Skip to content
Fragmented Development

Blog

This is a repository for the thoughts, notes, and achievements of Mr. Jacob Hume. It contains posts on a large variety of subjects, technical and otherwise.


Micro.fragdev.com is shutting down

It is time to shut down the FragDev GNUsocial instance; it will be taken down on June 30th, 2017. I've thought a lot about this, and due to some new developments in my life and the resources an instance requires, this seems like a good time to call it quits.

I've privately notified the FragDev users. They have all been wonderful, both before and after notification.

I am not sure whether I am leaving GNUsocial altogether. There are plenty of good instances out there to join, but the fediverse has become more representative of the planet as a whole recently. As Christopher M. Hobbes put it recently:

i like the pile of old crotchety hackers/duffers i started with here back when i first jumped onto statusnet. the federation of weebs have been a mixed bag, though.

That is putting it very, very democratically. I feel like the Internet, as with the rest of the world, has turned into a bit of a high-powered fecal cannon lately. While social medias of all kinds are not the cause of that, using them is the metaphorical equivalent of aiming that cannon towards yourself.

I've never been highly social, even during the days of IRC. GNUsocial's been the peak for me in regards that, and I need to decide if I want to keep it up or not.

Baby

It's rare that I have big news, so I'm just going to use an Adventure Time screenshot.

A screenshot of Jake the Dog, from Adventure Time, Season 4, Episode 19, 'Lady & Peebles'.

That's right! My partner and I are expecting some sort of baby in July! It's been hard to identify anatomical features, but it's humanoid for sure.

It is crazy stuff, but we're both really excited. So much for sleep and free time!

Keeping keys for SSH, and passwords for SFTP

My VPS has lots of different applications residing on it, and many people need to access it in various ways. Sometimes, tightening security for one group can negatively impact another.

One instance of this has been authentication with SSH. I prefer key-based authentication, for the added security and ease of use (once set up). However, this type of authentication doesn't work well for my SFTP users - they all have passwords, and generating and managing keys for them would be difficult at best.

OpenSSH *does * provide a neat trick for getting around this, through Match blocks. These blocks can specify a separate set of configurations for a subset of connections that "match" the criteria. You can match on an IP address, port, user... and a group!

I created a sftp group, and added all of my SFTP-only users into that group. I then tweaked my sshd configuration with the following changes:

...
PasswordAuthentication no
AllowGroups ssh sftp

Match Group sftp
    ForceCommand /usr/lib/openssh/sftp-server
    PasswordAuthentication yes
    [ other security hardening ]

This prevents ordinary SSH connections - users in the ssh group - from connecting with just a password, but allows it with SFTP users. It also allows me to restrict what is allowed for those users, because they obviously won't need things like X11/port forwarding.

It's not often I find this kind of nice, usable compromise where security is concerned - this was a very happy discovery!

MariaDB / mysql root password on Debian Stretch

I was a little perplexed when I installed a MariaDB server on my main desktop running Debian Stretch; it didn't ask me for a root password. This is a change from the previous Debians, which always prompt you to set the password during installation.

Not to fret, though. It seems like the way to login as root is to run the client as root with the sudo command.

Instead of the old mysql -u root -p command, you can just use sudo mysql and you're presented with the root prompt!

Much easier to do, as long as you know what to do. :P

Working with base64 and images

I have been working with base64 encoding a lot recently, specifically regarding image files. Using base64 is a cool way to embed images in your CSS, and happens to be useful when writing Django tests that involve an image file field.

If you're on Linux or have access to bash, you can encode image files easily using the base64 command. I usually pair this with xclip to dump it to my clipboard.

base64 image.jpg | xclip -selection clipboard

If you're using Firefox, you can right-click on an img element and select "Copy > Image Data-URL" to get a base64 string with the MIME-type prepended. I didn't see an immediate way to do this in Chrome, but I'm not too familiar with their dev tools.

To convert this data back to an image file, I use the following command (wrapped in a bash script):

xclip -o | cut -d',' -f 2 | base64 -d > image.jpg

As a final measure, I've created a series of 1x1 test images and base64-encoded them. I may add more as the need arises, but these have been more than sufficient for what I use.

Test GIF

R0lGODdhAQABAIAAAP///////ywAAAAAAQABAAACAkQBADs=

Test PNG (32-bit)

iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAACXBIWXMAAAsTAAALEwEAmpwYAAAA
B3RJTUUH4AsdEhMkTX3dLAAAAB1pVFh0Q29tbWVudAAAAAAAQ3JlYXRlZCB3aXRoIEdJTVBkLmUH
AAAADElEQVQI12P4//8/AAX+Av7czFnnAAAAAElFTkSuQmCC

Test JPG

/9j/4AAQSkZJRgABAQEASABIAAD//gATQ3JlYXRlZCB3aXRoIEdJTVD/2wBDAAMCAgMCAgMDAwME
AwMEBQgFBQQEBQoHBwYIDAoMDAsKCwsNDhIQDQ4RDgsLEBYQERMUFRUVDA8XGBYUGBIUFRT/2wBD
AQMEBAUEBQkFBQkUDQsNFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU
FBQUFBQUFBT/wgARCAABAAEDAREAAhEBAxEB/8QAFAABAAAAAAAAAAAAAAAAAAAACP/EABQBAQAA
AAAAAAAAAAAAAAAAAAD/2gAMAwEAAhADEAAAAVSf/8QAFBABAAAAAAAAAAAAAAAAAAAAAP/aAAgB
AQABBQJ//8QAFBEBAAAAAAAAAAAAAAAAAAAAAP/aAAgBAwEBPwF//8QAFBEBAAAAAAAAAAAAAAAA
AAAAAP/aAAgBAgEBPwF//8QAFBABAAAAAAAAAAAAAAAAAAAAAP/aAAgBAQAGPwJ//8QAFBABAAAA
AAAAAAAAAAAAAAAAAP/aAAgBAQABPyF//9oADAMBAAIAAwAAABCf/8QAFBEBAAAAAAAAAAAAAAAA
AAAAAP/aAAgBAwEBPxB//8QAFBEBAAAAAAAAAAAAAAAAAAAAAP/aAAgBAgEBPxB//8QAFBABAAAA
AAAAAAAAAAAAAAAAAP/aAAgBAQABPxB//9k=

For a full list of posts, feel free to check out the Archive!