Sphinx is a tool that makes it easy to create intelligent and beautiful documentation, written by Georg Brandl and licensed under the BSD license.

It was originally created for the new Python documentation, and it has excellent facilities for the documentation of Python projects, but C/C++ is already supported as well, and it is planned to add special support for other languages as well. Of course, this site is also created from reStructuredText sources using Sphinx!

Sphinx is under constant development. The following features are present, work fine and can be seen “in action” in the Python docs:

• Output formats: HTML (including Windows HTML Help), LaTeX (for printable PDF versions), manual pages, plain text
• Extensive cross-references: semantic markup and automatic links for functions, classes, citations, glossary terms and similar pieces of information
• Hierarchical structure: easy definition of a document tree, with automatic links to siblings, parents and children
• Automatic indices: general index as well as a module index
• Code handling: automatic highlighting using the Pygments highlighter
• Extensions: automatic testing of code snippets, inclusion of docstrings from Python modules (API docs), and more

Sphinx uses reStructuredText as its markup language, and many of its strengths come from the power and straightforwardness of reStructuredText and its parsing and translating suite, the Docutils.

Credit - http://sphinx.pocoo.org/

ssh-keygen — authentication key generation, management and conversion

Howto: Setup ssh authentication without password

The advantage of using these key-based authentication systems is that in many cases, it's possible to establish secure connections without having to manually type in a password.

SSH-Keygen is a Unix utility that is used to generate, manage, and convert authentication keys for ssh authentication. With the help of the SSH-Keygen tool, a user can create passphrase keys for both SSH protocol version 1 and version 2. SSH-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2.

The SSH-keygen tool stores the private key in $HOME/.ssh/id_rsa and the public key in $HOME/.ssh/id_rsa.pub in the user’s home directory. The user should then copy the id_rsa.pub to $HOME/.ssh/authorized_keys in his home directory on the remote machine. It also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. Instead of RSA, DSA can also be used. The steps to create authorization keys by using the SSH-keygen tool are as follows:

Start the SSH-keygen tool by using the following command to generate an RSA authentication key:

mint ~ # ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa)

Enter a passphrase for using your key:

The passphrase you will enter will be used for encrypting your private key. A good passphrase should be alphanumeric having 10-30 character length. You can also use the null passphrase however it can be a loophole for the security.

Check the Passphrase Key:

The private key was saved in .ssh/id_rsa file which is the read-only file. No one else must see the content of that file, as it is used to decrypt all correspondence encrypted with the public key. The public key is save in .ssh/id_rsa.pub file.

Copy the Public Key onto remote systems' .ssh/authorized_keys file:

Now, you have to copy the public key onto a remote systems' .ssh/authorized_keys file and make the file permissions 0x600, so it is only read/writable by you. Without these permissions, ssh will refuse to use the key. And now you can SSH to the remote systems's account without using a password. The "ssh-copy-id remotehost" command makes this 3 step process into one - logins, copies keys and changes permissions all in one go.

Files Used by SSH-Keygen utility

$HOME/.ssh/identity: The $HOME/.ssh/identity file contains the RSA private key when using the SSH protocol version 1.

$HOME/.ssh/identity.pub: The $HOME/.ssh/identity.pub file contains the RSA public key for authentication when you are using the SSH protocol version

A user should copy its contents in the $HOME/.ssh/authorized_keys file of the remote system where a user wants to log in using RSA authentication.

$HOME/.ssh/id_dsa: The $HOME/.ssh/id_dsa file contains the protocol version 2 DSA authentication identity of the user.

$HOME/.ssh/id_dsa.pub: The $HOME/.ssh/id_dsa.pub file contains the DSA public key for authentication when you are using the SSH protocol version

A user should copy its contents in the $HOME/.ssh/authorized_keys file of the remote system where a user wants to log in using DSA authentication.

$HOME/.ssh/id_rsa: The $HOME/.ssh/id_rsa file contains the protocol version 2 RSA authentication identity of the user. This file should not be readable by anyone but the user.

$HOME/.ssh/id_rsa.pub: The $HOME/.ssh/id_rsa.pub file contains the protocol version 2 RSA public key for authentication. The contents of this file should be added to $HOME/.ssh/authorized_keys on all computers where a user wishes to log in using public key authentication.

Reference: http://linux.die.net/man/1/ssh-keygen

Below shows an Example

On your client machine create the keys and copy it to the server for auto login via ssh keys.

Client Machine:

mint ~ # ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

05:fa:86:d1:f9:8e:fc:80:c8:b9:87:b8:ee:18:53:b6 root@mint

The key's randomart image is:

+--[ RSA 2048]----+

|        .        |

|       o o       |

|      o o .      |

|       + o       |

|  o   . S .      |

| o o o + o       |

|o E.+.. + .      |

| +. ...  o       |

|.o+...    .      |

+-----------------+

mint ~ # cd .ssh

mint .ssh # ls -l

total 8

-rw------- 1 root root 1679 2012-03-01 10:36 id_rsa

-rw-r--r-- 1 root root  391 2012-03-01 10:36 id_rsa.pub

mint .ssh #

mint .ssh # file *

id_rsa:     PEM RSA private key

id_rsa.pub: OpenSSH RSA public key

mint .ssh #

Use scp to copy the id_rsa.pub (public key) to server to authorized_keys file, this is know as Installing the public key to server.

The contents of this file should be added to ~/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret.

FILES

~/.ssh/identity

Contains the protocol version 1 RSA authentication identity of the user.  This file should not be readable by anyone but the user.

It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this

file using 3DES.  This file is not automatically accessed by ssh-keygen but it is offered as the default file for the private key.

ssh(1) will read this file when a login attempt is made.

~/.ssh/identity.pub

Contains the protocol version 1 RSA public key for authentication.  The contents of this file should be added to

~/.ssh/authorized_keys on all machines where the user wishes to log in using RSA authentication.  There is no need to keep the con?

tents of this file secret.

~/.ssh/id_dsa

~/.ssh/id_ecdsa

~/.ssh/id_rsa

Contains the protocol version 2 DSA, ECDSA or RSA authentication identity of the user.  This file should not be readable by anyone

but the user.  It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private

part of this file using 128-bit AES.  This file is not automatically accessed by ssh-keygen but it is offered as the default file

for the private key.  ssh(1) will read this file when a login attempt is made.

~/.ssh/id_dsa.pub

~/.ssh/id_ecdsa.pub

~/.ssh/id_rsa.pub

Contains the protocol version 2 DSA, ECDSA or RSA public key for authentication.  The contents of this file should be added to

~/.ssh/authorized_keys on all machines where the user wishes to log in using public key authentication.  There is no need to keep the                         contents of this file secret.

PS command: process tree, threads, security

To print a process tree:

To get info about threads:

To get security info:

Spark: The first free-software, Linux tablet is on its way

The Spark, which will be based on MeeGo and use KDE Plasma for its interface, will be the first free software tablet.                                                                  

Say hi to Spark, the first free software, Linux tablet.                                

Open-source software and Linux, thanks to Android, is well represented on tablets. But, if you didn’t want to deal with proprietary firmware and software, you were out of luck… until now. Aaron Seigo, one of the KDE’s lead developers, and his team are just about ready to roll-out the first tablet based entirely on Linux and free software: The Spark.

More  at - http://aseigo.blogspot.com/2012/01/reveal.html

Time Synchronisation with NTP

NTP is a TCP/IP protocol for synchronising time over a network. Basically a client requests the current time from a server, and uses it to set its own clock.

Behind this simple description, there is a lot of complexity - there are tiers of NTP servers, with the tier one NTP servers connected to atomic clocks (often via GPS), and tier two and three servers spreading the load of actually handling requests across the Internet. Also the client software is a lot more complex than you might think - it has to factor out communication delays, and adjust the time in a way that does not upset all the other processes that run on the server. But luckily all that complexity is hidden from you!

Linux Distros has two ways of automatically setting your time: ntpdate and ntpd.

ntpdate as standard, and will run it once at boot time.

The ntp daemon ntpd is far more subtle. It calculates the drift of your system clock and continuously adjusts it, so there are no large corrections that could lead to inconsistent logs for instance.

The Sysstat Suite of Resource Monitoring Tools

Sysstat is a sophisticated tool.

Sysstat contains the following tools related to collecting I/O and CPU statistics:

iostat
Displays an overview of CPU utilization, along with I/O statistics for one or more disk drives.

mpstat
Displays more in-depth CPU statistics.

Sysstat also contains tools that collect system resource utilization data and create daily
reports based on that data. These tools are:

sadc
Known as the system activity data collector, sadc collects system resource utilization
information and writes it to a file.

sar
Producing reports from the files created by sadc, sar reports can be generated interactively
or written to a file for more intensive analysis.

LCP: timeout sending Config-Requests

This is a general error condition that is common to a number of causes. It means that pppd did not receive any LCP configuration requests from the peer, or was unable to agree on LCP parameters. Enable debug logging, try the connection again, and look at messages just prior to this message.

There are many causes for the timeout error:

MSCHAP negotiation failed,

no GRE packets were received by the client,

no GRE packets were transmitted by the server,

invalid GRE packets were transmitted by the server,

no GRE packets were transmitted by the client.

invalid GRE packets were transmitted by the client,

Use tcpdump to check the flow of GRE packets.

Reference

http://pptpclient.sourceforge.net/howto-diagnosis.phtml#lcp_timeout

BSNL 3G wvdial.conf

Example configuration:

[Dialer bsnl3g]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init3 = AT+CGDCONT=1,"IP","bsnlnet","",0,0
Modem Type = USB Modem
Baud = 460800
New PPPD = yes
Modem = /dev/ttyACM0
ISDN = 0
Phone = *99***1#
Password = 948*
Username = 948*
New PPPD = yes
Stupid Mode = yes

Troubleshooting Domain DNS issues.

Example troubleshooting steps in resolving your network/DNS connection.

vector:/~
vector:$ traceroute -n -w 2 -q 2 -m 30 4.2.2.2
traceroute to 4.2.2.2 (4.2.2.2), 30 hops max, 60 byte packets
1 218.248.84.10 100.556 ms 319.220 ms
2 10.42.43.97 290.287 ms 291.111 ms
3 10.42.43.28 339.076 ms 340.995 ms
4 172.24.7.214 339.961 ms *
5 209.58.33.133 590.822 ms 589.914 ms
6 64.86.252.45 658.764 ms 660.691 ms
7 4.68.62.117 661.651 ms 662.608 ms
8 4.69.144.3 664.563 ms 4.69.144.67 663.506 ms
9 4.2.2.2 564.279 ms 548.440 ms
vector:/~
vector:$

If you are on a windows box, try tracert -d 4.2.2.2

vector:/~
vector:$ nslookup -debug mit.edu 4.2.2.2
Server: 4.2.2.2
Address: 4.2.2.2#53

------------
QUESTIONS:
mit.edu, type = A, class = IN
ANSWERS:
-> mit.edu
internet address = 18.9.22.69
ttl = 60
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: mit.edu
Address: 18.9.22.69

vector:/~
vector:$ dig @4.2.2.2 mit.edu

; <<>> DiG 9.7.3-P1 <<>> @4.2.2.2 mit.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 343
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mit.edu. IN A

;; ANSWER SECTION:
mit.edu. 26 IN A 18.9.22.69

;; Query time: 388 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Mon Jan 9 14:41:43 2012
;; MSG SIZE rcvd: 41

vector:/~
vector:$