Tuesday, June 11, 2013
Public key types
1. OpenSSH key type
ssh-rsa AXCAB3NzaC1yc2EAAABAJQAAAIEAmGd3y/xJDjUeaJvFhRkcfpywWyrK3ZlR828E
jN4G0S0RsAgFiDnGGsYz5HuzZM1A+AabcswyMzhMoQDOKr99jLr/WbEdN2tZ8gN2
44C+LSXIAy3lCQgAWnYtOuAdBxmfcX3kQAH+ktejPd6GA1qAnPAHkv/+TaAawvAm
FbAA030=
2. OpenSSL PEM (Privacy Enhanced Mail) key type
-----BEGIN CERTIFICATE-----
QT8AG4baZYOizxdycd5tYazANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQG [...]
-----END CERTIFICATE-----
Convert private OpenSSL to public OpenSSH:
ssh-keygen -y -f company.com.key > company.com.pub
Convert OpenSSH to OpenSSL PEM:
ssh-keygen -f key.pub -e -m pem > key.pem.pub
3. Convert:-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----
to: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----
openssl rsa -in mykey.key -text > mykey.pem
4. Convert CSR to -----BEGIN PUBLIC KEY----- -----END PUBLIC KEY-----
openssl req -in brodline.com.csr -pubkey -noout
5. Issued certificate should be of a format:
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
Sunday, June 9, 2013
Ubuntu TeamCity No suitable JDBC driver found for database type: MySQL
Due to licensing terms, TeamCity does not bundle driver jars for external databases. You will need to download the Java driver and put the appropriate jars (see below) from it into <TeamCity Data Directory>/lib/jdbc directory (create it if necessary).
apt-get install libmysql-java
cp /usr/share/java/mysql.jar ~/.BuildServer/lib/jdbc/
[2013-06-09 18:39:34,963] INFO - jetbrains.buildServer.STARTUP - Current stage: Checking the database
[2013-06-09 18:39:36,581] INFO - jetbrains.buildServer.STARTUP - Database contains no tables.
[2013-06-09 18:39:36,582] INFO - jetbrains.buildServer.STARTUP - Current stage: Database is empty or doesn't exist
-> Just login to TeamCity via WWW (127.0.0.1:8111) and open administration panel (giving authorization token). From there you can initialize new database.
apt-get install libmysql-java
cp /usr/share/java/mysql.jar ~/.BuildServer/lib/jdbc/
[2013-06-09 18:39:34,963] INFO - jetbrains.buildServer.STARTUP - Current stage: Checking the database
[2013-06-09 18:39:36,581] INFO - jetbrains.buildServer.STARTUP - Database contains no tables.
[2013-06-09 18:39:36,582] INFO - jetbrains.buildServer.STARTUP - Current stage: Database is empty or doesn't exist
-> Just login to TeamCity via WWW (127.0.0.1:8111) and open administration panel (giving authorization token). From there you can initialize new database.
Windows - set up SSL/HTTPS reverse proxy using Apache HTTPD; Wrap HTTP traffic in SSL tunnel layer on Windows
Our main goal is to secure traffic that would normally go in an unsecured HTTP channel with SSL tunnel. To do that you need to buy an SSL certificate - you need to have private as well as public key for that certificate.
To have a working reverse proxy you need to enable the following modules in Apache's http.config file.
mod_ssl - this module enables HTTPS connections, encrypting traffic between the Internet and the proxy server using SSL
mod_proxy - this module enables Apache to act as a forward or reverse proxy server
mod_proxy_http - this module enables HTTP connections between the proxy server and the RequisiteWeb server
mod_vhost - controls virtual hosts in Apache
Download Apache HTTPD (version with ssl_mod already built in): here
Modify httpd.config in the following manner:
Apache HTTPD config file along with sample certificates can be downloaded from here.
To have a working reverse proxy you need to enable the following modules in Apache's http.config file.
mod_ssl - this module enables HTTPS connections, encrypting traffic between the Internet and the proxy server using SSL
mod_proxy - this module enables Apache to act as a forward or reverse proxy server
mod_proxy_http - this module enables HTTP connections between the proxy server and the RequisiteWeb server
mod_vhost - controls virtual hosts in Apache
Download Apache HTTPD (version with ssl_mod already built in): here
Modify httpd.config in the following manner:
#Listen 80 - disable :80 listening port - it's not needed for
#reverse proxy
Listen 443
#=== MODULES IMPORTANT FOR SSL REVERSE PROXY ===
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
<VirtualHost *:443>
ServerName *.forcom.com.pl
ProxyRequests On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
SSLProxyEngine On
ProxyPass / http://127.0.0.1:890/
ProxyPassReverse / http://127.0.0.1:890/
LogLevel info
ErrorLog "c:/ApacheLogs/ssl-proxy.log"
CustomLog "c:/ApacheLogs/ssl-proxy.log" combined
SSLEngine on
SSLProxyEngine On
SSLProtocol all
SSLCertificateFile "C:/cert/ssl/fcompany.pem"
SSLCertificateKeyFile "C:/cert/ssl/fcompanypriv.key"
</VirtualHost>
Apache HTTPD config file along with sample certificates can be downloaded from here.
Friday, June 7, 2013
Windows - set up SSL/HTTPS reverse proxy using NGINX; Wrap HTTP traffic in SSL tunnel layer
Our main goal is to secure traffic that would normally go in an unsecured HTTP channel with SSL tunnel. To do that you need to buy an SSL certificate - you need to have private as well as public key for that certificate.
This means that we want to call address: https://yourdomain.com and have that browser call transfered to our unsecured HTTP server WRAPPED in SSL tunnel.
First download NGINX Windows-1.4.1 from: http://nginx.org/en/download.html
(Remember to choose the stable version, as the Windows-1.5.1 crashes often on Windows XP SP3)
After successful installation of the nginx, you can start the balancer with:
start nginx
and shut it down with:
nginx -s stop
from the main directory of nginx (that's where nginx.exe resides).
The most important parts of the config file (nginx.conf) are:
listen 0.0.0.0:443;
First download NGINX Windows-1.4.1 from: http://nginx.org/en/download.html
(Remember to choose the stable version, as the Windows-1.5.1 crashes often on Windows XP SP3)
After successful installation of the nginx, you can start the balancer with:
start nginx
and shut it down with:
nginx -s stop
from the main directory of nginx (that's where nginx.exe resides).
The most important parts of the config file (nginx.conf) are:
listen 0.0.0.0:443;
ssl_certificate ssl/companypub.pem;
ssl_certificate_key ssl/companypriv.key;
proxy_pass http://127.0.0.1:80;
Both certificates are in PEM format. This configuration listens an all interfaces on port 443 and tunnels the traffic to its local HTTP server on port 80 (port 80 can be ignored in this case as it is the default port nginx would forward to).
You can download the configuration file along with sample certificate files here.
Thursday, June 6, 2013
Android ICS (4.0 and up) how to take screenshots straight from adb
Taking screenshots of the application you're developing has never been easier since Android 4.0.
If you have your device in debugging mode, just list the devices to see if the tablet/phone is visible:
adb devices
and then take screenshots in the following manner:
adb shell /system/bin/screencap -p /sdcard/screenshot_1.png
If you have your device in debugging mode, just list the devices to see if the tablet/phone is visible:
adb devices
and then take screenshots in the following manner:
adb shell /system/bin/screencap -p /sdcard/screenshot_1.png
Friday, May 31, 2013
Stable, working Android 4.0 / 4.1 on Galaxy S Advance I9070 - my expieience
In this short post I'm gonna present my view on the current Android development stage on Android 4.0 on Galaxy S Advance I9070.
First of all, my device was purchased from Polish carrier PLAY. This flavored ROM still has 2.3 gingerbread. How ridiculous it may sound, the ICS version is not going to come soon in Poland...
There was an official version for pure PL version of 4.1.2 - XXLQE which was a mess.
My advice - do NOT install this ROM - I9070XXLQE has some modem issues - it looses coverage, the 3G does not work. It's a total disaster and was pulled of Samsung Air....
Similar problems are depicted here:
http://www.youtube.com/watch?v=dsexSanmpVw
The stable release I'd found is the Russian version: I9070XXLQ4.
First of all, my device was purchased from Polish carrier PLAY. This flavored ROM still has 2.3 gingerbread. How ridiculous it may sound, the ICS version is not going to come soon in Poland...
There was an official version for pure PL version of 4.1.2 - XXLQE which was a mess.
My advice - do NOT install this ROM - I9070XXLQE has some modem issues - it looses coverage, the 3G does not work. It's a total disaster and was pulled of Samsung Air....
Similar problems are depicted here:
http://www.youtube.com/watch?v=dsexSanmpVw
The stable release I'd found is the Russian version: I9070XXLQ4.
Model: GT-I9070
Country: Russia
Version:
Changelist: N/A
Build date: N/A
Product Code: SER
PDA: I9070XXLQ4
CSC: I9070SERLQ4
MODEM: I9070XXLQ4
http://www.hotfile.com/dl/193240094/4c07575/I9070XXLQ4_I9070SERLQ4_SER.zip.html
After upgrade from Polish 2.3 (which was buggy as well), in 4.1 the phone does not loose coverage and the coverage is a lot better. It also has less lags.
The Android 2.3 lag issue in Galaxy S Advance I9070 was mainly with the phone app - when you wanted to dial a number, you chose the person and clicked the "dial" button.... and nothing happened. Most of the cases I was starting to get irritated and quit the phone app.... then all of a sudden the phone was starting to dial the number I had chosen earlier....
Actually with CWM you can install ROMs from XDA, but the one I tried was buggy, badly translated and the AOSP experience was not really AOSP..... it was a theme that was badly applied, so I do not recommend this one: http://forum.xda-developers.com/showthread.php?t=2182697
( [Rom][JB] Pure Vanilla (AOSP) ★ Smoothness Refined ★ Debloated (29/5/13))
Have anyone tried:
([I9070 JB] Full JB ROM deodex + MODS))
or:
( [JB STOCK MOD][I9070] Android AOSP like --> Simple Droid v3 [21.02.Update])
???
Friday, May 10, 2013
Oracle VirtualBox / VBox - mount share on linux, vbox linux shared folder
Mounting Oracle VBox share on linux is much easier than you might think.
1. Install VBox tools on the linux guest operating system (VM->Devices->Install Guest Additions)
After the tools have been successfully installed configure a shared folder in Devices->Shared folders.
Write down the name of the share (Name of the shared folder).
The mount should be done automatically to the folder:
/media/vs_YourFolderName
(Remember that only a root user will have privileged to that read/write to that folder)
Alternatively you can mount the folder yourself with the command:
mount -t vboxsf YourFolderName /home/user/vboxsharefolder
where YourFolderName is the name of the VirtualBox share,
and /home/user/vboxsharefolder is a previously created folder to which you have appropriate privileges.
1. Install VBox tools on the linux guest operating system (VM->Devices->Install Guest Additions)
After the tools have been successfully installed configure a shared folder in Devices->Shared folders.
Write down the name of the share (Name of the shared folder).
The mount should be done automatically to the folder:
/media/vs_YourFolderName
(Remember that only a root user will have privileged to that read/write to that folder)
Alternatively you can mount the folder yourself with the command:
mount -t vboxsf YourFolderName /home/user/vboxsharefolder
where YourFolderName is the name of the VirtualBox share,
and /home/user/vboxsharefolder is a previously created folder to which you have appropriate privileges.
Subscribe to:
Posts (Atom)