Category Archives: Tools

Implement RSA Authentication Under SSH

Posted on by
1

To implement RSA authentication under ssh so that the user is not continually asked prompted for a remote-host password when using ssh, scp, or any programs using ssh underneath such as cvs and svn do the following.

  1. Create a public/private RSA key pair. This will be used for RSA authentication. When generating this RSA key pair don’t enter a passphrase otherwise you will always be prompted for it. 
    $ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/fkim/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/fkim/.ssh/id_rsa.
Your public key has been saved in /home/fkim/.ssh/id_rsa.pub.
The key fingerprint is:
2a:59:54:3f:82:8f:79:92:1d:39:7b:62:02:68:97:e6 fkim@paltp1235

$ cd .ssh
$ chmod 400 id_rsa id_rsa.pub
  2. Copy the public RSA key to the remote host. 
    $ scp -p ~/.ssh/id_rsa.pub  fkim@betweengo.com:~/
Password:
id_rsa.pub                                    100%  396     0.4KB/s   00:00
  3. ssh to the remote host and create an .ssh directory if it does not already exist. 
    $ ssh fkim@betweengo.com
Password:
[box ~]$ mkdir .ssh
[box ~]$ chmod 755 .ssh
  4. Append the public RSA key to the list of authorized keys. 
    [box ~]$ cat id_rsa.pub >> .ssh/authorized_keys2
[box ~]$ chmod 644 .ssh/authorized_keys2
  5. Log out and log back in to verify that you no longer need to enter your password. 
    $ ssh fkim@betweengo.com
[box ~]$

Note if this does not work it is sometimes because the ssh client cannot find the id_rsa file. It looks for it normally where it keeps the known hosts file. On most systems this is the default location for where it writes the id_rsa file. On one system I found that it was looking for the id_rsa file in C:\.ssh.

In some cases RSA authentication will not work and you will need to use DSA authentication. This article, SSH Logins Without Providing A Password, gives a good description of how to do this. The instructions are quite similar.

Subversion on Dreamhost

Posted on by
6

This post is a log of how I personally got Subversion running on Dreamhost using this post.

  1. Obtained the Subversion source from http://subversion.tigris.org/project_packages.html#source-release, compiled it, and put the binaries in my ~/bin directory.
  2. Added the Subversion binaries to my path by adding these lines to my ~/.bash_profile file. 
    # Set PATH so it includes user's private bin if it exists
if [ -d ~/bin ] ; then
  PATH="~/bin:${PATH}"
fi

    For this change to take effect you either have to relogin or: 

    $ . ~/.bash_profile

  3. Initialized new subversion repositories. For example: 
    $ svnadmin create ~/svn/mk 
$ svn mkdir \
    file:///home/fkim/svn/mk/trunk \ 
    file:///home/fkim/svn/mk/branches \
    file:///home/fkim/svn/mk/tags

    I am following the suggested way of organizing a Subversion repository.

  4. Imported the files into the subversion repository. For example: 
    svn import ~/meetingkoreans.com file:///home/fkim/svn/mk/trunk/
svn import ~/meetingkoreans.com svn+ssh://fkim@meetingkoreans.com/home/fkim/svn/mk/trunk/

    Note: I was having a strange problem when I tried to do an import and kept getting an already exists error.  It turned out the problem was because what I was trying to import was a link instead of the actual directory.  This might only be an issue on Cygwin.

  5. Checked the files out. To do this locally: 
    svn co file:///home/fkim/svn/mk/trunk meetingkoreans.com

    To do this remotely:

    svn co svn+ssh://fkim@meetingkoreans.com/home/fkim/svn/mk/trunk mkrb

Serial Version UID

Posted on by
3

It is simple to make a class serializable, just have it implement the java.io.Serializable interface. However it is not easy to support the serialized form forever.

One issue is the serial version UID. Every serializable class has a unique identification number associated with it. If you do not specify the identification number explicitly by declaring a private static final long field named serialVersionUID, the system automatically generates it by applying a complex deterministic procedure to the class… If you change [the class] in any way … the automatically generated serial version UID changes. If you fail to declare an explicit serial version UID, compatibility will be broken.

Bloch, Joshua. Effective Java. p. 214

To generate the serial version UID for a class use the serialver tool which comes with the Java SDK. The serialver tool returns the serial version UID for one or more classes.

Example:

$ serialver -classpath 'build;C:/foo/classes.jar' com.bar.FooMessage

or

> serialver -classpath build;C:\foo\classes.jar com.bar.FooMessage

An even easier way to generate the serial version UID is to use the Eclipse IDE. If your class implements the java.io.Serializable interface and it does not have a serial version UID then Eclipse will give a warning about this next to the class name. If you click on the warning you can choose the option “Add generated serial version ID.”

Note, currently there is a bug with Eclipse and generating the serial version UID. When attempting to generate a serial version UID you will see a dialogue window which says “Computing serial version ID….” and “Starting virtual machine…”. Unfortunately this hangs and you are forced to kill your Eclipse IDE. I started seeing this bug yesterday after installing some JDBC plugins and the GEF plugin, I’m not sure if it’s related to that. I tried disabling the plugins but I still see the problem. Before I wasn’t having this problem.