2009-05-20

[2cents] ssh 登录过慢的问题

[2cents] ssh 登录过慢的问题

可能原因

1. 服务端对客户端IP进行DNS反解过慢, 解决方法是在 /etc/ssh/sshd_config 中加入一行

UseDNS no

然后用 /etc/init.d/ssh restart 重启 DNS 服务 (ssh 重启时不会切断已有的连接)

2. 客户端 GSSAPI 认证过慢, 解决方法是在 $HOME/.ssh/config 中加入如下一段

Host *
  GSSAPIAuthentication no


3. 其他情况,可以用 ssh -vvv hostname 查看 ssh 在哪一步等待时间最长,用对应的关键词搜索即可。





Posted by at No comments:

2009-05-16

机房网段更改后,如何避免在机房逐台更改IP?

机房网段更改后,如何避免在机房逐台更改IP?



方法如下:


  1. 假定更改前网段为 10.0.1.*, 更改后为 10.0.2.*
  2. 先在机房内把 10.0.1.2 改为 10.0.2.2, 然后你就可以离开机房了
  3. 远程登录 10.0.2.2, 在 /etc/network/interfaces 上加入如下的一段
          iface eth0:0 inet static
                  address 10.0.1.2
                  netmask 255.255.255.0
          注意,不要加入 gateway
  4. 运行 sudo ifup eth0:0, 运行 netstat -rn 检验是否成功:
    $ netstat -rn
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
    10.0.1.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
    10.0.2.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
    0.0.0.0         10.0.2.1        0.0.0.0         UG        0 0          0 eth0
  5. 此时你已经可以登录 10.0.1.* 网段的机器
  6. 登录 10.0.1.3 更改IP, 重启
  7. 重复第6部,直到所有机器的IP更改完毕
  8. 在 10.0.2.2 上运行 sudo ifdown eth0:0, 从 /etc/network/interfaces 中清除添加的配置段

Posted by at No comments:

2009-05-14

replace compiz with xcompmgr when dual-head

compiz can't be activated when I am using dual-head mode (2560x1024).

using xcompmgr is a good idea, which makes gnome-do can work in docky mode.
Posted by at No comments:
Labels: , , ,

2009-05-09

new OpenPGP key 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA256

Sat, 09 May 2009 17:23:00 +0800

For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one.  I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

the old key was:

pub   1024D/6087D2F8 2004-09-05
      Key fingerprint = 2F18 9473 01F7 5240 A6E8  B1BC E535 0AE0 6087 D2F8

And the new key is:

pub   4096R/2F6E9AE0 2009-05-09
      Key fingerprint = 4223 125E ED8B 189C 67CA  2B52 8CB9 287E 2F6E 9AE0

To fetch key,  you can get it with:
  
  gpg --keyserver keys.gnupg.net --recv-key 2F6E9AE0

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs 2F6E9AE0

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

  gpg --fingerprint 2F6E9AE0

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

  gpg --sign-key 2F6E9AE0

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

  gpg --armor --export 2F6E9AE0 | mail -s 'OpenPGP Signatures' lidaobing@gmail.com

Or you can just upload the signatures to a public keyserver directly:

  gpg --keyserver keys.gnupg.net --send-key 2F6E9AE0

Please let me know if there is any trouble, and sorry for the
inconvenience.

Regards,
LI Daobing
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoFWHUACgkQ5TUK4GCH0vht3gCeJ76nYpGU+91pArBxH0zmv/hY
xRMAn0jcxnAkAp40BdnPQkC+mkRMeYBziQIcBAEBCAAGBQJKBVh1AAoJEIy5KH4v
bprgsh4QALvXQd+Lst/+WR7WpUF0h5efBlb8uc4lU5LAnlMS+UuDZSJuLOIJZX4z
6nHbyqfJa9WbnVeme9wlvdEM2BHw5A58b6+lxNEcjoINuYEbQriAJ66LaH+o0Qoj
tf6w3ojRp+YZrsdQJYmZkZoPEYXuOnH3rVSNzmI6HnkW5VePp8J5twxRkKCg3kM4
XSm9uzq8Aj7lD+q0CMdqKeTm6Yxu+XCXRvvyNEMbNbyZTRJFVSqzUvc+TrTz+nz5
1sLG1icFGEh8iqzO9Mq0xUpD74mLy/7s0fG0bvTUXu9VmcarweEp5l3IU5hGgQXr
pXWAtvTvOq42gVJcsQ2KQDLwcUq55oEP5l5ioDzqcK2l2x6kUJ+z7x1xgTDpdt97
CU8QeWKNblHLNtGipJs/qNvE0JLS+soUH0wfBEy333+dHhRqmyjJ+Q8GAu0bdv2D
MPIKA7HURao7MKnF7HNjKAPgrrCGYQ4WcR1n1O3LLzAg2ag1bd0vx5XjQWhPnEhN
/ttJTNW3qzw1fXsNHLK3UUcS5KX9Evyr81DwzbHjn2F5Gk7P1/0/Ed/6akf6pGpJ
ho4aVfZgz7zdDL0yG3800YCxs6nJMSt1IKimJA2bh3zAtox+QUgxnQqL4Bp6one+
+3ttIgdMEOmcIcGV0zh9RCxt+JpXeqQ5/TLsUpdYS20aqtEZaVeM
=H6UO
-----END PGP SIGNATURE-----
Posted by at No comments:

2009-05-01

debian/control: switch between debian and ubuntu format 


#!/usr/bin/env python                                                                   

import logging
import sys    

log = logging.getLogger(__name__)

def main():
    lines = file('debian/control').readlines()

    l1 = None
    l2 = None

    for idx, x in enumerate(lines):
        if x.startswith('Maintainer:'):
            l1 = idx                   
        elif x.startswith('XSBC-Original-Maintainer:'):
            l2 = idx

    if l1 is None:
        log.error("can't find maintainer line")
        sys.exit(1)

    isUbuntu = l2 is not None

    if isUbuntu:
        maintainer = lines[l2].lstrip('XSBC-Original-Maintainer:').strip()
    else:
        maintainer = lines[l1].lstrip('Maintainer:').strip()

    if isUbuntu:
        lines[l1] = 'Maintainer: %s\n' % maintainer
        del lines[l2]
    else:
        lines[l1] = 'Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>\n' \
                + 'XSBC-Original-Maintainer: %s\n' % maintainer

    file('debian/control', 'w').writelines(lines)

if __name__ == '__main__':
    main()
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)