Setting up ssh-agent for bash under windows

The bash shell for windows is a good extension to use git unter windows. But if you use ssh-based connections it is frustating to enter the passphrase for each connection.

Activating the ssh-agent solve this problem. Create the file .profile in your bash home directory and after starting the bash shell it also starts the ssh-agent and asks once for your ssh passphrase. The passphrase is cached in the ssh-agent during your bash session.

#!bash.exe
export SSH_AUTH_SOCK=/tmp/.ssh-socket
echo ;
echo Starting connection with ssh-agent...
ssh-add -l 2>&1 >/dev/null
if [ $? = 2 ]; then
  rm -f /tmp/.ssh-script /tmp/.ssh-agent-pid /tmp/.ssh-socket
  # Exit status 2 means couldn't connect to ssh-agent; start one now
  echo Creating new ssh-agent...
  ssh-agent -a $SSH_AUTH_SOCK > /tmp/.ssh-script
  . /tmp/.ssh-script
  echo $SSH_AGENT_PID > /tmp/.ssh-agent-pid
  ssh-add;
  echo ssh-agent set up successfully.
  ssh-add -l
fi

Starting Rescue Mode in Ubuntu 11.10

It’s a little difficult to find the rescue mode in Ubuntu 11.10. Since 11.04 you can press the shift key in startup phase to show up the grub boot menu.

First step is changing the following line in /etc/default/grub


GRUB_HIDDEN_TIMEOUT=0

to


GRUB_HIDDEN_TIMEOUT=1

Activate the changes by running /usr/sbin/upgrade-grub.

Now you can boot up your system and can press the shift key to access the grub menu.

Another important thing is that the file systems are mounted read-only in rescue mode. If you want make changes to the file systems then you must first choose the remount option in the boot menu.

Structure of the IBAN (International Bank Account Number)

An IBAN may contain up to 34 alphanumeric characters and is composed of the following parts:

  • Double-digit alphabetic code according to ISO3166
  • Two-digit numeric check digit over the whole IBAN under Modulo 97-10 (ISO7064)
  • Maximum 30-digit Basic Bank Account Number (BBAN), consisting of the Institute identification (IID) and Bank Account Number (BAN)

The IBAN in electronic form contains no spaces, but  in a printed form it is usually presented into groups of four characters with spaces . The last group of characters contains the remaining characters of the IBAN. In this way the IBAN is easier to read. By validating the check digit in the IBAN the frequent cross-border payments misdirections can virtually ruled out. The Basic Bank Account Number is used by the financial institutions identified in the respective countries and the customer account at a bank. The IBAN can be derived, although usually from the domestic bank account number, but it is not always reliable. Therefore the European Committee for Banking Standards (ECBS) has indicated that an IBAN should in principle only be made by the account-holding financial institution. The software-calculation of the IBAN bank account number and ID is not recommended and may lead to incorrect results. A check of the check digit is useful to prevent input errors.

Check digit for IBAN

For the IBAN check digit calculation method, the modulus is used 97-10 (ISO7064). The purely numerical check digit consists of two bodies and is for all participating countries are following the country code at position 3 and 4. In order to calculate and validate the check digit, the alpha characters of the IBAN must be converted using the conversion table below, in double-figures.

A = 10 B = 11 C = 12 D = 13 E = 14 F = 15
G = 16 H = 17 I = 18 J = 19 K = 20 L = 21
M = 22 N = 23 O = 24 P = 25 Q = 26 R = 27
S = 28 T = 29 U = 30 V = 31 W = 32 X = 33
Y = 34 Z = 35

Swiss Interbank Clearing AG has described an example of the check digit for IBAN. The starting point is the IBAN CH10002300A1023502601. The presentation in paper form would be: CH10 0023 00A1 0235 0260 1. Thus, the check digit is 10. First, the first four characters of the IBAN must be moved to the right end of the IBAN: 002300A1023502601CH10. Subsequently, the alpha characters are converted using the conversion table in numeric characters: 002300101023502601121710. This number is divided by 97. If the check digit is correct, the residual value is always 1.

Terminating processes with delphi

Windows processes can be terminated from a delphi application using Win32 API calls. To terminate processes not owned by the current user the SE_DEBUG_NAME privilege must be set for the current process.

All sample code must include unit TlHelp32.

Sample code for activating SE_DEBUG_NAME privilege

function NTSetPrivilege(sPrivilege: string; bEnabled: Boolean): Boolean;
var
  hToken: THandle;
  TokenPriv: TOKEN_PRIVILEGES;
  PrevTokenPriv: TOKEN_PRIVILEGES;
  ReturnLength: Cardinal;
begin
  Result := True;
  // Only for Windows NT/2000/XP and later.
  if not (Win32Platform = VER_PLATFORM_WIN32_NT) then
    Exit;

  Result := False;

  // obtain the processes token
  if OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken) then
  begin
    try
      // Get the locally unique identifier (LUID) .
      if LookupPrivilegeValue(nil, PChar(sPrivilege),TokenPriv.Privileges[0].Luid) then
      begin
        TokenPriv.PrivilegeCount := 1; // one privilege to set

        case bEnabled of
          True: TokenPriv.Privileges[0].Attributes  := SE_PRIVILEGE_ENABLED;
          False: TokenPriv.Privileges[0].Attributes := 0;
        end;

        ReturnLength := 0; // replaces a var parameter
        PrevTokenPriv := TokenPriv;

        // enable or disable the privilege
        AdjustTokenPrivileges(hToken, False, TokenPriv, SizeOf(PrevTokenPriv),PrevTokenPriv, ReturnLength);
      end;
    finally
      CloseHandle(hToken);
    end;
  end;

  // test the return value of AdjustTokenPrivileges.
  Result := GetLastError = ERROR_SUCCESS;
  if not Result then
    raise Exception.Create(SysErrorMessage(GetLastError));
end;</pre>
<span style="text-decoration: underline;">Sample code for terminating processes by name of executable file</span>
<pre lang="delphi">procedure Killprocess(Name:String);
var
  PEHandle,hproc: cardinal;
  PE: ProcessEntry32;
begin
  NTSetPrivilege(SE_DEBUG_NAME,True);
  PEHandle := CreateTOOLHelp32Snapshot(TH32cs_Snapprocess,0);
  if PEHandle &lt;&gt; Invalid_Handle_Value then
  begin
    PE.dwSize := Sizeof(ProcessEntry32);
    Process32first(PEHandle,PE);

    repeat
      if Lowercase(PE.szExeFile) = Lowercase(Pchar(Name)) then
      begin
        hproc := openprocess(Process_Terminate,false,pe.th32ProcessID);
        TerminateProcess(hproc,0);
        closehandle(hproc);
      end;
    until Process32next(PEHandle,PE)=false;
  end;
  closehandle(PEHandle);
end;

Load balancing with Apache 2.2 mod_proxy_ajp

The Apache 2.2 webserver has a module for proxiing AJP requests (mod_proxy_ajp). This module is delivered with the Apache webserver by default.

Activating modules

The following modules must be enabled to use the AJP proxy functionallity:

  • mod_proxy
  • mod_proxy_ajp
  • mod_proxy_balancer

To activate the modules uncomment the following lines in your httpd.conf configuration file (e.g. /opt/apache/conf/httpd.conf):

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so

Configuring modules

To configure the modules we create a new configuration file conf/ajp_proxy.conf in the apache directory and add the following line to our httpd.conf file:

Include conf/ajp_proxy.conf

First of all we put all configuration directives in <IfModule/> blocks to ensure that all needed modules are loaded:

<IfModule mod_proxy>
  <IfModule mod_proxy_ajp>
    <IfModule mod_proxy_balancer>
      # configuration of AJP proxy
    </IfModule>
  </IfModule>
</IfModule>

Creating Load Balancer Cluster

The load balancer cluster is created with the ProxyPass directive. The syntax for this directive is

ProxyPass <path> balancer://<name-of-cluster> <options>

The <path> argument stays for the logical path on the apache server, <name-of-cluster> for the name of your cluster and <options> for the options for this load balacer cluster (see documentation for description of options).

Example:

ProxyPass /myapp balancer://mycluster/myapp stickysession=JSESSIONID nofailover=On

In the next step we must define the workers for our cluster and your application server must support the JServ AJP protocol, e.g. Tomcat. For glassfish aka Sun Java System Application Server see my mod_jk tutorial for implementing the JServ protocol into the server.

The workers are definded into a <Proxy/> directive. The syntax for this directive is

<Proxy balancer://<name-of-cluster>
  BalancerMember ajp:<hostname>:<port> <options>
</Proxy>

You can define multiple workers in one proxy directive.

Example for two worker nodes:

<Proxy balancer://mycluster>
  BalancerMember ajp://node1.mydomain.com:8009 route=node1
  BalancerMember ajp://node2.mydomain.com:8009 route=node2
</Proxy>