hydrian's blog

Converting Images for CSS Embedding

 This is just a handy command string that is meant for converting images files into base64 for CSS embedding.  

#> cat {ImageFile} | base64 -w0 > {OutputFile}


Adding URI Handlers to Kubuntu / KDE

 I recently starting playing with Ktorrent.  I had been a long time Azureus user, but was just trying to setup something quickly and didn't need to level of functionality of Azureus had.  As a Chrome user, I wanted my magnet:????? links to automaticially be added to KTorrent.  I tried tried to do it with xdg and gconf, but neither of these worked.  I then found some info on Deluge that made my mind figure out this method. 

Backporting OpenLDAP 2.4 to CentOS 5

For a long time CentOS 5 users have been banging their head against their desks because CentOS 5 has only supported OpenLDAP 2.3.  While this release has been stable, it is quite long in the tooth and is missing many features that system administrator consider a 'requirement.'  Since so many packages link the ldap libraries that OpenLDAP 2.3 provides, upgrading OpenLDAP has been no easy task... until now. 

Creating Selfsigned Certificate with an Existing Key

Most OpenSSL documentation out there only shows you how to create a new key and signs it with in single command.  I wanted to use a self-signed in the interm while waiting for my third-party CA approve my certificate. I already had an existing key.   Here is the command to create a self-signed certificate from an existing RSA key.

#> openssl req -x509 -new -key {KEYFILE} -out {SELFSIGNEDCERT}


Creating VirtualBox USB rawdisks in Ubuntu

I recently was playing with a new 4GB usb stick and I wanted it install a rawdisk VirtualBox VM on it.  This would give a portable VM with decent speed.When I was trying to create the raw disk formated disk with the following command:

#> vboxmanage internalcommands -rawdisk /dev/sdc -filename ~/VirtualBox\ VMs/usbstick.vmdk 

I recieved the following error.  I even got this error running as root.  I determined it wasn't a permissons issue.

Batch dump SSL certificate bundles to single files


This perl script makes the process of unbundling certificates into single files an easy task. Just run the and it will dump the generated files to the current directory.


  • Perl
  • openssl
  • certificate bundle (PEM format)


Syntax: ./cert-split-batch.pl <cert_bundle.crt>

Start gnome-terminal in you home directory

In earlier versions of pre-Lucid Lynx, when you started gnome-terminal, you would be sitting in your home directory to start.  Most all terminal emulators start you in your home directory if you are not running as a superuser.  Now with Lucid Lynx, you now start in the VFS (Virtual File System) root, aka. '/'. This is very inconveient for many of the things I do expect.  Here is the way to fix gnome-terminal so it's expected startup behavoir is restored.

POSIX RegEx for hostnames

Here is a POSIX compliant regular expression for testing a hostname.  This does not support a fully quilified domain name (FQDN).  This was tested with linux grep. 


Here is a working example:

grep -E -i -w '^([[:digit:]a-zA-Z]([-[:digit:]a-zA-Z]{0,61}[[:digit:]a-zA-Z]){0,1})$'


Allow UID 0 accounts to login but not root over SSH


More than once, I've needed root access to a server over SCP.  As we all know, allowing SSH access with the root user is a blaring security hole because the user is a well-known userid with superuser access. This makes it the first thing that a hacker or script-kiddie will check.  If you create another user with userid number 0 and set PermitRootLogin to 'no' in the sshd_config file, you will still not be able to login.  The PermitRootLogin option actually blocks ANY user if their user id number equals 0.

Convert JKS and PKCS12 back and forth with keytool


Here are a few CLI commands to convert a java key store file to a PKCS12 encoded cert chain and back. This requires the java development kit (Sun/Oracle JDK) 6 or newer.  


JKS → P12

$> keytool -importkeystore \
-srckeystore keystore.jks \
-srcstoretype JKS \
-deststoretype PKCS12 \
-destkeystore keystore.p12

P12 → JKS

Syndicate content