Greetings List Lurkers,
Jonathan Ferguson and Anthony Carrico, two people I really admire in the
VAGUE community, bring up a very interesting information security issue,
and I would like to get a word in on.
The ssh protocol is a really fine way of securely connecting two nodes on
the Internet. The design of ssh was to eliminate the possibility of
monitoring a session through the use of public-private key cryptography.
At this time, various implementations vary in features.
The very celebrated "openssh" client/server suite universally available in
open source contains some very interesting programs implementing the ssh
protocol. These include:
- An X display server (-X -Y predicate. a personal favorite :^)
- The ability to add complexity to an ssh cryptographic session
(pass-phrases)
- Key based linux-to-linux authentication (passwordless ssh)
- Extension to other products based upon the ssh protocol...
-- rsync over ssh
-- port forwarding via ssh
- many, many other extremely cool features, not all of which I have
used/ understood.
My take on this, is that while the protocol is very good, implementation
features (sans implementation bugs :^) are available but not always to
everyones taste.
For instance, the only time I use passwordless ssh is to do backups via
rsync. Andrew Tridgell as far as I can see made it very difficult to
implement rsync in scripts without use of the ssh key based passwordless
feature.
Anthony and Jonathan discuss the issue of "salting" the public/private key
generation process with a pass-phrase, a cool feature of the sshkeygen
program which is part of the openssh suite. I would ask them both if this
enhancement of the cryptography is really necessary in low to medium
criticality situations. Breaking into a public-private key cryptographic
session is non-trivial enough that I feel Anthony's apologetic tone in
not using pass-phrases unnecessary, that is, unless he has started work
on Nuclear Missile Launch codes...
That said, much in the security realm is a matter of opinion. Like
everyone else you just got mine!
As for our gathering here in Barre, I beseech you to to go to the directions
web site should you need them at:
http://bosivt.org/directions
It is a sunny (if cold) spring day. I am researching how to get Ubuntu on a
Kindle Life is good!
To summarize, the meeting today is at 40 Washington Street, Barre, VT 05641
There will be pizza. Today in the second half of the meeting we have to take
apart a door. I will explain to those who show.
The dreaded future projects remain ever present on our small minds:
- Maker Movement A Maker Space in Barre? Why not? Could it be that the
commercial power centers do not yet appreciate the value? I need to
revise my paper on this subject and get it out to Lucas Jensen
who has good ideas about a Barre Maker Space.
- Move BOSI to become more git centric... develop gittlywiki... working!
check out tiddlywiki5 here: https://github.com/Jermolene/TiddlyWiki5
We still need to convert... Yea buddy...
- Blue Sky R&D, but in Vermont it will be Gun-metal Grey Sky(c) R&D.
Sadly Firefox OS for the Pi...got thrown under the bus maybe BSD will
replace it...
- Open Source Educational Human Development (nothing new here:^)
But I am working on an idea...
- I fought the DREK and the DREK continues to win. Remember, What
really is holds us back is DREK!!! DREK is what happens to your
workspace (both hardware and software) when you fail to put stuff
away, or you let your friends or relatives use it. This is a cosmic
law. I am still fighting the DREK.
Anyway, we have the technology and we will have the pizza tonight 5-7 at
Hedding.
This is the official notice of the Barre Open Systems Institute (BOSI) Adult
Swim. For those coming in via the Google Plus and the Internet, and there are
folks who are gonna try, the swim stars at 6:00 PM EST.
Our ongoing major objective is to continue to try to figure out how to invest
the time and resources to turn the Barre Open Systems Institute into more than
just the Adult Swim technical clinic and more into a real learning facility.
One direction we have been working on is to begin thinking about classes. The
curriculum that I am most interested in is teaching documentation.
Once again, the goal of the meeting shall be as usual, to get organized and try
to get the various projects moving forward, despite DREK. We continue to wonder
about how to build the BOSI curriculum to this webpage:
http://bosivt.org/classes
Take a look if you dare...
Remember, the BOSI Adult Swim is essentially about helping out fellow users of
open source products in a clinic environment. Despite my very best of
intentions, the Adult Swim is really almost a perpetual Linux install-fest, and
only secondarily a learning environment,
The ever growing list of projects (now on our web site :^) includes:
- http://ledroid.org - Ok, this is a real project eh?
- http://bzinga.net - What happens when you combine Bash and Zenity?
- http://docbox.flint.com:8081/orientdb - one frustrating database.
- http://docbox.flint.com:8081/docker - this is very cool.
- http://docbox.flint.com:8081/nodejs - ok, it is on the list.
- http://docbox.flint.com:8081/snobot - jesum they love this robot
- http://docbox.flint.com:8081/furmon - monitor that pellet furnace
- http://docbox.flint.com:8081/arduino - moving in the arduino groove
- http://docbox.flint.com:8081/javajive - to get better at Javascript
- http://docbox.flint.com:8081/tsp - Temperature Sensors Project
- http://docbox.flint.com:8081/robotsrules - The quest for Roberts Rules -
- http://docbox.flint.com:8081/visual.bash - Yea, I am not kidding...
- http://docbox.flint.com:8081/mrtg - remedial raw mrtg for the slow...
- http://docbox.flint.com:8081/raspberry - all versions
- http://docbox.flint.com:8081/strembot.org - maybe a very cool project.
- http://docbox.flint.com:8081/organized - oh please let me be organized!
- http://docbox.flint.com:8081/music - this may be the least organized
site ever!
- http://docbox.flint.com:8081/bb - A big noble idea.
- http://docbox.flint.com:8081/grantbot - A less noble idea to feed the
big idea...
- http://docbox.flint.com:8081/gitlywiki - is tiddlywiki5 the answer?
Do not forget Bit Ed using an ISP in Plainfield, first reported many services
block http service on odd ports, one immediate projects needs to be to reflect
all of the current project pages to git hub. This is why we will be initiating
the gittlywiki project... I am gonna go by and confirm this issue sometime in
the next few days, when he can take time off from building Alex her palace...
Otherwise, Barre indeed remains a great venue for a Linux and Open Source
Software discussion and general system rejuvenation. Expect to be remotely
preached at on the various topics of Open Source and how I am confident it
shall cure all the evils and ills of this wicked world. In a perfect meeting,
people would come in, sit down, see the stuff we have been doing and hopefully
help us get the DIY stuff we are doing done, or maybe just fix a laptop.
So, do not forget that the Barre library stocks "Linux Format", and the latest
issue is on the shelf, and it is good. The DVD's are available to checkout and
copy, we shall to continue provide copies and isos of each and every one. I am
continuing to duplicate abot a years worth of DVD's which is quite a task.
Anyway, come and do open source stuff. For more information about the BOSI
Adult Swim meeting time and location try this:
http://bosivt.org/directions
Show up at Hedding UMC if you have questions or are interested in Linux or the
concept of free and open systems. Again, we are in the basement of the Hedding
UMC facility which is actually working out pretty well.
Somehow we need to make progress not more projects!!!
If you wish to be included on the "Linux_adult_swim" mailing list, send a
response to this note.
This is Flint signing off... We Swim in Barre this afternoon with the cold New
England sun shining.. It is good to be on the inside looking outside!...
Kindest Regards,
Paul Flint
(802) 479-2360
(802) 595-9365 Cell
/************************************
Based upon email reliability concerns,
please send an acknowledgment in response to this note.
Paul Flint
Barre Open Systems Institute
17 Averill Street
Barre, VT
05641
http://www.bosivt.org
http://family.flint.com/flint
skype: flintinfotech
Work: (202) 537-0480
