Table of Contents
hpc0 Keywords
hpc0 Squid
Definition
Squid is an open source HTTP, HTTPS, and FTP proxy application that is flexible enough for Corporate, Education or personal use.
Demonstration
I'm going to setup my own proxy for HTTP and HTTPS so I may evade web restrictions whilst I'm out and about.
First I'm going to grab the Squid program for arch via the Pacman package manager:
[root@PogoLab ~]# pacman -S squid resolving dependencies... looking for inter-conflicts... Targets (8): cloog-0.17.0-1 gcc-4.6.3-1 isl-0.09-1 libmpc-0.9-2 libtool-2.4.2-4.1 mpfr-3.1.0.p7-1 ppl-0.12-1 squid-3.1.19-1.1 Total Download Size: 17.38 MiB Total Installed Size: 87.46 MiB Proceed with installation? [Y/n] y :: Retrieving packages from core... mpfr-3.1.0.p7-1-arm 319.8 KiB 343K/s 00:01 [##########################################################################] 100% libmpc-0.9-2-arm 53.4 KiB 502K/s 00:00 [##########################################################################] 100% isl-0.09-1-arm 377.5 KiB 488K/s 00:01 [##########################################################################] 100% cloog-0.17.0-1-arm 74.2 KiB 636K/s 00:00 [##########################################################################] 100% ppl-0.12-1-arm 1965.6 KiB 707K/s 00:03 [##########################################################################] 100% gcc-4.6.3-1-arm 13.5 MiB 1129K/s 00:12 [##########################################################################] 100% libtool-2.4.2-4.1-arm 268.5 KiB 650K/s 00:00 [##########################################################################] 100% :: Retrieving packages from extra... squid-3.1.19-1.1-arm 887.1 KiB 569K/s 00:02 [##########################################################################] 100% (8/8) checking package integrity [##########################################################################] 100% (8/8) loading package files [##########################################################################] 100% (8/8) checking for file conflicts [##########################################################################] 100% (1/8) installing mpfr [##########################################################################] 100% (2/8) installing libmpc [##########################################################################] 100% (3/8) installing isl [##########################################################################] 100% (4/8) installing cloog [##########################################################################] 100% (5/8) installing ppl [##########################################################################] 100% (6/8) installing gcc [##########################################################################] 100% (7/8) installing libtool [##########################################################################] 100% (8/8) installing squid [root@PogoLab ~]#
That's about it… make sure you've setup your router to forward port 3128 so squid my communicate externally. Set your proxy credentials on your client machine and you're off the races!
hpc0 squid.conf
For my proxy server I've settled with the following config file:
acl ip_acl src 192.168.1.0/24 http_access allow ip_acl http_access allow all cache_mgr asow123@gmail.com cache_mem 64 MB cache_dir diskd /var/log/squid/cache0 64 16 256 cache_effective_user andrew http_port 3128 transparent
This tells all trafic forwarded to the proxy on port 3128 to travel through its assigned port and return to the client. The cache is 64 megabytes (Enough for personal use.)
hpc0 superuser
A superuser is the root user. A system typically has a single root account and can allow other users superuser privileges. The concept of a superuser establishes a layer of security on your system; you wouldn't want to allow absolute log, program and file navigation access to every user.
An administrator or root user can add new sudo user in the /etc/sudoers file. Here is an example of a string adding sudo privileges to a user named joe:
joe ALL=(ALL) ALL
hpc0 sudo vs root
So want to be a super user? Think sudo's the same thing? Not quite. The difference between sudo and root execution is when a user executes a command using using sudo a log is kept of the commands used. This is not the case with root.
This log adds an additional layer of security.
hpc0 Unison
Unison is a great bidirectional directory synchronization application. I've setup a script to describe its functionality:
#!/bin/bash
_path="/home/andrew/Cloud"
_unison=/usr/local/Cellar/unison/2.40.63/bin/unison
_rserver="67.241.242.136"
for r in ${_rserver}
do
for p in ${_path}
do
${_unison} -batch /Users/asow123/Cloud "ssh://${r}/${p}"
done
done
Here is the script in action:
AirAndrew:/ andrew$ ./Unison.sh Contacting server... Connected [//AirAndrew//Users/asow123/Cloud -> //PogoLab//home/andrew/Cloud] Looking for changes Waiting for changes from server Reconciling changes props <-?-> props / local : dir props changed modified on 2012-05-02 at 21:26:20 size 2025059 rwxr-xr-x PogoLab : dir props changed modified on 2012-05-02 at 21:25:03 size 1946009 rwxr-xr-x new file <-?-> new file .DS_Store local : new file modified on 2012-05-02 at 21:23:17 size 6148 rw-r--r-- PogoLab : new file modified on 2012-04-30 at 18:06:57 size 6148 rw-r--r-- w file <-?-> new file Icon local : new file modified on 2012-04-30 at 17:54:31 size 79050 rw-rw-rw- icon MACS PogoLab : new file modified on 2012-04-30 at 9:46:17 size 0 rw-rw-rw- No updates to propagate AirAndrew:/ andrew$
hpc0 Generating ssh keys
Sometimes you just need indefinite access.
Definition
An ssh key will allow you to establish a secure shell with a trusted host if the server is compliant with clients generated key.
Demonstration
On the client side
ssh-keygen -t dsa
generates an ssh key for the remote server.
Add the key to this file ~/.ssh/authorized_keys
Then login! =D
hpc0 evn DISPLAY=:
Definition
Forwarding Applications is so cool!
Demonstration
You can forward applicaitons to other display environments like this:
[andrew@PogoLab ~]$ sudo env DISPLAY=:10 gparted ====================== libparted : 3.1 ====================== ^C[andrew@PogoLab ~]$
So… lets explain what just happened. On my MacBook I was ssh'd into @PogoLab and set gparted to open on my PowerBook that was ALSO connected to @PogoLab
The $DISPLAY number is what counts; :0 would be the local display and 10 was the SSH session connected to the PowerBook
hpc0 manual X11 forwarding
For when you're too good for just ssh -X
Demonstration
Let's say I want X apps to open on my macbook air when they are executed on @PogoLab. First I must add the remote ip of PogoLab to my X hosts on the macbook:
AirAndrew:~ andrew$ sudo xhost +192.168.1.101 Password: 192.168.1.101 being added to access control list AirAndrew:~ andrew$
Then on @PogoLab I must export my display to the macbook:
[andrew@PogoLab ~]$ export DISPLAY=192.168.1.147:0.0 [andrew@PogoLab ~]$
hpc0 Objective
hpc0 Objective
Play hard work hard
Definition
Through video games and other forms of digital entertainment, one can acquire a set of skills that enable that person to excel in the fundamentals of that subject.
Method
For instance, I didn't know how to forward ports via ssh before it was necessary when attempting to play MineCraft on a Lab46 VM-server.
Analysis
If you never make time for a little fun you may find your situation dull and stagnate.