[2014-10-13] ansible, bash and patterns

I wanted to use ansible to quickly check on a bunch of servers which version of puppet they run.

ansible -i workhosts all -m raw -a "puppet --version" -K -s

Three servers had a different version, now i wanted just to check the servers not in the live group.

ansible -i workhosts all:!live -m raw -a "puppet --version" -K -s
bash: !live: event not found

Bash will try to lookup the last command from the history that starts with live and try to replace this term with it. Even "double quotaions" doesn't stop it. As I found here you need to use single quotes like this:

ansible -i workhosts 'all:!live' -m raw -a "puppet --version" -K -s

[2014-08-19] change keyboard layout form a terminal to US altgr-intl

I am checking out i3wm and it seems to be really nice. It took a while to find a way to set the altgr-intl variant of the US keyboard layout. It is actually really simple, just run the following code in a terminal.

setxkbmap us altgr-intl

[2013-12-07] AFWall a firewall for Android

If you have a rooted android device, you should consider to install a firewall that will block access to the internet per app. So you can even install bad apps that would collect your private data and or sending you a lot of spam adds without to worry about your privacy.

I used DroidWall but the development stopped. There is an active fork, call AFWall+.

  • You can import and export the firewall rules.
  • Search for applications.
  • You can limit the access to WIFI, cellular network, and roaming for each app.

If you like the app very much you can buy a pro version with the same feature set at the play store.

[2013-12-07] convert a bunch of images to jpg

If you have a couple of png files and want them smaller, e.g. screenshots from high resolution tablets or phones:

mogrify -format jpg *.png; rm *.png

[2013-12-07] find process that listens on a specific port

Don't forget to run it as root, otherwise you might not see the programm that uses the port. -P will show the port numbers insted of words, and -n will not try to look up the host names and increases the output speed a lot.

sudo lsof -Pn | grep LISTEN | grep :80

Read this page for more alternatives and better explanation.

Update: I got a tip from Johannes for a solution that could be easy remembered by people who speak german.

sudo netstat -tulpen | grep LISTEN | grep :80

Tulpen is the german plural word of tulip. If you just use the singular tulpe the command will run very slow because it tries to lookup tha names for the ports and ip adresses.

[2013-11-20] keepassX dropbox and android

You might heard of the resent hack on Adobe where millions of bad encrypted passwords where stolen and leaked. If not just google "password leak" and you can see that this happens quite often.

Those people who reuse there password are now in great danger. Everybody could now check for a specific email address, get the password and try to login to facebook or gmail. That made me think. I also used to reuse a lot of passwords. I have to log in to about 40 different accounts per week and i cannot, or just don't want to remember 40 different passwords.

Now I am using KeepassX to store a different password for each website. I have just to remember one strong password and I can lookup every password in a second. The login is now much faster when I had to probe my 3-4 common passwords. You can also let it type the username and password for you. I sync my key-database with dropbox, so each of my laptops has the most recent version of keys. It will work when I am offline (after I synced the keys). And there is also an android app that will let me look up the passwords from my phone and dropbox even when I am not at home.

And for the Windows and Mac folks, KeepassX is also available for your OS.

[2013-11-19] Are Google Talk messages signed

Lets say General of Wadiya wants to intercept every message and analyze it. When people start to encrypt them he is storing them so they could be decrypted later when a attack is found or the key is obtained somehow. The people of Wadiya now using OTR to communicate without a fear that anybody can prove that this certain conversation ever happened.

For those who don't know OTR. It is a protocol that encrypts the communication, both parties can be sure that nobody intercepts the unencrypted messages and or forging it. They don't sing the message so nobody can blackmail each other or proof that the other party sent the message. Even if some one somehow can encrypt the message, they can't proof that this was the message that was sent. They could have even manipulated it. Because of this, the message could not be used as a evidence in court.

Now Aladeen orders the Chatprovider to sign all messages so he can prove who talked to the opposition and put them in prison. Even if they use OTR the counter part of the communication could save the message an blackmail you, because with added signature he can prove that the message is not forged and send by you.

Thijs pointed out in his blog post that Google is doing just that. I couldn't believe it. So I installed pidgin and activated the XMPP console plug-in and saw it for my self. I couldn't find the signature when i used the new hangouts. But with an account from a friend who didn't switched yet there was a signature. I sent different strings and when I sent the first one again, I got the same signature again.

I don't know why Google is sining the messages, but this shows again to be careful what you say on the Internet. So just be careful what you write. It might be used against you some day.

[2013-11-17] git commandline completion

The git repo on github has a nice helper function for better tab completion for git. In case you type: git add TAB TAB you get a list of files that changed, or a new in your repo. If there is only one it will auto complete it. To install it copy the git-completion.bash to home folder, or use this code:

wget https://raw.github.com/git/git/master/contrib/completion/git-completion.bash \
-O ~/.git-completions.bash

To activate it and test if the completion works now as expected.

. ~/.git-completion.bash

To activate it automatically when you open a terminal.

echo ". ~/.git-completion.bash" >> "~/.bashrc"

[2013-11-17] remove transparent background from pngs with image magick

I created some business cards with inkscape and exported high resolution pngs. But every white spot on the card is transparent. Here is image magick command if you want to get rid of it without adding a white background layer or edit the file by hand with gimp.

convert card.png -flatten card-white.png

If you want to change multiple files in place, just use mogrify:

mogrify -flatten *.png

You can even chose the background color as text -background black or hex value -background "#333" or -background "#fefefe". You have to set the background before you flatten the image.

convert card.png -background "#aaa" -flatten card-gray.png

I found the solution to this problem on stackoverflow.

[2013-11-16] strip color codes with sed

sed -r "s:\x1B\[[0-9;]*[mK]::g" file

I found this solution on commandlinefu