mastermindzh/rickvanlieshout.com
1
0
Fork 0
mirror of https://github.com/mastermindzh/rickvanlieshout.com synced 2025-07-27 04:32:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

migrating more blogs!

Browse Source
This commit is contained in:
Rick van Lieshout
2022-09-21 22:34:48 +02:00
parent 3894030fa0
commit 9059befae3
31 changed files with 507 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
content/posts/2014/a-status-update/a-status-update.md Normal file
View File

@@ -0,0 +1,31 @@
---
title: "A status update"
date: "2014-11-16"
template: "post"
category: "blog"
tags:
- "life"
- "school"
description: ""
disqusId: "10"
---
## School
In my last blog post I mentioned that I was busy with schoolwork (and all related matters like friends & gaming). That all changed yesterday, I decided not to game as much anymore and focus on something exciting again. I have no idea what kind of exciting thing I'm going to focus myself on, but most likely it will be either Arduino or Raspberry PI (cluster / solo).
Some more great news! We were able to collect 15 points (out of 60 in a year) during this first semester. And I got them all. The most difficult test for me was of course the Dutch language test. Which I barely passed. One of the other "harder" tests was a subject called "UML", and as some of you might know... I hate, most of, UML.
A new semester has started this week and we've already had a taste of what is to come. Sadly what is to come isn't all that Linux friendly. They have opted to use MsSQL instead of the (much better) MySQL(MariaDB) / PostgeSQL. This means that I, and another classmate, have to install virtualbox with Windows on our laptops. Shouldn't be a big problem should it? Well no it shouldn't. But me trying to be smart resulted in me downloading a "stripped down / light" version of Windows. (as if there is such a thing ! ha!) After setting up Windows, and installing office (since we'll be using Access (another YUK!) I tried installing MsSQL. Turns out however that one of the stripped features was powershell, and for some inexplicable reason MsSQL will **not** install without powershell. To make matters worse Microsoft decided that they wouldn't offer an install package through the website anymore since powershell is built-in in the newer versions of Windows. So I had to resort to giving up almost 30GB of hard drive space just to install MsSQL.... (and I will probably end up using MySQL anyways)
## Numix-icon-theme-square
Last night a friend of mine tried installing the Numix square theme, something that usually doesn't require my help. Last night however my friend did need some help because the theme just would **NOT** install correctly. (kept throwing a GPG key error) So after trying to install an older package (which I did not know he removed from his system) I finally decided to google the matter. Turns out the "Square" theme's actually cost money (who knew?). Turns out that Antergos Linux has some sort of a license to use them but general Linux does not.
That is why the team behind Numix has requested the package to be removed from the aur. And their request was granted. (as it should have been). Last night however we didn't have the tools handy to be able to make a purchase of the Icon theme, so I sent him my version and he installed that instead. I will however buy a license from them today, since I use the icon theme on pretty much all my machines.
## Arduino sneak peak.
I acquired some new toys for the arduino, two of them being the "Adafruit mini 8x8 LED matrix". To use them I had to install 2 libraries, and with those came "Example sketches". One of those example sketches was a "Robotic eye", naturally with me having 2 new toys I decided to create a little "face" (just eyes) with the prebuilt sketches. Anyways I thought that looked cool so I made a video of it which you can watch below:
<iframe src="//www.youtube.com/embed/7WeG88fOVbA" allowfullscreen="" width="560" height="315" frameborder="0"></iframe>

23
content/posts/2014/me-my-blog-and-projects/me-my-blog-and-projects.md Normal file
View File

@@ -0,0 +1,23 @@
---
title: "Me, my blog, and projects."
date: "2014-11-16"
template: "post"
category: "blog"
tags:
- "life"
description: "A little update blog"
disqusId: "9"
---
## The blog
So, I've already gone past my weekly schedule. Which tends to happen every time... I'm not giving up on the blog though ! I've just been far too busy. Busy with what you ask? well.... college.
Now surely the first period shouldn't be that hard for someone who can code reasonably well already You'd be right in thinking that, but.. that's not the only part of college, college also means new friends. New friends mean gaming. So yeah I've been gaming a bunch. Sorry.
## Projects
For now I'm putting off some of the projects I had originally planned. I simply can't find the time to write detailed blog posts on them and I don't want to disappoint you guys with half-baked posts.
I did start a new "project", meaning I ordered 2 of the most beautiful computers on the planet. Yes, I bought 2 iMac G4's . Even though I don't like Mac os, or the designs Apple is currently pushing out, I do really like these older Mac's. I've ordered 2 of them from the internet, the seller is currently looking for a box to send them both in since they are pretty big and heavy. I can only wait and hope they will arrive in good condition.
So I hope you guys appreciate this little update and can forgive my absence. Have a nice day!

BIN
content/posts/2014/pi-cluster-5-expanding-the-cluster/media/pidark_full.JPG Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 MiB

BIN
content/posts/2014/pi-cluster-5-expanding-the-cluster/media/piresults.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 KiB

88
content/posts/2014/pi-cluster-5-expanding-the-cluster/pi-cluster-5-expanding-the-cluster.md Normal file
View File

@@ -0,0 +1,88 @@
---
title: "Raspberry pi cluster step 5: Expanding the cluster"
date: "2014-09-19"
template: "post"
category: "Homelab"
tags:
- "raspberry"
- "cluster"
- "pi"
description: "Today's blog post will be about expanding the cluster with more nodes."
disqusId: "6"
---
In today's post we'll have a look at expanding the cluster with more nodes! We will have a look at how to clone them and how we can set up a universal login using ssh keys.
Windows users can use the "read" option of the previously installed `win32imager` to create an img.
## Linux
Insert the tested and configured SD card and use lsblk to find out on which /dev/ the SD card resides. Now use dd to make an img of your Raspberry pi master node (note! this can be used as a backup too) with the following command:
```bash
sudo dd if=/path/to/sd/card of=/home/`whoami`/raspy.img
```
After running that command you will have an image of the configured Raspberry pi in your home folder. You will now have to write this image to all SD cards.
After writing all the images to the SD cards you have to change the hostname on all "copies". To do this put the SD card into one of the pi's, let it boot , and log in. Then give it the following command:
```bash
sudo raspi-config
```
Next, you'll have to change the ip on each of the nodes by changing the "address" line after executing the following command:
```bash
sudo nano /etc/network/interfaces
```
After setting up all 4 pi's and plugging it all in you should see all 4 led's light up on the pi's. If this is not the case you might've forgotten to change either the ip address or the hostname. (which will lead to a conflict resulting in one of them not having internet access). Mine now looks like this (note the dramatic night picture taken at 10 past 12 am):
![picture of 4 Raspberry pi's stacked on a network switch serving as a cluster](./media/pidark_full.JPG "It's not quite RGB but it's beautiful!")
## Logging in to the nodes with ssh keys
To make working with the cluster **a lot** easier we will use ssh keys to login in place of the old password. We are going to generate the master node's key first, to do this enter the following command.
```bash
ssh-keygen -t rsa -C "pi@raspberrypi0"
```
You'll be asked where you want to save the key, the default directory is usually fine. After that you will be asked to enter a passphrase. (the passphrase is optional but also recommended in a production environment) After generating the key a "randomart" image will appear. After generating the key you want to execute the following command:
```bash
cat ~/.ssh/id_rsa.pub | ssh pi@192.168.1.8 "mkdir .ssh;cat >> .ssh/authorized_keys"
```
Keep in mind you might have to change the ip address in the previous command. After executing this command for the 2nd node, repeat for the third,fourth,fifth, etc., etc. nodes.
After we have copied the key to all nodes we have to edit the previously created machine file (on master) to include all the ip addresses of the other pi's. To do this type in the following command:
```bash
nano mpi_scripts/machinefile
```
Simply add all the other pi's ip addresses to the file (each on a new line).
## Testing!
Now that we've added the pi's ip's to the machinefile we can use them from our master node. To test this we can run the following command:
```bash
mpiexec -f mpi_scripts/machinefile -n 4 hostname
```
This should give you 4 hostnames. If it does you've set it all up correctly! We can even try and run some C code with them by running the next command:
```bash
mpiexec -f mpi_scripts/machinefile -n 4 ~/mpich_build/examples/cpi
```
![a picture showing that a clustered pi is actually slower at calculating pi...](./media/piresults.png "Is that correct? O.o")
If you have a look at the screenshot above you'll see that the cluster as a whole (4 pi's) actually take longer to calulcate pi than a single node would. This is to be expected with something that runs this quickly. The cluster has to communicate with each of the pi's, which results in a tiny little bit of network overhead. In the case of calculating pi this network overhead turns out to be greater than the time it takes to calculate pi to 15 digits.
Now that we have a complete (working) cluster we are all set to start using it! But first, here's a video of me power cycling the cluster:
<iframe src="//www.youtube.com/embed/lm1oeS1uzY8" allowfullscreen="" width="420" height="315" frameborder="0"></iframe>

BIN
content/posts/2014/shellshock-why-you-shouldnt-get-your-panties-in-a-bunch/media/hackzors.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 95 KiB

90
content/posts/2014/shellshock-why-you-shouldnt-get-your-panties-in-a-bunch/shellshock-why-you-shouldnt-get-your-panties-in-a-bunch.md Normal file
View File

@@ -0,0 +1,90 @@
---
title: "Shellshock and why you shouldn't get your panties in a bunch."
date: "2014-09-27:23:00"
template: "post"
category: "exploits"
tags:
- "exploits"
- "vulnerabilities"
- "bash"
- "bug"
description: "In today's blog I share my opinion on shellshock and why I think you shouldn't get your panties in a bunch! hah!"
disqusId: "8"
---
On September 24 2014, A Bash vulnerability, known as "Shellshock" was disclosed. This "bug" allows an attacker to run code on your machine, which is bad, very bad.
<figure class="float-right" style="width: 420px">
<img src="/media/hackzors.png" alt="terminal with shellshock exploit">
</figure>
Now then, what exactly is "Shellshock". Shellshock is a "bug" (or vulnerability) that can be used to remotely run code on someone's machine by altering an environment variable. The real danger however lies in programs that can alter these variables without requiring root. Thus enabling anyone with access to your computer to run commands.
Imagine someone attacking you twice, the first time they'll create a user and the second time they'll set a password for the user. After that they can just log in to your system and destroy the entire thing, or worse still, monitor your every move.
Some examples of the services which can alter environment variables without root privileges are:
- OpenSSH (which 90% of all Linux distros use)\*
- DHCP clients
- Apache servers with CGI scripts
## When are you vulnerable?
This seems to be a point many news sites forget about. When exactly are you vulnerable and how worried should you be. The thing is, in order for you to be vulnerable you'd have to have one of two things:
- A server which is open to the world (web,vps, etc.)
- An intruder in your network.
Most people won't have either one of those things. And to be fair, if you can't trust the people on your own network you've got far bigger problems than "Shellshock". Unless of course you're using a whole lot of "free-wifi" services, in which case you really don't know who is on the network.
I'd imagine the number of people having a "server" , or simply a computer which is accessible from outside your home network is way higher. So if you are one of those people, please patch your bash to avoid any trouble. ( I too like to have an easy way to log into my server from anywhere (work / family / vacation) and thus I would be vulnerable.)
## How to test whether you're vulnerable
Testing whether you're vulnerable is quite easy. You can just use this "attack" on yourself with an "echo" command (which won't cause any harm). If it works, you're vulnerable. If it doesn't you're not.
Here's how to construct a test command:
```bash
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
```
If you're **not** vulnerable you'll get:
```bash
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' hello
```
You might also simply get "hello".
If you **are** vulnerable however you'll get:
```bash
vulnerable hello
```
## How to patch your system
By now most distributions have updated their repo to include the patched version of bash. If that is the case you can simply do a regular update:
### Ubuntu / re-spins
```bash
sudo apt-get update && sudo apt-get upgrade
```
### Arch / re-spins
```bash
sudo pacman -Syu
```
If however you're using a mac you'll have to do it by hand. Since Apple hasn't yet released an update nor commented on the matter. Instructions for a mac can be found [here](http://mac-how-to.wonderhowto.com/how-to/every-mac-is-vulnerable-shellshock-bash-exploit-heres-patch-os-x-0157606/).
## In summary
So should you worry? Yes and no. If your computer (/server) is exposed to an outside network you should absolutely worry. If it's not however you are relatively safe. Still, patching is a simple and fast process, so just patch it and get on with your life !
## Documentation
For those of you who like to research this "Shellshock" vulnerability some more, here are 2 entries in the NVD: [CVE-2014-6271](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271) & [CVE-2014-7169](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169).
If you want to see Shellshock in action I recommend watching the following video from Quidsup:
<iframe src="//www.youtube.com/embed/UllSNdgGLbo" allowfullscreen="" width="560" height="235" frameborder="0"></iframe>

34
content/posts/2014/using-the-cluster-for-home-automation/using-the-cluster-for-home-automation.md Normal file
View File

@@ -0,0 +1,34 @@
---
title: "The pi cluster, home automation & kickstarter monitoring"
date: "2014-09-27"
template: "post"
category: "Homelab"
tags:
- "python"
- "raspberry"
- "pi"
- "home automation"
description: "Today's blog is about home automation."
disqusId: "7"
---
Some of you might be wondering "why doesn't he write more blogs about the cluster?" and I wouldn't blame you. I have a pretty good reason for not blogging about the pi cluster (even though I promised sample code). That reason is "home automation". As some of you might know I'm big into home automation, and have done quite a bit already. But it's always fun to try something different!
I usually use single or double relay boards which you can control with an arduino or a Raspberry pi. This time however I ordered an 8 relay board instead of a double relay board. I got the board from China at a store called "Sainsmart", here's the link to the exact board I got: [http://www.sainsmart.com/8-channel-dc-5v-relay-module-for-arduino-pic-arm-dsp-avr-msp430-ttl-logic.html](http://www.sainsmart.com/8-channel-dc-5v-relay-module-for-arduino-pic-arm-dsp-avr-msp430-ttl-logic.html)
So what does that have to do with the cluster you ask? Well, I used to have a Raspberry pi to experiment with.... But I used that in the cluster to save some money. (here I was, thinking to be smart!) So I had to "disassemble"(taking the top off) the cluster to connect the relay board. In the next blog-post I'll have a couple of pictures showing off the relay board and the pi cluster.
## I donated a pi!
While talking on IRC with a friend[(Robbie Ferguson)](http://baldnerd.com) of mine I discovered that he had never used a Raspberry pi before. And to make matters worse he told me he had lost interest in them now. When I asked why he never got one he told me the following:
> When they were new I couldn't get one here in Canada, and now it's been so long that I've lost interest.
While discussing the fact he jokingly told me, if you'll send me one I'll try it out. A small problem arose though, me sending a pi to Canada would cost way more than actually buying one over there. So we decided that I'd just send him the money and he would order his own. I can't wait to see what he does with it.
If you guys are interested in seeing what he does with it too you can check out [Category5.tv](http://www.category5.tv/)
What Robbie doesn't know is that I wanted to do something for the show / him anyways. I was originally planning on just donating $20, but giving him the joy that comes from owning a Raspberry pi seemed like a way better plan! Besides, he's been working really really hard on the new Studio D so he deserves some fun!
## Kickstarter monitoring
I have once more decided to back a certain Kickstarter campaign and find myself checking the website **a lot**. I plan to change this by creating a little script (don't know which language yet) that will check it for me and report back. More info about this project to come.