Dealing with SSH’s key spam problem

Recently I created a new virtual machine locally, and I tried to ssh into it.

[diablo@infinity ~]$ ssh tachikoma
Received disconnect from tachikoma: 2: Too many authentication
failures for diablo
[diablo@infinity ~]$

I didn’t put a key on tachikoma yet, and ssh didn’t ask me my password. It didn’t make any sense.

So, I ran the same command with -vvv and realized… its sending all my identity keys to tachikoma, and the sshd on that machine is kicking the connection due to all of them failing.

What bizarre behavior.

So I dug around in the man page for ~/.ssh/config, ssh_config and noticed I can just add…

host *
IdentitiesOnly yes

… to force ssh to only use specifically named identities which (what I’ve been doing for years, anyways) are written like this…

host some.remote.host.com
IdentityFile ~/.ssh/id_rsa_some.remote.host.com

… or something similar. With the IdentitiesOnly directive in there, it only sends specifically the identity keys I specify with IdentityFile instead of spamming all the keys I have.

I’m not sure if this is a Debian-only problem (both infinity and tachikoma are Debian machines), but even though its a security feature, its kind of annoying.

Evil solution to the XSLT empty xmlns probem

I’m currently using XSLT, and I’ve come across the dreaded empty xmlns problem. My XML contains elements that do not have rules in my XSL stylesheet and most XSLT engines append the attribute xmlns="" when it gets confused about what namespace the element belongs to… I get bitten by this because I do not have an input DTD as the document is not meant to be used as anything but fodder to create XHTML.

Many people even have this problem when using XSLT to transform XHTML into XHTML… the input and output namespaces are the same, and they’re using properly formated and validated XHTML documents (complete with the doctype statement and the xmlns attribute on the html element).

Many people just want to force the transforming engine to blindly copy the elements as is over to the new document, and ignore the namespace issue. The below XSL should do this, use wisely.

<xsl:template match="*|@*">
    <xsl:element name="{ local-name( . ) }">
        <xsl:apply-templates select="@*|node()"/>
    </xsl:element>
</xsl:template>

So, now I can go use XHTML in my input and have it spit back out unmolested.

Random Perl: How to check if something is a number

Perl has no built in function or sub to test if a variable is a number or not. Scalar::Util makes it easy, and is a core module as well.


use Scalar::Util qw(looks_like_number);

my $number = 192;
my $string = '123foobarbazquux123';

if(looks_like_number($number)) {
  print "$number is a number!\n";
}

if(!looks_like_number($string)) {
  print "$string is not a number!\n";
}

Tada!

Solid state society: The future of common data storage

Fifty-one years ago, IBM did something amazing, something that changed the world and kick-started the computing revolution twenty years before Intel and Apple and Microsoft and everyone else declared they were open for business: IBM invented the hard drive.

A monster of a machine, a behemoth, one ton of spinning metal the size of a fridge held exactly five megabytes via 50 two foot platters and a bunch of controller hardware and buffer memory. This hard drive was the first of it’s kind, and helped spawn an entire industry of data storage; not only was it faster and easier to use and maintain compared to tape media, it was also expensive and only a few companies could afford this.

The technology over the next few years shrank and increased in performance, and stories of “wash machines” dancing across the data center were well known. More and more companies started buying them to replace or supplement their tape drives, and eventually tape died out in the commercial sector.

Eventually, the three or four home computing revolutions come and go, and the two portable device revolutions come and go. Wash machines become small external units, those external drives become internal (5.25″ full height), and then they become smaller (3.5″) and smaller (2.5″) and smaller (1.8″) yet. Megabytes become gigabytes become tens and hundreds of gigabytes and finally, as of a few months ago, terabytes.

All of this technology ultimately works the same way: spinning platters with magnetic heads reading what an IBM engineer once named “magnetic milkshake.” The one single major flaw in this design is that anything that moves will eventually break down. Spinning drives slower won’t decrease the wear and tear, and neither will cooling them; and new bearing designs? They decrease noise and some wear and tear, but do not prevent mechanical failure.

We’ve invented new technologies, such as redundant arrays of inexpensive disks (RAID) to both increase performance and decrease the chances of mechanical failure eating your data. A suitably sized RAID 6 array can have two drive failures before you risk data loss. An array of, say, six to ten drives for such an array is also huge and outside the realm of most people; and I haven’t seen Apple issue iPods with RAID arrays yet.

In addition to all of this, the magnetic heads have to move across the platter to read and write specific areas, which increase the time it takes to read random data (sequentially read data suffers from this less). If mechanical failure was the major issue of this design, seek times is the secondary issue.

In 1984, a Dr. Fujio Masuoka invented flash memory: a non-volatile memory that can be used as data storage in the same way you’d use tape or hard drives, and flash has no moving parts nor does it use large amounts of power like hard drives do because of spinning platters. You see flash everywhere now, in your cell phones, in your digital cameras, in your hand held game systems, and also in your Wiis. We call drives built out of this technology: solid state drives.

Laptops are now the key target: laptops never have enough power, and battery technology is not keeping pace with our advancements with other technology, and until Santa Rosa more than 3 hour battery life under normal conditions on most laptops was impossible… now it’s simply medium difficulty. Flash technology now has gotten very interesting due to the fact everyone from laptop manufacturers to silent computing aficionados to even the enterprise sector wants flash tech to replace their spinning milkshakes.

Why Powered USB Is Needed, Part 3: USB 3?

This article describes a version of USB that is not related to the new USB 3 spec that Intel has released for 2010 products

I originally planned the Powered USB article as two parts, one explaining why USB took off, and another explaining why USB isn’t the best solution because it can’t power large devices plus why Powered USB isn’t the greatest solution either because it isn’t in consumer electronics yet and has the different plugs for different voltages issue as well.

What I didn’t plan on was all the Firewire fans popping up and saying I was wrong for pushing a Powered USB/USB 3 combo. For the record, I’m also a Firewire fan but haven’t gone to the fanatical levels some people have. Part 3 is for you guys.

Read the rest of this entry »