Feeds:
Posts
Comments

Archive for the ‘Tips and Tricks’ Category

This is mostly for myself, but maybe the googlebot will pick it up and help some others.

Basically, patch-tag encourages https: browsing post log in because, well, it’s the right thing to do. (IMHO, https should be the default option for web browsing, and there is a school of thought about that, but I’m in too much hurry to track it down. Comments welcome ;) )

So, I bought my ssl cert from godaddy to make it possible. And it expired, and I couldn’t remember how to make it work again.

After a bit of mucking around, I chose “renew ssl cert” in godaddy, and paid their pound of flash. Downloaded a little zipped bundle patch-tag.com.zip from godaddy. Contained 2 .crt files, patch-tag.com.crt and gd_bundle.crt.

To get things using the new cert, I edited

/etc/stunnel/stunnel.pem

leaving the top portion (pk) unchanged, and swapping out the bottom portion (cert) with the contents of patch-tag.com.crt file from godaddy.

I then did /etc/init.d/stunnel4 restart

afaict, good to go.

Not sure what that other cert file (gd_bundle.crt) is for.

That’s all folks.

Happy tagging!

PS This page was also helpful for

Read Full Post »

Patch-tag is now https safe, so you can access your projects with cryptographic security. Just use https style urls when interacting with patch-tag.

By the way — for you code shops with mission critical, high-value, national security endangering repos hosted at patch-tag — https isn’t completely safe.

You could, for instance, get your password sniffed by a man in the middle attack with arp poisoning, if you are in a public network like an internet cafe, or on a trusted network with a coworker who enjoys hanky panky.

There is a simple thing you can do to foil the terrorists though — just click outside the text fields and type some gibberish when you are entering your password.

Ha! Take that script kiddies!

Please enjoy secure repos at patch tag, and as always…

Happy tagging.

************************

UPDATE: Please note the comments which contradict some of my claims. I think I may be wrong about some of this stuff, and am taking a backtrack to make sure my understanding is solid. Watch this space.

Read Full Post »

I thought that Windows users could use an up-to-date howto on getting Darcs up and running. First I will show what needs to be downloaded. Then I will describe the configuration tweaks that need to be performed.

Required Downloads

Required Configuration Tweaks

  1. Create a new folder c:\bin
  2. Copy all the downloaded exe and dll files into c:\bin
  3. Rename plink.exe to ssh.exe.
  4. Rename psftp.exe to sftp.exe
  5. Rename pscp.exe to scp.exe
  6. Prepend ‘C:\bin;’ to your PATH environment variable. See my previous post on how to do this.
  7. Use PuTTYgen to generate and store your key. I recommend leaving the password blank for your key, otherwise you have to enter it every time.
  8. Copy your public ssh key (from PuTTYgen) and add it to ‘my ssh keys’ on Patch-Tag.
  9. Run Pageant and add your previously generated key (the previous link describes this as well).
  10. Voila! You are now setup to push and pull repositories with Darcs and Patch-Tag!

Thoughts

How hard is this for most of you Darcs Windows users out there? Would you be interested in an installer which sets this all up for you?

Read Full Post »

We have been tweaking the retrieval parameters for repository access via SSH. Did you know you can get around firewalls that block port 22? Thats right, we have now added support for this.

To successfully circumvent a firewall which blocks port 22, you can use port 443 (most firewalls will let this through, it is the widely used SSL protocol). You will also need to change the host you are pointing to. These are the basic steps:

  1. Set the environment variable ‘SSH_PORT’ to 443
  2. Anywhere that you were using ‘patch-tag.com’ before via the SSH method, replace this with ‘ssh.patch-tag.com’

Setting the SSH_PORT environment variable on windows

Method 1: On the command-line

Before you use darcs get or darcs pull, type this command:

set SSH_PORT=443

Method 2: Set a permanent environment variable for your user

  1. Right-click My Computer
  2. Left-click Properties
  3. Left-click the Advanced tab
  4. Left-click Environment Variables
  5. Left-click New in the "User variables" section
  6. Enter the variable name 'SSH_PORT' and the variable value '443'
  7. Left-click OK
  8. Left-click OK
  9. You will need to restart any command prompts for this to take effect

Setting the SSH_PORT environment variable on Linux/Unix/Mac OS X

Method 1: on the command-line

Before you use darcs get or darcs pull, type this command:

export SSH_PORT=443

Method 2: Set a permanent environment variable for your user

Assuming you are using bash, you would type this:

echo "export SSH_PORT=443" >> ~/.bashrc

This adds the exported variable to the startup script for your shell. To refresh your current shell with the new settings:

. ~/.bashrc

Putting it all together

Once you've set up the environment variable, you just need to change the host from 'patch-tag' to 'ssh.patch-tag.com'.

So if you were using this before:

darcs get johndoe@patch-tag.com:/privaterepos/myrepo

It now becomes:

darcs get johndoe@ssh.patch-tag.com:/privaterepos/myrepo

Update: SSH_PORT is broken if you use putty on Windows

There is a bug in darcs when using putty as your ssh client on Windows. The above metioned method will not work if you use putty on Windows. These are my findings with putty 0.60 and darcs version 2.0.2. The problem is that darcs uses the -p option to specify the ssh port when putty only supports the -P option to specify the port. As a result you get an error when you try to push if you use the SSH_PORT environment variable. I am submitting a bug report for this.

The Workaround

You have to specify three separate environment variables in windows. This assumes you have ssh, sftp, and scp from the Putty project in your path:

set DARCS_SCP=scp -P 443
set DARCS_SFTP=sftp -P 443
set DARCS_SSH=ssh -P 443

Read Full Post »

Follow

Get every new post delivered to your Inbox.