SSH debug

The crux is that SSH even when connecting w/ -vvv  or -vT modes won’t tell you precisely why it’s not connecting for obvious security purposes.  This is presuming you’ve double checked all other obvious issues and your public/private key pairs are setup correctly.

In the linked post above Kent Martin writes, the answer is to bind debug to an alternate port on the server side:
/usr/sbin/sshd -d -p 2222

then similarly from the client machine:
ssh -v -p 2222 user@machine_I_am_trying_to_ssh_to

On the server machine terminal you’ll see a more verbose debug log and hopefully it will tell you exactly why your client machine is being rejected.

One good reason

One good reason I’ve found to stick with Android is this:

RedPhone by Whisper Systems

In case you don’t feel like reading about it, it’s a free (for personal use) end-to-end encrypted VOIP client.  There may be other methods out there, including personal Asterix PBXs, but this seems to work with the least fuss. Google Voice may or may not work with it I believe, as native SMS’ing must be working by default on the phone.  To test I used my native phone number instead of my GV number, it worked fine over data.

Also for Android, AGP offers OpenPGP compatibility and the K-9 Mail client app then integrates the GPG functionality.

Bingo. Bango.

UPDATE: As of late November 2011 it appears RedPhone has been pulled from the Android Market and the app itself can no longer connect to Whisper Systems’ servers.  The application was in Beta, so this could mean there is a full release coming out or perhaps something required that it be pulled from the Android Market.  So for right now, I’m unaware of any other end-to-end encrypted VOIP applications for Android.

Large Cryptographic Hashes with Whirlpool and a myriad of coffee brewing methods

Who doesn’t like a nice long 512-bit message digest to confirm that the file they’re opening is secure? Cryptographic hash functions are one method of verification to insure file integrity between two parties (or as a signature or authentication code). The most commonly used hash verification is MD5 check sum (proven insecure). Apple uses SHA-1 for it’s package update manager (also likely insecure). But if you want to get deep, go with Whirlpool, and I’m not talking about appliances here, I’m talking about 512 bits of hash (the authors, Barreto & Rijmen have a page here). Ironclad and md5deep are two easy to use packages if you’re looking to implement Whirlpool under most *nix and Win 32/64 systems.

In coffee news, here is a nice webpage devoted to a myriad of coffee brewing methods:


Image via USGS National Center for EROS and NASA

Latte Swirl by Flickr member Mr. Pauly D

Latte Swirl image by Flickr member Mr. Pauly D