Archive for November, 2008
星期日 晴
Posted by allenkwc in Daily Life on November 30, 2008
呢幾日天氣好好 , 好想買部lx3 去影相呀~~
呢幾日好凍 , 鼻敏感真係辛苦喇~~
成日話簡相去晒 , 都未簡tim, 一陣簡
一陣又要去補習 , 跟住去拎部舊server 俾人 , 星期日咁就無左喇~><!
聽日要返工喇~~
Howto: SSH Public key based authentication (password-less login ssh)
Posted by allenkwc in Linux, Technology on November 30, 2008
a) Login
b) Make backups
c) Run commands from shell etc
Task: Generating ssh keys
1) Log on to your workstation ( for example log on to workstation called admin.fbsd.nixcraft.org as vivek user). Please refer the following sample setup – You will be log in, on your local system, AS THE USER you wish to make passwordless ssh connections.
(Click image to enlarge)
2) Create the Cryptographic Key on FreeBSD workstation, enter:
$ ssh-keygen -t rsa
Assign the pass phrase (press [enter] key twice if you don’t want a passphrase). It will create 2 files in ~/.ssh directory as follows:
- ~/.ssh/id_rsa : identification (private) key
- ~/.ssh/id_rsa.pub : public key
3) Use scp to copy the id_rsa.pub (public key) to rh9linux.nixcraft.org server as authorized_keys2 file, this is know as Installing the public key to server.
$ scp .ssh/id_rsa.pub vivek@rh9linux.nixcraft.org:.ssh/authorized_keys *must follow the file name "authorized_keys"!!!
4) From FreeBSD workstation login to server:
$ ssh rh9linux.nixcraft.org
5) Changing the pass-phrase on workstation (if needed):
$ ssh-keygen -p
6) Use of ssh-agent to avoid continues pass-phrase typing
At freebsd workstation type:
$ ssh-agent $BASH $ ssh-add
Type your pass-phrase
From here, whenever connecting to server it won’t ask for password.
Above two commands can be added to ~/.bash_profile so that as soon as I login into workstation I can set the agent.
7) Deleting the keys hold by ssh-agent
a) To delete all keys
$ ssh-add -D
b) To delete specific key
$ ssh-add -d key
c) To list keys
$ ssh-add -l
backup your MySQL using a bash script and cron job
1. dump the DB into a sql file
mysqldump -u <username> -p<password> <database> > <output file name>.sql
2. compress it
gzip <Filename>
3. Ftp send to backup server
** it is not suggested because backup ftp account and the backup data is sent in plain text format **
ftp -n $ftpserver <<END_SCRIPT
quote USER $ftpuser
quote PASS $ftppwd
put $gzipOutFile
quit
END_SCRIPT
exit 0
4. OR use SSH approach
You have to setup the connection using following setup, please refer to another post:
http://www.allenkan.com/blog/?p=138
Using an SCP (secure copy command) to copy the file to the host
scp <filename> <sshuser>@<sshhost>:<filename>shell script for sFTP
Posted by allenkwc in Linux, Technology on November 30, 2008
push
ssh user@host cat < “local file name” “>” “remote file name”
ssh root@192.168.68.2 cat < “/231.gif” “>” “/231.gif”
pull
ssh user@host cat “remote file name” > “local file name”
ssh root@192.168.68.2 cat “/231.gif” > “/231.gif”
compare
ssh user@host cat < “remote file name” “|” diff – “local file name”
ssh root@192.168.68.2 cat < “/231.gif” “|” diff – “/231.gif”
* if you want to automate login process, you have either 2 choices
1.using ssh public key
- Howto Linux / UNIX setup SSH with DSA public key authentication (password less login)
- SSH Public key based authentication – Howto
2. install sftp client and use it
3. down “expect” function and use it in the shell script to interact with shell
Simple Viewer XML File Generator
This program helps generating XML configuration file for simple viewer gallery album
1. copy the exe to the simple viewer folder
2. copy you photo into the photo folder
3. run the program and follow the instructions
Column Level Security in SharePoint
Posted by allenkwc in SharePoint on November 27, 2008
Basically Column level security can be customized using custom field control
details can refer to this doc: column-level-security-in-sharepoint
XSLT Find Total No. of Occurence of String
Posted by allenkwc in Technology on November 25, 2008
<xsl:template name=”totalNoOfOccurence”> <xsl:param name=”original”/> <xsl:param name=”character”/> <xsl:param name=”Count” /> <xsl:choose> <xsl:when test=”contains($original,$character)”> <xsl:choose> <xsl:when test=”contains(substring-after($original,$character),$character)”> <xsl:call-template name=”totalNoOfOccurence”> <xsl:with-param name=”original” select=”substring-after($original,$character)”/> <xsl:with-param name=”character” select=”$character”/> <xsl:with-param name=”Count” select=”$Count+1″/> </xsl:call-template> </xsl:when> <xsl:otherwise> <xsl:value-of select=”$Count+1″/> </xsl:otherwise> </xsl:choose> </xsl:when> <xsl:otherwise> <xsl:value-of select=”$Count”/> </xsl:otherwise> </xsl:choose> </xsl:template>
XSLT: Locate Last Char Position
Posted by allenkwc in Technology on November 25, 2008
<xsl:template name=”lastCharPosition”>
<xsl:param name=”original”/>
<xsl:param name=”character”/>
<xsl:param name=”string_length”/>
<xsl:variable name=”len”>
<xsl:choose>
<xsl:when test=”$string_length”>
<xsl:value-of select=”$string_length”/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select=”‘0′”/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:variable name=”char_len”>
<xsl:value-of select=”string-length($character)”/>
</xsl:variable>
<xsl:choose>
<xsl:when test=”contains($original,$character)”>
<xsl:choose>
<xsl:when test=”contains(substring-after($original,$character),$character)”>
<xsl:call-template name=”lastCharPosition”>
<xsl:with-param name=”original” select=”substring-after($original,$character)”/>
<xsl:with-param name=”character” select=”$character”/>
<xsl:with-param name=”string_length” select=”string-length(concat(substring-before($original,$character),’ ‘))+$len”/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select=”string-length(substring-before($original,$character))+$char_len+$len “/>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select=”string-length($original)”/>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
Encrypt Connection Strings AppSettings and Web.Config in ASP.NET 2.0 – Security Best Practices
One ASP.NET Security Task that was essentially impossible to perform in a shared ASP.NET 1.1 hosting environment was connection string encryption. Encrypting connection strings, encrypting application settings, or any part of Web.config required additional access to the hosting environment above and beyond what most 3rd party host providers were willing to provide to their customers.
ASP.NET 2.0 has now made this monumental task of encrypting configuration sections within Web.config a snap. There are no more excuses in .NET 2.0 as to why you haven’t encrypted sensitive information, such as connection strings, in your Web.config. Not only can you encrypt config sections using aspnet_regiis from the command line, but you can also encrypt and unencrypt Web.config on the fly in code.
Encrypt AppSettings Programatically
Shown below is a snippet of the application settings in Web.config in ASP.NET 2.0. Unprotected, you can read the application settings really easily. However, if this is private data that you don’t want people to know, it is best to encrypt it.
<appSettings>
<add key="SiteName" value="Dave's Website" />
<add key="SecretKey" value="12345678" />
appSettings>
The code for protecting and unprotecting sections in your Web.config is fairly trivial, because WebConfigurationManager-related classes handle all the work for you. I added two buttons to a web page, called btnProtect and btnUnProtect, to protect and unprotect on the fly. Here is the code of interest:
protected void UnProtect_Click(object sender, EventArgs e)
{
UnProtectSection("appSettings");
}
protected void Protect_Click(object sender, EventArgs e)
{
ProtectSection("appSettings",
"DataProtectionConfigurationProvider");
}
private void ProtectSection(string sectionName, string provider)
{
Configuration config =
WebConfigurationManager.
OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section =
config.GetSection(sectionName);
if (section != null && !section.SectionInformation.IsProtected)
{
section.SectionInformation.ProtectSection(provider);
config.Save();
}
}
private void UnProtectSection(string sectionName)
{
Configuration config =
WebConfigurationManager.
OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section =
config.GetSection(sectionName);
if (section != null && section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}
The code is very self-explanatory. The amazing part is how trivial it is. Here is what the application settings look like when encrypted:
<appSettings configProtectionProvider=
"DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>
AQAAANCMnd8BFdERjHoAwE/Cl+sBAAA
AXmrl4EN1VUSGDS9ZSSydRwQAAAACAA
AAAAADZgAAqAAAABAAAAA280OtZlZwu
D3U+ihvi2zpAAAAAASAAACgAAAAEAAA
AJ6AnDzWM1o3osh/Y6fcYtwAAQAA1PR
+wzfwgBgZ4y0yHU4uxaaMET13u21Bv3
zVE7aA7Z5pCWAYs54LNLNYQ673kmzAL
osWb7OMuzW6BPwMp18gKNQXOFSGNgA1
...
CipherValue>
CipherData>
EncryptedData>
appSettings>
Conclusion
ASP.NET 2.0 makes it extremely easy to encrypt connection strings, encrypt application settings, and encrypt config sections in Web.config either via the command prompt with aspnet_regiis or programmatically in your web applications.
Restore the deleted files in SubVersion
Posted by allenkwc in Other, Technology on November 19, 2008
Suppose the folder URL was:
url://server/repos/project/folder
And it was deleted in r100. Then to get it back, run this command:
svn copy -r99 -m “Restore folder” url://server/repos/project/folder url://server/repos/project/folder
If you get an error, add “@99” to the end of the first URL.