params.json

{"name":"BenBlankley.GitHub.io","tagline":"","body":"### Experiments in Open Source\r\nHello all, this is a space where I am going to post some of my latest experiments in open source development.\r\n\r\n### NaNoGenMo 2015\r\nNaNoWriMo is an annual fiction writing project that lots of writers all around the world participate in, during the month of November. Darius Kazemi created NaNoGenMo, an annual event for programmers to generate 50K word \"novels\" using code. I participated, and here is my submission: [This Is Just To Code](https://github.com/benblankley/NaNoGenMo2015)\r\n\r\n### Advent of Code\r\nAdvent of Code is a set of programming exercises, one per day, throughout the month of December. I have completed Day 1. The code is [here](https://github.com/benblankley/2015adventofcode). A colleague suggested that I try the byte comparison rather than convert the bytes to strings, and do that comparison. The tests were ran several times. In every case, the byte comparison was faster than the string comparison.\r\n\r\n    [ben@localhost 2015adventofcode]$ time go run day1.go\r\n    Floor: 232\r\n\r\n    real    0m2.100s\r\n    user    0m2.515s\r\n    sys     0m0.182s\r\n    [ben@localhost 2015adventofcode]$ time go run day1_byte.go                      \r\n    Floor: 232\r\n    \r\n    real    0m1.986s\r\n    user    0m2.436s\r\n    sys     0m0.167s\r\n\r\nI ran the tests on an Intel Atom 1.6 Ghz laptop, running Fedora Linux 23 and golang 1.5.1\r\n\r\n    [ben@localhost 2015adventofcode]$ lscpu\r\n    Architecture:          i686\r\n    CPU op-mode(s):        32-bit\r\n    Byte Order:            Little Endian\r\n    CPU(s):                2\r\n    On-line CPU(s) list:   0,1\r\n    Thread(s) per core:    2\r\n    Core(s) per socket:    1\r\n    Socket(s):             1\r\n    Vendor ID:             GenuineIntel\r\n    CPU family:            6\r\n    Model:                 28\r\n    Model name:            Intel(R) Atom(TM) CPU N270   @ 1.60GHz\r\n    Stepping:              2\r\n    CPU MHz:               1600.000\r\n    CPU max MHz:           1600.0000\r\n    CPU min MHz:           800.0000\r\n    BogoMIPS:              3199.93\r\n\r\n### Remote Access to Home Linux Computer\r\nAfter two efforts trying both Linux From Scratch and Arch Linux under VirtualBox, I decided to load up the latest [Fedora](https://getfedora.org/) on my Asus EEE 901. I appreciate the Fedora community, and find it particularly welcoming among open source projects. Plus, the relative pace of distribution releases helps ensure I'm using the latest stable software available.\r\n\r\nI had considered purchasing a VPS, but other developers convinced me to try a server hosted from my home internet connection first.\r\n\r\nStep One: Install Fedora\r\nThis step was easier than any other Linux distribution I've tried yet. The EEE 901 has two internal solid state drives, one 4GB and one 12GB. I just had to tell the Fedora installer to use both drives, and it configured it automatically to have a 16GB root directory structure, complete with adequate swap space.\r\n\r\nStep Two: Automatic Updates\r\nI'm not great at making sure my Linux boxes have consistenly applied updates, and plus, my home internet is slow, so I wanted updates to download and install automatically. The default update manager in Fedora 23 is DNF, and [DNF Automatic](http://dnf.readthedocs.org/en/latest/automatic.html) exists. So I followed those directions and added the systemd timer to automatically download and install all updates.\r\n\r\nStep Three: Install OpenSSH Server\r\nBy default, Fedora Workstation does not install the OpenSSH server. So, add the server using [this tutorial](https://docs.fedoraproject.org/en-US/Fedora/23/html/System_Administrators_Guide/ch-OpenSSH.html). I then use JuiceSSH to remote log in from my Android phone.\r\n\r\nStep Four: Harden The System\r\nI used [this tutorial](https://www.digitalocean.com/community/tutorials/initial-setup-of-a-fedora-22-server) from Digital Ocean to harden my computer against compromise. I opted against a firewall, seeing as it wasn't necessary, as only the SSH port would be exposed to the outside network. The tutorial references iptables, which is actually the old way of doing Linux firewalls. The new way is firewalld.\r\n\r\nStep Five: Forward Ports\r\nMy home network was double-NATted, so normal port forwarding, even using UPNP, was not working. Our modem is owned and managed by our ISP, so I inquired if they would set up port forwarding on their equipment. They agreed, and I turned off the routing capabilities of our home wireless access point. Now a single NAT, and the port forward works from the external IP address to the specified internal IP address of the EEE 901.\r\n\r\nStep Six: Static IP Address\r\nFor this, all the tutorials I found used the command line. I opted to use the built-in Gnome network-manager in the graphical user interface. I chose the static IP address that my ISP had forwarded the port to, and used the wired interface for simplicity. I hard-wired the laptop into our home network.\r\n\r\nStep Seven: Dynamic DNS\r\nThe public IP address that our modem receives from our ISP can and will change, so it was necessary to set up a dynamic DNS service. [NO-IP](http://www.noip.com/) provides a free service with paid upgrades, and has update clients for most major operating systems, [including Linux](http://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/).\r\n\r\nAfter that, then it's customization for whatever you would like your Linux server to do! I use mine for learning programming languages, but others use their home servers for OwnCloud, chat forwarding, web serving, and other cool projects.\r\n\r\nPS: [speedtest-cli](https://github.com/sivel/speedtest-cli) is a very handy tool to test your connection speed via the Linux command line.\r\n\r\nStep Eight: Log in remotely via public key cryptography\r\nIn general, it is security best practices to use public/private key pairs to log on via SSH, instead of using a password every time. The steps I followed are detailed in [this article](https://www.linode.com/docs/security/use-public-key-authentication-with-ssh) hosted by Linode. I used PuTTY and PuTTYGen from my Windows machines to create the secure keypairs, and logged in over the local network via password to add the public keys to authorized_keys.\r\n\r\nIf you want your server to be extra secure, you can [disable password authentication](https://help.ubuntu.com/community/SSH/OpenSSH/Configuring#disable-password-authentication) altogether. This requires remote users to use public key cryptography.\r\n\r\n### Other Projects\r\n","google":"","note":"Don't delete this file! It's used internally to help with page regeneration."}