Archive for category General

Mac OS X makes handling SSH keys easier

Posted by Sébastien Stormacq in Apple, General, Mac OS X on 06/05/2014

I discovered something this Sunday morning that will make my day, week and month 🙂

If you don’t know much about ssh-agent or if you’re looking for a tutorial about using ssh public key authentication or ssh-agent, read one of the excellent articles linked from here before to continue here.

On OSX, Apple made it much easier to manage your SSH keys and to work with SSH, by adding two welcome improvements

The first improvement alleviate user’s need to manually start ssh-agent for every session.  launchd(8) will also makes sure ssh-agent is automatically restarted in case of crash.

Launchd configuration file is here:

hostname:~ user$ cat /System//Library/LaunchAgents/org.openbsd.ssh-agent.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>org.openbsd.ssh-agent</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/bin/ssh-agent</string>
		<string>-l</string>
	</array>
	<key>ServiceIPC</key>
	<true/>
	<key>Sockets</key>
	<dict>
		<key>Listeners</key>
		<dict>
			<key>SecureSocketWithKey</key>
			<string>SSH_AUTH_SOCK</string>
		</dict>
	</dict>
        <key>EnableTransactions</key>
        <true/>
</dict>
</plist>

But the best part is the second improvement : instead of storing your keys in .pem files in your  ~/.ssh directory, you can tell ssh-agent to store your keys in the more secured KeyChain trusted store, as show on the picture below.

keychain

Apple silently added a -K option to ssh-add command to instruct ssh-add to store your SSH key in KeyChain in addition to loading the key in memory.  ssh-agent will search for keys in their usual location on disk but also in Keychain.

What are the benefits of this?

There is no more need to explicitly call ssh-add when your session start, like you used to do in your .profile or .bashrc file. LaunchD will load ssh-agent and will instruct it to load keys referenced in your KeyChain. Note that the .pem file is not stored into KeyChain, you can not delete these from your file system.

Finally, because Keychain might synchronise across your machines through iCloud, your keys’ password are now available automatically on all your machines (provided you’re willing to keep a copy of your keys in iCloud – but that’s a different story)

Enjoy!

, , , , ,

No Comments

QR Codes for your business cards

Posted by Sébastien Stormacq in Android, General, iPhone, Personal on 28/05/2011

You’ve probably already encounter QR Codes, these signs you can scan with your mobile’s camera to get some extra information about a product, a song, a TV program etc …

While there are many QR generator application available on the Net, I recently found a Business Card generator.  It is able to generate either VCARD or MECARD format, as well as a contact PDF sheet ready to send to the printer. (MECARD is a special encoding of personal information, suitable for QR Code Encoding.  This was popularized in Japan by NTT Docomo)

And, … it’s free 🙂

I tried it with QR Reader on the iPhone and found it particularly well integrated.  In particular MECARD can directly be added or merged to your address book.

Have Fun !

, , , ,

No Comments

Google’s memory, bitnet, listserv …

Posted by Sébastien Stormacq in General, Personal on 27/11/2010

Yesterday night I wasn’t in the mood to be too productive, after all, the week end was just starting.  I was randomly browsing the Internet, looking for food for thoughts.

I came across Steven Noel‘s personal blog and notice at the bottom of the page some links, including one to its first usenet post in 1994.

I immediately asked myself, when was my first post on the Internet ? Or, at least, what is the oldest trace of me that Google can find ?

A few minutes later I found

April, 4th 1992 : I answered a question about Stacker (a disk compression utility) compatibility with Windows 3.1 (still in beta at that time)

Same day : I explained how to send FTP commands to an internet server, using a proxy BITnet email server.

My BITNET email address was INFSTDSTORM@BNANDP51.BITNET

Are these my first posts on BITNet’s LISTSERV system ? I can’t remind.  These are the oldest one Google can find.

I can’t resist to add a third one, this one dated from October 1995, I asked on comp.lang.c++ on USEnet how to get the day from a given date.  I received many answers but the one I like most is the last one from the thread :

(23*m/9+d+4+(m<3?y--:y-2)+y/4-y/100+y/400)%7

It is applicable to the Gregorian calendar, with m=month, d=day, y=year

Today, because this post is not business related, because it is the week end, because my friends and family in the US just celebrated Thanksgiving, I would like to finish this post “a la” Doc Teger, i.e. with a song.

It’s a french song from author Alain Chamfort : “Trace de Toi” (traces of you)

, ,

No Comments

Bye bye Sun

Posted by Sébastien Stormacq in General on 21/01/2010

This is the end.  Let a new adventure begin ! 

I am looking forward new challenges, new adventures, new innovations  ….

(thanks jag for the artwork) 

,

3 Comments

Do More with Less

Posted by Sébastien Stormacq in General on 11/10/2009

Sun-Oracle TPC-C benchmark result announcement is loud and clear :

  • 8x less hardware
  • 4x less power

 

= 16x better performance 

, ,

No Comments

Java CAPS received Swift Certification 2009

Posted by Sébastien Stormacq in General on 24/07/2009

Java CAPS, Sun’s SOA platform has been certified by Swift for 2009.  We passed the very strict Swift test suite and received the much convoyed "Financial EAI 2009" Swift label.

Java CAPS has received this certification for eleven (11) years in a row ! 

, ,

No Comments

21000 virtual desktops distributed at JavaONE

Posted by Sébastien Stormacq in General on 03/06/2009

As every year, JavaONE attendees have access to a public set of SunRay thin clients for Internet access.

This year however, the user experience is different.  Attendees do receive access to a full, dedicated virtual machine with their OS of choice : OpenSolaris, Ubuntu or Windows Vista.

When the attendee inserts its conference card into the SunRay, he is prompted to choose a desktop, the desktop is booted in a virtual machine on one of our servers and delivered to the thin client in a couple of seconds.

When the attendee removes the smart card from the SunRay, the virtual machine is suspended and stored for later usage, the day after or later.

Each time the attendee reconnects the smart card in any of the 200 available SunRays thin clients, it receives back its very own personal virtual machine.

Wonder about the infrastructure we deployed to provide this service ?  Check out this article which goes pretty much into all the details. 

,

1 Comment

JavaONE 2009

Posted by Sébastien Stormacq in General on 02/04/2009

Lab 5557 : Building JavaFX clients for RESTful and JSON based web services.

I'm Speaking At JavaOne

Rich Internet Applications – RIA – do require a strong service access and data access layer located on the back-end, just as traditional or web based applications. It is therefore essential to combine desktop technologies and server technologies in order to provide fast, efficient and secure access to your data.

This lab will teach students how to combine desktop technologies, such as JavaFX™ technologies, and back-end technologies, like web services and REST based services to build state of the art desktop applications.

This lab will go through a very simple example of REST data retrieval and a Java FX graphical representation of these data.

This lab will use the following technologies :

  • RESTful web service and JSR 310 (Jersey) API on the server side
  • JavaFX on the client side

The JavaFX application will asynchronously poll RESTful web services to collect data that will be used to dynamicaly update the client rich UI.

No Comments

Patience is a vertue …. and it pays !

Posted by Sébastien Stormacq in General on 24/03/2009

Since several years, Solaris x86 (and now OpenSolaris) users are complaining about the lack of a decent PDF viewer for our platform.  Surprisingly Adobe maintained up-to-date it’s SPARC version, but not the x86 version.

This is probably a sign of the OpenSolaris adoption rate : Adobe just released Acrobat Reader 9 for Solaris and OpenSolaris on x86 platforms.

Brian has the installation procedure

,

1 Comment

Community ONE Conference – Northen Europe

Posted by Sébastien Stormacq in General on 17/03/2009

Registration is now open for Community ONE conference in europe !

Join us for a jam-packed day of education, innovation, and exchange. Come together with fellow developers and technologists to evaluate dozens of open-source projects currently powering leading Web companies, transforming enterprise IT, and enabling next-generation computing. 

I will present a JavaFX application and demonstrate how to communicate between JavaFX and REST based web services.

Seeing you in Olso !

No Comments