Monday, August 24, 2009

GIT Tutorial[ Cont. ]

Following up from where I left in the last post. I will now introduce you to some concepts where GIT embeds itself into the internet and how it maintains security of project hosted on GIT.

Public Key Cryptography

We all have passwords, but the major limitation of passwords is that it's secret! Yeah, seems very odd ? Also it is a form of symmetric encryption, that is whatever you use as key( passwords ) to lock your data is used to unlock it.

Consider this simple Alice[ Bandi ] and Bob[ banda ] example. Now if Alice wants to send some data to Bob which will be encrypted over the network, they need to decide a way to encrypt it. Suppose they decide to use a simple Shift Cipher to do it. Shift Cipher Works as follows:

Plaintext: abc
Key : 2 ( say )
Ciphertext: (a+2)(b+2)(c+2) == cde

The method of Encryption is open and so is the method of Decryption. The only thing that holds any security is the KEY( 2 in the above case ). But if Alice and Bob are to use the same key for encryption and decryption, then there must be some way to communicate it before they actually do any conversation.! And hence the security of Key falls in hands of method of communication. Suppose we encrypt the method of Key Distribution we're into a loop....!!!

Public Key Cryptography comes as a rather surprise. In this scheme a person has a pair of Public and Private keys( generated by a suitable software ). The above problem of Alice<-->Bob interaction is handled in the following way.

Preconditions: Alice's and Bob's Public Keys are open to everyone, but the private keys are kept secret. A message encrypted by the Private Key can be Decrypted by the Public key and a message encrypted by a Public Key can be decrypted by the private key only.

Message Sending: Alice sends a message "abc"( say ) and encrypts that with the Public Key of Bob. Hence when Bob receives it, only he can Decrypt it with his private key.

If you notice we have completely avoided the problem of Key Distribution.

Public-Private Keys and GIT

Whenever you make a commit to the GIT repository there should be a way in which GIT can authenticate whether you're the authorised person to do so. It contains the Public Keys of all those who are allowed to make changes to the GIT Repository. When you send a message to Repository saying: "hey git, add this file", such a query is Encrypted with your Private Key, GIT knows your username and hence it sees if it has a Public Key corresponding to your username. If it exists, it'll try to Decrypt the query using the Public Key. If successful, that is the query makes sense, it'll authorise you. An incorrect Public Key will give garbage results which GIT will discard.

Making your Public Keys

Making Public Keys is simple and we'll be using a simple software called ssh to do so. All further steps are done on an Ubuntu.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sanket/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Give appropriate information, remember to give a passphrase it'll save you in case you miss your private key. The key'll be generated in /home/.ssh/
The names of the files will be: id_rsa( private key ) and id_rsa.pub( public key ).

From now on this key is your identity, and yeah it's your universal identity.!

Handing me the keys

As I am the repository owner, you'll have to hand me over the Public Keys. You may do so by mailing me a copy at my email address or Posting on the list itself, Public Keys are meant to be public so don't hesitate in telling it to the whole world ;).

Please mail the file id_rsa.pub ONLY. And also remember to rename it to a username you would like to have.

Recommendation: Suppose my gmail account is: snktagarwal. I would send a copy of id_rsa.pub as snktagarwal.pub. You are also expected to follow the protocol.

Using the public-private key pair in GIT

Now I'll show you how to use your Public Private key pair with GIT. It is assumed that you've already done the following above steps:

  • Made a Public-Private( RSA ) key pair using ssh-keygen. SSH produces RSA Key Pairs.
  • Given me the Public Key with the name .pub
  • I have added you to the trusted users group!
First let's have a view of the project repository online: http://203.110.246.113/viewgit/

In the free_monkey repository you may see many Branches below in Heads section. These are the Branches created by various "Trusted" users. Wait for it, you'll have your own branch very soon :P.

1. Configuring ssh to port 4545

SSH on port 22 is blocked outside halls, so you won't be able to do normal SSH traffic. For bypassing this security you need to be able to talk with my server on Port 4545, my server is configured so as to read on port 4545. Make the following changes:

$ sudo gedit /etc/ssh/ssh_config

Change the # Port 22 to Port 4545.

Before:

# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1

After:

# IdentityFile ~/.ssh/id_dsa
Port 4545
# Protocol 2,1

2. Create a username for yourself in GIT

Execute these commands on your machine to tell others what your name stands for:

$ git config --global user.name "Your Name Comes Here"
$ git config --global user.email mail@domain.com

3. Check out a copy of the repository

It's as simple as it may get:

$ git clone git@203.110.246.113:free_monkey.git

Let me explain this command to you:
  • git@ means that the machine that you are contacting has a user called git which will provide the git services. It could be git or repos or anything depending on the server administrator. Hence in our case I have named it to git on my server.
  • 203.110.246.113 is IP of the server.
  • free_monkey is the name of the repository which has default extension of .git.

If you're successful you'll have somthing like this:

Initialized empty Git repository in /home/user1/git/free_monkey/.git/
Enter passphrase for key '/home/user1/.ssh/id_rsa':
remote: Counting objects: 111, done.
remote: Compressing objects: 100% (80/80), done.
remote: Total 111 (delta 17), reused 0 (delta 0)
Receiving objects: 100% (111/111), 48.99 KiB, done.
Resolving deltas: 100% (17/17), done.

4. Make your own branch and have fun with the repository!

Here are the brief steps to make your own branch, refer to this if you want a review of commands.

$ git branch
$ git checkout
$ vim README
...make some changes...
$ git add README
$ git commit -a -m " branch created and updated"
$ git push origin


The last command needs some explanation:
  • Push: make a commit on the remote server
  • origin branchname: This tells git to push on branchname, which is your branch!

This wiki might be awefully incomplete, but given the time limitations, I am bounded. Please ask any doubts in this post or on the KGP list if needed.!


Sunday, August 16, 2009

GIT Tutorial

Hey guys and gals,

This is my version of tutorial on Git.

I won't go into much details of what git is all about, though you can always go here to have a look, git tutorial, which is actually an excellent boot up guide to Git and it's advantages. To be very precise Git was developed by Linus Torvalds to manage the Linux Kernel Tree and it turned out that Git is presently the best Version Control system on paper and in implementation!

Public and Private Repositories

Repositories are the place where you actually keep your source code. So that a person who wishes to have a look at your code in a programmer friendly way! Also it is used to do collaborative coding, while maintaining an Organizational Hierarchy, it is equivalent to a management system built into the haphazard world of Open Source :).

Public repositories are the repositories which everyone can have a look at. Generally Repositories are public so that anyone can have look, open source needs to be open ;). But the ability to write to a repository still lies in the hands of "the" few from the Circle of Trust.

Private repositories are different in the sense that you can't have a look at the code it u aren't a part of the project, private repositories are rare... though they exist.

Starting a Basic Project in Git

There are a plethora of excellent tutorials that tell you how to use git, and I won't try to reinvent the wheel. Though here's something important to note. As Git is meant for collaborative work, you check out code from some remote host( repos ) and then make local changes, and then push it back to the remote repository. First thing you need to learn is to use Git in the local system. I would suggest you to go through the following texts.

0. Use a Linux Box if you may. Windows users should look at this: windows link. But try to use a linux box because it'll be easier to get help :).

1. Official Git Tutorial - A great place to start, follow the exact steps uptill the point you can pursue. Try to read upto the section: Managing Branches, and yeah work each command on your machine.

2. Those familiar with svn should look at this

3. Once you've dealt a fair deal with using git locally it's time to dive into some Remote servers.

Web View of Git Repository

If you are familiar with version control you might be aware of Web Views for common Version Control services. Familiar are Github, Google Code. You can visit these site and look at an arbitrary project and have a feel of the Repositories. I have maintained my own version of Git Server and the Web Views can be looked up from here. We'll be using this for the rest of the tutorial so make sure you are able to get it work!

http://maillist-cse.iitkgp.ernet.in/viewgit/
or
http://203.110.246.113/viewgit/

Note:- To use the maillist-cse.iitgkp.ernet.in Link please use 144.16.192.247 as your proxy and while using the second link you don't need to change your proxies :).

So you can see a free_monkey repository. It's just a test repository containing some of my interesting source code ;).
Things to watch out for( make urself familiar, now is the time ):

1. When you enter the repository you can see, Shortlogs, Tags and Heads. Shortlogs are the commits that coders do on a repository. Something like you make a local change and push it to the remote server.

2. There are two heads, master and experimental. These are the branches that exist for the code. A single project( code ) can have multiple, non interferring, branches.

3. Some hyperlinks above show a Tree link, which is the listing of code.... the stuff inside ;).

Heads

Heads are the branches of the code. Suppose you wish to work with me on this project, so instead of working on the master copy( which is a compulsary branch ), I would ask you to start your own branch and start commiting there. In our case we have the master and experimental.

You can switch the Code tree for any branch from these links.

Checking out Code

As this repository is public, you might wish to check code to have your own copy to work with. These are the steps you need to do.

First of all, git runs on a ssh service, and as port 22 is blocked in Institue. I am running this server on 4545 port. In a standard ubuntu box you will have to make the following changes:

$ sudo vim /etc/ssh/ssh_config

Search for a line which says "Port". Uncomment it and write: Port 4545. So the section now looks like:

# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
Port 4545
# Protocol 2,1
# Cipher 3des

Cool! Let's move further. You now need to clone the public repository into your computer. Do the following steps.

$ mkdir git # Make a folder for git repositories
$ cd git
$ git clone git://203.110.246.113/free_monkey/
Initialized empty Git repository in /home/user1/git/free_monkey/.git/
remote: Counting objects: 34, done.
remote: Compressing objects: 100% (28/28), done.
remote: Total 34 (delta 7), reused 0 (delta 0)
Receiving objects: 100% (34/34), 42.23 KiB, done.
Resolving deltas: 100% (7/7), done.

Voila! We have got our own copy of Git source. These are the interesting things that you might wish to do:

$ cd free_monkey
$ git branch -a
$ git checkout experimental
Note: moving to 'origin/experimental' which isn't a local branch
If you want to create a new branch from this checkout, you may do so
(now or later) by using -b with the checkout command again. Example:
git checkout -b
HEAD is now at 878804d... Graph for activity logger

If you are done till here, watch ourt for the next iteration of git tutorial. Any doubts, please reply here :)!

Saturday, August 15, 2009

Pidgin Activity logger!

Hey guys,

I am really short of time to catch up with my lunch, and hence excuse me for my gibberish English :P. Recently my dear friend came up with this hilarious idea to log the activity of online users on our Gtalk accounts. Hmm, not a bad idea heh!

So I sat down( many though I was doin madness ) and this is the strategy that I blogged down:

1. Use DBus connectivity to access information from Pidgin client. DBus is a server based model by which you can connect to applications running on your Localhost transparently.

2. Use python as the binding to DBus.

3. When first starting the program, get a count of current online users.

4. Trap signals for Signed In and Signed Out, and whenever one happens, just increment/decrement the count.

5. Log all changes to a file.

6. Make a Graph from the Log file using Matlab.

You would like to see the final output first right ? Heh:


It was a nice experience to jot down the hueristics of your Gtalk activity because we use it way too often. The graph starts at 00:00:00 Midnight for 24 hrs so that makes it one full day. And you can visibly see that the Maximum peak is at about 8-10 Pm and the lowest at around 5-6 AM.

Want your own graph, reply to this post.... and btw I might be releasing a Pidgin Plugin named Activity-Logger pretty soon ;)

For the interested if you can manufacture a plugin earlier than I may, have a look at the code urself: git hub code

Wednesday, July 29, 2009

KGP -- A Juggernaut in the making

KGP -- KGP Group of Programmers, the recursive name shudders through me a flow of intense adrenaline! And I hope the plans and views that I have set for this 'TO BE' giant, turn out frightingly stupendous!

It's tough to say where it all started, but I know where's it going. I don't know if all my friends who have certainly made the abstract plans to hardware fabrication, share the same intensity and far[t] sightedness. I ain't boasting, and u'll realise in a matter of few kilos of words that I really am having a far[t] sightedness :D.

What is the KGP -- to be as simple as possible, it is an effort to produce "sexy" code. Sexy not only in terms of ideas, but in terms of Coding Style, Technologies, Architecture etc. It's an effort to churn out Cormen( the person ), yes why not! We've got to start somewhere, and maybe my batch has to do the dirty work of flooring, who the FUCK cares! What matters is that you contribute, and that contribution is rememberd not as a "Memorial" but as a profession!

I have many plans with KGP, first of all I would like to teach my juniors, teach won't be the right word.. I should rather use guide, towards a learning of practical aspects of coding. Today code is not all about a single piece of C code which can run with the good ol' gcc mybullshitfile.c followed by ./thiswillconquerortheworld.out :D. Rather we need an organised effort, roots of which can be derived from the community of Open Source!

Here I wish to tell that Open Source is a community rather than a category of software, a community which has people who understand the importance of collaborative coding, and also the idiocracies of Licenses etc. And this includes those from the heart of FSF( read Linux if confused ) to the backwaters of Microsoft and there's no one to say that the Microsoft guy should be hanged over all the code he's written. No!, Open Source is a place to learn and not to spread communism!

I like the model of Open Source and hence adopt it for most of my processes of programming, may be it Technologies to choice of Languages this community helps you out anywhere and everywhere :). This is exactly what I would wish to see.. KGP adopting the idiocracy as well as charm of Open Source Architecture. And I am sure working with a bunch of to-be 'Geeks' will be a fun experience!

What can't we achieve, there's nothing out of our reach! Making softwares can be fun and why can't we make competitive code ? All's needed is organised effort and that's what had been lacking till now! I won't be surprised to see scores of ideas in sections like 'Sandbox' and 'Incubation', and many being completed and launched. It has to get bigger! The Juggernaut has to roll to engulf all. Just look at the consequences, we might end up in a system where code is being produced and not just for voluntary ideas but maybe for companies! We can get work for sites of the magnitude of Kshitij and SF, why not ? Aren't we meant for this fate ?

Can't we produce winners in comptt like Imagine Cup, GSoC and lot's more of them ? Just the organised effort was missing and I and my batch hope to fulfil it with our gift to this beautiful institute, a gift to our juniors.... KGP!

Friday, July 24, 2009

SSH Port Blocking and CSE-Xeon server Tragedy

There has been a quite an uproar over the Xeon-64 servers not being able to accept connections by CSE students of my batch.

Abstract

[ For those who just want to know, "can I get to that fucking machine anyway ?" ]

The problem, to put in very accurate technical terms is, Port Blocking on Outbound traffic. SSH runs on Port 22( Default Value/XEON Server) and CIC network guys have blocked all outbound traffic on Port 22 for most of the halls.... ( atleast RK, RP, NH and more... ).

So the simple thing is this, YOU CANNOT HAVE ANY TRAFFIC ON PORT 22 OUTSIDE THE HALLS. Though local( inside halls ) traffic will suffice. And hence if you are too desperate for the 64bit lady, there are 3 solutions from me:

1. Get the Xeon server port changed to something other than 22, say 4455 etc.
2. OR Ask the CIC/Wipro guys to turn the stupid firewall off.
3. Tell the guys at Hall Server rooms, ask if they can get you through

Details

Let's see what exactly is the scene, I wont talk much theoretical nonsence, but rather show you some concrete output to support the facts.

First thing I will do is to ssh the Xeon( 10.5.18.75 ) server with my user

----------------------------------------------------------------------------------------------------------
sanket@sanket-desktop:~$ ssh sanketa@10.5.18.74
ssh: connect to host 10.5.18.74 port 22: No route to host
----------------------------------------------------------------------------------------------------------

Clearly I cannot open the server!

Now I shall try to ssh into Avishek's machine which is in the same Hall as I am:

----------------------------------------------------------------------------------------------------------
sanket@sanket-desktop:~$ ssh avishekbanerjee@10.110.11.209
The authenticity of host '10.110.11.209 (10.110.11.209)' can't be established.
RSA key fingerprint is 99:15:20:66:1f:d7:de:f9:24:be:dc:99:2a:62:6d:26.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.110.11.209' (RSA) to the list of known hosts.
avishekbanerjee@10.110.11.209's password:
----------------------------------------------------------------------------------------------------------

Evidently I can see that avishek's system is open for me on port 22.

Another more "techniche" check using nmap.

Xeon Server: nmap -p22 10.5.1875

----------------------------------------------------------------------------------------------------------
sanket@sanket-desktop:~$ nmap -p22 10.5.18.75
Starting Nmap 4.62 ( http://nmap.org ) at 2009-07-24 19:52 IST
Interesting ports on 10.5.18.75:
PORT STATE SERVICE
22/tcp filtered ssh

Nmap done: 1 IP address (1 host up) scanned in 13.085 seconds
----------------------------------------------------------------------------------------------------------

Avishek's Machine: nmap -p22 10.110.11.209
----------------------------------------------------------------------------------------------------------
sanket@sanket-desktop:~$ nmap -p22 10.110.11.209
Starting Nmap 4.62 ( http://nmap.org ) at 2009-07-24 19:53 IST
Interesting ports on 10.110.11.209:
PORT STATE SERVICE
22/tcp open ssh

Nmap done: 1 IP address (1 host up) scanned in 13.052 seconds
----------------------------------------------------------------------------------------------------------

The results are evident, Xeon server has got no port 22 request, Filtered! But Avishek my friend is very comfy with the thing :D

It's a easy test actually to see if your outbound traffic is blocked. Just try to ssh into a machine you know is ought to be working, and if you can't access.. you're doomed.

Though what I have shown here is Outbound Traffic blocking, and it's actually the case that inbound traffic is totallly okay. Try sshing into your computer from department computers and don't get surprised at the results. ;)

Here's a proof, the machine I will be using is kept in the CSE Deptt and I have access to it( on somehow ). All deptt machines have open outboud traffic, so if I get a filtered output when scanning my m/c in hall, that means that the m/c in hall is refusing!

----------------------------------------------------------------------------------------------------------
mailinglist@maillist-cse:~$ nmap -p22 10.110.11.10

Starting Nmap 4.76 ( http://nmap.org ) at 2009-07-24 20:00 IST
Interesting ports on 10.110.11.10:
PORT STATE SERVICE
22/tcp open ssh

Nmap done: 1 IP address (1 host up) scanned in 5.69 seconds
----------------------------------------------------------------------------------------------------------

I am OPEN! If you can realize the gravity of the results so far, I can go further explaining the network you're inside.

On the basic layer is a Hall which is connected to a Server( often called Server Room as you all know it ). This server, rather a Gateway, connects to the CIC Network Shells( at CIC ), and there's where they put the port throttling etc! But I don't know why is it that they've put it for some of the halls.
What I can suspect is that, maybe somehow, by redirecting the port 22 traffic to some open m/c and then bouncing off requests from that machine, you can be helped out of this port 22 menace. So if the people at the server room are intelligent enough, you're in God's hands I guess :).

Sunday, July 19, 2009

Let's Fly, Cut and Run a Kite with the Kite Runner!

It has been quite a fascinating experience to read the Debut novel of yet another Asian writing prodigy, Khalid Hosseini! The book as we all know, "Kite Runner". It would perhaps be the end of reading spree I have witnessed recently, and now that my breath has become solid and heavy looking at the Semester Performance, I better get some "real books" to read :P

Emotions have always been like a flowing river, uncomprehensible, unstoppable... the style the book's written is no big exception to the fact! I would perhaps go on to comment that, this book is more of an emotion-- cascading like a waterfall --which takes you into a world unknown and unplundered.

With a free flowing hand, and frightful bursts of exemplary imagery, dictionary has been on toes to keep pace with Hosseini's ink. A story truly heart-throbbing and exceptionally serene, takes one into a world few have witnessed. The writer is a small child of "Baba" living in some posh locality of Afghanistan. He and Hasan( their Servant's child ) become the best of friends sharing all possible curves of life, TILL, Amir( the writer ) betrays Hasan and they split.



Amir moves to America with Baba and the story proceeds with how he fights his conscience, which had made him inert to concepts of "Loyalty", "Truce" and "Countrymanship". He returns to Afghanistan, only to discover what his Vanity had hid from him when he was once a child. Without detailing further-- and hence popping the plot --I would recommend you reading this book.

Have a look at the summary for reference: http://www.wikisummaries.org/The_Kite_Runner

Sunday, July 12, 2009

1984 by George Orwell -- Devastatingly Serene !

Recently I laid my hands upon the much celebrated Dystopian Novel in English literature, 1984 by George Orwell. This book written in 1949( The exact details can be wikied out ) has been a relevance even after a Golden Jubilee! There are loads of reviews you could find on the internet, but I feel redundancy has always been a feature of this Webbified world !

Starting off with the genre this book belongs to -- Dystopian, Violent, Sexual and Aggressive -- truly exhilarating! Dystopian Literature is that form of thinking which is restricted to a Policy and Doctrine, the vision of a society in which conditions of life are miserable and characterized by poverty.

And hence the elements of Violence, Sexual Obscenity and Aggression can hardly be left out. At first the idea that:

WAR IS PEACE,
FREEDOM IS SLAVERY,
IGNORANCE IS STRENGTH!

Would make you fretted. Same was with me, though it is easy to swallow the fact that our ancestors could be "stupid" enough to believe in the above non-sense! But after I read the book and the views put forward by Goerge via our Narrator -- Winston Smith, you are made to rethink, with terms like "doublethink", "thoughtcrime", "crimestop"... a whole new train of thoughts tramp through!

Here's my favourite pick of thought: The author justifies pretty effortlessly that War is indeed peace, and here's how.

War has been a way for communities and rulers to impose their power and expand territory. But it has been a nature of law, until now, that one war gave rise to another, one conqueror to other. No one thought of ruling the world, FOREVER. The thought never came as they knew they were mortal, one day they had to give way to thier hiers who could be least potent of taking the legacy forward. But the "Party" which rules "Oceania" -- the piece of land on which our Narator is a part -- has different plans. They redefine war from roots, changing the very behaviour, meaning and purpose!

All that party wants is Power, immense power, a power which gives rise to power! They have a head in the form of Big Brother, whose very existence is doubtful. But one thing that is fixed is the "Party"! No person exist independently, and party shall rule forever as it is immortal. For them the greatest reason for "revolutions" in the past have been the Human Emotions, their heart and ability to think have overthrown empires to dust. The plan is simple, keep them in tight control. How to do it ? Eat up all the resources, drain them emotionally, make sex taboo, beat them, kill them, mercilessly! Monitor them day and night -- Thought Police they call it.

War is just a way to keep the resources busy, away from the reach of common man! What they want is not the betterment of people but more POWER. The wars have never been targetted to overthrow rivals, they hardly happen anywhere other than frontiers. Even the frontiers are ill defined. No major power tries to invade into other's territory... war is a convinient way to divert excess -- rather vital -- resources to wastelands!


Party feels that man can either be free, freedom in terms of intellectual and mental, or happy. Both things don't go hand in hand. It is easy to imagine, happiness is what they give! People are starving, dying, ailing of epidemics, but they are happy -- because the "Party" is their saviour!

I can go on and on with the doctrines of the "Party" and the ways in which Ocieana was controlled. But you would rather get your own hands dirty with the fantastic and heretic novel it is!

Happy Reading