Wednesday, December 17, 2008

writing excel from php & reading

this PEAR library is great for generating .XLS... many features...

http://pear.php.net/manual/en/package.fileformats.spreadsheet-excel-writer.php

to read .XLS, I use a library I downloaded somewhere, please ask me if you are interested

ming

ming is a great thing if you want to generate Flash from PHP (4 or 5)

Thursday, December 4, 2008

adding script to linux boot using chkconfig

this is a really great feature of chkconfig

one has just add two lines to the script:

Using this script, Oracle 8 can be started with the “start” argument and terminated with the “stop” argument. This meets the minimum requirements of an initscript that can be used in conjunction with the launch script /etc/rc.d/rc.

Place the script in /etc/rc.d/init.d and run (as root)

chmod +x /etc/rc.d/init.d/oracle

to make the script executable. If you are concerned about normal users seeing the script, you could try more restrictive file permissions, as long as the script is executable by root as a standalone script.

Notice the two comments lines in the script:

#chkconfig: 2345 80 05
#description: Oracle 8 Server

then execute command: chkconfig --add oracle

this was taken from: http://www.linuxjournal.com/article/4445


just great !

bandwidth shaper

this is a good piece of work, that 'shapes' the bandwidth, for it not to be clogged with many requests...

it seems to really improve TCP/IP experience...

http://lartc.org/wondershaper/

Tuesday, November 18, 2008

export tables as html foxpro

mmm while i was foxpro programming, i wanted to export some tables as HTML... here is a quick and dirty way to do it...

http://support.microsoft.com/default.aspx?scid=KB;EN-US;192302 :

      * Generate HTML from a table without using it.
DO (_GENHTML) WITH "EXAMPLEA",HOME(2)+"DATA\CUSTOMER.DBF"
* Use the Employee table to generate from an alias.
USE HOME(2)+"DATA\EMPLOYEE" IN 0 ALIAS EMPL
* Generate HTML from an alias.
DO (_GENHTML) WITH "EXAMPLEB",'EMPL'
CLOSE ALL

Sunday, November 9, 2008

Styling Excel cells with mso-number-format

Styling Excel cells with mso-number-format
mso-number-format:"0"NO Decimals
mso-number-format:"0\.000"3 Decimals
mso-number-format:"\#\,\#\#0\.000"Comma with 3 dec
mso-number-format:"mm\/dd\/yy"Date7
mso-number-format:"mmmm\ d\,\ yyyy"Date9
mso-number-format:"m\/d\/yy\ h\:mm\ AM\/PM"D -T AMPM
mso-number-format:"Short Date"01/03/1998
mso-number-format:"Medium Date"01-mar-98
mso-number-format:"d\-mmm\-yyyy"01-mar-1998
mso-number-format:"Short Time"5:16
mso-number-format:"Medium Time"5:16 am
mso-number-format:"Long Time"5:16:21:00
mso-number-format:"Percent"Percent - two decimals
mso-number-format:"0%"Percent - no decimals
mso-number-format:"0\.E+00"Scientific Notation
mso-number-format:"\@"Text
mso-number-format:"\#\ ???\/???"Fractions - up to 3 digits (312/943)
mso-number-format:"\0022£\0022\#\,\#\#0\.00"£12.76
mso-number-format:"\#\,\#\#0\.00_ \;\[Red\]\-\#\,\#\#0\.00\ "

2 decimals, negative numbers in red and signed
(1.56 -1.56)

Friday, October 17, 2008

this page was very helpful when i needed to reset root's password on my mysql server. 

IMPORTANT:
  • in the following instructions (the ones in the link here) I changed the command mysqld for "mysql_safe ... &"


remember:
  • to see running processes on the system type "ps ax | grep process_name", where process_ name can be something like "mysql". for example:
# ps ax|grep pgsql
 1681 ?        S      0:05 /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data
17251 pts/1    R+     0:00 grep pgsql
  • to kill a process in linux, you can type "kill 1681", where 1681 is the process id
  • sometimes i don't know why, this process isn't killed, so I do "kill -9 1681", and that effectively kills the process...


To reset a root password that you forgot (using paths on our system): 

[root@host root]#killall mysqld [root@host root]#/usr/libexec/mysqld -Sg --user=root & 

You may have better luck with: 

mysqld_safe --skip-grant-tables --user=root & 

Go back into MySQL with the client: 

[root@host root]# mysql Welcome to the MySQL monitor.  Commands end with ; or g. Your MySQL connection id is 1 to server version: 3.23.41 Type 'help;' or 'h' for help. Type 'c' to clear the buffer. mysql> USE mysql Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> UPDATE user -> SET password=password("newpassword") -> WHERE user="root"; Query OK, 2 rows affected (0.04 sec) Rows matched: 2  Changed: 2  Warnings: 0 mysql> flush privileges; Query OK, 0 rows affected (0.01 sec) mysql> exit; [root@host root]#killall mysqld 

Start MySQL the normal way for your system, and all is good. For Red Hat this is: 

/etc/init.d/mysqld start

Wednesday, September 24, 2008

sustituir cadenas strings dentro de archivo

se puede usar el comando

perl -p -i.bak -e "s/old_string/newstring/g" archivo


este comando ejecuta la sustitución (s/) en todo el documento (/g) por expresiones regulares especificada entre comillas dobles (") (-e)

hace un backup del archivo original con extension ".bak" (-i)

además se puede unir este comando con FIND,

find . | xargs perl -p -i.old -e 's/oldstring/newstring/g', aunque no funciona tan bien, puesto que crea un backup para toooodos los archivos y no solo para los que son sustituidos... hay que arreglar ese comando...


tomado de: http://www.linux.com/feature/52709

Friday, September 12, 2008

directorios en linux

encontré un articulo interesante sobre los dintintos directorio "estándar" en una instalacion linux..

aqui va un extracto de: http://linuxhelp.blogspot.com/2007/03/what-does-etc-stands-for-in-linuxunix.html

If you look at the Linux file hierarchy, you find the following :
  • /bin - common binaries
  • /sbin - Binaries used for system administration are placed here.
  • /boot - static files of the boot loader. Usually it contain the Linux kernel, Grub boot loader files and so on.
  • /dev - device files such as your CD drive, hard disk, and any other physical device. (In Linux/Unix, the common premise is that everything is a file).
  • /home - user home directories are found here. In unices like FreeBSD, the home directories are found in /usr/home. And in Solaris it is in /export. So quite a big difference here.
  • /lib - Essential shared libraries and kernel modules
  • /mnt - temporary mount point useful for when you insert your USB stick and it gets mounted under /mnt. Though in Ubuntu and the likes, it is usually mounted under /media.
  • /var - variable data, such as logs, news, mail spool files and so on which is constantly being modified by various programs running on your system.
  • /tmp - temporary files are placed here by default.
  • /usr - the secondary hierarchy which contain its own bin and sbin sub-directories.
  • /etc - Usually contain the configuration files for all the programs that run on your Linux/Unix system.
  • /opt - Third party application packages which does not conform to the standard Linux file hierarchy can be installed here.
  • /srv - Contains data for services provided by the system.
And of course there is the /proc directory which does not actually reside on the disk.

Thursday, September 11, 2008

ejecutando comandos de postgreSQL desde el shell

necesitaba ejecutar comandos varios de postgres, desde el shell

se puede hacer con la opción "-c"

ej.: psql -c "select * from foo" -U

útil para renombrar bdd desde el shell, por ejemplo

ejecutar comandos via ssh

se puede hacer

si se ha hecho lo de los public keys, y de ingresar a un servidor remoto via ssh sin introducir clave, se pueden ejecutar comandos en otro servidor mediante el comando:

ssh www.servidor.com COMANDO_en_servidor_remoto

para ejecutar un script:
cat /some/script | ssh user@server "cat > /tmp/script ; chmod 755 /tmp/script ; /tmp/script --arguments"

tomado de: http://wpkg.org/Executing_local_programs_and_scripts_remotely

yum install error

instalando
yum install php-xml, me dio este error:

Error: Missing Dependency: php-common = 5.2.4-3 is needed by package php-xml

y en otro servidor:
...
php-xmlrpc-5.2.5-7.fc9.i386 from fedora has depsolving problems
--> Missing Dependency: php-common = 5.2.5-7.fc9 is needed by package php-xmlrpc-5.2.5-7.fc9.i386 (fedora)
Error: Missing Dependency: php-common = 5.2.5-7.fc9 is needed by package php-xmlrpc-5.2.5-7.fc9.i386 (fedora)



resolvi haciendo:
yum erase php common
yum install php-xml
yum install -y pgfouine php php-cli php-mysql php-pdo php-pgsql (o sea, todos los paquetes que desinstalo el php-common)

aqui la copia del shell:

# yum install php-xml
fedora | 2.1 kB 00:00
updates | 2.6 kB 00:00
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package php-xml.i386 0:5.2.4-3 set to be updated
--> Processing Dependency: libexslt.so.0 for package: php-xml
--> Processing Dependency: php-common = 5.2.4-3 for package: php-xml
--> Processing Dependency: libxslt.so.1 for package: php-xml
--> Running transaction check
---> Package libxslt.i386 0:1.1.22-1.fc8 set to be updated
---> Package php-xml.i386 0:5.2.4-3 set to be updated
--> Processing Dependency: php-common = 5.2.4-3 for package: php-xml
--> Finished Dependency Resolution
Error: Missing Dependency: php-common = 5.2.4-3 is needed by package php-xml
[root@216-55-156-207 ~]# yum erase php-common
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package php-common.i386 0:5.2.6-2.fc8 set to be erased
--> Processing Dependency: php-common = 5.2.6-2.fc8 for package: php-pdo
--> Processing Dependency: php-common = 5.2.6-2.fc8 for package: php-cli
--> Processing Dependency: php-common = 5.2.6-2.fc8 for package: php-mysql
--> Processing Dependency: php-common = 5.2.6-2.fc8 for package: php-pgsql
--> Processing Dependency: php-common = 5.2.6-2.fc8 for package: php
--> Running transaction check
---> Package php-cli.i386 0:5.2.6-2.fc8 set to be erased
---> Package php-mysql.i386 0:5.2.6-2.fc8 set to be erased
---> Package php.i386 0:5.2.6-2.fc8 set to be erased
---> Package php-pgsql.i386 0:5.2.6-2.fc8 set to be erased
---> Package php-pdo.i386 0:5.2.6-2.fc8 set to be erased
--> Processing Dependency: /usr/bin/php for package: pgfouine
--> Restarting Dependency Resolution with new changes.
--> Running transaction check
---> Package pgfouine.noarch 0:1.0-2.fc8 set to be erased
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Removing:
php-common i386 5.2.6-2.fc8 installed 616 k
Removing for dependencies:
pgfouine noarch 1.0-2.fc8 installed 985 k
php i386 5.2.6-2.fc8 installed 3.1 M
php-cli i386 5.2.6-2.fc8 installed 6.0 M
php-mysql i386 5.2.6-2.fc8 installed 172 k
php-pdo i386 5.2.6-2.fc8 installed 108 k
php-pgsql i386 5.2.6-2.fc8 installed 125 k

Transaction Summary
=============================================================================
Install 0 Package(s)
Update 0 Package(s)
Remove 7 Package(s)

Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Erasing : php-cli ######################### [1/7]
Erasing : php-mysql ######################### [2/7]
Erasing : php ######################### [3/7]
Erasing : php-pgsql ######################### [4/7]
Erasing : php-pdo ######################### [5/7]
Erasing : php-common ######################### [6/7]
warning: /etc/php.ini saved as /etc/php.ini.rpmsave
Erasing : pgfouine ######################### [7/7]

Removed: php-common.i386 0:5.2.6-2.fc8
Dependency Removed: pgfouine.noarch 0:1.0-2.fc8 php.i386 0:5.2.6-2.fc8 php-cli.i 386 0:5.2.6-2.fc8 php-mysql.i386 0:5.2.6-2.fc8 php-pdo.i386 0:5.2.6-2.fc8 php-pg sql.i386 0:5.2.6-2.fc8
Complete!
[root@216-55-156-207 ~]# yum install php-xml
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package php-xml.i386 0:5.2.4-3 set to be updated
--> Processing Dependency: libexslt.so.0 for package: php-xml
--> Processing Dependency: php-common = 5.2.4-3 for package: php-xml
--> Processing Dependency: libxslt.so.1 for package: php-xml
--> Running transaction check
---> Package libxslt.i386 0:1.1.22-1.fc8 set to be updated
---> Package php-common.i386 0:5.2.4-3 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
php-xml i386 5.2.4-3 fedora 94 k
Installing for dependencies:
libxslt i386 1.1.22-1.fc8 fedora 522 k
php-common i386 5.2.4-3 fedora 221 k

Transaction Summary
=============================================================================
Install 3 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 836 k
Is this ok [y/N]: y
Downloading Packages:
(1/3): php-xml-5.2.4-3.i386.rpm | 94 kB 00:00
(2/3): php-common-5.2.4-3.i386.rpm | 221 kB 00:00
(3/3): libxslt-1.1.22-1.fc8.i386.rpm | 522 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: php-common ######################### [1/3]
Installing: libxslt ######################### [2/3]
Installing: php-xml ######################### [3/3]

Installed: php-xml.i386 0:5.2.4-3
Dependency Installed: libxslt.i386 0:1.1.22-1.fc8 php-common.i386 0:5.2.4-3
Complete!
[root@216-55-156-207 ~]# yum install -y pgfouine php php-cli php-mysql php-pdo php-pgsql
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package php-mysql.i386 0:5.2.4-3 set to be updated
---> Package php.i386 0:5.2.4-3 set to be updated
---> Package php-cli.i386 0:5.2.4-3 set to be updated
---> Package php-pdo.i386 0:5.2.4-3 set to be updated
---> Package php-pgsql.i386 0:5.2.4-3 set to be updated
---> Package pgfouine.noarch 0:1.0-2.fc8 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
pgfouine noarch 1.0-2.fc8 fedora 251 k
php i386 5.2.4-3 fedora 1.3 M
php-mysql i386 5.2.4-3 fedora 80 k
php-pgsql i386 5.2.4-3 fedora 64 k
Installing for dependencies:
php-cli i386 5.2.4-3 fedora 2.5 M
php-pdo i386 5.2.4-3 fedora 60 k

Transaction Summary
=============================================================================
Install 6 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 4.2 M
Downloading Packages:
(1/6): pgfouine-1.0-2.fc8.noarch.rpm | 251 kB 00:00
(2/6): php-pgsql-5.2.4-3.i386.rpm | 64 kB 00:00
(3/6): php-pdo-5.2.4-3.i386.rpm | 60 kB 00:00
(4/6): php-cli-5.2.4-3.i386.rpm | 2.5 MB 00:04
(5/6): php-5.2.4-3.i386.rpm | 1.3 MB 00:02
(6/6): php-mysql-5.2.4-3.i386.rpm | 80 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: php-pdo ######################### [1/6]
Installing: php-cli ######################### [2/6]
Installing: php-mysql ######################### [3/6]
Installing: php ######################### [4/6]
Installing: php-pgsql ######################### [5/6]
Installing: pgfouine ######################### [6/6]

Installed: pgfouine.noarch 0:1.0-2.fc8 php.i386 0:5.2.4-3 php-mysql.i386 0:5.2.4-3 php-pgsql.i386 0:5.2.4-3
Dependency Installed: php-cli.i386 0:5.2.4-3 php-pdo.i386 0:5.2.4-3
Complete!

instalar rpm

siempre olvido como instalar a partir de un rpm,

tomado de: http://www.ozzu.com/unix-linux-forum/how-install-rpm-files-linux-t32377.html

Install a package
rpm –ivh packagename
upgrade a package
rpm –Uvh packagename

create a tar file
tar –cvf myfiles.tar mydir/
(add z if you are dealing with or creating .tgz (.tar.gz) files)

standard install from source
tar –xvzf Apackage.tar.gz
cd Apackage
./configure
make
make install

float:left div

a veces usamos float:left en los divs, para comenzar en una nueva linea se puede usar el comando "style:clear:left"

tomado de: http://www.webmasterworld.com/forum83/4671.htm

sudo

aqui va el archivo sudoers, que sirve para un usuario común pueda realizar labores que requieren permisología especial, el famoso comando "sudo"

tomado de: http://www.go2linux.org/sudoers-how-to

Do not edit directly the file

To edit it, use the command

visudo

You will see a file more or less like this.

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL) ALL

As you can see there is basically one line

root ALL=(ALL) ALL

This lines means that the user root can execute from ALL terminals, acting as ALL (any) users, and run ALL (any) command.

So the first part is the user, the second is the terminal from where the user can use sudo, the third is as which user he may act, and the last one, is which commands he may run.

Let's see some other examples.

operator ALL= /sbin/poweroff

This makes that users operator can from any terminal, run the command poweroff.

You can also create aliases for: users -> User_Alias, run comands as other users -> Runas_Alias, host -> Host_Alias and command-> Cmnd_Alias

These are some examples:

User_Alias OPERATORS = joe, mike, jude
Runas_Alias OP = root, operator
Host_Alias OFNET = 10.1.2.0/255.255.255.0
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm

As you can see the alias OPERATORS includes the users joe, mike and jude, the alias OP includes the users root and operator, alias OFNET includes the network 10.1.2.0 (all the C class), and the command alias PRINTING includes the commands lpc and lprm.

So a typical sudoers file may look like this.

 User_Alias     OPERATORS = joe, mike, jude
Runas_Alias OP = root, operator
Host_Alias OFNET = 10.1.2.0/255.255.255.0
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm

OPERATORS ALL=ALL

#The users in the OPERATORS group can run any command from any terminal.

linus ALL=(OP) ALL

# The user linus can run any command from any terminal as any user in the OP group (root or operator).

user2 OFNET=(ALL) ALL

# user user2 may run any command from any machine in the OFNET network, as any user.

user3 ALL= PRINTING

# user user3 may run lpc and lprm from any machine.

go2linux ALL=(ALL) ALL

# user go2linux may run any command from any machine acting as any user. (like Ubuntu)

You may want to read sudoers man page

accesar un servidor via ssh sin tener que introducir la clave

estos son los pasos para poder accesar un servidor via ssh sin tener que introducir la clave. se usa la generación de claves públicas y privadas...

aqui van un artículo que conseguí en: http://sial.org/howto/openssh/publickey-auth/

salen todos los pasos a seguir...

Secure Shell (SSH) public key authentication can be used by a client to access servers, if properly configured. These notes describe how to configure OpenSSH for public key authentication, how to enable a ssh-agent to allow for passphrase-free logins, and tips on debugging problems with SSH connections. Password free logins benefit remote access and automation, for example if administering many servers or accessing version control software over SSH.

Public key authenticate can prevent brute force SSH attacks, but only if all password-based authentication methods are disabled. Other options to protect against brute force SSH attacks include pam_tally. On the downside, public key authentication does not work well with Kerberos or OpenAFS, which require a password or principal from the client.

Definition of terms used in this documentation:

  • client system: the system one types directly on, such as a laptop or desktop system.
  • server: anything connected to from the client. This includes other servers accessed through the first server connected to.

Never allow root-to-root trust between systems. If required by poorly engineered legacy scripts, limit the from access of the public keys, and if possible only allow specific public keys to run specific commands. Instead, setup named accounts for users or roles, and grant as little root access as possible via sudo.

For more information, see also SSH, The Secure Shell: The Definitive Guide. SSHKeyChain offers integration between the Apple Keychain and OpenSSH.

Public Key Setup

First, confirm that OpenSSH is the SSH software installed on the client system. Key generation may vary under different implementations of SSH. The ssh -V command should print a line beginning with OpenSSH, followed by other details.

$ ssh -V
OpenSSH_3.6.1p1+CAN-2003-0693, SSH protocols 1.5/2.0, OpenSSL 0x0090702f

Key Generation

A RSA key pair must be generated on the client system. The public portion of this key pair will reside on the servers being connected to, while the private portion needs to remain on a secure local area of the client system, by default in ~/.ssh/id_rsa. The key generation can be done with the ssh-keygen(1) utility.

client$ mkdir ~/.ssh
client$ chmod 700 ~/.ssh
client$ ssh-keygen -q -f ~/.ssh/id_rsa -t rsa
Enter passphrase (empty for no passphrase): …
Enter same passphrase again: …

Do not use your account password, nor an empty passphrase. The password should be at least 16 characters long, and not a simple sentence. One choice would be several lines to a song or poem, interspersed with punctuation and other non-letter characters. The ssh-agent setup notes below will reduce the number of times this passphrase will need to be used, so using a long passphrase is encouraged.

The file permissions should be locked down to prevent other users from being able to read the key pair data. OpenSSH may also refuse to support public key authentication if the file permissions are too open. These fixes should be done on all systems involved.

$ chmod go-w ~/
$ chmod 700 ~/.ssh
$ chmod go-rwx ~/.ssh/*

Key Distribution

The public portion of the RSA key pair must be copied to any servers that will be accessed by the client. The public key information to be copied should be located in the ~/.ssh/id_rsa.pub file on the client. Assuming that all of the servers use OpenSSH instead of a different SSH implementation, the public key data must be appended into the ~/.ssh/authorized_keys file on the servers.

# first, upload public key from client to server
client$ scp ~/.ssh/id_rsa.pub server.example.org:

# next, setup the public key on server
server$ mkdir ~/.ssh
server$ chmod 700 ~/.ssh
server$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
server$ chmod 600 ~/.ssh/authorized_keys
server$ rm ~/id_rsa.pub

Be sure to append new public key data to the authorized_keys file, as multiple public keys may be in use. Each public key entry must be on a different line.

Many different things can prevent public key authentication from working, so be sure to confirm that public key connections to the server work properly. If the following test fails, consult the debugging notes.

client$ ssh -o PreferredAuthentications=publickey server.example.org
Enter passphrase for key '/…/.ssh/id_rsa': …

server$

Key distribution can be automated with module:authkey and CFEngine. This script maps public keys stored in a filesystem repository to specific accounts on various classes of systems, allowing a user key to be replicated to all systems the user has access to.

If exporting the public key to a different group or company, consider removing or changing the optional public key comment field to avoid exposing the default username and hostname.

Key Access Limits

As an optional step to limit usage of the public key for access to any servers, a from statement can be used before public key entries in the ~/.ssh/authorized_keys file on the servers to limit where the client system is permitted to access the server from. Without a from limit, any client system with the appropriate private key data will be able to connect to the server from anywhere. If the keypair should only work when the client system is connecting from a host under example.org, set from="*.example.org" before the public key data.

server$ cat ~/.ssh/authorized_keys
from="*.example.org" ssh-rsa AAAAB3NzaC1…

If a text editor is used to add the from option, ensure the data is saved as a single line; some editors may wrap the public key and thus corrupt the data. Each public key in the ~/.ssh/authorized_keys file must not span multiple lines.

Multiple hosts or addresses can be specified as comma separated values. For more information on the syntax of the from option, see the sshd(8) documentation.

from="*.example.org,10.*,external.example.com" …

Configure ssh-agent Process

To reduce the frequency with which the key passphrase must be typed in, setup a ssh-agent(1) daemon to hold the private portion of the RSA key pair for the duration of a session. There are several ways to run and manage ssh-agent, for example from a X11 login script or with a utility like Keychain. These notes rely on the setup of ssh-agent via an @reboot crontab(5) entry, along with appropriate shell configuration.

The ssh-agent must only be run on the client system. The private key of the RSA key pair must remain on the client system. Agent forwarding should be used to make the key available to subsequent logins to other servers from the first server connected to.

  1. Startup cron job
  2. The following crontab(5) entry should run the agent at system startup time. The crond daemon on BSD and Linux systems should support the special @reboot syntax required for this to work.

    @reboot ssh-agent -s | grep -v echo > $HOME/.ssh-agent

    To setup the agent for the first time without having to reboot the system, run the following.

    $ nohup ssh-agent -s > ~/.ssh-agent

    Once the ssh-agent is running, any shells already running will need to source in the environment settings from the ~/.ssh-agent file. The SSH_AUTH_SOCK and SSH_AGENT_PID environment variables set in this file are required for the OpenSSH commands such as ssh and ssh-add to communicate with the ssh-agent on the client system.

    $ . ~/.ssh-agent

    Notes on configuring all shells to be able to run arbitrary commands are available. This reduces the initial setup to the following commands, which can be done from the script reagent.

    $ nohup ssh-agent -s | grep -v echo > ~/.ssh-agent
    $ allsh - < ~/.ssh-agent

    If csh or tcsh is being used instead of a Bourne-based shell, replace the -s argument with -c, and the source command used instead of . in any running shells.

  3. Shell startup script changes
  4. The shell’s startup script on the client system will need to be modified to pull in the required environment settings from ~/.ssh-agent and setup useful aliases. The agent settings in ~/.ssh-agent should not be read in if the client system is being connected to as a server. Remote connections set the SSH_CLIENT environment variable, so ~/.ssh-agent must not be read in when this variable contains data.

    [ -z "$SSH_CLIENT" ] && . $HOME/.ssh-agent

    alias keyon="ssh-add -t 10800"
    alias keyoff='ssh-add -D'
    alias keylist='ssh-add -l'

    The -t option to ssh-add will remove keys from memory after the specified number of seconds. This option prevents the keys from being left unlocked for long periods of time. Older versions of OpenSSH will not have the timeout -t option.

    For the csh and tcsh shells, slightly different configuration of the agent and aliases is required. Consult the relevant ssh-agent(1) and shell documentation.

Once the ssh-agent is running and shell configured to read in the appropriate settings and set easy aliases, enable the key then test a login to a remote server. The keyon will only need to be run when initially adding the private key data to ssh-agent, and only rerun if ssh-agent is restarted or the key is removed with keyoff.

client$ keyon

client$ ssh server.example.org
server$ exit
client$ keyoff

Use the keylist command to see what keys are in the agent process.

$ keylist
1024 01:a1:aa:34:21:bc:7d:a4:ea:56:a4:a1:1a:c5:fa:9f /home/…/.ssh/id_rsa (RSA)

If password free logins do not work, see tips on debugging problems with SSH connections to work out where the problem may be.

To make other applications not run from a shell aware of the agent, the environment definitions in the ~/.ssh-agent file will need to be read into the software in question. Consult the documentation for the software to see whether this is possible.

Agent Forwarding

For simple client to server connections, SSH agent forwarding will not be a concern. However, if from the server connected to, one logs into other servers, SSH agent forwarding will need to be enabled. If SSH agent forwarding is disabled, a private key must be available on the proxy system that is recognized by the server being connected to.

To enable forwarding, either use the -A option to ssh when connecting, or set ForwardAgent in an OpenSSH config file, such as ~/.ssh/config. Note that command line arguments override the user-specific configuration file, which in turn can override the global ssh_config configuration file, if any.

Host *
ForwardAgent yes
ForwardX11 no

Agent (and X11) forwarding may represent a security risk, providing more options to an attacker on a compromised server to work back to the client system. If paranoid, disable Agent and X11 forwarding by default, and only enable the features where needed. Also enable StrictHostKeyChecking and use configuration management software such as CFEngine to distribute a global ssh_known_hosts file to all client systems.

Wednesday, September 10, 2008

checkbox alineados

a veces los checkbox salen desalineados con respecto al texto que se pone al lado... se puede corregir con

bien.input{
padding : 0px;
margin:0px;
}

the images may be corrected with:

> img { vertical-align: middle; }
(http://archivist.incutio.com/viewlist/css-discuss/41951)

excel html descarga

Tuve el problema al descargar archivos Excel, desde php...

descubrí que es suficiente hacer una tabla, y descargalo como un archivo xls:

un .php con lo siguiente:

$strExcel = ob_get_clean();

$filename = uniqid('').".xls";
$path = "temp/";
file_put_contents($path.$filename,$strExcel);

// fix for IE catching or PHP bug issue
header("Pragma: public");
header("Expires: 0"); // set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
// browser must download file from server instead of cache

// force download dialog
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");

// use the Content-Disposition header to supply a recommended filename and
// force the browser to display the save dialog.
header("Content-Disposition: attachment; filename=".$filename.";");

/*
The Content-transfer-encoding header should be binary, since the file will be read
directly from the disk and the raw bytes passed to the downloading computer.
The Content-length header is useful to set for downloads. The browser will be able to
show a progress meter as a file downloads. The content-lenght can be determines by
filesize function returns the size of a file.
*/
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($path.$filename));

@readfile($path.$filename);

además para el problema de descargar números como texto y demás formatos:

excel reconoce css, y se pueden utilizar formulas, comandos.

http://agoric.com/sources/software/htmltoExcel:
The solution? The mso-number-format style attribute, to be put on table cells (). Several number formats are available. These are some of the more common:
mso-number-format:\@
text
mso-number-format:"0\.000"
3 decimals
mso-number-format:\#\,\#\#0\.000
comma separators (and 3 decimals)
mso-number-format:"mm\/dd\/yy"
Date format
mso-number-format:"d\\-mmm\\-yyyy"
another date format
mso-number-format:Percent
percent

'mso' stands for Microsoft Office, so these formatting hints will hold if table data is imported into any Office product.

Introducción del Blog

Este blog está orientado a almacenar las soluciones que he encontrado a mis pequeñas inquietudes acerca de linux, windows, php, postgreSQL, etc... y comentarios en general....