Regarding “A Survey of Embedded Linux Packages” (LJ February 2001), thank you, thank you and thank you. I couldn't see the forest because all them damn trees were in the way. Your article really helped shed light on what the names are, who the players are and what the scope of the paradigm is.
Living in Northwestern Pennsylvania, we are kind of out of the Silicon Valley mail loop. I've been on Victor Yodaiken's RTL mailing list for two years and still didn't understand the landscape. Your article really helped.
Thanks for helping us stay current.
—Raymond C. Minich
There is an error in “The Best of Technical Support” in LJ February 2001. “ide-floppy” is not the appropriate module for ATAPI class ZIP drives. ide-floppy works for the original non-ATAPI IDE ZIP drives. The appropriate module is “ide-scsi”. This information may be found in the ZIP drive HOWTO.
This is a very serious difference. From firsthand experience, I know that using ide-floppy on an ATAPI class ZIP drive will seem to work but will invariably cause filesystem damage on the ZIP disk (unless one does read-only operations with it).
One of the examples in Mick Bauer's “101 Uses of SSH, Part II” article (LJ February 2001) gives a misleading impression of security. Listing 6 shows how FTP can be tunneled over ssh port-forwarding. If this were any other protocol (say POP3 or IMAP), things would be fine.
But FTP actually uses two connections, not just one. The primary connection (port 21) is used as a control channel, issuing commands to the server. The secondary channel is set up each time there is data to be transferred on a different and random port, if using passive mode. If you're not using passive mode, the situation gets worse. The server tries to make a connection back to you from port 20. Chances are this will be blocked stone dead by any firewall nearby.
Anyway, the ssh command will only forward the control channel and not the data channel. That is enough to protect your password but not the data that passes between the servers. This is a misleading state of affairs because the connection may well work, even though most of it goes unencrypted!
As far as I know, you cannot use FTP over SSH without implementing special “FTP watcher” routines inside ssh. This is not impossible; practically every NAT device on the market does the equivalent. An alternative might be to use the sftp command from ssh2. However, I'm not sure whether this is included in OpenSSH yet.
You're absolutely correct. While I do think there's some value in encrypting the control channel even if the data channel is not, that was a poor example, especially since I didn't point out that the data channel does in fact go in clear text. But it does work, even without an FTP-watcher: I've been using FTP over SSH in the manner described in my article for a couple of years now. SCP is still the most secure way to transfer files with OpenSSH. SFTP is cool, but only partially supported in OpenSSH (client- or dæmon-only, I can't remember which). But you can use SSH Communications' “official” SSH v.2 for free if you run it on Linux, xBSD, etc., thanks to a new “Free Use for Open Source OSes” clause in its license.
Out of all the articles I've read in LJ over the years, few have had as much impact on me as the one on vim (“That's Vimprovemnt! A BetterVi”, LJ February 2001). I often spend more time in vim than I do sleeping, and thanks to the article, I now have a few more tricks to use. Some of the most glaring features I was not aware of were the third mode (called visual), the command mode grep and split. I learned vanilla vi on Solaris, and there are a lot of features in vim I have obviously not picked up yet. That being the case, have you thought about a monthly feature on editors? Since I imagine a great deal of your readers spend a lot of time in editors such as emacs, vim, pico and the like, perhaps a regular feature is in order.
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- The Tiny Internet Project, Part I
- Bitcoin on Amazon! Sort of...
- Machine Learning with Python
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Android Browser Security--What You Haven't Been Told
- Epiq Solutions' Sidekiq M.2
- Securing the Programmer
- Nativ Disc
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide