Tracy Phillips

Renee and I thought we would try something different this year for our New Years Dinner. I had been wanting to try a recipe from my favorite cookbook, "Joy of Cooking", for quite some time, so we decided to make U.S. Senate Bean Soup.

There is good reason this soup has been on the menu in the U.S. Senate's restaurant every day since 1901. There are several stories about the origin of that mandate, but none has been corroborated.

According to one story, the Senate's bean soup tradition began early in the 20th-century at the request of Senator Fred Dubois of Idaho. Another story attributes the request to Senator Knute Nelson of Minnesota, who expressed his fondness for the soup in 1903.

Here is what you will need for about 6 cups of soup:

1 1/4 cups dried white beans
1 small ham hock
7 cups cold water

Bring the water to a boil, reduce and simmer until the beans are tender, about 1 hour and 15 minutes. Remove the ham hock, discard the bone, skin and fat; dice the meat and return it to the pot.

Add:

1 large onion diced
3 medium celery ribs chopped
1 large potato, peeled and finely diced
2 garlic cloves, minced
1 1/2 teaspoons salt
1/2 teaspoon black pepper

Simmer until the potato pieces are tender, which will take from 20 to 30 minutes.

The recipe in "Joy of Cooking" recommends that you take a potato masher and mash until the soup is creamy, we didn't do that step.

That's all there is to it and the results were yummmmy. This one is a keeper

The average CEO of a Fortune 500 company makes 364 times what a regular employee makes. Drucker felt it should not be more than 20 times

To all my liberal friends:

Please accept with no obligation, implied or implicit, my best wishes for an environmentally conscious, socially responsible, low-stress, non-addictive, gender-neutral celebration of the winter solstice holiday, practiced within the most enjoyable traditions of the religious persuasion of your choice, or secular practices of your choice, with respect for the religious/secular persuasion and/or traditions of others, or their choice not to practice religious or secular traditions at all. I also wish you a fiscally successful, personally fulfilling and medically uncomplicated recognition of the onset of the generally accepted calendar year 2009, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make America great. Not to imply that America is necessarily greater than any other country nor the only America in the Western Hemisphere. Also, this wish is made without regard to the race, creed, color, age, physical ability, religious faith or sexual preference of the wishee.

To all my conservative friends:

Merry Christmas and a Happy New Year!

Have you ever been sifting through your log files, and seen this little jewel:

Dec 16 00:01:38 [server] sshd: Starting sshd
Dec 16 00:01:38 [server] sshd: Checking for host keys
Dec 16 00:01:38 [server] sshd: Starting sshd daemon
Dec 16 00:01:38 [server] sshd[3449]: Server listening on :: port 22.
Dec 16 00:01:38 [server] sshd[3449]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Dec 16 00:01:38 [server] rc: Starting sshd:  succeeded

Now are we listing on port 22 or not? I know I am logged in via ssh right now, so I know sshd is working correctly. Lets do a little investigation shall we? Lets see what is listing on port 22.

[server]:root# netstat -an | grep 22
tcp        0      0 :::22                      :::*                        LISTEN

[server]:root# lsof -i | grep 22
sshd        3449     root    3u  IPv6   7505       TCP *:22 (LISTEN)

Ahhhh HA! Just as I suspected, IPv6 is listening on port 22 so IPv4 can't listen on port 22. Whew. I thought there might be something really serious going on. Open up /etc/ssh/sshd_config in your favorite text editor and slap this snippet (or uncomment it if it is already there) into it.

ListenAddress 0.0.0.0

If you have this in your sshd_config, make sure that it is commented like so, by putting a hash (#) in front of it.

#ListenAddress ::

That should do it... restart sshd and that should take care of that little error... errrrr I mean jewel :-) You can also disable IPv6 instead, but thats taking things a little bit far if you ask me

echo "alias net-pf-10 off" >> /etc/modprobe.conf

If you do disable, IPv6, don't forget to restart your server.

Scale 7.x will be February 20th - 22nd, 2009 at the Westin LAX Hotel and tickets are on sale now. SCALE will co-op with LOPSA to make Linux training available at the Linux Expo. SCALE University will again convene at SCALE 7x! Register early, demand will be high for the classes:

• Introduction to Virtualized Storage
• Disaster Recovery: Will you survive?
• Internal documentation for SysAdmins
• Saving the World with Fedora Directory Server

See you there... Be there or be square.

If you generate quite a few CSR's that are used to generate SSL certificates, you might have the need to view the contents of the CSR itself to see if it has valid information in it. To do that, save your CSR to a file... I will call mine, certreq.txt Here is my CSR:

-----BEGIN CERTIFICATE REQUEST-----
MIIBtjCCAR8CAQAwdjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQH
EwlPY2VhbnNpZGUxFTATBgNVBAoTDEhvc3R2ZWxvY2l0eTEQMA4GA1UECxMHSVQg
RGVwdDEdMBsGA1UEAxMUd3d3Lmhvc3R2ZWxvY2l0eS5jb20wgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBALLHGFjPg3N6sq39e9cl6oGz214g/TgQW4wHwxlC0HLE
goMdjjReymgTYU8rsG3kJgoxGM5zd+wGgGzrlzKK06fep4gHH2QKYPvgvzNUpZKs
SmQC7rCu8VkBgmZTGAx1hQ2Yi9JUT8s4WjdTRYDrd0ZSOnG504pmEazDZwpysR1R
AgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQAyoAQkshdwXRniuNdKST35o+mftEz7
BruOiFn3B8W/O5ml3pLrhmYUHoOBpMb50H605QuWCwYYArhfSdFbCmjNfjaEqphU
eHG5HRzaMdyp6Imi7ZJUp5/rDGg1Idf+5v5zr5AwCVbjkPPLJEJnvjpn+XW+/5pO
joVymerQ/q2aHQ==
-----END CERTIFICATE REQUEST-----

Now to view the contents of it, just issue the following command

openssl req -text -noout -in certreq.txt

and this is the output

Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=CA, L=Oceanside, O=Hostvelocity, OU=IT Dept, CN=www.hostvelocity.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b2:c7:18:58:cf:83:73:7a:b2:ad:fd:7b:d7:25:
ea:81:b3:db:5e:20:fd:38:10:5b:8c:07:c3:19:42:
d0:72:c4:82:83:1d:8e:34:5e:ca:68:13:61:4f:2b:
b0:6d:e4:26:0a:31:18:ce:73:77:ec:06:80:6c:eb:
97:32:8a:d3:a7:de:a7:88:07:1f:64:0a:60:fb:e0:
bf:33:54:a5:92:ac:4a:64:02:ee:b0:ae:f1:59:01:
82:66:53:18:0c:75:85:0d:98:8b:d2:54:4f:cb:38:
5a:37:53:45:80:eb:77:46:52:3a:71:b9:d3:8a:66:
11:ac:c3:67:0a:72:b1:1d:51
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: md5WithRSAEncryption
32:a0:04:24:b2:17:70:5d:19:e2:b8:d7:4a:49:3d:f9:a3:e9:
9f:b4:4c:fb:06:bb:8e:88:59:f7:07:c5:bf:3b:99:a5:de:92:
eb:86:66:14:1e:83:81:a4:c6:f9:d0:7e:b4:e5:0b:96:0b:06:
18:02:b8:5f:49:d1:5b:0a:68:cd:7e:36:84:aa:98:54:78:71:
b9:1d:1c:da:31:dc:a9:e8:89:a2:ed:92:54:a7:9f:eb:0c:68:
35:21:d7:fe:e6:fe:73:af:90:30:09:56:e3:90:f3:cb:24:42:
67:be:3a:67:f9:75:be:ff:9a:4e:8e:85:72:99:ea:d0:fe:ad:
9a:1d

This is a good way to see if your customers have all the valid info required to order an SSL certificate. Things to look for: C=Country ST=State L=City O=Organization OU=Department CN=Common Name You can see that I have that info in the output of the CSR above.

Google has launched SearchWiki, a new way to customize your search results from Google searches. SearchWiki allows you to re-rank Google Search results, delete them and add comments to them. SearchWiki is only available to signed in googlers. The changes only affect your own searches. Once you are signed into Google, you will notices search results like the following Suppose you wanted to search for Tracy Phillips and promote me just for the fun of it. If you click on one of the edit type of icons, you are presented with the option to customize your search results. Once you confirm and click the up edit arrow on the search result... BAM, the item is promoted to the top of the results. Now if that is not search engine optimization, I don't know what is. I bet that some SEO folk are going to be using this to show their unsuspecting clients what they have done for other clients and can do it to for them as well for a small fee. What will these fellers think of next

How to view crontab for all users? Not as elegant as you probably want, but this is what I do as root.

for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done

That snippet will loop over each user in /etc/passwd listing out their crontab. The crontabs are owned by the respective users so you will not be able to see another user's crontab without doing this as root. If this tip was useful to you, or you have a better way of doing the same thing, let me know by commenting below.

Looks like Google has thrown Skype (Yahoo) a curve ball by introducing video chat.. right inside your browser. All you have to do is download and install a plugin and enable it in your gtalk from within gmail.

Now that is what I call bringing VoIP to the masses. Chat anyone?

Well there you have it. Barack Obama will be the next president of the United States of America. Hopefully we will see the change Senator Obama has talked about for the last 21 months. By change, I mean change in the way that our federally elected officials work at a fundamental level. I think Washington has forgotten "Of the people, by the people" and they think of it more as "Of the party, by the party".