Setting up a new Mac

As part of my new job, I got a shiny new 13″ MacBook Pro.  Even though I’m quite a Linux fanboy, I really enjoy the quality of the hardware and OS X. However, it isn’t perfect.  There are a lot of applications that I like to have available.  Since I have nothing better to talk about, I figured I’d list them here:

  • Adium — one of the best instant messenger clients I’ve ever used.  It has support for just about every major IM protocol except…
  • Skype — I don’t really use it for IM, but it’s great for audio and video calls.
  • Firefox — I prefer it to the Safari browser that ships with OS X.  It happens.  And with that comes…
  • Xmarks — a browser plug-in that syncs bookmarks.  It comes in very handy when you use multiple computers.  So does…
  • Dropbox — allows you to synchronize arbitrary files between multiple computers.  I mostly use it for configuration files (e.g. .bashrc, .screenrc)
  • VirtualBox — sometimes you actually need to use another OS to do some important task (like play Sim City)
  • DOSBox — is good for playing some of the older games that I like
  • Chicken of the VNC — I’ve played with several VNC clients for Mac, and this one is the best.
  • iTerm — hands-down better than the default Terminal.app
  • ZTerm — a program to make serial connections.  I used it a fair bit in my old job, I don’t anticipate needing it much in my new job.
  • Colloquy — an Internet Relay Chat client
  • VLC — a media player that will play just about anything
  • Grand Perspective — a program that shows a graphical representation of disk usage, allowing you to find the files that are chewing up all the space on your hard drive.

Cyber security awareness month: Other uses for SSH

As I noted a few weeks ago, October is cyber security awareness month.  I’d planned on writing a big how-to for remotely and securely connecting to another computer, but time has escaped me, so what I’ll give here is the quick and dirty version, and trust that my readers can use Google to fill in the backstory.

Back in May, I wrote an article about using SSH as a proxy to help secure your web browsing when away from home.  SSH was designed primarily to provide shell (command line) access to remote machines using encryption and other features to prevent someone from eavesdropping, but it can be used to tunnel all kinds of other traffic.  For example, you can tunnel your Subversion version control over SSH, using the svn+ssh argument (e.g. svn co svn+ssh my_svn_files). Or you could tunnel your VNC (a remote desktop protocol) over an SSH connection.

Why would you want to tunnel VNC?  The first reason is that VNC by default passes all traffic in plain text, which means all of your keystrokes (read: passwords) are exposed.  By using an SSH tunnel, your session is encrypted. The second reason is that by using an SSH tunnel, you don’t have to open the firewall for the VNC port(s).

So how do you tunnel VNC, or another protocol?  The -L argument to SSH (or LocalForward in the config file) tells SSH to forward locally.  To tunnel to a VNC server running on display :1, you’d do something like:  ssh -L 5901:localhost:5901 username@my.server.org   and then point your VNC viewer to localhost:1.

In addition to interactive-type uses, SSH can be used for file transport as well.  The scp command copies files to and from a remote server in the same manner that the cp command works locally.  sftp can be used as a secure replacement for the FTP protocol (but there’s no provision for anonymous access).  And most importantly, the venerable rsync command can be used with SSH by specifying it as the argument to the -e flag (e.g. rsync -e “ssh” -av /some/local/directory username@my.server.org:/the/remote/directory).

So the moral of the story is: SSH can help keep you secure.