for i in 2046 3072 4096 6144 7680 8192 ; do ssh-keygen -G moduli-$i.candidates -b $i ssh-keygen -T moduli-$i -f moduli-$i.candidates done mv /etc/ssh/moduli /etc/ssh/moduli-normal cat moduli-* > /etc/ssh/moduli systemctl restart ssh.serviceThis should give me brand-new primes, used only by me. So even if 'bad people' spend a lot of time and money hacking the 20 odd 2048-bit primes distributed with ssh, I would be ... higher on their target list?
Then I waited until this monday, and this because after-sales support from the local Apple dealers sucks. They normally need to send back the phone and you're often for weeks without a phone, uncertain what exactly will happen. Exactly why this sorry state exists is a bit of a mystery.
This Saturday the Apple shop in Brussels opened and yesterday I went to repair the phone. A quick 'Oh, that really shouldn't happen. We'll replace it' later and I've got a new, working iPhone 5.
Seeing the number of people coming into the shop on a Monday morning, I expect the local Apple dealers to ... suffer.
My wife thinks that I'm having a mid-life crisis, my colleagues say that this doesn't have enough young women or horsepower to be a proper mid-life crisis. I just think that I'm enjoying my lower weight and increased possibilities. And having a lot of fun ;)
So after our son took up sailing in the summer, I felt free to restart this hobby which I only interrupted temporary for ... 30 years.
We found a nice club which is not so close but cozy: WVD Mechelen and started a course on Saturday for adults. A beginners course as I forgot everything there is to know about sailing. We're with a few people on a Laser 16 and this is great fun.
To get there I thought of cycling. I maybe underestimated this, the distance is about 21 km (13 miles for the colonials) but the 'total climb' so height to overcome is 94 meters (308 ft) going, and 101 meters (331 ft) for the return trek.
My average speed sucked (16.7 km/h (10.3 miles/h) and 14.3 km/h (8.9 miles/hour)) and my legs are _still_ feeling without power. I hope this will improve after a bit of practice
However the path itself is one of the 'fietsknooppunten route' (Belgian invention so the link is in Dutch) so it's very nice, safe and calm. With impressive bridges to cross:
He was thinking of a program to write. I'm more a KISS person, why waste time writing a program when brute force will do just fine.
We have two files a and b:
pevaneyn@mac-book:/tmp :) $ cat a 1 2 3 4 5 pevaneyn@mac-book:/tmp :) $ cat b 1 2 3 4 5 7 8
We want to see the lines in b which are not in a:
pevaneyn@mac-book:/tmp :) $ cat a b | sort | uniq -u 7 8
So we take the two files, sort then and then print the unique lines.
But what if there are also unique lines in a which we don't need? So let's add a line to 0 which we do not want to see in the output:
pevaneyn@mac-book:/tmp :) $ cat >> a 0 pevaneyn@Pmac-book:/tmp :) $ cat a b | sort | uniq -u 0 7 8
How do we remove this 0?
A trick is to include a twice, then a line in a will never be unique:
pevaneyn@mac-book:/tmp :) $ cat a a b | sort | uniq -u 7 8
I used a similar method today to find which interface gave the CRC errors...
In the past I used gnuplot but as I wanted to interactively investigate the data I wrote a GUI browser in Clojure. This was relatively easy and fast enough.
The plots look fantastic and are really what I need. So I make my first html5 like page and tried it.
At first I thought that something was wrong. If I do this plot with gnuplot I get:
$ time gnuplot plot.gnuplot real 0m0.818s user 0m0.608s sys 0m0.209s
In Safari it took 22 minutes, while showing a beachball all the time, to plot this data. Chrome and Firefox do it quite a bit better at only two minutes, but still... not subsecond is it? Using the 'canvas' html5 terminal in gnuplot produces 14M html file which only takes something lik 20 seconds to get drawn in all browsers.
But I must admit that the default look and interactivity of dygraph is lightyears ahead of my gnuplot settings...
In fact my only gut reaction on walking the street and the office was more of 'there are a lot of Indians here' (doh!). I seem to be pretty used to seeing Indians in the street in Antwerp, it's just the number which is surprising my unconscious mind.
The streets, and traffic chaos, remind me a lot of the more busy areas in Naples, I keep expecting to see a volcano on the horizon.
But a bigger shock for me was in store: Over the weekend I went shopping and while in Europe we seem to have 'tanned' models in adds, over here they go for the vampire look. All the adds seem to employ westerners, and very pale people at that, in fact most of them look sickly pale to me.
Who knew that the 'geek who shuns daylight' look would be fashionable over here ;)
It started off as a pretty normal dream involving a hidden base where we lived, with an alien space ship inside of it. The main part was that it was well protected about the rain ;). (It rained a lot here yesterday)
Then it went a bit Casablanca on me because another space ship case to visit the base. The avatar of that ship talked with the alien ship and after a while complained that they were discussing in 'greed'. The alien ship replied that 'greed' was an exact language leaving no ambiguities, like Marain. The avatar replied that indeed 'greed' was almost as exact and well specified as Marain, but that the core of 'greed' is about what you wanted and it limites the possibilities. Marain on the other hand talked about what was possible and the infinite possibilities out there.
Then I realised I was dreaming a Culture novel, and irritatingly woke up.
All in all not bad, certainly better then 2312 but technically not so good as Redshirts.
Now reading Captain Vorpatril’s Alliance and it's gripping.
The story did not capture me, I could frankly not care less about the characters. Finishing it was a chore. I was having the impression of reading a bad version of AADB but without the humor, joy and captivating story.
In Debian it would go below 'further discussion' :(.
Now reading Throne of the Crescent Moon by Saladin Ahmed, which even if it is more fantasy then SF for now caught me already and I really want to find out what happens next.
I started with Redshirts from John Scalzi. Now I like Scalzi, I got Old Man's War in a previous Hugo voter packet and bought a few other books in that series.
However Redshirts is not doing much for me. It feels a bit like professional fanfick, which it is in some way. It is very funny to read and to find the references but in some way it left me unsatisfied.
Next up: 2312 were I am still waiting for it to hook me after ~30% read, which is not a good sign :(.
For the people who have not seen me recently: I used to weigh 50% more 6 months ago, my cholesterol levels also went from 'Borderline high risk' to 'good'.
I'm almost at the magical BMI of 25, only a few more kilo's.
So what is my secret?
Well I did what our great leader showed us: I followed the pronokal diet.
To be honest the main advantage of this over Fitness for Geeks or the primal approach is that it is done under doctors supervision and with pre-packaged meals which make the break from your previous diet easier.
The main point is: sugar is bad very bad for you. All carbohydrates are not good, and cutting them to <100grams/day does wonders.
For the visually inclined there are nice and very funny videos like Bit Fat Fiasco or a faster intro is Tom Naughton talking why people ignore normal diets.
My main problem now is to replace my clothes as they all are several sizes too big now, even the ones I got a month or two ago. That and getting a new user icon and directory picture ;)
And this weekend we helped move the brother in law from Jette to the much more rural Pont-à-Celles, which given the old place was on the 5th floor was quite an enterprise.
Fitbit claims I walked 9.5 km, did 12800 steps and climbed 68 floors. My arms still hurt....
I tried hard to get into the FreeBSD way of things and I cannot complain about the stability of FreeBSD or ZFS for that matter. The problems mainly are:
- the endless recompiles. The time to recompile is not the problem, the problem is that portmaster first stops the running daemons. Then it starts the recompilation of all needed programs. Which means that if a compilation of a random package needs manual intervention and I'm not watching the screen the DHCP leases of devices on my network expire and they lose internet connectivity...
- the limited support for library updates. Updating means reading /usr/port/UPDATING every time and sometimes fixing stuff by hand. This is interesting as a learning exercise, but my aim is to spend as little time on maintaining my system as possible
- overwriting my config. I've taken to putting /etc/ and /usr/local/etc in git because upgrades randomly seem to nuke my configuration
- strange problems with a serial over USB card reader. The card would not read correctly, it works in Linux and OSX but on FreeBSD the data returned is just wrong. So that's running on the Raspberry Pi at the moment.
- Some programs are not available for FreeBSD like Plex which I wanted to run.
All in all I think that Debian just fits my way of working much better. I like FreeBSD but I think the userspace needs significant work, so I think Debian GNU/kFreeBSD could be interesting for me, bar the problems with the hardware support and commercial software.
In short I hope to move to a Debian unstable setup using ZFS-on-linux to keep the fantastic advantages of ZFS. Maybe in a few years BTRFS will be stable and I'll move to that.
So in the next few days I hope to report how I moved my 2 disk ZFS mirror under FreeBSD to 2x2 disk ZFS mirror under Linux. Hopefully without backup-restore cycle.
Which is rather irritating if you are 45 minutes into a 1 hour podcast.
In the last few days I found a solution:
- unlock the ipod touch
- go to the music player, select the podcast
- go back 30 seconds (to not lose a few seconds)
- click 'play'
- attach the ipod touch to the car
there will be a few seconds of silence and then it will continue to play via the car at the right position.
We put some chemicals in and hoped that this would work. It did not. A few days later at dinner a heard a noise and a bit later water was rising in the garage.
Calling the really nice ex-owner we discovered that the 'brown water' from the toilet goes into a septic tank from there it goes into a trap together with the 'grey water' (kitchen, bathroom and rain water). He told us the problem is most likely a blockage in that trap as it also has a filter to keep the animals out.
He helpfully also told us it was in our front garden. 1 meter (~ 3 feet) down.
So we dug in the mud and found it. On my belly in the mud with my head in the hole I opened the inspection lid. 'Water' came out in a jet, with the liquid rising rapidly I just managed to close the cover before it reached me.
This was the moment I called in the professionals. Who told me that they needed access to the trap and septic tank. So over the weekend I dug a hole 1.5 by 1 by 1 meter in our front garden. By then the level of water had gone down so I could already remove most of the junk from the trap. It was mostly soap, hair and other small waste.
On Monday the specialists came with a trunk-powered liquid vacuum cleaner, sucking out the trap and the septic tank. The friendly guy also told me of the existence of extension tubes so that you can clean the trap every few months. Something that I will do religiously from now on....
pevaneyn-mac:wireshark pevaneyn$ traceroute v4.fr.ipv6-test.com traceroute to v4.fr.ipv6-test.com (126.96.36.199), 64 hops max, 52 byte packets 1 188.8.131.52 (184.108.40.206) 6.215 ms 0.282 ms 0.244 ms 2 ge.ar1.brucam.belnet.net (220.127.116.11) 0.350 ms 0.325 ms 0.365 ms 3 10ge.cr2.bruvil.belnet.net (18.104.22.168) 1.143 ms 0.964 ms 0.994 ms 4 ovh.bnix.net (22.214.171.124) 2.396 ms 1.900 ms 1.942 ms 5 rbx-g2-a9.fr.eu (126.96.36.199) 5.712 ms 4.725 ms 4.794 ms 6 rbx-2-6k.fr.eu (188.8.131.52) 10.489 ms 15.149 ms rbx-1-6k.fr.eu (184.108.40.206) 50.591 ms 7 rbx-26-m1.fr.eu (220.127.116.11) 4.448 ms rbx-26-m1.routers.ovh.net (18.104.22.168) 4.754 ms 4.996 ms 8 eight.t0x.net (22.214.171.124) 3.950 ms 3.975 ms 4.067 ms pevaneyn-mac:wireshark pevaneyn$ traceroute6 v6.fr.ipv6-test.com traceroute6 to v6.fr.ipv6-test.com (2001:41d0:1:d87c::7e57:1) from 2001:6a8:1100:beef:114f:fb76:XXXX:XXXX, 64 hops max, 12 byte packets 1 2001:6a8:1100:beef::1 0.558 ms 0.674 ms 0.507 ms 2 2001:6a8:1000:800f::1 0.370 ms 0.414 ms 0.393 ms 3 10ge.cr2.bruvil.belnet.net 1.106 ms 1.112 ms 1.034 ms 4 ae0-200.bru20.ip6.tinet.net 1.620 ms 1.572 ms 1.523 ms 5 xe-2-1-0.ams20.ip6.tinet.net 6.063 ms xe-5-2-0.ams20.ip6.tinet.net 5.999 ms xe-8-1-0.ams20.ip6.tinet.net 6.002 ms 6 * * * 7 * * * 8 * * * 9 fra-5-6k.de.eu 25.602 ms * 30.531 ms 10 rbx-g2-a9.fr.eu 31.890 ms 27.448 ms 26.656 ms 11 rbx-1-6k.fr.eu 29.996 ms rbx-2-6k.fr.eu 33.715 ms rbx-1-6k.fr.eu 26.735 ms 12 2001:41d0:1:d87c::7e57:1 25.498 ms 31.873 ms 30.815 ms
So a trip around Europe. But IPv6 needs not be slow:
pevaneyn-mac:fosdem pevaneyn$ traceroute6 www.debian.org traceroute6: Warning: www.debian.org has multiple addresses; using 2001:858:2:2:214:22ff:fe0d:7717 traceroute6 to www.debian.org (2001:858:2:2:214:22ff:fe0d:7717) from 2001:6a8:1100:beef:114f:fb76:XXXX:XXXX, 64 hops max, 12 byte packets 1 2001:6a8:1100:beef::1 0.640 ms 1.731 ms 0.607 ms 2 2001:6a8:1000:800f::1 0.491 ms 0.356 ms 0.387 ms 3 2001:6a8:1000:2::2 0.442 ms 10ge.cr2.bruvil.belnet.net 1.081 ms 0.989 ms 4 10ge.cr1.brueve.belnet.net 1.979 ms 10ge.cr1.brueve.belnet.net 1.718 ms 1.479 ms 5 20gigabitethernet1-3.core1.ams1.ipv6.he.net 4.766 ms 8.460 ms 7.190 ms 6 10gigabitethernet1-1.core1.fra1.he.net 16.977 ms 20.783 ms 11.835 ms 7 ge2-19-decix-ipv6-c1.ix.sil.at 70.823 ms 42.928 ms 45.012 ms 8 2001:858:66:203:215:2cff:fe8d:bc00 27.416 ms 26.934 ms 28.561 ms 9 ip6-te1-4-c2.oe3.sil.at 26.776 ms 26.413 ms 26.856 ms 10 2001:858:66:22c:217:fff:fed4:6000 27.156 ms 27.472 ms 26.778 ms 11 englund.debian.org 27.211 ms 27.641 ms 27.823 ms pevaneyn-mac:fosdem pevaneyn$ traceroute www.debian.org traceroute: Warning: www.debian.org has multiple addresses; using 126.96.36.199 traceroute to www.debian.org (188.8.131.52), 64 hops max, 52 byte packets 1 184.108.40.206 (220.127.116.11) 0.619 ms 0.254 ms 0.255 ms 2 ge.ar1.brucam.belnet.net (18.104.22.168) 0.432 ms 0.385 ms 0.448 ms 3 10ge.cr1.brueve.belnet.net (22.214.171.124) 1.153 ms 1.557 ms 0.951 ms 4 nl-asd-dc2-ias-csg01.nl.kpn.net (126.96.36.199) 5.608 ms 5.442 ms 10.251 ms 5 * * * 6 ffm-s1-rou-1021.de.eurorings.net (188.8.131.52) 38.019 ms 37.926 ms ffm-s1-rou-1021.de.eurorings.net (184.108.40.206) 39.953 ms 7 ffm-s1-rou-1022.de.eurorings.net (220.127.116.11) 40.075 ms ffm-s1-rou-1022.de.eurorings.net (18.104.22.168) 38.180 ms ffm-s1-rou-1022.de.eurorings.net (22.214.171.124) 42.755 ms 8 mchn-s1-rou-1022.de.eurorings.net (126.96.36.199) 33.019 ms 33.211 ms 37.045 ms 9 wien-s2-rou-1002.at.eurorings.net (188.8.131.52) 39.827 ms 37.795 ms 39.839 ms 10 wien-s2-rou-1041.at.eurorings.net (184.108.40.206) 37.581 ms 37.633 ms 39.505 ms 11 sil.cust.at.eurorings.net (220.127.116.11) 37.654 ms 35.650 ms 35.521 ms 12 englund.debian.org (18.104.22.168) 38.009 ms 38.124 ms 40.628 ms