Friday, December 6, 2013

Testing POP3 over SSL/TLS

Here I'm putting the necessary commands to connect to a POP3 server over SSL or TLS in both modes - pure SSL and STARTTLS. It's convenient sometimes for debugging to connect to a POP3 server on the command line to see what's going wrong. But it's not good to use an insecure connection or maybe you want to test exactly a secure connection.

So instead of telnet, here you use:
openssl s_client -host -port 995
For the STARTTLS variant:
openssl s_client -starttls pop3 -host -port 110

There you get the same prompt a telnet connection to plain 110 port would give you but running over a secure connection. BTW same technique can be used as well for SMTP, IMAP, HTTP or other connection you're testing on the command line. Nice and easy, no?

Wednesday, October 23, 2013

import .kml POI list in iGO8

A short note that sometimes iGO8 wont show .kml POIs stored in igo8/content/userdata/POI although it recognizes these files. It recognizes them because there are a couple of files created besides the original .kml in that location.

So to have the POIs appear into the device I had to go to manage POIs and then remove everything (including sub-categories) inside the "GPS devise" category.

After that .kml POIs started to work for me like perfectly.

Tuesday, September 17, 2013

Comparison of zip, bzip2, gzip and xz/lzma2

I ran a quick (or not so quick) test for comparing what would work best for me for compressing 751MiB of javadocs (for those not familiar - mostly html and text data).

See it here:
  19M Sep 17 16:16
  22M Sep 17 14:34 jdocs.tar.bz2
  42M Sep 17 14:02 jdocs.tgz
  15M Sep 17 15:38 jdocs.xz
 203M Sep 17 14:08

Or in bytes:
 18895980 Sep 17 16:16
 22483813 Sep 17 14:34 jdocs.tar.bz2
 43914931 Sep 17 14:02 jdocs.tgz
 15676572 Sep 17 15:38 jdocs.xz
211879004 Sep 17 14:08

  • for gzip, bzip2 an xz I used `tar` as a container
  • for zip, gzip and bzip2 I used -9 for compression option
  • for `xz` I used -9 -e as parameters; the fast variant had only -9
I can say  that xz uses an insane amount of memory and CPU time with the -e option so use only when size is awful important. Without -e it is at least 3 times faster.

I forgot to take `times` from each run. Sorry about that. I wanted to see how bzip2 compares with xz fast variant. My subjective judgment is that xz fast was faster.

In any case I thought somebody may find this info useful.

Thursday, August 1, 2013

bash - putting complicated strings/text into a variable

It is a usual practice to generate commands within a script and later execute them with eval. Or one simply want to put into a variable some weird string containing quotes and other special characters. To avoid having to quote or escape everything, just write what you want to see into the variable, here's a simple way to do it... looking at it seems so obvious but truth is I never thought about that approach before:
read -r myvar << "EOF"
STRING with quotes (') and other special characters like $ and ! and #
I came to it while trying to use sed to insert another sed command into a script. Here is how it ended up like:
read -r sed_cmd <<"EOL"
sed -i -e 's#<systemPropertyVariables#<systemPropertyVariables combine.children="append"#' testsuite/integration/*/pom.xml
sed -i -e "s%mvn%$sed_cmd\nmvn%"

gauthj2me vs LinOTP

Update: one of best TOTP j2me program out there is: totp-me. It is small enough to fit in older phones memory and is intuitive, easy to use and feature rich (sha1, sha-256, sha-512, multiple accounts, key generator). Use the below notes only if totp-me does not work for you for some reason.

Writing this to hopefully safe somebody's time trying to setup LinOTP with the gauthj2me soft token generator. There is no documentation on site so I had to look at the source to see how it works.
Why gauthj2me? It's only 34k and fits in even most constrained phone memory like old s40 nokias (tested on nokia 6070 with a 128k jar limit/ 150k installing from internet). Still it features sha1 which seems required for LinOTP TOTP setup. Thus it has a limit of 32 base32 digits (160bits). With more recent devices another alternative is lwuitgauthj2me which is more feature rich but over 220k. There seems to be another alternative - DS3 Oath which should also work based on their documentation. It is HOTP unlike gauthj2me which is TOTP (access number vs time based).

Anyways, here you find my quick notes on setting that up (shell commands for fedora 18):
# Download and install to phone
# go to LinOTP self service console -> Enroll TOTP
# enter seed in hex digits (see below), sha1, 30 seconds
# click on the button "enroll TOTP Token"
# go to Resync Token tab to sync and test your soft token

#  Prepare a base32 encoder (thanks to cjc)
yum install perl-MIME-Base32
cat > << "EOF"

use MIME::Base32 qw( RFC );

undef $/;  # in case stdin has newlines
$string = ;

$encoded = MIME::Base32::encode($string);

print "$encoded\n";
chmod 755

#  enable hardware enthropy sources
#  /funny how slow is random without a hw rng/
sudo systemctl enable rngd
sudo systemctl start rngd

#  generate ranndom 160bit key
# gauthj2me supports up to 32 base32 places (160bits)
dd if=/dev/random of=/tmp/key bs=1 count=20
# enter as seed in LinOTP management console
cat /tmp/key | xxd -ps
# enter this in Swarte Token Generator /that is PITA/
cat /tmp/key | ./