Archive for February, 2009

ssh + netcat


At work, I need to access some blade servers that are on a private network. The only way to get into these machines is to shell into a lab box first, and then shell into a blade.

alan@desktop:~$ ssh root@labaccess
Last login: Tue Feb 17 10:13:52 2009 from desktop
[root@labaccess ~]# ssh root@blade3
root@blade3's password:-******
Last login: Tue Feb 17 10:14:03 2009 from labaccess
[root@blade3 ~]#

A while back, I picked up this little nugget from the TriLUG mailing list (thanks to Magnus Hedemark). There is a way to make this intermediate hop automatically. Simply add the following to $HOME/.ssh/config:

Host blade3 blade5 blade10
    ProxyCommand ssh root@labaccess "nc %h %p" 2>/dev/null

Now, when I try to ssh directly from my desktop to one of the blades, it first establishes an SSH session to the labaccess machine, and then netcat’s all of my original SSH traffic directly to the target blade.

This process will ask you for 0, 1 or 2 passwords, depending on whether your public key (from desktop) is in the $HOME/.ssh/authorized_keys files on the labaccess and bladeX machines. Since I have my public key on all of the machines, this is what I see now:

alan@desktop:~$ ssh root@blade3
Last login: Tue Feb 17 10:17:21 2009 from labaccess
[root@blade3 ~]#

This also means that I can scp files directly from my desktop to the blades, without having to dump them on the labaccess machine.

By the way, this trick provides an EXCELLENT reason to consider re-flashing your home router with Tomato firmware, which has ssh and netcat built-in.

Host homepc1 homepc2
    ProxyCommand ssh root@router "nc %h %p" 2>/dev/null

Thumbs Up : Red Box


Our family does not watch a lot of TV, so when we gather around the tube for a movie, it’s a real treat.

This week, we rented two movies from the “Red Box” video rental service at our local grocery store. I am really pleased with their service.

  • The price is very reasonable: $1.07 for one night.
  • The selection is good.
  • I can check movie availability and make reservations from the web.
  • No membership necessary… just swipe a credit card when you rent.
  • There are plenty of locations to choose from.
  • I can return the movies as late as 9pm the next day.
  • I can return the movies to any Red Box location.
  • Checkout and return confirmation can be emailed to you.

These guys have really done it right. I hope they stick around.

Thumbs Down : Nature’s Path organic cereal


The stuff in the box looks nothing like the stuff in the picture!


That spoon shows a syrupy mix of varied flakes, with several juicy cherry bits. The bag contains something that looks more like dog food than cereal, with one lone cherry nugget thrown in by itself.

Happy @1234567890


Computers usually tell time by counting the number of seconds since a certain “epoch” time. Then, before displaying the time to you, they do all of the crazy math that defines days of the year and leap years, and even time zones daylight savings time. On Linux systems, the “epoch” is midnight on January 1st, 1970.

At any time, you can tell how many seconds have passed since the epoch by typing:

date +%s

Tonight, at 6:31:30 pm local time, we reached a magic moment when the date was exactly 1234567890 seconds since epoch.

I took this opportunity to show the kids how computers keep track of the time, and to explain time zones (even though they are comfortable with the fact that is it morning in Malaysia when it’s evening here, they did not know about time zones). At the magic moment, we took time out from our pizza supper to watch the time change on my laptop.

WFH: Working From Home


Tekelec has had an official “work from home” policy for a while now, but I have never taken advantage of it until now. I had dialed in to kick off builds or to check email, but I never tried working an entire day at home.

I decided that I should try it out, just to see if it would work for me. Depending on what you’re working on, and on the infrastructure at your office, working at home can either be a wonderful productivity tool, or it can be an exercise in frustration.

At my previous job, I could carry my entire development and test environment around on a laptop. I could do my work in isolation, even without a network connection. The only time I needed to connect to our office VPN was when I needed to check my source code into our code library.

The same is not true at Tekelec. We have a carefully set-up development environment in a lab — with source code living on one machine, builds taking place an other machines, and testing taking place on even more machines. In fact, the PC on my desk is only used to access these servers. Similarly, when working from home, my PC does not need any special software installed, since it is only used as a screen. I use a software package called “NX” to remotely log in to the PC in my office.

I think the day worked out OK. Here’s some lessons that I learned:

  • A few days beforehand, I need to block off the day in my calendar (to prevent people from trying to schedule meetings while I planning to be out).
  • The desk in my home office is OK, but I could use a better chair.
  • In the mid-morning, I get a glare from the bedroom window. In the late afternoon, I get a bright sun spot across my monitor from the office window. I might want to turn my desk.
  • My monitor at home is finer pitch than the one at work, so fonts look small.
  • NX is a great tool for remotely logging in to my desktop PC… much better than VNC.
  • At first, I ran into some glitches with NX mapping my keyboard keys incorrectly.
  • My normal lunchtime came and went without me even noticing.
  • The cafeteria at work has a lot more choices than my fridge.
  • The bathrooms are cleaner at work than they are at home. (!!)
  • When I return to the office the next day, I need to remember to bring my books back with me.

All in all, I think it went OK. I think I’ll try to incorporate regular WFH days into my work schedule.

Over the Top


This week, the Ringling Brothers and Barnum & Bailey Circus is in Raleigh, and we took the girls to go see it on opening night.

The show was, as they claimed in one of their songs, “Over the Top”… wild animals, motorcycles, jugglers and acrobats, and plenty of people with no fear of heights.

The Greatest Show on Earth? Possibly. It was certainly worth the (discounted opening night) ticket price.

GnuCash for Windows


When I started a consulting company in 2006, I decided to use GnuCash for my business books, since I was already familiar with it from home use. It is very well-suited for business accounting, since it uses standard accounting terminology and double entry. When it was time to prepare my corporate taxes, I called my dad (an accountant) to explain basic business accounting to me… closing out the books for the year, and all that jazz. I really wanted to share my GnuCash file with him, but that was not possible, since he uses Windows.

Today, I discovered that GnuCash has been ported to Windows (since version 2.2.0 in August of 2007). This is HUGE. With the whole “interoperability” stumbling block out the way, small businesses have one more reason to use open source software like GnuCash and Linux. I imagine that soon, if not already, business owners will be able to send their GnuCash data files directly to their accountants, just like they do today with their QuickBooks files.

Today, in preparation for March 15th (tax day for corporations), I installed GnuCash on my dad’s Windows PC, and he took a look at my books.

GnuCash, FTW!

I do have one question, though. During the installation, the GnuCash installer mentioned something about “Installing Windows firewall rules.” That scares me a little. If you know why it does this, leave a comment below.

Go to Top