Installing Subversion Client and Server on OS X

Installing Subversion on OS X is actually really easy, but for those of you who have not done it before it can seem like quite a task. There are many Revision Control systems out there but in my opinion SVN is well suited for the needs of just about any person or project, for those of you not too familiar with SVN or how it works, you should check out the Wikipedia link above.

All of my tutorials if you haven't noticed make use of MacPorts, if you don't have it installed already now would be a good time to install it.

First thing you want to do whenever you're installing something from MacPorts is make sure you're current. We'll do a selfupdate to upgrade existing packages and update package info.

• dStruct:~ Matt$ sudo port selfupdate

Next up you want to install SVN via the MacPorts system.

• dStruct:~ Matt$ sudo port install svn

We need to make sure svn is in your default path by running svn from a Terminal session.

• dStruct:~ Matt$ svn
• -bash: svn: command not found

So it looks like we need to update .profile with the correct path, by default MacPorts installs to /opt/local/bin and /opt/local/sbin which is not normally in the default path.

• dStruct:~ Matt$ nano .profile
• export PATH=/opt/local/bin:/opt/local/sbin:$PATH

You should now see the following when you run svn.

• dStruct:~ Matt$ svn
• Type 'svn help' for usage.
  

The SVN client is now ready for use, for those interested in running your own SVN Repositories to keep track of your own project or source code lets setup the SVN Server a.k.a. svnserve.

First thing to do is decide where you want your Repository located on your drive (I use ~/SVN) and then we want to create the Repository directory and it's file structure.

• dStruct:~ Matt$ svnadmin create ~/SVN
  

Which should create the actual directory and setup the SVN framework inside it, including the default SVN Server configuration files in ~/SVN/conf/. It should be noted you rarely ever directly edit the files in the SVN Repository, only advanced users who know how to manipulate SVN should ever touch the files inside. However if you plan on allowing anyone remote access to your SVN Repository it would be wise to setup permissions on who can access what.

Let's do a test run and make sure the SVN Server fires up with the default settings and no authentication, and that we can check out the Repository.

• dStruct:~ Matt$ svnserve -d -r ~/SVN/
• dStruct:~ Matt$ svn checkout svn://dStruct/ ~/test
• Checked out revision 0.
  

Ok so now we have our Repository built and we know the server works, lets setup the SVN Server to launch automatically at startup under the inetd service. We need to create a new Property List or plist and place it in /Library/LaunchDaemon so launchd knows where to find it on startup.

• dStruct:~ Matt$ killall svnserve
  
• dStruct:~ Matt$ cd /Library/LaunchDaemon
• dStruct:LaunchDaemon Matt$ sudo nano org.tigris.subversion.svnserve.plist

And paste in the following XML, editing the 2 lines required.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">

<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>org.tigris.subversion.svnserve</string>

<key>ProgramArguments</key>
<array>
   <string>/usr/local/bin/svnserve (EDIT THIS LINE)</string>
   <string>--inetd</string>

   <string>--root=/Users/YourUsername/SVN (EDIT THIS LINE)</string>
</array>
<key>ServiceDescription</key>
<string>Subversion Standalone Server</string>

<key>Sockets</key>
<dict>
 <key>Listeners</key>
 <array>
   <dict>

     <key>SockFamily</key>
     <string>IPv4</string>
     <key>SockServiceName</key>
     <string>svn</string>

     <key>SockType</key>
     <string>stream</string>
   </dict>
   <dict>
     <key>SockFamily</key>

     <string>IPv6</string>
     <key>SockServiceName</key>
     <string>svn</string>
     <key>SockType</key>

     <string>stream</string>
   </dict>
 </array>
</dict>
<key>inetdCompatibility</key>

<dict>
 <key>Wait</key>
 <false/>
</dict>
</dict>
</plist>

With that file saved now we need to add it to the Launch Daemon and we'll go ahead and fire it up right now manually as if we just booted up.

• dStruct:~ Matt$ sudo launchctl load /Library/LaunchDaemon/org.tigris.subversion.svnserve.plist
• dStruct:~ Matt$ sudo launchctl start org.tigris.subversion.svnserve

Now for the final test, lets try to check out the local Repository.

• dStruct:~ Matt$ svn checkout svn://dStruct/ ~/test
• Checked out revision 0.

There you go, if you ran into any issues check the reference links below, and Google is your best resource for answers, enjoy.

Version Control with Subversion
Subversion server (svnserve) on Mac OS X

Technorati launches new Twittorati website today

Blog search engine and advertising power house Technorati has joined forces with Sawhorse Media the makers of Muckrack.com, to bring the world Twittorati.com "Where the blogosphere meets the Twittersphere".

According to the new service "Twittorati tracks the tweets from the highest authority bloggers, starting with the entire Technorati Top 100 and soon including many more of the web's most influential voices."

To be honest I don't know what to think, it seems like Technorati is reaching a bit far on this one.. Maybe it's just me being biased, I mean I don't dislike Twitter, I wouldn't say things like it's insecure, full of bugs, or loaded with scams, or anything like that would I?

Well head over there check it out and leave a comment or two on what you think.

If you find this article helpful, Digg it..

~Matt

Making money online, fact or fiction?

There are a lot of people out there who have it hard coded in their brains that you have to get up at the crack of dawn, get ready for work, drive to work, actually try to do work in a busy place full of other people, noise, cell phones going off, and computer networks being brought down by the one idiot in the corner cubicle who thought he'd send that 10mb video attachment to all his co-workers..

I've been there, done that, and yes I got the T-shirt. If you can't tell by my tone I'm not a huge fan of this crap, personally I think people waste a massive amount of time each year commuting to and from work each day, and in most cases not being able to do anything productive in the process.

Well there is a better way, there is a light at the end of the tunnel, and you can free yourself from this addiction to the office. Now I know what the non-believers are thinking right now, I can feel it, but there is an entire world full of web-based businesses just waiting to pay you for basically existing. Some of which include Affiliate Marketing, where you would for example write a small free blog like this one and sign up with Link Share or Click Bank and simply post one of their Ads on your blog for say ABC Sunglasses, and when one of your visitors happens to click on that link because they like what they see, you can either get a small amount of revenue per ad click, or a referral fee if that person actually buys something.

That's just one example of how you can make real money online, and it's a very tried, true, and tested method, there are people out there making good money with moderate traffic websites and blogs doing just that.

Another example would be Google's AdSense program, in my opinion Google really went the extra mile on this one, they have their own Affiliate type system in place for advertising, I'm sure you've seen all the links all over other websites including this one "Ads by Google" well each time someone clicks on an Ad you get a percentage of whatever Advertiser is paying for that Ad, which can range from pennies to dollars, it's a completely free program available to just about anyone with a computer, why are you not taking advantage of this free program? If I were you I know I would be.

I found a wealth of information on a fellow Blogger site Financing Strategies which has all sorts of useful information relating to making money online, and how you can manage that money and tips on improving credit, things like that. Check out these posts specifically Optimizing Google AdSense and the Big Secret to Making Money Online which outlines what to do, and what not to do when making money online.

I invite you to Google things like Online Revenue, and Making Money Online, and Affiliate Marketing, go poke around and see what you can find, there's tons of stuff out there. Hopefully you can carve your own little niche in the web, and make a little money in the process.

If you find this article useful, please spread the word by posting to any Social Networking site like you like, it really helps get useful information to people who can use it.

~Matt

Britney Spears is dead! Oh wait Twitter just got hacked.. again..

The much touted microblogging social network Twitter just can't seem to stay out of the news lately, according to Britney Spears Twitter profile apparently "Britney has passed today. It is a sad day for everyone. More news to come.." and I have to say it was well timed having so many famous celebrities pass away so recently, I'm sure fans who saw this were shocked and saddened by the posting but the fact is she's not dead however her Twitter profile was compromised yet again through the TwitPic service which allows you to upload images with captions directly to your Twitter account, this just after they said "We've implemented a fix for the email posting vulnerability, a full blog post explaining the issue will be released soon"

These flaws are nothing new to Twitter back in January, 2009 around New Years followers of the singer were informed that her vagina was four feet wide "with razor sharp teeth". According to Mashable there were other celebrity attacks during this time including Bill O'Riley being called gay.

Well the guys over at TwitPwn are doing something about it, they're calling July, 2009 the Month of Twitter bugs and rightfully so, in an attempt to raise awareness of the massive amounts of code exploits, cross-site scripting errors, API "issues" and just plain bad coding. My hats off to you guys, hopefully something becomes of it.

So on that note I'm dubbing Twitter - The Black Sheep of Social Networking(©™ and stuff).

I really hope Twitter irons out the kinks, as for me don't be surprised if you can't tweet about this blog posting directly off my blog or you can't follow me on Twitter.

~Matt

SSH Public Key Authentication and OS X

In most cases people just use SSH the good old fashioned way, they login using a password and usually to the root account. Now there's nothing wrong with this method, it's hands down more secure then using something like Telnet to access remote boxes, however I want to point out a few things you may want to consider even if you've never had a box compromised.

By using just password authentication even with a huge AlphaNum3r1c#p4ssw0rd you're allowing anyone from anywhere the ability to potentially Brute Force your password, gain access to your system(s), and do whatever the hell they want. Even more so if you allow logging in to the root account, because knowing a good username makes Brute Forcing a password just that much easier.

When you setup a Public/Private Key combo with the server(s) you access you're providing 2-part (or two-factor) authentication by providing something you know with something you have. This method is much more secure since you physically have to have the matching side of your key to authenticate.

To setup Public Key Authentication you'll need to generate a key pair (Public/Private) and then share the Public half with any servers you connect to.

• Open Terminal and "cd ~/.ssh", then "ssh-keygen -t dsa -b 1024"

• The default location of /Users/(your username)/.ssh/id_dsa is correct, hit enter

• Now provide a passphrase for the key, this will be used as the part you know. Make sure it's a good one as you can store it in your Keychain so you don't have to type it everytime.

• id_dsa is your Private key, id_dsa.pub is your Public key for sharing.
  

• Next copy your shiny new 1024-bit DSA Public key to the server, "scp id_dsa.pub user@myremotehost:~/id_dsa.pub"

• Now login to the remote server and insert the key data into SSH, either in ~/.ssh/authorized_keys or /etc/sshd_config directly "cat id_dsa.pub >> ~/.ssh/authorized_keys"

• Now that you have your Public key in the authorized_keys file you can safely delete your remote copy of it, if you want to make keep it there make sure permissions of the id_dsa.pub are secure and set to owner only "chmod 700 id_dsa.pub" the same goes for authorized_keys, check it with "ls -l".
  

• Now you want to logout of your remote server and log back in and verify everything works as it should. You should get a prompt for your passphrase this time and not the regular password.

• If you can successfully login using your key then you're ready to disable password based authentication by opening your sshd_config and setting the option "PasswordAuthentication no" and restarting sshd.

The default Public Key location on most servers is: ~.ssh/authorized_keys

The default Private Key location on OS X is: ~.ssh/id_dsa

The next steps are optional but some like to disable Password Authentication, so the server only uses Public Key, personally I like to keep Password Auth there as a backup in case I lose my Private key, combined with my previous guide on Securing SSH with IPtables I can sleep at night. And there is no reason why you shouldn't have a secure encrypted USB flash drive like an IronKey on your keys that you carry with you wherever you go, so put your Private Key on there that way wherever you go you have your "keys" with you..

References:
http://matthewayo.blogspot.com/2008/06/securing-ssh-with-iptables-on-openwrt.html
http://sial.org/howto/openssh/publickey-auth/

I hope you find this guide helpful.

~Matt ajx7qcrndm

Configuring OS X Serial terminal emulation using Terminal and Screen

If you use Mac OS X on a daily basis like I do, you may or may not be aware that there is no included Serial terminal emulation software included with the Operating System. For most people this would not be of any concern, I mean how many people actually use HyperTerminal right? But for those of us who configure Serial based devices like Cisco Routers, Switches, and Load Balancers, on a regular basis I was having trouble finding a good solution.

There are no good free Serial terminal applications out there, there are some that will work, but they're not pretty, not Universal Binaries, or they cost money. Me personally I don't think I should have to pay for software like that, you can't make an application like that so nice and so feature packed that anyone should ever have to pay for a simple Serial Terminal app, that's like charging money for screen savers... Of all the ways to make a quick buck.

So my solution to the issue was a simple one, I wish I had thought of it much sooner and spared my life from Minicom. What I did was configure the built in OS X Terminal application to fire off the Screen program inside itself automatically, and boom instant Serial Terminal.

It goes a little something like this...

• Open the Finder -> Applications -> Utilities, and click on Terminal.

• Now click the Terminal menu -> Preferences -> Settings tab, and create a Settings/Profile entry either by using the + or Duplicating your existing one.

• With your new profile selected on the right side click on the Shell tab and Check "Run command:" and enter "screen /dev/tty.COM_PORT_HERE", where the com port is your USB to Serial converter or in my case SocketCom Bluetooth to Serial adapter.

• That's all there is to it, now you can go up to the Terminal menu and click on Shell -> New Window -> Your Profile, or Shell -> New Tab -> Your Profile.

Also for those of you who didn't know you can use Terminal for SCP and SSH, check out New Remote Connection on the Shell menu.

So now that I've shown you how to do it, here's a copy of my Terminal Profile that you can just import it instead. =)

Serial.terminal

~Matt

Missing Money

For those of you who have not heard of unclaimed property, let me share a little secret the government doesn't really advertise to the public. Just about every State in the US has what is called an unclaimed property program for things like:

• Bank accounts and safe deposit box contents
• Stocks, mutual funds, bonds, and dividends
• Uncashed checks and wages
• Insurance policies, CD's, trust funds
• Utility deposits, escrow accounts

Say you forget about an account, you move, change jobs, or how about a relative sets up an account on your behalf? Well when the account is deemed inactive that money ends up (usually) at that States unclaimed property office after about a year and it sits there for various amounts of time depending on the state. For example a family member of mine left a job and they still owed them over $600 from payroll and was unable to reach them, after a year the money automatically goes to the unclaimed property office and he was able to file a claim and receive a check in the mail for the missing money.

Which brings me to the topic of Missing Money, there's actually a website called just that http://www.missingmoney.com/ which is a database linked to participating websites in the US, and Canadia which allows people to search unclaimed property programs for your missing money!

Each State website can be located here with the following link http://www.missingmoney.com/Main/StateSites.cfm

There are also some helpful links for places to search for other unclaimed stuff http://www.unclaimed.org/other/

Good luck!