Explorations in Electrical Engineering

Certificate based authentication is probably one of the most convenient features of ssh. Most of the systems I log into via ssh on a regular basis are configured with public key authentication. Also, I am very fond of screen. Unfortunately, due to the way ssh-agent works, it does not cooperate very well with screen. The program ssh-agent serves two purposes. First, it caches passwords for ssh private keys. Second, it allows for ssh authentication forwarding alongside a regular ssh login so ssh connections originating from the remote session can be transparently and securely authenticated with the certificate residing on the user’s computer. The environment variable SSH_AUTH_SOCK informs any ssh command run in the session where to find the socket to communicate with ssh-agent.

Since ssh-agent lives and dies with the login session, the moment one disconnects from screen and logs out the ability to use ssh authentication forwarding is disrupted until the screen session is completely restarted. This essentially renders screen useless. The problem is that the name of the socket unique to every instance of ssh-agent and the new information does not get propagated down to any sessions running in screen.

After a bit of googling, a couple of possible solutions presented themselves. Several involve external scripts and aliases to save and restore the environment variables associated with ssh-agent. This solutions seemed a bit too cumbersome. The solution that I finally decided on is very simple and involves adding two lines to two config files in the home directory.

This line goes in your profile script (~/.profile, ~/.bash_profile, etc):

test $SSH_AUTH_SOCK && ln -sf "$SSH_AUTH_SOCK" "/tmp/ssh-agent-$USER-screen"

And this line goes in ~/.screenrc:

setenv SSH_AUTH_SOCK "/tmp/ssh-agent-$USER-screen"

All this does is create a symlink in /tmp that points to the ssh-agent socket. The symlink has a constant name so that it can be used in screen without any additional trouble. The first line creates and updates the symlink on every login so that it always points to an active socket. The second line overrides the environment variable in the screen session so that the new link is accessible to all of the screen session’s terminals.

I have been using this simple solution for quite some time now with no issues.

Back in October of 2006 (my senior year of high school), I started designing a nixie tube clock.  I was reading Nuts and Volts at the time and was inspired by two back-to-back issues that detailed building a high-voltage microprocessor controlled power supply and a nixie tube clock.  If you haven’t already, please read the introduction.

The nixie tube was invented in 1951 by a vacuum tube manufacturer called Haydu Brothers Laboratories. The tube consists of ten stacked cathodes in the shape of the Arabic numerals 0 through 9 surrounded by an anode mesh. The whole thing is enclosed in a neon-filled glass envelope. By applying a bias to the anode of around 170 volts, the individual cathodes can be illuminated by grounding one cathode at a time. The grounded cathode will light up with a nice warm orange glow. It’s really a beautiful effect.

Read more

It has been said that there are two types of hard drives, those that are dead and those that are dying. My Dell Inspiron E1705 running Ubuntu 9.10 was becoming more and more unstable, randomly hanging irrecoverably while in screensaver mode. Last week I traced the hangs to the hard drive and ran SpinRite on it, turning up over 1.5 million recoverable ECC errors on the main Ubuntu partition in addition to a couple of non-recoverable sectors. I decided it was finally time to replace it, so I ordered an identical drive off of Newegg. I planned on performing a fresh install of Ubuntu 10.04 on the new drive followed by importing most of my files from the old drive.

However, shortly after I ordered the new drive, a bit of water got spilled on my keyboard. I cleaned it up in a hurry, but didn’t notice that some of it had seeped under the hard drive. A while later, I figured out that my computer would not boot up, the hard drive being invisible to BIOS. So I pulled it out and discovered that some sort of reverse-electoplating action had pulled some of the copper off of a couple vias, opening the circuits. Quite annoying. Long story short, there wasn’t a whole lot I could do for the drive, so I just set it aside and waited for the new drive to arrive.

Read more

We took a mouse to UCLA last weekend for an unofficial competition.  It was actually a much more interesting competition than the official IEEE southwest area competition since several bots actually solved the maze.  The maze was more reasonable than the SW area maze.  Even though it was only 13x13 instead of 16x16, the walls were properly aligned and well-programmed bots didn’t have many problems getting stuck.  This is a video of our mouse’s shortest solution path.  Unfortunately, we only took 2nd place since one of the teams from UCLA had a much smaller and more maneuverable robot.

Me and Jordan installed the new server yesterday.  We lugged it from the Micromouse room to the CSE datacenter and wrestled it into the rack.  Fortunately, the server’s power supplies don’t need to be adjusted for use in the racks.  Apparently the rack supply is 220v instead of the usual 110, as Jordan found out the hard way when he accidentally brought a whole rack down when he plugged in the old server a couple of years ago.  Thankfully, the server was installed without any bangs, magical blue smoke, blown fuses, or other excitement.  We migrated the database from the temporary server and set up the network card for the proper static IP address, requiring a few reboots to get everything configured properly.  So far, it seems to be running just dandy.

Alfresco is an open-source content management system.  It supports creating collaboration ‘sites’ as well as various document management features, including version control.  It’s essentially the open-source counterpart to Microsoft’s SharePoint server.  I decided to use Alfresco for the IEEE’s content management system for two reasons: first, it’s open source so there is no licensing BS to deal with.  Second, it will (in theory) run natively in FreeBSD, mitigating any need to deal with virtual machines.

Alfresco is written in Java and comes as a WAR archive, designed to be used with Tomcat running under a separate instance of Apache.  Tomcat is a cross-platform JSP implementation.

Read more

I just released the first version of XBoot on Google Code. I wrote the entire program over the course of about a week. It’s not terribly complicated, but since the whole thing has to fit into 4k of code space, I had to do a bit of optimizing for size. The bootloader itself wasn’t terribly difficult, the hardest part was getting the I2C address autonegotiation working properly. Once I can hook two XMegas together, I will release code for the master end of the autonegotiation protocol.

XBoot is an extensible, modular bootloader for the ATMEL XMEGA processor series. It is compatible with the AVR109 (butterfly) bootloader protocol with a few XMEGA specific extensions for access to the user and production signature rows. One of its main features is support for multiple serialbusses. Many bootloaders only support RS232 for programming from a PC, but XBoot’s modularity allows it to support the exact same set of commands over any hardware serial port. Currently, I2C support has been incorporated. This allows for easy in-system reconfiguration of XBoot equipped chips with little additional time investment. Also, XBoot includes support for I2C address autonegotiation for when multiple, identically configured processors sit on the same I2C bus.

http://code.google.com/p/avr-xboot/

From searching around on google, apparently either nobody installs the multicast DNS/Zeroconf module Avahi on FreeBSD or it’s so easy to install it warrants no easy to follow documentation.  Unfortunately, neither of the above are true, so I will do my best to provide an easy-to-follow tutorial for getting Avahi working on FreeBSD.  Specifically, getting Avahi set up to allow for .local domain support locally as well as broadcasts of the computer’s own information over multicast dns.

First, install avahi and nss-mdns. Please note that avahi requires dbus which, in turn, requires glib, so if you don’t have these packages installed already, it could take some time. Also, since nss-mdns requires avahi, all you have to do is install nss-mdns and it will grab everything else automatically.

Read more

The new server for ieee.ucsd.edu arrived on Saturday.  I have been working since Thursday to put together a configuration script to easily format all the hard drives and write the necessary config files to get the array up and running.  Unfortunately, this sort of thing is never as easy as it seems.  ZFS works very well in OpenSolaris, but I’m used to Ubuntu Linux.  FreeBSD isn’t that much of a stretch, but Solaris is just a bit more different than I can handle at the moment.  The plan I had walking in to this is to create a ZFS RAIDZ array across all the hard drives (10 in nanjing in 2 groups of 5 and 6 in the IEEE server) and have FreeBSD boot off of that.  However, I ran into trouble from the get-go.

Read more

In my senior year of high school, the October 2006 issue of Nuts and Volts featured an article about a Nixie tube clock.  The previous issue had discussed a high voltage power supply built around a PIC microcontroller.  I had been experimenting with PIC microcontrollers for quite some time before and I was intrigued by the prospect of using a PIC microcontroller to generate a rather high voltage from a logic-level supply.  I didn’t have much use for it, though.  After seeing the Nixie clock article, I now had the perfect application for it.  So, I bought several tubes off of ebay, direct from the Ukraine, and got to work.

Read more