Author Archives: phocean

How to dupplicate your packages selection

You may want to save your selection of packages, in order to reinstall all your softs later without having to look for and manually install them one after another. It is a convenient way to move a server to a new machine.

On Debian / Ubuntu, this is quite easy.

A while ago the solution used to be :

$ dpkg --get-selections > file.txt

and then, an a freshed installed machine :

$ dpkg --set-selections < file.txt
$ apt-get upgrade

But, for some reason I don’t know and that I would be happy to learn, it seems that this does not work anymore.

Below is the way I got it to work, though it is a little bit more complicated.

So, let’s save the selection of packages into a clean list file, though we are only interested in the packages names :

$ COLUMNS=200 dpkg -l | awk '/^[hi]i/{print $2}' | xargs > liste-apt.txt

and to install on the new machine :

$ cat liste-apt.txt | xargs apt-get install -y

So far, it worked very well on my servers ! APT is a great tool.

Compiz Fusion : Debian / Ubuntu repositories

Edit your source.list file with the following repositories :

deb http://download.tuxfamily.org/osrdebian/ unstable compiz-fusion-git

Add the corresponding key with :

$ wget http://download.tuxfamily.org/syzygy42/8434D43A.gpg -O- | sudo apt-key add -

Compiz Fusion is really great and – so far – stable enough !

Hardware database for Linux

A nice website :

http://hardware4linux.info/

Whith the provided script, you can upload your hardware information there and quickly rate your experience with it (for each equipment it detected).

I just did it for my laptop and will go on with my other machines. It will probably become an interesting database.

Internet providers in France suck

And as a result, almost one day without Internet access. That why the website was done all this time.

Really, there is an incredible amount of claims from many users here.

My personal experience :

– Noos, my actual provider : poor customer service, few interruptions but always long, quite expensive and behind technically speaking.

– Free : cool and technically inovating… when it works ! Very slow to get an operating ADSL line and in my new appartement, they just could not manage to make it work !

– Orange : probably quite reliable, but out of price !

– Others : as fas as I read on the forums, probably the same kind as Noos or Free…

I am looking now for a reliable Internet access. Maybe I should look for company-aimed providers or a wireless one like Ozone, which cover now a big part of Paris…

Perl : how to monitor a service remotely using sockets

I came to program my first Perl script based on sockets, after setting an IPSEC tunnel.

This tunnel is linking the remote peer and the local peer through an OpenBSD VPN gateway (managed with Isakmp).

The problem is that time allowed for this connection is limited, for security policy reasons. So it is not a 24- hour standard tunnel, but rather an on-demand type connection.

Note that the connection is automatically reset by the remote peer, by invalidating the connection cookie and therefore oblige to renegotiate the VPN tunnel from the beginning (phase 1 of the key exchange).

In other words, the Isakmp service has to be restarted every time we need the tunnel to be up.

Of course, it is not the purpose of Isakmp to have such a mechanism and what we want is to start the tunnel from the local peer, every time it needs to do some transfer.

The graph below summarizes the situation :

IPSEC tunnel with OpenBSD as a VPN gateway

That is why I came to develop a script that opens a socket and allows the peer to remotely restart the Isakmp service.

Continue reading →

Phocean.net

Computer Security Blog