Blog Archive

Viewing page 1 from archive of May 2011

Turns out the worst of my VM networking issues were due to more and more sites using #IPv6; that was odd.

@mikeboers on . Visit on Twitter.


Recording my calls to service providers (eg. #fido, #teksavvy) is proving to be an invaluable source of confidence when dealing with them.

@mikeboers on . Visit on Twitter.


The most disconcerting part about using #Bitcoin is the feeling that I must have nightly backups of my wallet.

@mikeboers on . Visit on Twitter.


One Time Passwords for SSH on Ubuntu and OS X

I have been meaning to beef up the security on my various servers for a while. Everything was configured in a way that was relatively closed, but ultimately I decided that convenience outweighed absolute security. To that end, my passwords are not as good as they could be (ie. I can remember them easily and type them quickly (although they were designed to be...)), SSH continues to serve from the default port, and one could SSH to root just with its (enormous) password.

Walking home from the train yesterday I decided to finally fix this. My original idea was to setup a pluggable authentication module (PAM) for Steve Gibson's "Perfect Paper Passwords", but I soon discovered the (slightly more official) Initiative for Open Authentication (OATH). OATH provides specifications for two types of one time passwords (OTPs): event based (HOTP) or time based (TOTP).

Event based OTPs are generated from a counter that increments every time you ask for a password. The servers keep track of the current counter so they will never accept previous passwords again (eg. if someone watches over your shoulder or there is a key logger). Time based OTPs do much the same, except they are based off of the current time and so are only valid for the current 30 second block.

These sorts of two-factor authentication schemes often rely upon proprietary hardware and expensive service plans, but the openness of OATH allows for free apps for iOS, Android, and many more. Another open source project, OATH Toolkit, provides the server side code including a PAM.

Read more... (6 minutes remaining to read.)

Posted . Categories: .

The Varied Skies of Vancouver

I've been running out onto the balcony a lot to take a look at the mountains (as you have surely noticed by now). I've lined a number of them up as best I can to present here.

Read more... (1 minute remaining to read.)

Posted . Categories: .

I need a name for a new #Python module for generating QR codes; PyQRcode is already taken... Anyone?

@mikeboers on . Visit on Twitter.


#Shaw guy came and fixed it in a minute; another of their techs physically disconnected my line at the source. That took a week to fix?

@mikeboers on . Visit on Twitter.


I watched the #Shaw tech drive away without making contact with me. 48 hours later they tell #TekSavvy that I wasn't home. 5 days now...

@mikeboers on . Visit on Twitter.


I'll continue to readily recommend #TekSavvy (when Bell tried to hit me with that fee they fought it for me), but still...

@mikeboers on . Visit on Twitter.


My #Shaw cable (via #TekSavvy) is down for the second time in a week; I hate agreeing to the $100 fee if Shaw decides nothing is wrong.

@mikeboers on . Visit on Twitter.

View posts before May 13, 2011