Thursday, February 24, 2011

on the train ride in...

Here's the set up with 5 x 30MB files:
for ((c=1; c<=5;c++)) do dd if=/dev/urandom of=file.$c bs=1024k count=30; done
30+0 records in
30+0 records out
31457280 bytes (31 MB) copied, 4.17672 s, 7.5 MB/s
the question - change one argument to make this faster...:
time find . -type f | xargs gzip 

real    0m7.218s
user    0m6.940s
sys     0m0.250s
and the "answer":

Sunday, February 13, 2011

cli java based google-authenticator desktop client direct from your shell

Gmail released two factor auth for mail and apps the other day:

http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html

I've been futzing with two factor for a while. It is all rather cool. Most of the grown up two factor auth systems have a desktop client. Here is the code I hacked out of the Google Android Java Client to be able to do the same thing from the cli on *any* java platform:


Wednesday, February 9, 2011

Monday, February 7, 2011

fun with the cli, dynamic runtime linking and QR codes


So in the last post playing around with google-authenticator I noticed the wicked smart folks @ google using QR codes to encode the auth key. What I did not notice was their extremely cool usage of dlopen to pull in an encoder if it happened to be on the system. I was missing the encode library so I also did not notice their code can dump a QR directly to the vt100 terminal!

This simple dlopen() magic does the trick:
void *qrencode = dlopen ("libqrencode.so.3", RTLD_NOW | RTLD_LOCAL);

dlopen() is actually an awesome programming idea for dependency on shared libraries so code builds quickly if you don't have the depend, and also does not hork at runtime if you are missing things - it certainly helps avoid link time crazy!


Thursday, February 3, 2011

two factor for zero dollar, love it long time...

We have a substantial RSA install out in my day job. It is a monster, with replicated concentrators, AD systems split over two data centers and tied in VPN. We support a lot of folks in HPC, so it is worth trying to get it right.

However, I was very intrigued to see if I could do something on the down low in my basement using some sort of cheapo two factor auth. Turns out it is absolutely cake to get running even from a mercurial repo - I timed this at 15mins end to end plus a bit of phafp to edit the right files, I blame my old age at not configuring things right the first time.

So first grab the source luke!



[any opinions here are all mine, and have absolutely nothing to do with my employer]
(c) 2011 James Cuff