I’m impressed how some software Vendor have resisted to provide support for Red Hat Enterprise Linux 6 (RHEL6) and its derivates for their products. This week I ran into two examples:
After reading for a while I found out that de Mozilla Foundation built in this protection for “Cross-Protocol” scripting attack with a form of Port Banning.
To overide this protection use one of the following steps:
- In the user’s profile directory the all.js, add the following line at the end of the file
- In the defaults/pref/ sub-directory of the installation directory (multi-user systems) add the following line at the end of the file
- Open a new window, in the address type: about:config and add a new entry of the type string with this name network.security.ports.banned.override and value 1-65535.
If you want to set free only one port change the range for that port o list of ports.
This feature just popped up and started working after I upgraded to Fedora 10 and I though it was a standard function in gnome, but I was working with Per the other day and his Ubuntu 8.04 didn’t have it running out of the box. So I had to take a look a the docs to make it work: http://live.gnome.org/GnomeKeyring/Ssh
This is just one of those features that make your life easier but handling all the ssh sessions for you, the best part is that is one of those setup once and forget feature. Here is a brief introduction on how it works:
According to the ssh-agent man:
ssh-agent is a program to hold private keys used for public key authenti- cation (RSA, DSA). The idea is that ssh-agent is started in the begin- ning of an X-session or a login session, and all other windows or pro- grams are started as clients to the ssh-agent program. Through use of environment variables the agent can be located and automatically used for authentication when logging in to other machines using ssh(1).
So what gnome did was include an ssh-agent in the gnome-keyring(-daemon), so it has one interface to manage passwords, ssh keys, etc. Underneath the hood this is how it works:
- When Gnome starts the gnome-keyring-daemon (if it is enabled in your conf)
- The keyring manager starts the ssh-agent component and sets up the SSH_AUTH_SOCK variable, that will redirect ssh to make the queries to that socket
- The SSH agent automatically loads files in ~/.ssh having names starting with id_rsa or id_dsa or any other keys included by using the ssh-add command
That does the job. If you need to get it working on your Gnome installation follow the instructions here.
It’s really been a while since a sent my last update with pictures of what I’ve done. I normally try to keep friends and family up to date on what I’ve been doing since I moved to the other side of the Atlantic (to the European side). So today I fired up picasa to get the web albums up2date and nothing happend. When I ran it in a shell this came out:
/usr/bin/picasa: line 139: 25634 Segmentation fault “$PIC_BINDIR”/wrapper check_dir.exe.so
/usr/bin/picasa: line 175: 25734 Segmentation fault “$PIC_BINDIR/wrapper” regedit /E $registry_export HKEY_USERS\S-1-5-4\Software\Google\Picasa\Picasa2\Preferences\
After googling for I while I didn’t find any reasonable explanation for the error. I did find a beta (comming from google what could I expect) repository (here are the instructions on how to set it up) and upgraded from picasa-2.7.3736-15 to picasa-3.0.5744-02
It started up, I’ll keep you posted on how it goes with the field try..