Extra Pepperoni

I had a conversation with a co-worker about our new space. We’re moving into the Super-Tent in March, and the construction on Theobald Smith Hall (where we’re being kicked out of for the gut renovation) is supposed to finish in 2011. There’s been no discussion about where IT will go after we move out of the Super-Tent, except that we’re not moving back, because Smith (and Flexner) will be all open-bay lab space (no administrative departments allowed).

We all assume Flexner will start as Smith is winding down, so if Smith takes 4 years, Flexner might take 3 (until 2014). At that point, Bronk is going to look quite old and unloved (as it already does, actually), so that’s 2017. RU IT is over 60 people now, so by then we should be 80+, and the University is extremely unlikely to have a nice space to put a group of 80+ people (we’re currently in 5 locations in 4 buildings, spanning 5 blocks).

So perhaps in 2017 (barring major construction delays, and we all know all construction finishes on time, right?!?), the University will be trying to figure out what to do with 80 people, who are less important than any lab.

At this point, I have to think they’ll wait to think about it (as they waited to give us new space, or renovate our existing space for a few years). Perhaps 3 years later the City will finally make them remove the tent (which is not approved as a permanent structure, of course), so around 2020, I expect RU to be scattering the IT department across campus again. Maybe we can find the 13th Colony!

Note: Bathrooms will be outside — outhouses are so retro!

Check out my Super-Tent photos and the RU article on the construction plans.

We have a bunch of 48-port terminal servers (they’re Linux/ssh based, and quite good). Unfortunately, one of ours has a bad Ethernet port (intermittent connections — no good for lights out management!)

Today (Friday), I spent from 4:15 to 5:30 labelling 48 Cat5 cables, replacing the old terminal server (a tight fit!), reconnecting the cables, and testing. It increased my respect for our Network group, as they do this type of thing all the time (although usually with less ports), and scheduling network downtime is much tougher than scheduling console downtime. Lots more people notice. Fortunately, the terminal servers are for our group, and used almost entirely by 4 particular people, so notification and scheduling was easy.

Still, it wasn’t fun. At the end I had a label maker with dead batteries, a whole bunch of garbage from the labels, and grimy fingers, but we regained remote access for the weekend, which was my goal.

Next time I’ll ask a hardware guy to do the cable swapping!

I’m sending my 3-year-old PowerBook off to Apple for repair before AppleCare runs out, and here’s my checklist of confidential things to remove (after SuperDuper! finishes backing up) for security reasons. This would also be a good idea whenever a sensitive computer is going beyond personal control for a while. On a machine that travels a lot, most of this data would be on an encrypted filesystem or not present at all, but this PowerBook mostly moves around within our home.

http://www.shirt-pocket.com/SuperDuper/SuperDuperDescription.html

Hopefully this list will help someone else remember what to delete/protect.

• All personal Keychains (~/Library/Keychains/); if you have multiple accounts, don’t forget the others; if your System keychains are sensitive (AirPort password, mostly) don’t forget /Library/Keychains
• All my ssh files, except authorized_keys, in ~/.ssh/
• Any sensitive email (in my case email is on an iPod, but backed up to the PB)
• Password wallets (Web Confidential, etc.)

Also, I create an admin user apple, with a one-time password, and set it to enable auto-login (System Preferences:Accounts:Login Options).

When the PB returns, I’ll restore the sensitive files and delete the apple account.

What am I forgetting? Leave a comment!

Update: Someone asked about deleting their account and all their files before sending a PowerBook in for service. This is more paranoid than I am, but here’s my answer:

First, don’t delete the account — you’ll get a different UID when you recreate it after service, and this complicates things. If you are concerned that Apple will somehow snarf your password, change the password temporarily (System Preferences:Accounts); don’t forget any other accounts (if you have a root password to protect, “sudo passwd root”).

Don’t delete any files without having a tested backup first. Disk Utility can this nicely — just make a compressed disk image of your home directory.

To delete your home directory:

1. Enable root (”sudo passwd root“, if you haven’t already).
2. Set System Preferences:Accounts:Login Options to “Display login window as:” “Name and password” (by default, you must pick the name of a non-root account from the login window).
3. Log out and log back in as root.
4. Go to /Users, and delete any home directories you want to get rid of (and have already backed up & verified).

When you get the computer back, restore your password(s), delete the apple account, and restore your home directory.

Frequently, I need to leave myself a reminder or send myself a note on another Mac. I used to do this via email, but now mostly use ssh, with the open and bbedit commands. Since I use ssh private keys for authentication, this is very convenient — I can issue commands to remote machines without having to enter a password each time.

Since I ssh so often, I’ve set up several convenience aliases, including ss for “ssh salt” and sc for “ssh cayenne“.

For several years I wished for remote clipboard support; I believe Peter Lewis even wrote a tool to implement it, and there are remote control tools such as VNC, but this is simpler and quicker.

Here are some examples of useful remote commands:

Open a BBEdit window on salt, showing the entered serial number:

echo "Serial Number for Some Super Software" | ss bbedit

Open an article in Safari, on cayenne:

sc open http://db.tidbits.com/article/8835

Open a couple pages in Safari on cayenne, including one with punctuation in the URL that would normally trip up the shell:

sc 'open http://blogs.zdnet.com/threatchaos/?p=311 http://daringfireball.net/2007/02/more_crap_from_enderle'

I keep most of my systems on all the time, so it’s extremely handy to be able to toss text and URLs around this way.

Serious UNIX nerds can use cat to send a block of text over (Control-D at the end terminates text entry and bundles off the text):

cat - | ss bbedit
This is a test.
This is only a test.
If this was a real emergency, you'd be dead already.
^D

Alternatively, create a text file via a normal ssh session, and open it for later — this is not as fast, but conceptually closer to normal usage:

pepper@www:~$ ss
Last login: Thu Feb  8 18:13:36 2007 from www.reppep.com
Welcome to Darwin!
pepper@salt:~$ vi Desktop/note.txt
[Type, paste, whatever, here; then save and exit vi]
pepper@salt:~$ bbedit Desktop/note.txt
pepper@salt:~$ logout
Connection to salt.rockefeller.edu closed.
pepper@www:~$ 

Additionally, I do something similar to remind myself to edit or update documents when I get home, which looks something like this:

sc bbedit www/pepper/public_html/index.html