Tuesday, December 9, 2014

Keyboard Shotcut for changing Keyboard Layout in Windows

Because this happened to me several times now: In Windows, it is possible to switch between international keyboard layouts by pressing ALT+SHIFT or CTRL+SHIFT together. Since windows remembers this on a per-application basis, this can be quite confusing.

Simply pressing those shortcuts again cycles through the layouts.

Tuesday, December 2, 2014

FRAPS Video Too Dark

I recently attempted to capture some in-game footage - only to find that the recording was simply way too dark. Way darker than what it had been on my screen. It was fixable in my video editor, but the root cause was not immediately apparent - clearly it could not have been a monitor setting as it would have affected video and game equally.

It turns out that I was running the game - Skyrim - in Fullscreen Windowed mode, so it seems to be using the desktop gamma/brightness settings. Fraps on the other hand uses the ingame brightness settings.

When I changed in my ingame brightness, the picture on my screen remained exactly as it was before, but the brightness of the FRAPS video changed. Very counter-intuitive, but there you go.

Monday, November 17, 2014

Skyrim Mod Organizer: [D] failed to determine binary type: 193

Alright, this is more of a hobby IT problem, but it was still frustrating. I had a crash of Mod Organizer, a tool to organize and maintain Skyrim mods. After the crash, it wouldn't start any Java programs anymore - all I got was the error message:

failed to determine binary type: 193

I first suspected a problem with Java, but it was something with Mod Organizer itself. I ended up simply re-installing it, overwriting all files in the existing location. That fixed the error, and it even kept my config, modules and load order intact. If you try the same, create a backup first.

Even though I did not look into the root cause after I got it to work, I hope this helps anybody else.

Monday, October 27, 2014

Disable SSLv3 in Postfix, Dovecot

Postfix:

Disabling certain versions of SSL works like this in Postfix:

In your /etc/postfix/main.cf add or modify the following config parameter like so:

smtpd_tls_protocols=!SSLv2,!SSLv3

If you are using mandatory TLS you'll want to set this instead:

smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

These should be fairly self-explanatory, but for further detail read the Postfix configuration parameters documentation.

Do not forget to restart Postfix!

Dovecot:

In dovecot, add the following to your configuration:

ssl_protocols = !SSLv2 !SSLv3

...and restart Dovecot. If you use a version of Dovecot older than 2.1, upgrade and then do the above.

Wednesday, October 15, 2014

Test your SSL setup

Qualys offers a great tool that will check your server for SSL config issues, such as weak ciphers and outdated protocol versions.

Saturday, September 20, 2014

Mac OS X: Time Machine Backup Slow / Stuck

I just noticed that my time machine backup (to a Synology NAS) was slow. As in... single-digit kilobytes per second, and then it got stuck completely. At first I thought this may be an issue with the Synology drive, but this turned out not to be true. In the log file of the Mac, I found a large number of these lines:

Sep 20 20:27:01 Ascalon.local mdworker[20883]: (Warning) Import: Bad path:

(Ascalon is the name of my Macbook Air.)

This seemed to be indicative of a filesystem error, but this was not the case.

It turned out that in my case the offending drive was an old Kindle I had connected to my Macbook to charge - it does mount as a USB drive, similar to a flash memory stick. Anyway, once unplugged the Time Machine backup ran as fast as always.

I should probably note that the Kindle itself is not defective - disk scans give it a clean bill of health. So I have to assume that something in its folder structure is not compatible with Time Machine. Unfortunately I never connected the Kindle to my Macbook Air before, so I can't say if this is a general issue or a new bug of some sort.

Anyway, solution in this case: Unplug all USB drives one after the other, restart the Time Machine backup after each one to see which one offends, and then deal with that. You can use the disk check utility on your Mac, but please make sure you know what you are doing and do not accidentally erase it. (The Apple Knowledge Base is probably a good place to start.)

Thursday, August 21, 2014

Can I safely send a Certificate Request (CSR) by Email?

Yes. The CSR is your public key, which will be verified and signed by the certificate authority (CA) and returned to you afterward. It is this signed version you will then use in your application. It is useless without the private key, so even if someone makes a copy of it, they won't be able to attack you.

However, this does mean that you must not send your private key out! If your private key gets stolen, the SSL certificate is compromised and must be revoked.

Wednesday, June 4, 2014

scrub: -X argument cannot exist

I've been looking for a utility that will clean disks for me - and I do realize this is no real substitute for shredding them. Anyway, scrub seems to do the job. However, when I tried to run it I got:

scrub: -X argument cannot exist

This had me stumped because I read it as "the -X argument cannot exist", which seemed to make no sense whatsoever. And indeed it means "the argument to -X cannot be a directory that exists". Simply running it with a new directory, like so:

root@server:/home# scrub -X /home/scrub
scrub: using NNSA NAP-14.x patterns
scrub: scrubbing /home/scrub/scrub.000 1073741824 bytes (~1GB)
scrub: random  |..^C                                            |

works.

It is notable that more current versions of scrub fix the error message to be more intuitive (mine was still 2.2).

Wednesday, April 30, 2014

Adding Blog as a Menu Item in Wordpress

On my personal blog, I set the main page to a static page. However, I also wanted a menu item to the blog posts. There was nothing in the Menu editor, but the solution is quite easy if you know how.

  1. Create and publish an empty page. I called mine "Blog".

  2. In (Dashboard) -> Settings -> Reading, there is a drop down called "Posts page". Select the empty page you just created. Save your changes.

  3. Under Appearance -> Menu add the Posts page to your menu. Save the menu.

When you now click on this menu item (or navigate to the page some other way) it will show the blog posts list as normal.

Thursday, April 17, 2014

Apache: How To Redirect http to https

If you want to direct traffic from your http so that it gets encrypted, this is really easy to do in Apache:

Step one: Set up your https vhost:

<IfModule mod_ssl.c>
<VirtualHost 10.1.1.1:443>
DocumentRoot /var/www
# other server options go here as needed
# - logging for example
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.cert
SSLCertificateKeyFile /etc/ssl/private/example.key
# Add other SSL specific options as needed</pre>
</VirtualHost>
</IfModule>

Step two: Set up your http vhost:

<VirtualHost 10.1.1.1:80>
ServerName my.example.com
RedirectPermanent / https://my.example.com/
</VirtualHost>

We have previously posted more information on enabling SSL in Apache.

Obviously, instead of 10.1.1.1 and my.example.com you'll have to use your own IP and hostname, whatever they may be.

Note that this will redirect everything from http to https. Finer control is possible, for example you could do:

RedirectPermanent /secure/ https://my.example.com/secure/

Or you could use RewriteRules for even more control. However, in the age of mass surveillance and constant threats from hackers, a general redirect to https is a good idea.

Wednesday, April 9, 2014

Could not perform immediate configuration on 'python-minimal'

When I tried to update my Debian box, I got the following ominous error:
E: Could not perform immediate configuration on 'python-minimal'.Please see man 5 apt.conf under APT::Immediate-Configure for details. (2)
It turns out that the fix is fairly simple. The following worked for me:

apt-get install -o APT::Immediate-Configure=false -f apt python-minimal

Tuesday, April 1, 2014

Creating New Outlook .PST Files in Office 2010

Back in the good old days, I am pretty sure, all the PST related stuff was in the normal file menu. Not anymore. I wanted to create a new PST file and I had to look quite a while before I found it - Microsoft has it hidden quite well:




It's in the Home ribbon, under "New Items -> More Items -> Outlook Data File".

I never liked those Ribbons, but anyway, maybe this will save someone else ten minutes.

Tuesday, February 25, 2014

Wordpress: Images not displaying, Redirects not working

Moved my WordPress installation to a new server. I kept all paths etc intact, copied my VirtualHost and permissions were good, so I was at first surprised when my images didn't show and redirects didn't work. The cause was quickly found, however; it seems my old install had different default settings hidden somewhere in the Apache configuration.

I guess there may also be different causes, but in my case I fixed it by adding this to my Wordpress VirtualHost:

<Directory "/var/www/wordpress/">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

/var/www/wordpress is obviously the DocumentRoot of my WordPress install.

Lo and behold, my WordPress site wasn't broken anymore.