Most RDBMS such as PostgreSQL and MySQL support TLS connections to encrypt the data on the wire between the application and the database. However there also seems to be applications here and there that don’t support TLS connections to the database server. Not the end of the world when your app is on the same server as the database server, but who does that? 😉 Read more
I often do a lot of work with temporary Vagrant, Docker, VMs, and I don’t really want those host keys clogging up my ~/.ssh/known_hosts file. So I just add the following alias to my shell “rc” file. In my case, I use zsh so it’s ~/.zshrc :
alias ssh-nocheck="ssh -o 'StrictHostKeyChecking no' -o 'UserKnownHostsFile /dev/null'"
Viola! Now all I need to is to use something akin to:
ssh-nocheck -p 2222 email@example.com
So after a couple days of searching, I still couldn’t find a way to catch a particular exception from the Apache libcloud module. Chalk it up to my inexperience with Python, but why couldn’t I find anything on the Interwebs in regards to 3rd party module exceptions? Searches were coming up with nuttin’ useful. Read more
I’ve resized many a ext4 partition, but now that XFS is the ‘default’ partition type for CentOS/RHEL 7 I am learning on the job, as the saying goes.
I was setting up a shiny new CentOS 7 EC2 instance, but when I tried to set the hostname using all of the typical Linux-y ways, none of them stuck after a reboot. It just kept going back to the default EC2 naming convention of ‘ip-172.31.x.x’. Since I am still getting used to CentOS 7 and all of the stuff they changed from 6, I figured it was a CentOS 7 thing. Not so…
I’m sure someone has already documented this somewhere, but here are my usual breadcrumbs. After pouring through Juniper’s thorough, yet scattered, documentation I finally got my SRX talking to Windows Ad via TACACS+.
I decided to go with TACACS.net, a free (not as in beer, though) command line oriented service that runs on Windows. It’s a very nice program and really cool that it can be downloaded for free. They charge for support, so I guess that’s how they keep the lights on. Read more
In a previous post, I wrote about a CMS called GPeasy. That post actually seems to still get a lot of hits, which might lead the visitors to wonder why I raved about GPeasy when I am using WP as my CMS/blog platform. Good question. At the time I decided to go with a CMS, WP was starting to get really good at being both a CMS and blogging platform and GPeasy was still being baked. But I might have to revisit GPeasy as it looks like they’ve added some cool features.Of course, I also stumbled upon Octopress the other day, which seems to be an interesting blog platform geared towards hackers with a lot of ways to show code, etc. I might have to check that out as well. Options abound!
I’ve been using virt-manager to manage my KVM hosts and I’m not keen on having to login to the remote hosts as root, plus I would get the password prompt every time I connect to the server (sure I could setup my pulic SSH key on the root account, but not a good idea to use RSA auth to the root account on a remote server). With Debian (Wheezy) it was fairly simple in that all that I had to do was add my regular username to the group “libvirt”. Then I could use the URI: qemu+ssh://firstname.lastname@example.org/system to connect to the remote KVM host using virt-manager.