Getting paranoid about ssh-agent

Wednesday, 09. 1. 2010  –  Category: vague

A colleague asked me about my SSH setup, which uses different SSH agents for each set of keys that I use (I tend to use a different keypair for each client I work with) and also makes ssh-agent confirm with me each time a key is used. What’s the point of all that? Because it’s […]

Apache 1.3 patch for ProxyPreserveHost

Thursday, 09. 17. 2009  –  Category: vague

Patch against Apache 1.3.41 ((Yep, still running 1.3 around the place)) to backport the ProxyPreserveHost feature. I can’t remember where I found it now, but I’ve tweaked it through a few Apache revisions. Useful for migrating sites from one host to another before or during DNS propagation. That said, I’m using Varnish and HAProxy an […]

Casual Firewall / VPN benchmarking

Wednesday, 08. 12. 2009  –  Category: vague

Two datacentres, each with a pair of 2.5GHz Xeon firewalls running OpenBSD. Benching with iperf yielded the following: Between firewall pair, LAN [ 3] 0.0-10.0 sec 1.00 GBytes 860 Mbits/sec [ 3] 0.0-10.0 sec 1.00 GBytes 860 Mbits/sec [ 3] 0.0-10.0 sec 1017 MBytes 853 Mbits/sec Firewall to firewall between DCs, outside VPN, no PF […]

« Older Entries