Blog

MySQL has supported TLS for TCP/IP connections for some time now, but there are a number of subtleties involved in getting it working. If you need to allow remote access to your databases, you really ought to be using TLS to protect your login details and any confidential data that might be transferred. Here are the various steps required to enable TLS in MySQL on Debian and Ubuntu. Note that MySQL still refers to everything as SSL, but it’s more correct to call it TLS as SSL is deprecated these days. The same instructions also ought to work for MariaDB.

At some point in the last few months, ProFTPd stopped working on several of the servers we maintain. Since it was working before, we didn’t change any of the configuration files, and it stopped working on several servers independently, I’m guessing that this was due to a change in the default config of ProFTPd, or at least the Debian Jessie version of ProFTPd. There’s an easy workaround but not a real solution at time of writing.

There is a lot of conflicting advice out on the internet about how best to construct an email with attachments using standard Python libraries. None of it explains why to do things in certain ways. Here is a definitive, tested bit of code that will create an email with attachments that will work correctly. I’m posting it here so I don’t need to spend any time working it all out again!

In this post, I describe how to install and configure mailman for a virtual host on a Debian Jessie server using Apache, Postfix and SpamAssassin. Instructions on how to do this are in various places on the internet, but I didn’t find anywhere that collected all the different pieces together. These instructions should also work for Ubuntu.

Windows versions prior to Windows 8 cannot view the content of CD/DVD images such as .iso files without the use of an external program. A long time ago I used to use a free program called Daemon Tools to open/mount CD image files. Nowadays there are several alternatives out there, but nearly all of them seem to have issues on Windows 7. Old versions of Daemon Tools don’t work. Newer versions allegedly include browser toolbar spyware, as do most other free alternatives.

Here’s how to encrypt a single file using a password and a salt:
openssl aes-256-cbc -salt -in filename -out filename.enc -base64
Type a strong password when prompted.

Here’s how to decrypt the same file:
openssl enc -d -aes-256-cbc -a -in filename.enc -out filename
You’ll need to re-enter the passwod that you used to encrypt it.

If you want to encrypt multiple files, combine them into a tar or zip archive before encrypting them.

Building a small Linux cluster is a lot simpler than I thought it would be. That said, there are a number of snags and pitfalls along the way, and it’s hard to find a comprehensive and up to date set of instructions online. There are also different approaches, either doing everything manually or using a system such LTSP. This post describes my experiences setting up a cluster manually.

After spending a long time trying to work out why some pings were randomly dropped between hosts on different segments of a virtual LAN connected by a transparent IPsec VPN tunnel, I discovered that the MTU for the underlying connection on both ends of the VPN should be set the same. The default for ADSL is usually 1492, whereas 1500 is frequently used for other connection types such as cable or fibre. When I changed the settings at both ends to 1442 (allowing some overhead for IPsec) then the random ping loss stopped.

This particular quirk of Python has been discussed in various places before, but I think it bears repeating as it’s different to the behaviour that you might intuitively expect and consequently catches a lot of people out when writing class methods. When declaring a function or a class method, any default arguments are only evaluated at the point when the function is declared, not when the function is called. For mutable default arguments such as lists or dictionaries, this has the effect of making them static. Consider the following example:

I just spent a couple of hours debugging something really counterintuitive, where PHP’s print_r seemingly told me that an array had different content to the content that the same array contained according to a foreach loop. Consider this slightly contrived example code: