Getting paranoid about ssh-agent

Wednesday, 1. 09. 2010  –  Category: vague

A colleague asked me about my SSH setup, which uses different SSH agents for each set of keys that I use (I tend to use a different keypair for each client I work with) and also makes ssh-agent confirm with me each time a key is used. What’s the point of all that? Because it’s […]

Apache 1.3 patch for ProxyPreserveHost

Thursday, 17. 09. 2009  –  Category: vague

Patch against Apache 1.3.411 to backport the ProxyPreserveHost feature. I can’t remember where I found it now, but I’ve tweaked it through a few Apache revisions. Useful for migrating sites from one host to another before or during DNS propagation. That said, I’m using Varnish and HAProxy an increasing amount for such plumbing. Yep, still […]

Casual Firewall / VPN benchmarking

Wednesday, 12. 08. 2009  –  Category: vague

Two datacentres, each with a pair of 2.5GHz Xeon firewalls running OpenBSD. Benching with iperf yielded the following: Between firewall pair, LAN [ 3] 0.0-10.0 sec 1.00 GBytes 860 Mbits/sec [ 3] 0.0-10.0 sec 1.00 GBytes 860 Mbits/sec [ 3] 0.0-10.0 sec 1017 MBytes 853 Mbits/sec Firewall to firewall between DCs, outside VPN, no PF […]