=====hpc0 Keywords=====
====hpc0 Squid====
===Definition===
Squid is an open source HTTP, HTTPS, and FTP proxy application that is flexible enough for Corporate, Education or personal use.
===Demonstration===
I'm going to setup my own proxy for HTTP and HTTPS so I may evade web restrictions whilst I'm out and about.
First I'm going to grab the Squid program for arch via the Pacman package manager:
[root@PogoLab ~]# pacman -S squid
resolving dependencies...
looking for inter-conflicts...
Targets (8): cloog-0.17.0-1 gcc-4.6.3-1 isl-0.09-1 libmpc-0.9-2 libtool-2.4.2-4.1 mpfr-3.1.0.p7-1 ppl-0.12-1 squid-3.1.19-1.1
Total Download Size: 17.38 MiB
Total Installed Size: 87.46 MiB
Proceed with installation? [Y/n] y
:: Retrieving packages from core...
mpfr-3.1.0.p7-1-arm 319.8 KiB 343K/s 00:01 [##########################################################################] 100%
libmpc-0.9-2-arm 53.4 KiB 502K/s 00:00 [##########################################################################] 100%
isl-0.09-1-arm 377.5 KiB 488K/s 00:01 [##########################################################################] 100%
cloog-0.17.0-1-arm 74.2 KiB 636K/s 00:00 [##########################################################################] 100%
ppl-0.12-1-arm 1965.6 KiB 707K/s 00:03 [##########################################################################] 100%
gcc-4.6.3-1-arm 13.5 MiB 1129K/s 00:12 [##########################################################################] 100%
libtool-2.4.2-4.1-arm 268.5 KiB 650K/s 00:00 [##########################################################################] 100%
:: Retrieving packages from extra...
squid-3.1.19-1.1-arm 887.1 KiB 569K/s 00:02 [##########################################################################] 100%
(8/8) checking package integrity [##########################################################################] 100%
(8/8) loading package files [##########################################################################] 100%
(8/8) checking for file conflicts [##########################################################################] 100%
(1/8) installing mpfr [##########################################################################] 100%
(2/8) installing libmpc [##########################################################################] 100%
(3/8) installing isl [##########################################################################] 100%
(4/8) installing cloog [##########################################################################] 100%
(5/8) installing ppl [##########################################################################] 100%
(6/8) installing gcc [##########################################################################] 100%
(7/8) installing libtool [##########################################################################] 100%
(8/8) installing squid
[root@PogoLab ~]#
That's about it... make sure you've setup your router to forward port 3128 so squid my communicate externally. Set your proxy credentials on your client machine and you're off the races!
====hpc0 squid.conf====
For my proxy server I've settled with the following config file:
acl ip_acl src 192.168.1.0/24
http_access allow ip_acl
http_access allow all
cache_mgr asow123@gmail.com
cache_mem 64 MB
cache_dir diskd /var/log/squid/cache0 64 16 256
cache_effective_user andrew
http_port 3128 transparent
This tells all trafic forwarded to the proxy on port 3128 to travel through its assigned port and return to the client. The cache is 64 megabytes (Enough for personal use.)
====hpc0 superuser====
A superuser is the root user. A system typically has a single root account and can allow other users superuser privileges. The concept of a superuser establishes a layer of security on your system; you wouldn't want to allow absolute log, program and file navigation access to every user.
An administrator or root user can add new sudo user in the /etc/sudoers file. Here is an example of a string adding sudo privileges to a user named joe:
joe ALL=(ALL) ALL
====hpc0 sudo vs root====
So want to be a super user? Think sudo's the same thing? Not quite. The difference between sudo and root execution is when a user executes a command using using sudo a log is kept of the commands used. This is not the case with root.
This log adds an additional layer of security.
====hpc0 Unison====
Unison is a great bidirectional directory synchronization application.
I've setup a script to describe its functionality:
#!/bin/bash
_path="/home/andrew/Cloud"
_unison=/usr/local/Cellar/unison/2.40.63/bin/unison
_rserver="67.241.242.136"
for r in ${_rserver}
do
for p in ${_path}
do
${_unison} -batch /Users/asow123/Cloud "ssh://${r}/${p}"
done
done
Here is the script in action:
AirAndrew:/ andrew$ ./Unison.sh
Contacting server...
Connected [//AirAndrew//Users/asow123/Cloud -> //PogoLab//home/andrew/Cloud]
Looking for changes
Waiting for changes from server
Reconciling changes
props <-?-> props /
local : dir props changed modified on 2012-05-02 at 21:26:20 size 2025059 rwxr-xr-x
PogoLab : dir props changed modified on 2012-05-02 at 21:25:03 size 1946009 rwxr-xr-x
new file <-?-> new file .DS_Store
local : new file modified on 2012-05-02 at 21:23:17 size 6148 rw-r--r--
PogoLab : new file modified on 2012-04-30 at 18:06:57 size 6148 rw-r--r--
w file <-?-> new file Icon
local : new file modified on 2012-04-30 at 17:54:31 size 79050 rw-rw-rw- icon MACS
PogoLab : new file modified on 2012-04-30 at 9:46:17 size 0 rw-rw-rw-
No updates to propagate
AirAndrew:/ andrew$
====hpc0 Generating ssh keys====
Sometimes you just need indefinite access.
===Definition===
An ssh key will allow you to establish a secure shell with a trusted host if the server is compliant with clients generated key.
===Demonstration===
On the client side
ssh-keygen -t dsa
generates an ssh key for the remote server.
Add the key to this file ~/.ssh/authorized_keys
Then login! =D
====hpc0 evn DISPLAY=:====
===Definition===
Forwarding Applications is so cool!
===Demonstration===
You can forward applicaitons to other display environments like this:
[andrew@PogoLab ~]$ sudo env DISPLAY=:10 gparted
======================
libparted : 3.1
======================
^C[andrew@PogoLab ~]$
So... lets explain what just happened. On my MacBook I was ssh'd into @PogoLab and set gparted to open on my PowerBook that was ALSO connected to @PogoLab
The $DISPLAY number is what counts; :0 would be the local display and 10 was the SSH session connected to the PowerBook
====hpc0 manual X11 forwarding====
For when you're too good for just ssh -X
===Demonstration===
Let's say I want X apps to open on my macbook air when they are executed on @PogoLab.
First I must add the remote ip of PogoLab to my X hosts on the macbook:
AirAndrew:~ andrew$ sudo xhost +192.168.1.101
Password:
192.168.1.101 being added to access control list
AirAndrew:~ andrew$
Then on @PogoLab I must export my display to the macbook:
[andrew@PogoLab ~]$ export DISPLAY=192.168.1.147:0.0
[andrew@PogoLab ~]$
=====hpc0 Objective=====
====hpc0 Objective====
Play hard work hard
===Definition===
Through video games and other forms of digital entertainment, one can acquire a set of skills that enable that person to excel in the fundamentals of that subject.
===Method===
For instance, I didn't know how to forward ports via ssh before it was necessary when attempting to play MineCraft on a Lab46 VM-server.
===Analysis===
If you never make time for a little fun you may find your situation dull and stagnate.