Mar 9, 2017

just paste my text!

It's very annoying when sites/applications block copy-paste out of some idiotic conclusion that it improves system security. Here is a novel idea - make it a configuration option.
In a mean time here is a script that I've adopted from https://github.com/EugeneDae/Force-Paste
I've added delay that allows me to switch between applications to Copy and then later Paste.

Enjoy.

Jun 19, 2016

chrooted sftp with pubkey authentication

Method adopted from OpenSSH Cookbook.
I've automated user creation and added ability to use public key authentication.

Create a group for users that will be using chrooted sftp:
groupadd sftpusers

Append at the bottom of /etc/ssh/sshd_config
Match Group sftpusers
         ChrootDirectory /sftp/%u
         ForceCommand internal-sftp
         AuthorizedKeysFile     /home/%u/.ssh/authorized_keys

Save the following script and run as root/sudo, for example:
./addsftpusers.sh bob "ssh-rsa AAAA...."

Code:

#!/bin/sh

set -e

G="sftpusers"
U=$1
P=$2

if [ -z "$1" ]
  then
    echo "no username given"
    exit 1
fi

if [ -z "$2" ]
  then
    echo "no pubkey given"
    exit 1
fi

echo "Adding $U to $G"
useradd -g $G -d /incoming -s /sbin/nologin $U

echo "Creating sftp dir"
mkdir -p /sftp/$U/incoming
chown $U:$G /sftp/$U/incoming

echo "setting pubkey access"
mkdir -p /home/$U/.ssh
echo "$P" > /home/$U/.ssh/authorized_keys
chmod 600 /home/$U/.ssh/authorized_keys
chmod 700 /home/$U/.ssh/
chown -R $U:$G /home/$U
echo "Done"

Jan 11, 2016

Using Gmail as SMTP host for YouTrack

Unless you're comfortable with using your personal gmail account, create a new account that will be used only for sending notifications from YouTrack.
Open YouTrack administrative settings, and enable Email:

SMTP hostsmtp.gmail.com
SMTP port465
Mail protocolSMTP+SSL
SMTP loginname@host
SMTP passwordpAsSwOrD
Server 'from' email name@host

Try sending a test email, if your server is not running from the same IP/Area from where you initially logged into the gmail account test will fail. The error message suggests to use browser to login, but in my case YouTrack is running on headless minimalistic remote server, installing a browser and all it dependencies would bloat the machine. SSH SOCKS proxy to the rescue!
ssh -D 2222 user@yourserver
This will create a local listening port 2222 on your desktop that can be used to proxy your browser through the server that runs YouTrack.
Set your favorite browser to use this temporary proxy, on FireFox it can be done by navigating to "about:config" and setting the following fields:

network.proxy.socks127.0.0.1
network.proxy.socks_port2222
network.proxy.type1

Verify that your settings are correct by checking your browser IP address, and then login to GMail through the proxy.  Now the test email should go through.