Monday, December 8, 2014
I use SSH for damn near everything. We need SSH for damn near everything.
I have this thought that SSH is quite possibly the only end-user-exposed implementation of acceptable crypto in wide use which actually satisfies the “actual human beings can use this” constraint at the same time as satisfying the “this makes your shit relatively secure” constraint. That’s not to say it’s easy for the average mortal to comprehend, but it beats the shit out of almost everything else I can think of.
In “almost everything else”, I include SSL/TLS/HTTPS, which sort-of works as far as the general user population of browsers is concerned, much of the time, but which is an absolute nightmare to administer and which is a fundamentally broken design on a political / systems-of-control / economic / regular-admins-get-this-right level. Arguably, the only thing that has been worse for the wide adoption of crypto by normal users than SSL/TLS is PGP.
DISCLAIMER: I DON’T KNOW SHIT ABOUT CRYPTO. Tell me how I’m wrong.
I’m not exactly sure when mosh started to catch on with people I know, but I’d say it’s on the order of a year or two that I’ve been aware of it. The basic thing here is that it’s essentially OpenSSH with better characteristics for a specific cluster of use cases:
- laggy, high-latency, intermittently-broken network connections
- client machines that frequently hop networks and/or suspend operations
- unreliable VPNs (which is to say very nearly all VPNS in actual use)
I’m about to start in on some remote contracting stuff, so I go looking for a time tracking tool. For the moment I settle on this little tray widget called hamster, which looks functional if not precisely inspiring.
noobs / raspbian
Last year I did a bunch of work on a Raspberry Pi, but it’s been a few months since I booted one up. I got a model B+ (more USB ports, various hardware tweaks, takes a microSD card instead of the full-size one) in my last employee order at SparkFun, and I’m stepping through what seems to be the stock recommended installation process.
NOOBS_v1_3_10.zip. Be careful unzipping this one - everything is at
the top level of the archive (advice to distributors of basically anything: don’t
If I’d been smart I probably would have done:
$ mkdir noobs && unzip NOOBS_v1_3_10.zip -d noobs/
The basic system here is “get an SD card, put the stuff in this zip file on the SD card, put it in the Pi”. Everything about this has always felt kind of weird (if not actively broken) to me, but it’s probably important to remember that for most users “put some files on this media” is a lot easier than “image this media with the filesystem contained in this file”.
So I plug in all the stuff: microSD card, keyboard, HDMI cable to random spare monitor, power.
Nothing. Well, almost nothing. Blinkenlights, no video output. Red light is steady, green light blinks a couple of times periodically.
I am reminded that this is, fundamentally, a terrible piece of hardware.
Power down, remove SD card, mount SD card on Linux machine, google variously, delete and recreate FAT32 partition using gparted, re-copy NOOBS files, unmount SD card, replace card in Pi, re-apply power.
Green LED flashes spasmodically for a bit then seems mostly off, but is actually flickering faintly on closer examination. Red light is solid.
This wiki page suggests this means that no boot code has been executed at all. It’s failing to read the card, or it’s missing some file, or something is corrupt.
Ok, so, mount SD card on Linux machine again; immediately discover that the card is now a volume called “SETTINGS”, or seems to be.
$ ls /media/brennen/SETTINGS lost+found noobs.conf $ cat /media/brennen/SETTINGS/noobs.conf [General] display_mode=0 keyboard_layout=gb language=en brennen@desiderata 15:52:24 /home/brennen ★ sudo parted /dev/mmcblk0 GNU Parted 2.3 Using /dev/mmcblk0 Welcome to GNU Parted! Type 'help' to view a list of commands. (parted) print Model: SD SL16G (sd/mmc) Disk /dev/mmcblk0: 15.9GB Sector size (logical/physical): 512B/512B Partition Table: msdos Number Start End Size Type File system Flags 1 1049kB 823MB 822MB primary fat32 lba 2 826MB 15.9GB 15.1GB extended 3 15.9GB 15.9GB 33.6MB primary ext4 (parted)
Well, obviously something ran, because I definitely didn’t arrange anything that way. And this seems a little telling:
brennen@desiderata 15:55:36 /home/brennen ★ dmesg | tail -12 [51329.226687] mmc0: card aaaa removed [51776.154562] mmc0: new high speed SDHC card at address aaaa [51776.154894] mmcblk0: mmc0:aaaa SL16G 14.8 GiB [51776.169240] mmcblk0: p1 p2 < > p3 [51781.342106] EXT4-fs (mmcblk0p3): mounted filesystem with ordered data mode. Opts: (null) [51791.757878] mmc0: card aaaa removed [51791.773880] JBD2: Error -5 detected when updating journal superblock for mmcblk0p3-8. [51793.651277] mmc0: new high speed SDHC card at address aaaa [51793.651601] mmcblk0: mmc0:aaaa SL16G 14.8 GiB [51793.666335] mmcblk0: p1 p2 < > p3 [51799.516813] EXT4-fs (mmcblk0p3): recovery complete [51799.518183] EXT4-fs (mmcblk0p3): mounted filesystem with ordered data mode. Opts: (null)
(The “Error -5 detected bit.)
Ok, so I bought a new Sandisk-branded card because I didn’t have a decently fast microSD card laying around. What I’m going to check before I go any further is whether I got one the Pi can’t deal with. (Or just one that’s bunk. I bought this thing for 15 bucks at Best Buy, so who knows.)
Here’s an 8 gig class 4 card, branded Kingston, but I probably got it off the shelves at SparkFun some time in the last 3 years, so its actual provenance is anybody’s guess. Looking at what’s on here, I’ve already used it for a Raspberry Pi of some flavor in the past. Let’s see if it’ll boot as-is.
Ok, no dice. I’m starting to suspect my problem lies elsewhere, but I’ll try one more time on this card with NOOBS.
Again: No dice.
- the monitor with other inputs, because who knows
- tried a couple of different power supplies - USB cable from my laptop, 5V wall wart purchased from SFE, cell phone charger.
- the usual plug-things-in-one-at-a-time routine.
Time to try one of these cards with an older RasPi, if I can figure out where I put any of them.
After much shuffling through stuff on my dining room table / workbench, I find a model B. It fails in much the same way, which leads me to suspect again that I’m doing something wrong with the card, but then I can’t quite remember if this one still worked the last time I plugged it in. They can be fragile little critters.
Here’s a thought, using a Raspbian image I grabbed much earlier this year:
brennen@desiderata 17:10:03 /home/brennen/isos ★ sudo dd if=/home/brennen/isos/2014-01-07-wheezy-raspbian.img of=/dev/mmcblk0
No dice on either the model B or model B+, using the new SanDisk.
Trying with the older card,
dd spins through 800ish megs before giving me an I/O error.
It may be time to start drinking.
The next day: I swing through a couple of stores in town with the wiki list of known cards in hand and buy a pile of cards across a handful of brands, plus a $20 card reader (the Insignia NS-CR20A1) since there’s not one built in to the laptop I’m carrying today. The first card I try boots NOOBS instantly; an installer is running as I type this.
Suddenly It occurs to me that the card reader on the laptop I was using last night might is likely dying/dead.
This is a really slick install process now, so good work to somebody on that.
I’ve got a Beaglebone Black sitting here new in the box. It comes with a USB cable, so I plug it in. Instantly there are bright blue blinky lights, and my laptop tells me I’m connected to an ethernet network and I’ve got a new drive mounted with some README files in it.
This is kind of great.
Browsing to to 192.168.7.2 gets a bunch of docs and a link to Cloud9, an in-browser IDE that happens to include a root terminal.
I don’t really know what’s going on here. I think it might be a little scattered and confused as a user experience, in some ways. But it immediately strikes me as good tech in a bunch of ways.
Josh Datko, who I’ve gotten to know a little bit, has a book called Beaglebone for Secret Agents. It’s been on my ever-growing to-read list for a while; I’m going to have to give it a look sooner rather than later.