Posts by Pablo Endres

GnomeKeyring =? ssh-agent

This feature just popped up and started working after I upgraded to Fedora 10 and I though it was a standard function in gnome, but I was working with Per the other day and his Ubuntu 8.04 didn’t have it running out of the box.  So I had to take a look a the docs to make it work:

This is just one of those features that make your life easier but handling all the ssh sessions for you, the best part is that is one of those setup once and forget feature.  Here is a brief introduction on how it works:

According to the ssh-agent man:

     ssh-agent is a program to hold private keys used for public key authenti-
     cation (RSA, DSA).  The idea is that ssh-agent is started in the begin-
     ning of an X-session or a login session, and all other windows or pro-
     grams are started as clients to the ssh-agent program.  Through use of
     environment variables the agent can be located and automatically used for
     authentication when logging in to other machines using ssh(1).

So what gnome did was include an ssh-agent in the gnome-keyring(-daemon), so it has one interface to manage passwords, ssh keys, etc.  Underneath the hood this is how it works:

  1. When Gnome starts the gnome-keyring-daemon (if it is enabled in your conf)
  2. The keyring manager starts the ssh-agent component and sets up the SSH_AUTH_SOCK variable, that will redirect ssh to make the queries to that socket
  3. The SSH agent automatically loads files in ~/.ssh having names starting with id_rsa or id_dsa or any other keys included by using the ssh-add command

That does the job.  If you need to get it working on your Gnome installation follow the instructions here.

Transpose Open Office Calc data from rows to columns, or vice versa

I had to shift through a ton a data today and after I was have way through I realized that I would be easier to express and analyze the data if it was transposed o just filled in the other way around (rows and columns).  On any other day or a different stage of the work I would have retyped it, but I got lazy and found this link and all you have to do is a special paste and check the transpose box.


The best thing is that it works both in M$ Office and Open Office.

Updated 2013/09/04:
As reader Blub kindly pointed out, the link I had was dead so, here is the information directly

  1. Select the range of cells containing the data that is to be transposed.
  2. Click Edit and select Cut.
  3. Select a cell in the spreadsheet that the table will start.
  4. Click Edit and select Paste Special.
  5. In the Options section, check the Transpose checkbox.
  6. Click OK

Additionally here are some links if you want to see the screen shots:
MS Office or Open Office Calc


Merging PDF files

Have you ever scanned a pile of documents on a “non enterprise” o home scanner, or just got distracted when using the big Xerox machine in the office.  You’ll end up with a ton of individual pdf files.  After a little google and man reading I found these 2 solutions.

  1. On linux just use pdfmerge:   sudo yum install pdfmerge or download the windows version
  2. Do it by hand with ghostscript:

gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=finished.pdf Scan001.pdf Scan002.pdf

snmp errors in syslog

I finally got fed up of these messages in my log files (/var/log/messages) and decided to do something about them:

Apr 19 04:14:47 hostname snmpd[3458]: Connection from UDP: []:42482
Apr 19 04:14:47 hostname snmpd[3458]: Received SNMP packet(s) from UDP: []:42482

After reading, googling around and testing for a while I rounded it the following solution, it should work in any Linux system with net-snmp after some tweaks but out of the box on CentOS, REL, Fedora or any of its relatives:

1. Remove the -a from the snmpd start options or write this in the /etc/sysconfig/snmpd.options file:

OPTIONS=”-Lsd -Lf /dev/null -p /var/run/”

This should take care of the “Received SNMP” packets line (2nd one).

2. Add dontLogTCPWrappersConnects true at the end of your /etc/snmp/snmpd.conf file, that takes care of the other line:

Apr 19 04:13:47 dcf-is1p snmpd[3458]: Connection from UDP: []:48911

According to the man page: This setting disables the log messages for accepted connections. Denied connections will still be logged.”

The problem is that the default settings are to log every connection / request, so what we did was leave the log work only for failed and authenticated attempts

Enjoy readable logs!

Windows FTP client passive

Have you ever tried to connect to an ftp server on a windows box?

I had to do it today and that thing doesn’t know the command: PASV !!

Well after surfing for while I found the workaround: just type:


That bypasses the checks on the client and just sends the command to the server.

picasa and Fedora 10

It’s really been a while since a sent my last update with pictures of what I’ve done.  I normally try to keep friends and family up to date on what I’ve been doing since I moved to the other side of the Atlantic (to the European side).  So today I fired up picasa to get the web albums up2date and nothing happend.  When I ran it in a shell this came out:

/usr/bin/picasa: line 139: 25634 Segmentation fault      “$PIC_BINDIR”/wrapper
/usr/bin/picasa: line 175: 25734 Segmentation fault      “$PIC_BINDIR/wrapper” regedit /E $registry_export HKEY_USERS\S-1-5-4\Software\Google\Picasa\Picasa2\Preferences\

After googling for I while I didn’t find any reasonable explanation for the error.  I did find a beta (comming from google what could I expect) repository (here are the instructions on how to set it up) and upgraded from picasa-2.7.3736-15 to picasa-3.0.5744-02

It started up, I’ll keep you posted on how it goes with the field try..

VMware Workstation 6.5.0 + fedora 10

So I upgraded to Fedora 10 and my VMWare stoped working as expected and comented on my last post.

After testing, playing and surfing for I while I found this post which gave me some ideas.  This his how I got it working:

TERM=dumb /usr/bin/vmware-modconfig –console –install-all –icon=/usr/share/icons/hicolor/32×32/apps/vmware-workstation.png –appname=”VMware Workstation”

So have fun

VMware Workstation linux kernel upgrade

After test driving the latest version of VMware Workstation: 6.5.0.  I must say that they fixed most of the small things that made it a pain in the … hard to work with or better described apt for more advanced users.  You get a straight forward RPM installation and everything just works!, you don’t have to patch it anymore.

I did just find a small problem after installing the latest Fedora 9 kernel upgrade to 2.6.27.x, as usual it didn’t start because the new kernel modules have to be built.  The GUI detected the problem, and tried to do it itself but I couldn’t find the reason why so I found two ways to make it work:

  • Reinstall the rpm
  • Use the following oneline:

TERM=dumb /usr/bin/vmware-modconfig –console –install-all

/etc/init.d/vmware restart

The old is gone or maybe just masked but it works as it should.

Changes to the data collection law in Germany

I’ve been living in Germany for a little more than a year now, and since then lots of things have really impressed me in the way privacy, digital rights, data collection, infomation security are managed in politics.

There have been some major attempts to create a state of surveillance protect the people and the institutions from hackers, terrorists in exchange for freedom and civil liberties.  Let’s take for example the Skype Trojan they intented to create and use out in the wild without warrants, the prohibition of “hacker tools” or the data collection law.

After giving a big fight, last week the court in Karlsruhe ruled that:

Data can only be collected when the stability or security of Germany or another country need to be defended and “life, limb, and freedom of German citizens” need to be protected (The Register)

I think this is a mayor advance, and I really hope this will be followed by action in the other controversial laws.


Well after postponing it for quite a while I finally decided it was time to go down the certification path.  So there are a couple of questions that came to mind, I think I did my homework and these were my answers:

Why get certified?

Well it’s a way of proving that you know something to other people, in particular to potential new employers.  It is said that certs are a great way to boost your career or at least make a statement on where you want to steer yours to, i.e. if you take some CISCO certs, you probably what to pursue a the networking path; or if you take a security cert you’re showing that’s the way you want to go.

What certification should I get?

This was a hard one, there are lots of them out there.  So I took some notes and talked to people last year when I attended the RSA Conference 2007.  I also found a great website where they did some comparisons on with a lot of different variables.  After some thinking around I decided to start with Security+ and after that pursue OPSE and / or the well known CISSP.  So step 1 is done.

Other thoughts

A cert alone doesn’t make a good or complete professional, I know a couple of cert holders that don’t know squat and can’t solve a problem in their “area of expertise” even if their life depended on it.  One of those was and old colleague, he had a couple of the CISCO certs and said that he was an expert in networking but couldn’t understand the difference in the use of the POP3 (TCP 110) and webmail or HTTP (tcp 80), after that we just labeled him port 80.

Well officially as of last week I approved my Security+ exam and should continue down the cert road to get a couple more.