Secure Shell (SSH) is everywhere.

Since it’s inception in 1995, SSH has become the most widespread remote login protocol for Linux boxes, with some estimates saying that there were at least 2 million SSH users at the end of 2000. Gone are the days of telnet sending your data in plaintext over untrusted networks. Now you can type with a reasonable amount of confidence that your data is encrypted and secure.

But, as Uncle Ben said, with great power comes great responsibility!

By its very nature, an improperly configured ssh daemon can be a network liability rather than a asset. If you have a Linux box that is accessible via the Internet, it pays to know what you are doing.

Therefore, here are five things you can do to lock down your server and make ssh more secure…

(more…)

Jeff Cogswell talks about the new features of Python 2.5. Nothing new in the article if you have been following Python’s development, but it’s a decent summary if you haven’t.

From the Amazon product description of the upcoming Django book:

In Pro Django: Web Development Done Right, Adrian Holovaty, one of Django’s creators, and Django lead developer Jacob Kaplan-Moss show you how they use this framework to create award-winning web sites. Over the course of three parts, they guide you through the creation of a web application reminiscent of chicagocrime.org.

The release date is currently March 26, 2007. I think that might be later than originally expected, but I’m not sure.

Pygments aims to be “a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code.”

Muharem Hrnjadovic talks about Python decorators.

Yet another Python web framework… Clever Harold.

The use of WSGI is nice to see and (oddly enough) an ORM is not required:

Clever Harold doesn’t own your data model, you do. In fact, the framework doesn’t require you to use any database or ORM at all.

Interesting.

I’d love to see a Pylons vs. Clever Harold comparison.

Quoth the Django blog:

This is one of the coolest Django hacks ever.

Marxy writes that he’s gotten Django running on a Windows Mobile 5 PDA.

Heh!

Titus Brown has a script that will notify you when new email arrives via Jabber. It uses PyXMPP.

See also: HOWTO: Connect to Google Talk with Bitlbee

After waiting far too long, I finally ordered an extra hard drive to stick in the Dell SC430. It’s a 320GB Seagate Barracuda 7200.10 from NewEgg:

europa ~ # hdparm -I /dev/sdb /dev/sdb: ATA device, with non-removable media Model Number: ST3320620AS Serial Number: 3QF0LFPW Firmware Revision: 3.AAE Standards: Supported: 7 6 5 4 Likely used: 7 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 625142448 device size with M = 1024*1024: 305245 MB device size with M = 1000*1000: 320072 MB (320 GB)

europa ~ # hdparm -Tt /dev/sdb /dev/sdb: Timing cached reads: ... 2057.87 MB/sec Timing buffered disk reads: ... 77.02 MB/sec

Now I can keep all of my media (e.g. mp3s, photos, videos) on that drive, and rsync it to the USB drive enclosure (250GB) that I picked up a while back. That should work as a decent backup system for at home.

I considered running RAID 1 in the server, as it would have been cake to set up. But I wanted a true backup, not just improved availability and hardware fault tolerance. Honestly, I don’t really care about recovery time or availability. However, I care an awful lot about not losing any data. So I’m pretty happy with this setup.

The self-published Getting Real book from 37Signals is now available online for free (HTML). The PDF and print versions are still available for $19 and $29, respectively.