"r" to overwrite just one character under the cursor
"x" or Delete key to delete the character under the cursor
"dd" to delete the line under the cursor
"ndd" to delete "n" lines under the cursor
"yy" to copy ("yank") the line under the cursor
"p" to past the last the last block of line(s) copied or deleted
"/text" to search for the string "text"
"zz" to exit and save
":q!" to exit without saving.
I have been using vi fairly hard for years, and I rarely stray from this short list of keystrokes.
[1] http://www.keepassx.org/
[2] http://www.lucas-nussbaum.net/blog/?p=431
[3] http://www.vim.org/
posted at: 01:49 | path: /Security/password | permanent link to this entry