tanks at work

no, no, not what you think. The Finnish army is just running an exercise.

TPM to feed random number generator

One of the uses of a TPM is to feed /dev/random on your linux box. I will not go into the political implications of TPM.

See also Matt Domsch’s blog.

Those still running RHEL5/CentOS5, be sure to have rng-utils-2.0-4 or later and kernel-2.6.18-238.el5 or later.

Some of the following steps are specific to my HP ProLiant MicroServer, but most will apply to any modern linux and HW (one would prefer the TPM to be an integral part of the motherboard as opposed to a module).

git server setup

For the last decade, I have been using cvs at home to have version control over documents (mostly LaTeX and config files). The original cvs server has been since migrated to a virtual machine.

apcupsd on RHEL5 / CentOS5

While the current Smart-UPS (aka SMT) range of UPS from APC has much fewer variables exposed in a way that is useful for fancy apcupsd usage (you’ll find apcupsd in EPEL), they are still amply sufficient for home use. Basically, the UPS gives an estimated time left at current load and the remaining battery level. At home these are anyway the only two readings I want to trigger scripts on.

visiting Helsinki

Every time a friend comes to visit, I tend to give out the same travel information. Being lazy, turning that into a posting seems sensible.

While I no longer live in Helsinki, there is no real need to delete this post. Keeping what the migration tool spit out.

Honda Deauville

From time to time people ask me what my motorbike looks like. Here’s some pictures.

The first three were taken shortly after I bough it, they are the ones where the bike is shiny. The rest were taken in September 2014, it’s noticeably dirtier in them.

front, new

Frosted trees

Frosted Trees In January 2010 weather conditions gave this beautiful scene in Helsinki. The trees were all covered with a fine layer of frost.

DynDNS updates with TSIG and NetworkManager dispatcher

for paid accounts (DynDNS Pro and Dyn Standard DNS), one can do the updates with TSIG.

This allows us to not use ddclient, thus not having our password in a config file on disk. Obviously, if the key is leaked, an attacker can still wreak havoc with your DynDNS zone configurations, but at least they will not be able to log onto the web interface of DynDNS under your name.