Dec 05

How to build Openssl from source

Recently we had to install openssl but for the 32-bit platform. This is how I did it.

tar zxvf openssl-0.9.8x.tar.gz
setarch i386 ./config -m32 shared
make clean; make install

In general though for anything that you need to build the following command will work:
./configure && make && sudo make install

Nov 19

Chef change attributes node level Java cookbook

How do you change the attributes at the node level.  I just went through this recently with some Scala servers that required Oracle Java 7.  The defaults for the Java cookbook at the marketplace: are openJDK 6.  To replace them you need to:

knife node edit <NODE_NAME>

In the editor that pops up add the java section under normal.  In the precidence order normal will overwrite the attributes in the java file.

"name": "AWSSERVER-UE1T",
"chef_environment": "TEST",
"normal": {
"java": {
"install_flavor": "oracle",
"jdk_version": "7",
"oracle": {
"accept_oracle_download_terms": true
"set_fqdn": "",
"agency": "VIV",
"tags": [

"run_list": [

Now with that said after running chef-client locally on the server it didn’t pickup the changes.  But you will see the change in the json attributes on the chef server.

Amazon has a good atricle on overriding attributes here:

Oct 31

For your Halloween – Alfred Hichcock’s Ghost Stories

One of the best records I ever owned.  I nearly wore it out as a kid.  Finally a girlfriend took it from me when I was in college damn it!  But fun stories even now.

Oct 24

Interesting Conspiracy Movie from 2012 – ‘111’

Found an interesting short that tries to bring a bunch of conspiracy theory’s together and …  Well you be the judge.

Oct 22

gpg command line

First create a key:

gpg --gen-key

For generation I use the default of RSA and RSA, and I use 4096 bits, and i usually let the keys live for 1y.

Create a Revocation Certificate so you can Revoke you key on a keyserver

gpg --gen-revoke --armor --output=GPGRevocationCertificate.asc your@email.address

Create your ASCII public key so other people can encrypt to you.

gpg --armor --output pubkey.txt --export 'Your Name'
Post it to a key server
gpg --send-keys 'Your Name' --keyserver

To encrypt you need to add your self as a recipiant.

gpg --encrypt --recipient 'Your Name' secret.txt

To decrypt a file.

gpg --output secret.txt --decrypt secret.txt.gpg

If you want to add a user to your keyring.

gpg --import key.asc

Oct 21

Unix flush or refresh DNS cache

For Red Hat systems the command is
service nscd restart
For Debian systems its
/etc/init.d/nscd restart

Jun 27

Putty is the worst ssh client ever!

Putty can’t remember the last IP address you used. It can’t remember anything. the buffer is horrendously low. adding a ssh key should be straight forward. remembering your fucking login ID should be straight forward. remembering the fucking keys!  Even the location of the keys?  changing the color scheme should be easy, and able to handle it on the fly.  Tabs, for Christ’s sake fucking tabs.  Copy and Paste shouldn’t fill up the fucking history!  If you copy don’t paste it!!!!!!!!!!!!!!!  Oh you have to convert pem keys to a native format.

After that little rant I’ve found a replacement, and it does everything that putty can’t – mobaXterm:

Jun 19

chroot sftp in AWS with likewise / pbis 7.5+

Oh the humanity!  Configuring chrooted sftp always seems like a chore when you combine it with an out side authentication like winbind or pbis (Power Broker Identity Services).

So configuring /etc/ssh/sshd_config is straight forward.  All you need to change is:


But I kept seeing errors in /var/log/secure that said denied access because they are not in the ‘require membership of’ list and [lsass-pam] [module:pam_lsass]pam_sm_authenticate error [login:domain.local\user][error code:40158]

Finally figured out that you can adjust this so that they are allowed performing the following commands (need to be root or have sudo access):

/opt/pbis/bin/config --list

/opt/pbis/bin/config --details RequireMembershipOf

/opt/pbis/bin/config RequireMembershipOf "domain.local\\account1" "domain.local\\user2"

Just don’t change something major like

sudo /opt/pbis/bin/config AssumeDefaultDomain true

That will just lock you out.


May 30

Amazing Film on Alien Reproduction Vehicle and ZPE

Update Aug 25th 2015

Looks like James Gladman has released the full HD version of the movie on Vimeo.  I’d recommend that you go view his instead of the one below:


What’s interesting is that the director and writer (James Allen Higgins) of this film appears to have been poisoned to death.  It was discussed on Coast to Coast Mar, 2nd 2014 in the first hour of the show.  20:50 is where the speaker starts talking about him.


Just press play, it will start

Addendum from posted 10/5/2014

This video will be out on the usual VOD outlets in the next (hopefully) couple of months. The filmmaker died under mysterious circumstances. The person who took care of the filmmaker in his last months of life also funded a great deal of the film, paid for the filmmaker’s end-of-life expenses, his autopsy and blood work, which determined he had 10 to 50 times the ‘maximum acceptable’ amount of 12 heavy metals and raidioisotopes. He is making sure that the film gets out to the major public for two reasons: To ensure the film is seen by a wider audience than ‘the already converted’, and to hopefully recoup some of the $12,000.00 he spent on the filmmaker’s funeral expenses, autopsy, etc. as well as the expenses of being executor of his estate. He is also adding additional material for the film regarding the filmmaker.

Please be patient, the process of distributing a film is time-consuming and requires a lot of legal process for clearance, production. You won’t be disappointed!

It would be much easier to ‘make it free on youtube’, but this is not what the filmmaker wanted. He wanted it to have a higher profile. Not for money, to be sure. He wanted it to be as high-profile as possible in order to awaken as many people to these ideas.


Here is the toxicology report:


Another interesting film


May 16

s3fs install on CentOS AmazonEC2

In an attempt to determine the feasibility of creating an FTP server that is FUSe backed using S3 amazon storage I ran into issues of package dependence.  This is the list of packages I had to install:

sudo yum install curl-devel automake fuse fuse-devel libcurl-devel gcc-c++ openssl-devel libxml2-devel gcc

After that the readme at got me throught the rest.

Also the Wiki page is at:

A word of caution, it’s slow, and if you have a S3 directory or bucket your mounting to that has hundreds to thousands of files it’s even worse because it tries to retrieve that list and it takes patience. For FTP it’s not something I’d recommend.

Older posts «

» Newer posts

Close Bitnami banner