I go to conferences and meetups quite a lot, and one thing I always encounter on those trips, is bad wifi or internet access. The “public” networks made available to visitors often limit network access to http(s) and e-mail. This means for instance that I can’t use my XMPP/Jabber chat. A second problem with those networks is that my e-mail provider blocks e-mail access because they think I’m in an unknown location and I’m an intruder. The third problem is that there often are other people snooping around on the network trying to see what they can intercept. This is how I solve those problems for myself:

I use TorBrowser to set up a connection to the Tor network. This works on those limited networks, because Tor can connect over http(s). Tor also starts a SOCKS5 proxy on port 9150 on my computer (it does that by default), which I can use to tunnel traffic trough the Tor network. This would already solve most of my problems, except that my email provider doesn’t trust Tor, and won’t let me connect over the Tor network. We need to go deeper.

Another solution would be to use SSH with its -D option to setup a connection to my VPS (which my email provider trusts) and again, make a SOCKS5 proxy available to my local system to connect to the internet over that SSH connection. That, however, doesn’t work because those public wifi networks don’t allow SSH connections. Let’s combine this with the TorBrowser step: I setup SSH to use the proxy that TorBrowser started by putting this in my ~/.ssh/config file:

ProxyCommand /usr/bin/nc -x 127.0.0.1:9150 %h %p

Then, I use ssh over that proxy and let it expose another proxy, to which I can connect my email client:

ssh -D 9999 user@server

Now I can make all my apps (e-mail, XMPP/Jabber, etc…) use the SOCKS5 proxy on port 9999 to connect to the internet. They will appear to connect from my VPS, but actually, they’re going over SSH, which runs over Tor. It’s tricky, but it fixes my problem!

Enjoy it!

Advertisements

I recently changed jobs, and I thought it would be a time-saver in the future if i’d write down some quick instructions to setup my mac.

first step: install a decent browser

I use firefox. At the same time i installed some of my favorite plugins: Vimperator, JSONView, HTTPS Everywhere, Privacy Badger, Ghostery, Disconnect, Adblock Plus

install a decent terminal

I use iTerm2 all the time, it’s epic. Don’t forget to set the fullscreen mode to classic.

With a decent terminal in place, let’s get some of the things we need:

Install Homebrew
Run these commands to install some basic tools:
brew update
brew install ack chicken cowsay ctags ffmpeg git gpg guile newsbeuter node pandoc pass screen sl stow the_silver_searcher tig trash tree vim wget z

install dot files

Clone dot files from dotfiles repo on bitbucket and install them using stow.

install virtualbox & vagrant

Install virtualbox & vagrant

configure some stuff

  • mails
  • git
  • dropbox?

That’s about it, set up in 1 hour!

As you all know, Scheme is epic, and guile is a really nice environment for scheme programming. What bothered me for some time was that the REPL (read-eval-print-loop) lacked readline support. After some digging around in the official guile documentation I found a really simpel way to activate it. Guile is actually compiled with readline support, you just have to enable it manually due to licencing problems.

just issue these commands at the REPL:
(use-modules (ice-9 readline))
(activate-readline)

I’ve gone one step further, and created a .guile config file in my home directory, containing those two lines. That enables readline automatically, every time i start the REPL. Nice!

Toon

IMAP email debugging

November 21, 2013

Isn’t it a problem when you have to debug a problem with emails in an existing project? You never know if they are sent and to whom? I just found out that python has an awesome IMAP debugger built in! Just set your project to use these email settings:

IMAP host: localhost
IMAP port: 1025
IMAP user: {leave empty}
IMAP password: {leave empty}

Then you run this in your terminal:

python -m smtpd -n -c DebuggingServer localhost:1025

You’ll now see every mail that’s sent from your application displayed in your terminal!

That’s it… Have fun debugging

1. Check your screen name

Open a terminal and type this command:
xrandr

You’ll get a list of available screen sizes, along with the name of your screen. In my case, that’s default.

2. Run xrandr as an OpenBox startup command

Open the ~/.config/openbox/autostart file, and add this line:
xrandr --output {screen name} --mode {window size} &

e.g.:
xrandr --output default --mode 1280x800 &

That’s it! OpenBox will now use your desired screen resolution at startup.

I recently discovered the awesome GNU Stow application (works on unix-like systems like GNU/Linux or Mac OSX). Stow is a symlink manager, that allows you to easily deploy and remove files to or from a directory.

Setup

Let’s say you have some configuration files in your home directory (eg: .bashrc, .vimrc and a config directory .vim) and you want to have them in git to be able to track your changes and such. It’s not a really good idea to make your whole home directory a git repo. That’s where Stow comes in. Just create a configuration directory, for instance ‘dotfiles’, and create a subdirectory for every app you have configs for. Then place the appropriate files into the right subdirectory, like this:

/home
    /{user}
        /dotfiles
            /vim
                .vimrc
                /.vim
                    ...
            /bash
                .bashrc

You can now make the dotfiles directory a git repository, and keep your dotfiles safe in git. But they’re not yet in the right place, so we’ll ask our symlink manager to fix that for us.

Create symlinks

  1. cd to the dotfiles directory
  2. You can make Stow symlink the files to your homedir like so:
    stow {package}
    where you replace {package} with the name of the subdirectory you created earlier.
  3. If you now want to remove a certain package’s config files, just do this:
    stow --delete {package}

How to install Stow

On Mac OSX

Use Homebrew:
brew install stow

On GNU/Linux

Install stow using your favorite package manager, e.g.:
apt-get install stow

That’s it!

Important

  • This procedure assumes that you’re running a debian based OS, on your local machine. It might work from MacOSX too, possibly using Homebrew to install Privoxy, and from Windows, using the .exe installer for Privoxy and a *nix-like terminal like Mingw or Git Bash.
  • The server OS needs to be unix based for this to work, and you’ll need root access over SSH.
  • We will not have to install anything on the server.

How this works

To allow the server to access the internet, we’ll tunnel the server’s internet traffic through our local computer. To do this, we’ll need to run a simple proxy on our own computer. This proxy usually listens only for local connections. We’ll then port-forward the local port to a port on the server. From the server’s point of view, it then looks as if a proxy server is available on a local port. We can then tunnel certain server’s application’s traffic through that proxy.

Setting up the proxy over SSH

Install Privoxy proxy server and run it

On your local machine
sudo apt-get install privoxy
sudo service restart privoxy

Privoxy should now be running and accepting connections from localhost only, on port 8118.

Log in to the server over ssh and port-forward the privoxy port (8118) over that connection

ssh -R 8118:localhost:8118 root@{server}
This makes the server open port 8118 for connections, which will be forwarded to port 8118 on your local machine, on which privoxy will be listening. Privoxy will then handle the request.

Forwarding traffic over the Proxy

APT

Create or edit the /etc/apt/apt.conf file to set proxy settings for APT
On the server:
vim /etc/apt/apt.conf

Insert this line:
Acquire::http::Proxy "http://127.0.0.1:8118";

At this point, apt will work over the proxy.

The problem now is that we can’t resolve DNS requests over the proxy (We can’t use a SOCKS5 proxy because apt doesn’t work with SOCKS5 out of the box). To solve that problem we’ll edit the /etc/hosts file to contain the repository record.
On the server:
vim /etc/hosts

Insert this line (replace the x’s with the actual ip):
{xx.xx.xx.xx} archive.debian.org

If you don’t know how to get the ip address for archive.debian.org
On your local machine:
nslookup archive.debian.org

Now you should be able to use apt to update or install packages.
Example:
apt-get install git

Other programs

If you want to use the proxy for other programs on the server, like wget or git use this:
http_proxy=127.0.0.1:8118 {command}

This way you’re setting the proxy as an environment variable, while running the command {command}. Most (well-written) command line software will use that variable, but sometimes this won’t work.

Example:
http_proxy=127.0.0.1:8118 wget github.com

That’s it!