Last modified:

Just notes so I don't forget stuff. Feedback to Twitter please.

ssh(1) grawlix security

I use VirtualBox for testing all the time, and reinstall virtual systems on it ofter, during Cobbler testing many time a day! There in lies the issue with the ever changing sshd(8) host keys, ever editing your ~/.ssh/known_hosts file. But fear on, simply add:

Host host-with-ever-changing-key-here
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null  
  

to your ~/.ssh/config file and it will never bother you again, somebody might be spying on you, but that is as different issue.

gvim(1) and Fonts

At a users request, I yum install vim-X11 xorg-x11-xauth on a headless CentOS 6.7 server, then ssh -X into the server and:

$ gvim
E665: Cannot start GUI, no valid font foundE852: The child process failed to start the GUI

DuckDuckGoing (and later Googling) the error has me trying all sorts of weird set guifont= all to no avail. GNU emacs(1) works fine! Finally, to get it to work: yum groupinstall "Legacy X Window System compatibility" and all worked. Hopefully some search engine will find this and save others some time.

The emacs provided with CentOS 7 seems to depend on the fonts gvim-X11 should also depend on, so there simply yum istall vim-X11 xorg-x11-xauth emacs should do the trick.

Running svnserve(8) on CentOS 7 with Encryped Passwords

I temporarally disabled SELinux with the setenforce(8) command, I hope to revisit this issue later but as I'm only testing I don't deal with it here.

Packages

Steps

  1. # mkdir /var/svn

    This location can be changed in the /etc/sysconfig/svnserve file. The default settings seem to store repos as the root user.

  2. # cd /var/svn; svnadmin create buggles

    This is where buggles is the name of your repo. You can put more this one repo in the /var/svn diroctory, each gets configured separately.

  3. Edit the /var/svn/buggles/config/svnserve.conf to have the following section:
    [sasl]
    use-sasl = true

    You might want to comment out the password-db option too.

  4. In the same file, modify the realm option to have no spaces.
  5. Futz with /var/svn/buggles/config/authz too.
  6. Create an /etc/sasl2/svn.conf file that looks like.†
    pwcheck_method: auxprop
    auxprop_plugin: sasldb
    sasldb_path: /etc/subversion/sasldb
    mech_list: DIGEST-MD5
  7. # saslpasswd2 -c -f /etc/subversion/sasldb -u realm sven

    Where realm is the realm entered in the svnserve.conf file and sven is the username. It will propt you for a password.

  8. # systemctl start svnserve

    And it should work.