DreamMount release 0.2: fix for timeout errors

Posted in DreamMount on April 18th, 2009 by edwin – 13 Comments

DreamMountDreamMount is a Mac OS X application that allows you to mount DreamHost domains or users to a networked filesystem, allowing you to access it using any application.

Release 0.1 contained a bug, resulting in time-out errors to many users. Version 0.2 fixes this, so download this new version from http://www.dreammount.com/.

Stay tuned, as I will be releasing another new version in the next few days. This 0.3 version will be updated to support additional features added to the DreamHost API during the last few days.

DreamMount release 0.1

Posted in DreamMount on April 13th, 2009 by edwin – 12 Comments

DreamMountDreamMount is a Mac OS X application that allows you to mount DreamHost domains or users to a networked filesystem, allowing you to access it using any application.

Download release 0.1 from http://www.dreammount.com/.

Screenshots


Note: the key in the first screenshot does not work (anymore). No need to try and hack my account :)

MCE Remote on a Mac – or: I want more buttons!

Posted in Tutorials on April 8th, 2009 by edwin – Comments Off

MCE Remote on a MacThis is a series on using an MCE Remote Control with a Mac.

While programs like Remote Buddy and Mira allow you to get much more from your apple remote, there is one drawback: it has only 6 buttons. This may work well for many people, and for applications specifically designed for it, but I just like to have much more control. As a recent switcher from a Windows desktop/media pc and FreeBSD/Unix server to a one-Mac-Mini-fits-all setup, I had one of those MCE remotes lying around, so that’s the one I wanted to use.

However, an intensive search on google and all sorts of forums did not help: as far as I know, the thing just isn’t supported. Using Remote Buddy or Mira I can use the eHome receiver delivered with my MCE Remote, but only with an Apple Remote and not the MCE Remote itself. Even looking at the Linux community did not help: while a port of the LIRC software is available in MacPorts it does not have any hardware support, but can only connect to a remote host. Having some good experience with running Windows and Linux as a virtual machine in Parallels Desktop I came to the following “solution” for my problem:

  • Take a small Linux distribution, and run it as a VM
  • Install LIRC and the needed linux kernel modules in this VM
  • Connect my USB eHome IR receiver to LIRC in this VM
  • Also install LIRC on the Mac natively and connect it to LIRC in the Linux VM
  • Convert the button presses on the Remote Control to keypresses on my Mac using a combination of LIRC software and AppleScript

It took quite a bit of digging, but in the end I got everything working and I am now controlling my VLC media player using an MCE remote control.

A few words of warning: this tutorial is not for people who:

  • Expect ready to use software with a graphical installer, neat configuration screens etc. All of this is basically a clever workaround, and it works well for me, but if the only thing you want is a way to reconfigure some buttons from your Apple remote, then Remote Buddy or Mira is the way to go.
  • Are afraid of using the Terminal. You do not need to be a UNIX guru to follow the steps in this tutorial, but if you do not know what the Terminal is within Mac OS X, you better look through some basic toturials first.

If you still want to proceed, read the following three articles for the nitty gritty instructions:
- Step 1: installing Finnix as a Parallels VM
- Step 2: installing LIRC in the Finnix VM
- Step 3: configuring LIRC in OS X

MCE Remote on a Mac – Step 3: configuring LIRC in OS X

Posted in Tutorials on April 8th, 2009 by edwin – 2 Comments

MCE Remote on a MacThis is part 3 in a series on using an MCE Remote Control with a Mac. See the:
- Main article
- Step 1: installing Finnix as a Parallels VM
- Step 2: installing LIRC in the Finnix VM

Installing LIRC using MacPorts

The LIRC client executables can be installed using MacPorts. We will use these executables to connect to the LIRC daemon in the Finnix VM.

First you need to install:

Then fire up a terminal, and execute the following commands in a Mac terminal to initialize your ports tree and install LIRC:
$ sudo port -v selfupdate
$ sudo port install lirc

While you are waiting for lirc to install, let’s already execute the next step: in order to connect to your virtual machine, you need to know the IP address used by it. Run the ifconfig command in your Finnix VM. The output looks someting like:
root@tty1:~# ifconfig eth0
eth0    Link encap:Ethernet HWaddr 00:1c:42:f0:e5:19
        inet addr:10.37.129.3 Bcast:10.37.129.255 Mask:255.255.255.0
        UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
        RX packets:813 errors:0 dropped:0 overruns:0 frame:0
        TX packets:145 errors:0 dropped:0 overruns:0 carrier:0
        collisions:0 txqueuelen:1000
        RX bytes:73804 (72.0 KiB) TX bytes:11687 (11.4 KiB)
        Interrupt:10 Base address:0x8200

The ip address you are looking for is the one after ‘inet addr:’ on the second line.

When lirc is installed, let’s connect to it by typing the following in your Mac terminal (and not the Finnix VM), obviously replacing the ip address with the one you found in the previous step:
# sudo lircd --connect 10.37.129.3
# sudo chmod 666 /opt/local/var/run/lircd

Now let’s test your setup by running ‘irw’ and pushing some buttons. Your terminal should look like:
# irw
000000037ff07bf2 00 Home mceusb
000000037ff07bf2 01 Home mceusb
000000037ff07bf2 02 Home mceusb
000000037ff07be9 00 Play mceusb
000000037ff07be0 00 Down mceusb

Congratulations! You are now receiving your MCE Remote events on your Mac. Read on for information on how to control an application with it.
read more »

MCE Remote on a Mac – Step 2: installing LIRC in the Finnix VM

Posted in Tutorials on April 8th, 2009 by edwin – Comments Off

MCE Remote on a MacThis is part 2 in a series on using an MCE Remote Control with a Mac. See the:
- Main article
- Step 1: installing Finnix as a Parallels VM
- Step 3: configuring LIRC in OS X

Configure and Reboot the VM

First we need to attach our IR receiver permanently to the Finnix VM.

  1. In the ‘Parallels Desktop’ menu, select the ‘Preferences’ option
  2. On the ‘USB’ page, click the ‘+’-sign at the bottom and select the ‘eHome Infrared Transceiver’ to connect to the ‘Finnix IR’ virtual machine. [screenshot]

Now here comes the tricky part: while you installed Finnix on the virtual hard disk, you need to reboot it from the original virtual CD. This is because the hard disk is read-only when you boot from it, thus you cannot make any configuration changes. You can boot from the LiveCD using the following instructions:

  1. In the configuration for the Finnix VM, select the ‘Boot Order’ page and check the ‘Select boot device on startup’ option. [screenshot]
  2. Then go to the ‘CD/DVD-ROM 1′ page, check the ‘Connected’ option and make sure the .iso file is still selected. [screenshot]
  3. Boot the VM and press the ‘Esc’ key. Then select option ‘3′ to boot from the live CD. [screenshot]
  4. To prevent the VM from booting from the hard disk (the livecd finds the installation in the hard disk before it’s own), select the first option and press the ‘Tab’ key. Add ‘root=/dev/hdb’ to the line and press ‘Enter’. [screenshot]

To check if you have correctly booted from the Live CD instead of the hard disk, use the following command:
mount -l | grep ramdisk
If the result starts with /ramdisk/dev/hdb then you were succesful. On the other hand if the result starts with /ramdisk/dev/hda1 then try again!

Read on for the gory details of LIRC installation.
read more »

MCE Remote on a Mac – Step 1: installing Finnix as a Parallels VM

Posted in Tutorials on April 8th, 2009 by edwin – 1 Comment

MCE Remote on a MacThis is part 1 in a series on using an MCE Remote Control with a Mac. See the:
- Main article
- Step 2: installing LIRC in the Finnix VM
- Step 3: configuring LIRC in OS X

Installation instructions

This part is about installing the Finnix Linux distribution so that it runs in a virtual machine (VM) on your Mac. This instruction assumes you have a copy of Parallels Desktop for Mac 4.0 installed (it should work fine with their 14 day evaluation version). Potentially a similar procedure can also be applied with VMware Fusion, or (if you want a free solution) with VirtualBox, but I have not tried it. Let me know if you succeed!

Now here are the instructions. Install Finnix in Parallels Desktop using the following 12 steps:

  1. Open the “File” menu for Parallels Desktop and choose the “New Virtual Machine…” option. A wizard will appear. Click “Continue” in the first screen.
  2. Select the .iso image file you downloaded from the Finnix site.
  3. Parallels cannot auto-detect the operating system type. Finnix is a Debian derivative, so let’s enter that.
  4. Choose a “Custom” virtual machine type.
  5. Leave the number of CPU’s to 1. Set the memory requirement to 512 MB, if it’s not already set to that value. Later on we’ll decrease this value much further (48 MB is enough), but for lirc installation a big ramdisk is needed.
  6. We’ll need a new image for the hard disk.
  7. A mere 1 gigabyte should be enough. Using the “Expanding disk” option saves even more space.
  8. Use “Share Networking”. Later on networking can be confined to “Host-Only Networking”, but for now we need the connectivity to install software.
  9. We do not want the VM to drain too much resources, so we optimize the performance for the Mac
  10. Use any name you like. I use “Finnix IR”.
  11. Click “Start” to boot the Finnix Live CD.
  12. Choose the first line (x86) instead of the default (AMD64). You could boot in AMD64 mode just fine, but there are some problems with the lirc kernel modules in 64 bit mode.

After a little while you’ll be presented with a booted up Finnix. Congratulations!

Read on for the screenshots and for installation on the virtual hard disk.
read more »

Mac Mini early 2009 and your old TV

Posted in Miscellaneous on April 7th, 2009 by edwin – Comments Off

TVNot having jumped on the LCD or Plasma bandwagon, I still have a fine three year old CRT television in my living room. When I recently bought a Mac Mini (early 2009 edition), I could not get it to show any output on my TV. According to the Apple support tech: the newest Mac Mini’s do not support this combination anymore. As my previous PC was a Windows machine, I tried to Bootcamp in XP and try there, but even then I could not get it to work. I guess it’s the combination of the new GeForce 9400 graphics and the Mini-DVI to Video connector Apple sells.

Plasma and LCD TV’s usually have a DVI or HDMI input. However CRT TV’s usually only have S-Video or Composite inputs, which is a problem as the official connector does not work. However I found a solution by buying a special device that converts any VGA signal to S-Video, Composite or RGB. It’s the Konig PCTV adapter, and works like a charm:

  • Resolutions up to 1280×1024. Even though a CRT TV does not support resolutions like this, this is important if you want to run your TV in mirrored display mode with a normal computer monitor.
  • Outputs S-Video, Composite, RGB or YCbCr
  • PAL or NTSC
  • On Screen Display (OSD) to change various settings
  • It even has a remote control!

Found this device for €59 online, and had to buy a €19 Mini-DVI to VGA adapter from Apple. Way cheaper in any case than buying a new TV :)

Old stuff: Using PGP with an USB smartcard token

Posted in Tutorials on April 1st, 2009 by edwin – 2 Comments

epass-pgp-120x120Note: this is a re-post of an old tutorial I did in 2004. I currently do not use this set-up anymore, but am saving it here for posterity

This document details how to use PGP on Windows with a USB smartcard token, specifically the ePass2000 network token.

The token used for this tutorial was kindly provided by OpenFortress, a technology provider specialized in applications of digital signatures.

Why?

The token makes it much easier for the user: no need to remember long passphrases. Just put the token into an USB slot and type in a small pincode of 4 to 8 characters. By making it easier for the user, security is improved: people will not need to write down their passphrases or use very short and insecure passwords.

The same token can be used for multiple applications. There is enough memory on the smartcard to store multiple keys and due to the standard pkcs#11 and microsoft cryptoapi interfaces almost any application supporting smartcards works just fine with the ePass2000. Examples for desktops are: logging on to a Windows Domain Server (supported by Windows 2000, XP and 2003), and from OpenFortress a solutionfor SSH logins (a Linux version is finished, a Windows prototype is available).

Why not?

If you lose or damage your token: you lose your private key and any data encrypted to it. Because the key is generated inside the token and cannot leave it, it is not possible to make a backup of the private key.

Also, the token only supports 1024 bit RSA, which according to some is inadequate. Tokens supporting 2048 bits are however already entering the market. And in any case, a 1024 bit Verisign RSA root key still secures online banking for millions of people, so why worry?

How does it work?

In short, the USB token internally is a combination of a smartcard reader and a smartcard in one package, which can be connected to a USB port. An application can then talk to the smartcard and ask it to do some cryptographic operation, like signing or decrypting some data. Of course the token will only execute this operation when supplied with the correct pin code.

When a keypair is generated on the token, the private key never leaves the token. Therefore, all private key operations need to be done by the token itself.

For efficiency reasons, PGP (as any other application using public key cryptography) does not encrypt or sign all data with a public key primitive. For encryption, all data is encrypted to a secret random symmetric key. This symmetric key is then encrypted to a public key. For decryption, PGP just sends the encrypted symmetric key to the token for decryption and after retrieving the secret symmetric key, all data is decrypted without using the token. That way, even if the encrypted file is for example one gigabyte in size, only a few hundred bytes are exchanged on the relatively slow usb link, while still maintaining the same security. For signatures a similar procedure is used: the signature is done over a hash or message digest of the full message

PGP on a token

In the final section of this document, we will detail how to configure PGP for token usage.
read more »