Enabling SSH2 for PHP in Solaris 11
My cousin Carolyn wanted a WordPress installation for her website 'radhumans.com' and needed to be able to upload themes and plugins. Being somewhat security minded I don't typically enable FTP on my servers, so I needed to figure out how to give WordPress an SFTP capability. There's lots of varying instructions out there for Linux, etc. I wanted to share what I did on my Solaris 11 host so that you might get there faster... I am assuming you already have Apache 2.2 and PHP5 installed and running using the Solaris packages.
First, install the dependencies:
Next, download, unpack, configure, compile and install:
gtar xvfz libssh2-1.2.8.tar.gz
./configure --prefix=/usr/php/
gmake
pfexec gmake install
Next, you use the PHP Pear framework to install the module:
Enter “/usr/php” as prefix, or whatever you used as a prefix for the configure command above.
Finally, place “extension=ssh2.so” in the modules section of /etc/php/5.2/php.ini, and then restart the webserver with svcadm.
Voila! WordPress will automatically pick up that SSH2 capability and make it available as an option when updating files.
Good luck!
IPv6 + tunnelbroker.net + Solaris 11
Are you like me and still wrapping your head around the fact that February 3rd, 2011, as well as being Chinese New Year, also marked the passing of the final IPv4 allocations to RIRs? This is perhaps the beginning of the end of the Internet as we knew it. If you don't already know about IPv6, it's probably about time you started learning. Here's everything you need to know about IPv6. Once you've got a background, then you will probably want to start experimenting, right? The problem is, most ISPs still don't provide IPv6 natively, so what can you do to get your feet wet? The answer? Tunnel it! The fine folks over at Hurricane Electric's tunnelbroker.net and sixxs.net have been dishing out IPv6 tunnels to the public for some time. And best of all, it's free!
Being an avid Solaris user and wanting to experiment with IPv6, I decided to dive in head-first. I personally chose to use Hurricane Electric's tunnelbroker.net. They provide a netblock allocation (or more) and tunneling instructions for most platforms, including Solaris. Unfortunately their Solaris information is dated and only sets up a temporary tunnel. If you also want to set up a IPv6 netblock tunneled over IPv4 from one of these providers and you want to terminate it on a Solaris 11 host then go ahead and allocate your tunnel and then consider the following commands on your Solaris 11 host:
$ pfexec ipadm create-if -t hurricane0
$ pfexec ipadm create-addr -t -T static -d -a local=2001:*:*:*::2,remote=2001:*:*:*::1 hurricane0/v6
$ pfexec ipadm up-addr -t hurricane0/v6
$ pfexec route -p add -inet6 default 2001:*:*:*::1
To remove the tunnel, you need to delete the interface and iptunnel and route that you've created:
$ pfexec dladm delete-iptun hurricane0
$ pfexec route delete -inet6 default 2001:*:*:*::1
This is all you need to know to get started. Once you've forged the tunnel and you want to test it but you don't have any IPv6 enabled friends, just ping Google's IPv6 host record:
PING ipv6.google.com: 64 data bytes
72 bytes from iad04s01-in-x93.1e100.net (2001:4860:800f::93): icmp_seq=0. time=164.825 ms
72 bytes from iad04s01-in-x93.1e100.net (2001:4860:800f::93): icmp_seq=1. time=164.680 ms
72 bytes from iad04s01-in-x93.1e100.net (2001:4860:800f::93): icmp_seq=2. time=164.546 ms
72 bytes from iad04s01-in-x93.1e100.net (2001:4860:800f::93): icmp_seq=3. time=164.803 ms
----ipv6.google.com PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms) min/avg/max/stddev = 164.546/164.714/164.825/0.129
Bingo! You're in. Welcome to the world of tomorrow! Come, your destiny awaits.
Before you start rambling around, IPv6 is different. If you are concerned about privacy, you must take steps to protect it, and understand why RFC4941 exists. In the new context it makes sense to leave your servers in a static spot, but you may want your client machines to have their addresses randomized to defend against folks that would capture address data and use it to track your machine. A new reality of IPv6 is that, unless your administrator is a masochist, there is typically no longer a NAT to keep your client machine information private.
On your Mac client machine, you can do this to activate the temporary randomized IPv6 address:
$ sudo reboot
Enjoy and let me know if you find out anything interesting along the way.
mp3packer – solaris or mac osx
After seeing this WinMP3Packer post on LifeHacker, I thought that would be neat to try, but I don't run Windows. My primary platform is Mac OS X, and my primary data storage platform is OpenSolaris (albeit a dead man walking). I store the majority of my MP3 collection in a ZFS filesystem, and a subset is active in an iTunes library, so I needed to compile mp3packer from source on both platforms for maximum flexibility to see if I could gain any lossless efficiencies by eradicating useless bits from CBR encoded files.
In order to make it easier for you if you've found this post, I've included binaries for the latest version of MP3Packer (1.21) software for both Mac OS X & OpenSolaris.
I've smoke tested these by running them on other Mac hosts (other than compile host) and a Solaris 10 host as well, and they seem to work fine. Let me know if you have any issues.
Haven't actually processed any files yet, but I'll try that after work today.
The march of progress: FM radio stumbles over cable, and onto the Internet.
We're wrapping up a civic holiday long weekend here in Ontario, something we call Simcoe Day here in Toronto. Some beautiful weather and some quality relaxation time with the family. I, along with my wife and kids, spent the weekend in Belleville to get some quality face time with the (grand)parents.
Being the technophile of the family, my father-in-law decided to present me with a problem that had been stumping him. Joe & Sherry both enjoy Jazz FM, and in recent weeks, they could not seem to tune it in any more.
Bzzzt...
Sherry said there is nothing but noisy static and posited that the radio itself was broken and to blame, and Joe wasn't sure, but tended to agree with Sherry (as he should I suppose).
I was more of the mind that this class of device rarely breaks spontaneously, and by the description, the radio station had a strong signal and they had not moved or changed anything about the device before or since having issues with the signal. I rolled up my sleeves to see what we could see. What I found was a typical stereo, about 10 years past sale date, and there was nothing at all wrong with it. The problem seemed to disappear when one removed the coaxial cable that was attached to the antennae input on the back of the device. The Jazz station did not come in, but the static disappeared and the local mixed rock station came in loud and clear. To me this meant that Joe had been taking advantage of the cable system's rebroadcast, and this was confirmed by Joe. He had all but forgotten that he had been doing so for years. It was a value-add service included in the monthly fee Joe had been paying to the local cable provider, Cogeco Cable.
We did some quick process-of-elimination steps to ensure that the coaxial cable still had a valid signal, and looking back, we probably could have accomplished that more quickly by simply moving a television to that room, but that is hind-sight... you know. Joe made a quick call to Cogeco and it turns out that they had quietly discontinued the FM rebroadcast service around precisely the time Joe and Sherry lost the ability to tune in. I assume that this is because of the wholesale transition to digital signal, and the guy on the phone suggested the same... The solution, rent another digital box to attach to your stereo in order to get the music stations on rebroadcast. Besides, he said, nobody uses that FM service anyway. 
While this isn't news as it has been happening throughout North America over the past few years, it is still ridiculous to me, and I think Joe feels the same way. I'm not a cable technician, so I have no idea what they intend to do with the 87.9-107.9Mhz band of the spectrum on coax, but it seems to me that putting yet another digital decoding device in-line to replace what was a perfectly usable FM tuner is laughable. We all understand why they would want and need to do so for high-value video and interactive services, but good old stereo FM hasn't changed since it was ratified as a standard in 1961, and putting a digital transition in the middle doesn't improve much but the cable company's bottom line.
I'm sure that this problem is equally laughable for the recent generations; some of whom would likely never have used an FM radio except for the fact that it's integrated into their iPod Nano. There are some people still listen to the radio, it's crazy, I know. It is easily consumed, advertiser supported, local content that is relevant to those who choose to tune in.
The cable company is moving forward with their digital technology path and Joe is free to use a traditional antennae to catch available signals out of the air. The value-added service the cable company had provided is no more, and there seems to be less and less value in the prices they are charging for their services. Joe detached the cable from the radio. I don't think he's going to be placing an order for a $7.95/month digital box anytime soon.
The funny part to me is that our (grand)parents are becoming technophiles in their own right. Jenny suggested they could hop right over the cable company's digital decoder kludge altogether and stream Jazz FM straight from the Jazz.FM website; putting that Internet connection they're paying for to good use. It's not just for Skype and GMail anymore.
Wow, where did that week go?
Yet another 7 days are gone and I can't believe how fast it goes by. The week held a few interesting things that are worth sharing though it went by so fast it's almost like it didn't happen.
Thou shalt not pass!
I continued to help my grandmother with her PC-to-Mac conversion. This time around it was about modernizing her printer. She was running an ancient printer that I originally had to mangle some Gutenprint drivers to get going, and it wasn't a very stable setup. A few print jobs later, and the OS & printer would get into an unstable state. One could liken the print queue to Gandalf, and the desired print job as the Balrog. The queue would blurt "Thou shalt not pass!" and then they battle briefly and then fall into oblivion. After some brief research for her particular needs I recommended a new HP LaserJet M1212nf. It's a decent MFP albeit black & white only. The drivers on HP's support site are decent, and it prints perfectly both from the Mac OS X image and from the VMware Fusion XP guest. It's a pretty sleek, useful, and affordable unit. My grandmother was happy with the results, so it was a relative success. 
At home my two girls are growing up so quickly. Lillian, my 5 year old, is quite a handful of young lady now. Smart, willful, and analytical. The days of "because I said so" are gone. I've got to have sound reasoning behind my requests or life gets difficult. You ask her to do something and you can see the wheels grinding. My youngest, Niamh, is just 2 months shy of 2 years old. She is blooming in terms of her ability to communicate. As an example, the other night when we were leaving my mothers house and Niamh belted out a loud, clear, and unprompted "Bye-Bye Ganma!". I know I'm being a goof, but to me this was so adorable and amazing. I wished I had been making a video or audio recording of the moment because it was so unique, and won't ever happen exactly that way again. Ah well, c'est la vie.
I was feeling nostalgic earlier this past week and I went looking for some old music from times past. I stumbled upon a couple of caches of old rave and warehouse mixtapes. The largest active cache was the Toronto Rave Mixtape Archive. I also found Comminc8r and Demodulated Mixtapes. I've grabbed up a bunch and loaded up the iPod. Jenny is going to give me the hairy eyeball when these show up on the playlist.
This week I'm off to Raleigh NC for a business trip. Jenny will be taking on double-duty on the home front while I'm away. She's awesome and I'm surely the luckiest guy.
A week later.
The past week has flown by, I know it's a cliche, but the passage of time seems to accelerate as the years go by. So what happened?
I did the 'weight loss contest' weigh-in with my brother-in-law last weekend. We're both heavier than we want to be, and we're both facing the reality of fatherhood and wanting to be around longer than perhaps we thought about before. Our schedule is to weigh in every 30 days, and to show steady progress. Cut the intake, balance the menu, drink more water, and get some exercise. That's the plan. I'll report in my progress later on.
Had a friend tell me about how they soft-modded their Wii and attached an external hard drive to run games while avoiding disc-swapping. It's funny how as we get older, that stuff becomes less of priority. Years ago, it would have been me telling people about it, instead of me being a year behind the times. That said, I liked the idea, bought a hard drive and followed the online breadcrumbs to hack my own Wii and load the games onto the drive so the kids will stop wrecking up the game disks while they are rampaging. The guide linked above didn't quite work for me, as each Wii could have a different software ecosystem. A couple of Google searches got me what I needed. Good stuff. Maybe Nintendo will take the cue and put an HDD in the next model.
I helped my grandmother buy a new computer this weekend. She's been a long time PC user, but she decided to take the conversion plunge and picked up an iMac. I transferred the contents of her old PC into a VMware Fusion virtual machine on the new rig so she'd still have access to the older software that she still uses daily. Software for which there is no replacement on Mac, and even the PC versions are completely different now. Being an IT guy who lives at the relatively leading edge of technology, I'm sometimes reminded that the software doesn't need to be recent to service real-world use cases and as long as it works for the task at hand. VMware Fusion's included PC2Mac conversion doesn't work very well, sits there spinning on 'logging in and collecting information'. My own experience and a lot of forum posts support this assertion. If you are ever trying to do this, use VMware Converter Standalone instead, and be sure you uninstall all of Fusion conversion tool completely before installing Converter. Use converter to write image out to an intermediary USB HDD and copy the VM image onto your Mac. Ensure you exclude the directory you put the VM in from your Time Machine backups, because Fusion doesn't do this automatically for imported machines. If you skip this step, your Time Machine drive will fill up pretty quickly.
Got myself a Cisco 881 for the edge of the home network. It's overkill, but it works very well. I was using an OpenSolaris machine with IPF and routing before, which was awesome too, but the IOS device was what I was looking for. Original thinking was so I could VPN my portable devices back to home base using the Cisco clients that seem to come integrated with them. Only problem is that it doesn't seem to work for my iPhone, and it's frustrating. The Apple Enterprise Deployment Guide says I should be good using an IOS VPN, and my rig is at the right version, but it's not working yet. I'll find some time over the coming weeks to work through the issues, and see if I can make it work.
14 years later?
I just realized that I've been renewing this domain year after year and I haven't left much of a digital wake in the 14 years that have passed. If you check the whois on this domain, it's indicates only ~10.5 years, but I had it for a few years before that too, let it expire, and then re-registered it. After all this time the search engines barely know I'm here. I have kept telling myself one day I would start making some digital footprints outside this fort I've built, and share the things I find interesting with family, friends, and strangers alike. In the years since I registered this domain, I've put on approximately 130 lbs, so I've got some weight to lose... I guess that will be one of the themes. I'm going to start out by making a weekly reminder for myself to post something, anything, and I will leave stuff here when I can. I have no idea if anyone will ever see this, so let me know if you find it, or if you find any of it interesting.