Tadeusz Pietraszek

© 2004-2007 Tadeusz Pietraszek

Archive for October, 2006

Tadek’s new mobile: 076 394 2998

Wednesday, October 25th, 2006

After more than 6 years with my current S35 (and something like 3 years with a crappy Orange prepaid card) I purchased a proper mobile (K800i) with a contract. Personally, I’ve been reasonably happy with my old mobile, in spite of Annie’s hostility towards this seemingly innocent device (this may have something to do with the high-pitched sound it produces when the battery dies in the middle of the night) and friends’ teasing remarks (my favourite is: “Noooooo, I can’t believe your mobile is SIX years old!”… I wonder what they would say knowing how old my car is…), but I will definitely benefit from things like a built-in 3MPix camera, Bluetooth or Edge for data transfer.

More importantly, my new mobile number has changed and is now __076 394 2998__ (__076 FYI AXYU__). My current mobile 078 857 3165 is no longer valid.

As a final remark, I got a [sunrise relax plan](http://www.sunrise.ch/privatkunden/mobiltelefonieren/mob_angeboteundpreise/mob_abonnemente/fuervieltelefonierer/relaxbasic.htm), which means that I am charged by hours (something like 0.49CHF/hour or 0.05CHF for <5s) when making calls to the sunrise network or fixnet. Therefore, if I’m calling your sunrise or fixnet, I might be either extremely talkative or very succint. If you have another mobile, the latter is far more likely ;-)

Posted in Personal | 1 Comment »

Restricted shell account (SSH and Subversion)

Wednesday, October 18th, 2006

While trying to set up a restricted shared shell account for SVN access I read about an interesting feature of OpenSSH. From [this section of the SVN manual](http://svnbook.red-bean.com/en/1.1/ch06s03.html) I learned that svn supports the following syntax in `$HOME/.ssh/authorized_keys`

command=”program” TYPE KEY COMMENT

Program is a command that will be executed instead of a shell when connected and it also supports different configuration options. For example, if you want the account to be really restricted you may want to pass the following options `no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty`. In my case, I used the following line in the configuration file:

command=”/usr/bin/svnserve -t –tunnel-user=tadekp -r /var/lib/svn/svncommon”,no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-dss AAAAB3N…. tadekp@server

Just a few points to remember:

* many commands can execute shell internally, watch out for these
* the command can modify authorized_keys file, the best way to prevent it is to make it read only on the filesystem level

Posted in Linux, Tips&Tricks | 1 Comment »