Daviey

Laura Cowen, Alan Pope, Dave Walker and Tony Whitmore present the ninth episode of the Ubuntu UK Podcast.

This fun packed episode brings us:

• Discussion:
  • Efficient PC hardware review
    • We review the Wraith PC from E fficient PC. Listen in to our next episode (number 10) for a chance to win this great computer!
  • Ubuntu mobile edition confusion
  • Lugradio Live discussion
  • Drobo disk storage robot and Drobo Share
• Competition:
  • The competition from Episode 8 is still open. It will end on the 12th July. (we have extended the competition due to the last episode being late).

Listen on http://podcast.ubuntu-uk.org or subscribe below:

High quality feeds

Low quality feeds


// A simple java application that offers useful advice
// paste into hasNone.java
// to compile: javac hasNone.java
// to execute: java hasNone

public class hasNone
{
public static void main(String arg[])
{
childishness (”Dennis”, true);
}

private static void childishness (String idiot, boolean sillyArgument)
{
growup (idiot);
}

private static void growup (String child)
{
System.out.println(”Grow up ” + child + “!”);
}
}
// that is all.


Later than scheduled the Ubuntu UK Podcast release their sixth episode, we think it was worth the wait - and we hope you agree.  This episode, brought to you from Alan Pope, Dave Walker and Tony Whitmore is a special episode recorded at the Ubuntu Developer Summit (UDS).

In this edition, we have a lengthy interview with Mark Shuttleworth, where he talks about Gobuntu, reactions to a recent blog post of his, the ssl/libssl issue and it’s handling and much more.  We also have a competition for the much sought after Canonical store vouchers.

http://podcast.ubuntu-uk.org/

You can grab it in MP3/Ogg high & low quality or listen using the embedded flash player.  You can also subscribe to our RSS feed using your favorite client, to auto download new episodes.

We are always looking for extra content, if you have any suggestions, letters or idea for an interview (either phone or in person) - please email podcast@ubuntu-uk.org

Listen on http://podcast.ubuntu-uk.org or subscribe below:

High quality feeds

Low quality feeds

EDIT: As per https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May/000706.html , upgrading the package will test the sshd key, amongst other things.

It would appear that the openssl algorithm used to generate the ssh or ssl keys for Ubuntu and Debian isn’t as random as required to be secure, and is therefore vulnerable to brute force attack.

As outlined: http://www.ubuntu.com/usn/usn-612-1

Thankfully Debian security team have written a pretty nifty perl script to help find if your keys are weak!

So ensure you have upgraded to the latest libssl0.9.8 package (as outlined in the USN) then:

To test the public key fingerprint on a server, do the following:

$ wget http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
$ gunzip dowkd.pl.gz
$ chmod +x dowkd.pl
$ ./dowkd.pl file /etc/ssh/ssh_host_{dsa,rsa}_key.pub 2>/dev/null

This will tell you if the public key is weak.  If it is, you should move/remove the key pair, then generate a new pair with:

$ sudo dpkg-reconfigure -plow openssh-server

Authorized keys, that can login using key based authentication.

$ ./dowkd.pl file ~/.ssh/authorized_keys 2>/dev/null

This will return any weak keys that are authorized to login using key based authentication, these entries should be removed and a new one generated and added to the file.

To see if your own user key(s) is vulnerable:

$ ./dowkd.pl file ~/.ssh/id_{rsa,dsa}.pub 2>/dev/null

If it is, you should remove the key - and create a new one using “ssh-keygen”,  and redistribute the public key (including to Launchpad)

NOTE: you should test all user keys on the system.  Might be worth saving any weak key’s, incase you do get locked out of a system.

Please pass this on to anyone using SSH.

EDIT: As per https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May/000706.html , upgrading the package will test the sshd key, amongst other things.

I’m happy to announce that the Ubuntu UK LoCo has put together their third episode of their podcast.  This one includes a discussion on Command line versus GUI, Mythbuntu and due to demand, how the podcast is put together.  This is followed by a news section.

You can grab it in MP3/Ogg high & low quality or listen using the embedded flash player.  You can also subscribe to our RSS feed using your favorite client, to auto download new episodes.

We are always looking for extra content, if you have any suggestions, letters or idea for an interview (either phone or in person) - please email podcast@ubuntu-uk.org

Listen on http://podcast.ubuntu-uk.org or subscribe below:

High quality feeds

Low quality feeds

One of my boxes is actually a Dreamhost account. I use this box with the promise of high bandwith and large storage for low annual cost. I really do take advantage of this offered service. However, I went to log in and was greeted with a rather sluggish shell. I ran top and got “427.38” (!) as current load (for those that are not aware - it ideally shouldn’t really exceed 1.00). It’s probably the highest load I have ever seen on any *nix box - but still provide a usable (but very slow) SSH connection and yet recover back to a reasonable load.

To be fair to Dreamhost, it did recover itself within a few minutes - but I was quite surprised at this load and thought it worthy of mention.

Screenshot of “top”:

Tesco are selling computers with Ubuntu pre-installed. However much I dislike ‘Tescopoly’; I am impressed that they are selling these systems, and may even get one myself. They state under ‘Features’ that it comes with 6.06, which in some ways is a shame, although it is the current LTS release - these computers are modern enough to really see a benefit from the advancements, and ‘eye-candy’ that Gutsy has given us. Sadly the users will probably not be prompted to upgrade until “Hardy Heron - 8.04″.

One slight concern I do have, is support. New ‘converts’ to Linux tend to require some support and I suspect this is not being offered. Hopefully I am incorrect.

Surprisingly this has come in quietly, and was noticed by the ever shrewd “John Levin” on the Ubuntu-UK mailing list.

Links to the systems offered:

• http://linkpot.net/kidnap/
• http://linkpot.net/chastened/

Digg This

The Ubuntu-UK LoCo team held our release party today. We had a mini-install fest with Ubuntu Gutsy CD-burning, upgrades and installs coupled with some great conversation. The venue even mirrored the Gusty ISO image for patrons.

The team were delighted to be joined by members of Greater London Linux User Group, Datahop IT and some awesome people from a little company called Canonical. Some random bloke calling himself “Mark Shuttleworth” turned up; we allowed him to join our party as he had bought a round of drinks and some nibbles.

We are still at our party, and drinking some good real ales.

Came across this digg posting.

Ubuntu.com has an image in the top left hand corner, showing one of the characters wearing a ‘Dell’ T-Shirt.

As one ‘digger’ said, “I think its rather cool. Linux is not just for nerds any longer.”

On another note, according to This blog posting - Ubuntu/Dell laptops might be available from tomorrow.  Let’s hope!

This pretty much slipped under the radar…

Red Hat have provided the FOSS community with ‘drop in replacements’ for the main fonts provided by ‘msttcorefonts’ (Arial, Times New Roman et al). They have done this “to say thank you to all our friends in the open source community for all you have done to make us successful.” Which is awfully nice. These fonts are provided under GPLv2 + 2 exceptions (not sure exactly why these are required).

Announcement: Here

There was an initial effort for packaging these for repository ‘Universe’ HERE - But from my understanding Debian’s font ‘task-force’ are also packaging it - but are concerned about a licensing issue that they are trying to deal with upstream (Red-Hat). So i’ll probably nuke my package.

 EDIT:
Although the package hasn’t been officially released due to the above problems.  Debian’s pre-released package is available here, It should work without any problems.  However, not being an official package the normal ‘health warning’ applies.