Sunday 25 May 2008

Easy SSH technique (SSH Public key based authentication - Howto)

SSH is a technique used to login remotely to another machine and execute commands from your own machine.
For simplicity, we will call the machine that you are sitting at as the local machine, while the machine you wish to connect to, as the remote machine.

so,
USER : [LOCAL_MACHINE] -----------ssh------------------> [REMOTE_MACHINE]

(Obvious assumptions are that the remote machine should be switched on before you attempt to login and that a valid network connection should exist between the machines)

Normally, this would present a security threat, so you cannot login without supplying the password to your account first.

When I first arrived for my internship, I was given a thin client (Sun RAY) and had to connect to a machine (intel) remotely everytime I needed to use utilities like firefox, gnuplot etc. (Of course, everytime I logged in I had to open up obvious utilities like firefox/mozilla)
$>ssh -X garl-intel1
$>abhishek@garl-intel1's password:
garl-intel1.serc.iisc.ernet.in> /usr/local/firefox/firefox
But this process can get annoying sometimes:
  • When you wish to login frequently (almost everytime you boot your local machine) you have to keep typing in the password again and again.
  • If you wish to run a shell script at your local machine which executes a set of commands on the remote machine, it asks you for password at every command to be executed. Wouldnt it be simple if I could write a script here that runs a couple or more of commands on a remote machine without me having to type in the password every time? Lets assume I have a script that has the following lines:

    ssh -X garl-intel1 xpdf ./abc.pdf
    ssh -X garl-intel1 gnuplot gp.sh
    scp ./abc.ps abhishek@garl-intel1:./a/abc.ps

    I would have to type in my password for each of these commands.
So this post is for those who are looking for an easy way to use ssh without any hassles at all. For simplicity, I have numbered the steps. I assume you are in my position and the remote machine is garl-intel1.serc.iisc.ernet.in
Step 1
Make sure the default shell is bash. (type bash and press enter if not)
Check the ssh connection to make sure its okay and works fine. For me, its:
>bash
$>ssh garl-intel1
$>abhishek@garl-intel1's password:
garl-intel1.serc.iisc.ernet.in> who

Step 2
Create a Simple Cryptographic Key by the following commands:
$> ssh-keygen -t rsa
Now assign a passphrase (if it asks, for simplicity just enter you connection password) and press enter twice (when it asks for location) to store the key in its default location.
Normally the default location is ~/.ssh/id_rsa (private key); ~/.ssh/id_rsa.pub (public).
In case you need to change your passphrase later, you need to type:
$> ssh-keygen -p
Step 3>
use scp to copy the id_rsa.pub file to remote machine. This is called installing the key.
$> scp .ssh/id_rsa.pub abhishek@garl-intel1:.ssh/authorized_keys2
The procedure should be over in a flash. (It will ask for your login password to complete).
Step 4>
From now on, you can type [ssh garl-intel1] to connect. But it still asks for passphrase everytime which is annoying. So to turn this off make sure you are in the bash shell and type:
$> ssh-agent $BASH
$> ssh-add
Now type in the current passphrase for the last time and press enter.
Step 5>
Done!
Now you need to login using [ssh garl-intel1] without any hassles.
Step 6>
A note about security: The remote machine is still password protected. It is not open to attacks through this process. BUT, the current local machine has been authorized to login without asking for user password. So as long as the local machine is secure and access is given only to authorized users, the server is secure as well.

However, if any time you wish to remove all keys. Type in the following in a bash shell:
$> ssh-add -D (delete all keys)
$> ssh-add -d key (to delete specific key)
$> ssh-add -l (to list all keys)

And now, its playtime.

Saturday 24 May 2008

The most wanted gadget of the next decade.. the new XO-2 (OLPC)

For those not familiar, the OLPC group aims to provide children in developing nations with low-cost computers.


Although it seems like a noble cause on the outset, it has been criticised for several reasons including but not limited to:
- profit making attempts by various vendors through unscrupulous means
- Top bureaucrats adjusting purchase policies in accordance with manufacturer-friendly contracts as opposed to open and transparent means

The recent period has been a difficult one for OLPC, during which the entire ethos and aim of the project has been called into question. One former employee, Ivan Krstic, blasted the organisation for becoming a vehicle for creating the "economic incentives" for a particular vendor.
Apart from these, functionality is also of some concern. One user mentions how he tested a beta release and found problems in basic operation.
However that is not what this post is about. Its about the future plans of the next generation XO. Its supposed to be a touchscreen based book-shaped gadget half the size of the current one (now that is something everyone would vouch to get - IMHO). Here are further details:




The new XO-2 machine will be developed by the team behind the One Laptop per Child project. It will have two touch-sensitive screens and be about half the size of the original, iconic white-and-green XO device. Nicholas Negroponte, the founder of OLPC, also said the XO-2 will have a foldable book-like feel to it.

"The next-generation laptop should be a book," he said. The screen will be optimised to ensure it can be seen both in low light conditions and bright sunlight, while power consumption will be reduced to just one watt. Negroponte said the laptop would be ready for launch by 2010.

Users will be able to switch between using the computer in a book-like vertical format, a normal horizontal format, and even as a touchscreen tablet PC.

“Younger children will be able to use simple keyboards to get going, and older children will be able to switch between keyboards customised for applications as well as for multiple languages,” said the organisation.

More information at thejournal and geekzone

Geekpics offers some stats as well.

The next gernation OLPC (the XO-2) will have:

  • Dual 16x9 proportioned sunlight-readable touch screens

  • Keyboard and touchpad both replaced by touch screens

  • Physically smaller than XO-1; size and weight more like a book

  • 1 watt power consumption

  • Target price of US$75 to large educational buyers


Now theres just one point worth noticing here: "the machines will have enhanced dual-display capabilities with touch-sensitive screens." There. We have seen a preview of the technology in the just launched iPhone and it has been loved by many (probably some of the performance aspects need to be worked out, but the touch sensitive addition has been most undoubtedly the defining factor of the trend of mobile phones today).

Now imagine an ultra portable device which u can carry along as a notebook (not a laptop-notebook; the notebook-notebook!) and be able to access documents, run applications, watch videos, pics, surf the net, check your mail wirelessly and what not. And besides, you could also load in ebooks to read in a friendly gadget like that.

Fancy?

Imagine a mobile phone integrated into it. You dont need anything else at all. Some users fret over the possibility of having to use touchscreens. I see it as just the future. People will adapt and the technology will adapt making it easy for both. Another slight concern is the processing power and the low grade features offered. But I think we can trust the technology gurus and the economies of scale which should eventually bring a compromise between features and cost. Until then, its waiting time...

Check out a video of the features:


A Better coverage of the unveiling-of-the-plan reveals that the gadget is aimed to be cheaper than even the current $188. Now the current XO was targetted at 100$ and it came out at 188. The XO-2 is targetted at $75! Only time will tell how it comes out and what it actually offers.
As tekno_boy puts it, "Forget MACbook Air, the coolest thing on the horizon in the computing world might be something bound for the third world."