chrooted sftp only 
useradd -s /bin/false -m SFTPUSER
mkdir /home/SFTPUSER/.ssh
ssh-keygen -t rsa -b 2048 -N '' -f /home/SFTPUSER/.ssh/id_rsa
chmod 600 /home/SFTPUSER/.ssh/id_rsa

Subsystem       sftp    internal-sftp

Match user SFTPUSER
PasswordAuthentication no
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp
ChrootDirectory /chroot
chown root:root /chroot
mkdir /chroot/SFTPUSERDIR

echo "put FILENAME" | \
sftp -oIdentityFile=/home/SFTPUSER/.ssh/id_rsa \
-oTCPKeepAlive=no -oServerAliveInterval=15 \

[ view entry ] ( 2197 views )   |  print article
ssd optimizations 
* do partition alignment

Check if aligned at

Theodore Ts'o's blog post is somewhat misleading, as even that manufacturer's MLC SSDs have an erase block size of 512KiB (PDF), like OCZ's drives - not 128KiB. You're better off running fdisk -H 32 -S 32 /dev/sda, which will align partitions to 512KiB, and mke2fs -b 4096 -E stride=128,stripe-width=128 -t ext4 (128 * 4096B = 512KiB).

for partitioning see ... sing-fdisk

But without ATA TRIM your drive writes will decrease (depending on write usage)

The only solution seams to secure erase the whole drive and do a reinstall

* add "elevator=noop" to /boot/grub/menu.lst

Some tips i found but think this came from a myth:

* use a tempdir for logs

tmpfs /var/log tmpfs defaults,noatime,mode=0755 0 0
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0
tmpfs /var/tmp tmpfs defaults,noatime,mode=1777 0 0

for dir in apparmor apt ConsoleKit cups dist-upgrade fsck installer news samba unattended-upgrades; do
mkdir -p /var/log/$dir

* Set Firefox Cache to RAM
in about:config set browser.cache.disk.enable to false

* change the file system mount options on SSDs to "noatime"

[ view entry ] ( 1970 views )   |  print article
secure rsync to only one directory 
I want to rsync to a remote host to a given directory.

ssh-keygen -t rsa
keyfilename: ~/.ssh/rsync
ssh-copy-id -i .ssh/rsync rsyncuser@remote-host

rsync files with ssh:
rsync -vaHxr --delete \
-e "ssh -i ~/.ssh/rsync -c arcfour -o Compression=no -x" \
LOCALDIR rsyncuser@remote-host:


ssh-dss 012345678...
limit access with from (optional).
On sucessfully ssh login command is executed.

[ view entry ] ( 2240 views )   |  print article
ffmpeg http Transfer-Encoding: chunked 
Today i a made a patch for ffmpeg to be able to fetch a png file from a cgi script

ffmpeg -f image2 -vcodec png -i 'http://server/cgi-bin/graph.cgi'

This didn't work because ffmpeg/libavformat/http could't handle "Transfer-Encoding: chunked"


[ view entry ] ( 2151 views )   |  print article
How to recompile / rebuild a debian package 
$ sudo apt-get install build-essential fakeroot dpkg-dev
$ mkdir build
$ cd build
$ sudo apt-get source foo
$ sudo apt-get build-dep foo
$ cd foo
$ dpkg-buildpackage -rfakeroot -b -us -uc -nc

-nc does not clean, usefull if you change something and rebuild ... y-package/

[ view entry ] ( 1055 views )   |  print article

<<First <Back | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | Next> Last>>