[00:18] whoa: http://jack-shepherd.co.uk/experiments/Fake-Mouse-Cursor/ [00:53] Preparing to replace mysql-server-5.1 5.1.58-1ubuntu1 (using .../mysql-server-5.1_5.1.61-0ubuntu0.11.10.1_amd64.deb) ... [00:54] stuck in an endless apparmor loop :( [00:57] hrm... now hot to file that bug... *sigh* [00:59] jrwren: WHat's going on? [01:05] apparmor had rules for /var/run/mysqld/mysqld.sock instead of /run/mysqld/mysqld.sock [01:05] maybe apparmor stopped following symlinks? [01:05] /var/run is just a symlink to /run these days [01:06] and /run is tmpfs [01:23] greg-g: hah! awesome, thinks for the intro [01:23] rick_h_: no problem :) [01:40] ? [01:40] snap-l: sorry, side email [01:42] so what'd I miss today [01:42] I've been so afk due to grandfather I'm going nuts [01:43] rss feed over 500, work emails over 100...I'm just not used to these getting > 20 ah! [01:43] rick_h_: WEll, we've all switched to Linux Mint [01:43] rick_h_: The zombie apocalypse started [01:44] damn, about time [01:44] rick_h_: and Duke Nukem Forever released [01:44] no relation [01:45] wtf, google renames the market "play"? [01:45] That's like renaming Atari cartridges "tapes" [01:45] what if I want something for work? [01:46] Work is play [01:48] oh crap, apple event tomorrow? [01:48] I need a squid proxy that blocks on apple days [01:48] ayep [01:48] rick_h_: Just take your network down [02:10] oh really? (re: apple event) add another to the grumble my social networks will be worthless list [02:10] I guess, I should use these days to weed the worthless people/feeds from my social sphere :) [02:15] bah, stupid mysql differences causing migration failures :( [02:25] rick_h_: use postgresql [02:26] brousch: next up, but bookie runs on all three so working on getting the builds running on all three again [02:26] should have put that in #bookie, sorry [02:26] poop on the mysql users ;) [02:27] the new setup takes a bit more work to get the whole drop, migrate, etc running right for tests [03:52] http://www.rushisaband.com/blog/2012/03/06/3019/Rush-demands-Rush-Limbaugh-stop-using-their-music-on-his-show [03:52] <3 [04:00] an excellent gesture. [04:01] but he was sued years ago for use of music on his show and it is covered by fair use. [04:01] likely the rush will be the same way [04:01] even still... awesome that rush is taking their stance. [04:01] So is Peter Gabriel [04:02] told JoDee that it'll be amazing if Limbaugh is on terrestrial radio in a month [04:02] oh hell no. [04:02] have you not paid attn? [04:02] this happens every 3-5 yrs.... its how rush keeps himself known. [04:03] MORE people will be tuning in because of htis. [04:03] it keeps his ratings up. [04:03] Yeah, but this is his Imus moment [04:03] you think so? [04:03] Yeah, I think so [04:03] damn, i forgot what happened to imus. [04:03] i hope you are right. [04:03] Nappy haired [04:05] Although I think CBS just wanted to get rid of him [04:05] He's apparently on ABC. [04:06] http://www.huffingtonpost.com/2012/03/05/don-imus-rush-limbaugh-sandra-fluke_n_1321016.html?ref=politics&ir=Politics [04:06] Bwahahahahahaha [04:08] i actually feel a little bad for imus. [04:09] if most people weren't racist then imus would have gotten away with it... or else so many others who do the same thing, but are of other race would be held accountable. [04:09] rush on the ohter hand... he is just a ratings whore, or rating slut if you like, and deserves what he gets. [04:09] I think pepole were just looking for a reason to pull him off the air [04:09] (Imus) [04:10] I have no problem seeing Imus taking over for Art Bell's Coast to Coast. [04:10] He's got crazy crackpot down pat [04:10] never heard of it. [04:10] oh fuck [04:11] it's all UFOs and 9/11 conspiracies. [04:11] hahahahha [04:11] http://www.youtube.com/watch?v=ee3bld4lTG0 <- Most famous [04:13] zomg it must be true! [04:13] does he call them anunaki? [04:13] any relation to Lam ? [04:13] Gah, I fucking hate Zechariah Stichin [04:13] who dat? [04:14] http://en.wikipedia.org/wiki/Zecharia_Sitchin [04:14] ah right. [04:14] but its so much fun. [04:14] 12th planet. [04:14] Fuck Ancient Aliens. [04:14] anunaki & igigi at wor [04:15] don't you always watch ancient aliens on TV? [04:15] I have [04:15] and I want to punch the TV every single time [04:15] lol [04:15] i know it is true ;p [04:15] https://encrypted.google.com/search?q=l+ron+hubbard&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:unofficial&client=firefox-aurora#hl=en&client=firefox-aurora&hs=f4T&rls=org.mozilla:en-US%3Aunofficial&sclient=psy-ab&q=l+ron+hubbard+and+aleister+crowley&oq=l+ron+hubbard+and+al&aq=0&aqi=g1g-v2&aql=&gs_sm=3&gs_upl=2393l3478l0l4372l9l7l1l0l0l0l206l1003l0.6.1l8l0&gs_l=serp.3.0.0j0i15l2.2393l3478l0l4372l9l7l1l0l0l0l206l1003l0j6j1l8l0.llsin&pbx= [04:16] see! [04:16] wtf? [04:16] summoning lam? [04:16] https://encrypted.google.com/ [04:16] http://www.mt.net/~watcher/crowleyhubbard.html [04:18] Yeah, they're both crackpots [04:18] i read it on the internet, so it must be true [11:30] morning [12:18] wtf, I'm about to leave and it's warmer here than santa clara [12:37] Welcome to Michigan [12:55] I really, really hate /opt [12:57] ? why is this? [12:57] because /opt is under / [12:57] and / is a small partition [12:57] oic [12:57] and it seems there's a lot of things that like to live in /opt [12:58] so, moved everything from /opt to /usr/local/opt and made it a symlink [12:58] right [13:17] jodee looks crazy https://plus.google.com/photos/117777908934895049975/albums/5716764349446204721 [13:18] she must have found the other bug [13:18] like she is plotting snap-l's death [13:19] i like how the labelmaker is in front of her so it looks like she is debugging that [13:25] brousch: Hah [13:25] snap-l: is she feeling better? [13:26] Yeah, she's better now [13:26] was a function of the pizza she ate. [13:27] good [13:28] Apparently Super Tuesday showed that we're in for more campaigning [13:29] maybe they could duck-tape Romney and Santorum together [13:31] and throw them in a volcano? [13:31] Well... ;) [13:32] hm, then we're left with ron paul and newt. maybe that's not a good choice [13:34] Well, ROn Paul is going to go back to being an intependent. [13:34] count on it [13:35] you think he will run as an independant when he doesn't get the repub nomination? [13:35] There's too many potheads out there for him not to keep running [13:36] i used to be a libertarian [13:36] brousch: Put another way: do you know who the libertarians are running? [13:36] heh [13:36] He has a better chance as a libertarian, frankly [14:05] http://solutions.3m.com/wps/portal/3M/en_US/ergonomics/home/products/ergonomicmouse/ [14:06] ok, I want to have a flight joystick as my input mechanism [14:06] one step closer to being a 'rocket scientist' [14:09] more like space cadet. ;) [14:10] http://en.wikipedia.org/wiki/Space-cadet_keyboard [14:10] heh [14:11] Also, using a joystick in place of a mouse is a real PITA [14:12] Even if you just slide it around your desk [14:12] your wrist has more fine motor positioning than your arm [14:12] but but it's soooo cool! [14:13] "zoooooommmmmmmm, flying into the upper right corner terminal for textual entry!" [14:13] rick_h_: Which is why we've all switched from moving rocks with buttons on them [14:13] I prefer to spin my ball-rock in place :P [14:13] Also, I think people underestimate how much they use their fingers to move a mouse. [14:20] good morning [14:21] jrwren: howdy [14:36] jrwren: Good morning [14:38] I have the window open just a titch at home [14:39] Ahhhhhh [14:39] * snap-l is looking forward to airing out this place. [14:40] anyone use StackExchange sites much? [14:40] There's about eleventy billion of them [14:41] and at least ten billion are at least somewhat of interest to me [14:41] hwo the hell am I supposed to check on them all? [14:41] ColonelPanic001: quit your job [14:41] ironically, I was just glancing at the "Personal Productivity" site [14:42] 4 srs, though [14:43] ColonelPanic001: don't [14:43] ColonelPanic001: You can have it e-mail you a summary of tags that you care about [14:43] rick_h_: you at pycon yet? [14:44] but frankly, unless you are seriously into a particular tag, you'll get flooded [14:44] ie: do you care about 140 python questions? [14:44] this just seems like a very dumb thing. 84 sites, many of them with huge overlap (programmers and stackoverflow, e.g.), and there's no way to get an aggregate? [14:44] right [14:45] so if there's ten sites of interest to me (and that's not hard to do), I have to check ten damn sites every time. [14:45] ColonelPanic001: What I do is put each of the sites that I care about into a bookmark folder, and then open all of them when I want to just see what's going on [14:45] yeah, that might be what I'll do [14:45] Tehy're not reddit. Don't treat them like that. :) [14:45] how dare you. [14:46] I would never betray my beloved reddit. [14:46] brousch: no :( leave tomorrow afternoon [14:46] getting things ready [14:47] ColonelPanic001: so I hit a couple up, and use the rss feeds for the tags I'm interested in [14:49] ColonelPanic001: yea, just start with some tags on stack overflow and grow from there [14:50] http://english.stackexchange.com/ [14:50] I am going to waste far too much time there [14:50] hah [14:52] http://history.stackexchange.com/ [14:52] that one, too [15:01] keep abreast of pycon https://pycon.disqus.com/ [15:01] widox: quit trying to make php work and just move to python :) [15:01] rick_h_: :D [15:50] Bruce Schneier is going to be at Penguicon again? That's pretty rad, I missed him last time. [16:06] * rick_h_ google Bruce, doesn't recall [16:14] he is? Awesome [16:14] I dind't know that [16:15] think I'm just going to commute this year. It's maybe a 15 minute drive for me [16:15] as awesome as it is to stay at the con, I don't know that it's worth $200 to me [16:15] ColonelPanic001: sleep in your car [16:15] meh. 15 minutes away, I have a bed [16:16] the main downsides are: 1) drinking has to be minimal, 2) I can't just drop stuff off in the room, instead have to carry it around [16:16] but meh [16:20] wtf, is the version of npm in precise really 0.2?! [16:24] rick_h_: Node is seriously lacking in packaging === jjesse_ is now known as jjesse [18:33] damnit. i really have ssh keys [18:34] hate [18:34] ?!?!?! [18:35] * rick_h_ smacks brousch upside the head [18:35] GIVE ME PASSWORDS OR GIVE ME DEATH [18:35] ok, let me get my gun [18:35] snap-l: woot, 16gb card for the handy1: 25hr of recording ready to go (wav format) [18:36] rick_h_: Very cool! [19:46] how can you hate ssh keys? [19:46] they are the single best authentication mechanism in the history of mankind :p [19:47] this is what I think of passwords [19:47] PasswordAuthentication no [19:47] its what my sshd_config thinks of passwords too. [19:47] :p [19:48] jrwren: ftw! [19:55] jrwren: Me too [20:17] with a ssh key, how do you login to a server from a machine you don't normally use? [20:18] brousch: Please restate your question in the form of a sensible question [20:19] i have an android phone, an android tablet, a linux tablet, 2 laptops, 2 desktops and much more [20:19] i can use the same password from them, or spend my life dealing with keys [20:20] well you add each key when you first start using that device. It's a one time process [20:21] add each key on each server [20:21] still you do it once and then you're good .. password you have to do something each time [20:22] and when you're on that strangers box that key is a lot safer to use than your password + keylogger on that system. [20:22] how do i use a key from a "strangers" box? [20:22] what you don't have a usb key? dropbox + lastpass with 1 time use password? etc... [20:23] see, so now i have to keep track of all these keys in dropbox or something [20:23] you could even pre-generate that usb key so after you use it once you throw it away on the server in case they captured it or some crap [20:23] and use my password to login to dropbox [20:23] no use your lastpass 1 time use pass to login to dropbox [20:23] or mfa + google authenticator or what not [20:23] fml [20:24] so, this complication is why i hate keys [20:24] hey you want 1.) easy, 2.) secure, 3.) repeatable... pick any two [20:24] i can keep a password in my head and use it from anywhere, or i can wrangle keys and passwords through annoying mechanisms [20:25] passwords aren't for servers [20:25] sorry, but comparing how you access dropbox vs a machine is a bit different [20:26] i access a server from an ssh client. that could be putty from any one of our 25 windows machines [20:26] and you don't have a network share you've got access to on those 25 machines? [20:27] sure, if i want to login as another user so not everyone can access my share with keys [20:30] brousch: If youdon't want to go key-copying, put your key on a gateway machine, then [20:30] or even just net use share:// with your login at connection time? [20:30] win: ssh gateway > server [20:30] brousch: key == security + ease because you don't take easy password shortcuts [20:31] snap-l: and if the gateway machine is down? [20:31] brousch: Make sure it doesn't go down, or have a backup machine [20:31] brousch: You don't have to make this complicated. :) [20:32] it inherantly is complicated unless you login from the same machine all the time [20:32] So you set up several gateway machines, and rsync their credentials [20:32] not complicated. [20:32] :P [20:32] Then copy the authed keys [20:33] to the server [20:34] brousch: Do you have LDAP set up? [20:34] what it comes down to is i get incredibly annoyed when i can't login to my own thing with what is in my own head [20:34] no ldap [20:34] Bah, was going to make an excellent point if you had LDAP set up. :) [20:36] heh [20:37] you guys keep a copy of all of your keys in dropbox? [20:37] brousch: I don't. [20:37] I just generate new keys on new hardware. [20:38] how do you login to the server to copy the new key to it? [20:39] brousch: Well, if it isn't locked down, ssh-copy-id [20:39] otherwise, find a console [20:40] and once I have it set up, I disable Password logins [20:41] depending on your volume of keys/servers larger places will script key addition and removal from groups of servers. Makes it easy to retire potentially compromised keys etc... [20:43] also some places use lighthouse servers (management server with access to other servers) [20:43] you'd remote to the lighthouse, probably with two factor, then that has its key approved for all other ssh servers [20:43] sounds like snap-l's gateway server [20:44] that seems like it would be annoying for sftp [21:00] brousch: Yeah, sftp would be a pain in the cock [21:01] so it sounds like i need a better method of keeping track of keys and making them easily accessible to me [21:02] yes [21:03] it seems insecure to copy and move them around. like having my password stored in plaintext in a file [21:04] truecrypt/luks volume? [21:06] anyone played with alternatives to bind recently for secure/speedy caching nameserver? [21:08] i need a password to decrypt my encryption key files [21:08] krondor: I think I've just used dnsmasq before [21:08] krondor: but only for small local network stuff [21:09] rick_h_: thanks I'm looking at unbound, djdbns seems like it stalled. Maybe bind is the right answer after all. [21:09] krondor: yea, I mean bind's still used everywhere [21:09] unbound has yaml (ish) config though :) [21:09] http://askubuntu.com/questions/22750/best-way-to-set-up-dns-caching [21:14] my problem isn't with MY password adn account. [21:14] but without [21:14] PasswordAuthentication no [21:14] then my weakest point is the weakest password [21:14] dicitonary attack is easy. [21:17] Man, it is windy out there [21:33] if you're not going PasswordAuthentication no at least use denyhosts or something similar [21:38] krondor: that is what I did before i used that. [21:42] BTW: CHC tonight. 8pm edition [21:45] yeah, it's a good thing rick_h_ sent out that tweet, or I would have completely forgotten [21:46] rick_h_: thanks for the askubuntu link, that guy is asking for a pretty light setup though. I'm not sure dnsmasq is up to the task of larger networks. [21:51] do ya'll just easy_install virtualenv as root? [21:52] and if ya'll don't know, then rick_h_ ^^ :) [22:02] for that matter, pip or easy_install? [22:29] I've installed virtualenv ad root, but each of the environments created are under my user [22:29] Don't use the Ubuntu virtualenv packages, though, as they're older than irt. [22:30] http://www.doughellmann.com/projects/virtualenvwrapper/ <- also awesome. [22:30] and just to prove me wrong, I have both virtualenv and virtualenvwrapper installed as packages [22:30] like a BOSS. [22:32] ok. [22:33] i just downloaded virtualenv.py and ran it, so no ropriv escalation required at all. [22:33] that worked well so far. [23:50] jrwren: sudo apt-get install setuptools && sudo easy_install pip && sudo pip install virtualenv [23:50] jrwren: so I keep a set of main tools as root so they're system-wide [23:51] jrwren: like rst2pdf and some things, but http://paste.mitechie.com/show/561/ is system wide [23:51] jrwren: (that's output of sudo pip freeze)