As you may know encryption of internet traffic have become a common practice for websites and applications. Sending information in plain (human readable) text is a thing that should be frowned up on and should be a thing of the past. When visiting website with a browser, take Google Chrome as an example, you can tell if the website’s traffic is encrypted or not. As you can see when visiting this blog a green little padlock will appear before the URL. This means that the website’s traffic is encrypted. Which means that all information you send to the website or the website sends to you will be encrypted, non readable.
As a common practice, all traffic sent over the port 443 will be encrypted. You can tell that you are using port 443 by looking at the URL in your browser. If the URL starts with “https” instead of “http” that means that the website is using the “https” protocol and your browser is speaking to the website through port 443.

Let’s Encrypt is a public benefit organization started by the Internet Security Research Group (ISRG) in California.
Let’s Encrypt main goal is to make it possible to encrypt “everything” without any complications. Let’s Encrypt will be absolutely free, aims to be automatic, advocates security, open (as in free/open software) and community driven. Let’s Encrypt is backed up by big names such as, Linux Foundation, Mozilla, Cisco, EFF, IdenTrust and many more.

Let’s Encrypt will issue free SSL certificates that is trusted and supported by the major browsers. Let’s Encrypt has as from 20th October been trusted by the major certificate authority IdenTrust. This means that Let’s Encrypt can issue trusted SSL certificates for free. This is a big milestone for the security of the internet. Being able to use trusted certificates for any domain that you own for free is a thing that shouldn’t be a complication. It shouldn’t be a matter of cost to be able to encrypt information whatsoever.

Let’s Encrypt aims to be available the last quarter of 2015 and everyone should be able to take part in it. You can read more about Let’s Encrypt over at https://letsencrypt.org/
If you visit https://helloworld.letsencrypt.org/ you can have a look at the first issued certificate by Let’s Encrypt.

UPDATE:
As you can see I have now a SSL certificate issued by “Let’s Encrypt Authority X1”!

If you have ever tried to get out some sort of information from a specific command or from a file you might have used one the following commands.

grep – Print lines matching a pattern(1)
sed – A stream editor for filtering and transforming text(1)
awk – Pattern scanning and processing language(1)

All these commands are powerful in their own ways. Grep is a powerful tool when you just want to get information fast and easy. Sed is a powerful tool when it comes to working with regular expressions. Awk is powerful for getting information in complex patterns.
But all these commands are similar to each and one another. You can use awk for the same purpose as as grep, you can use awk for basicly the same purpose as sed and so on.

A common practise in the world of Linux is that people seem to use these commands in faulty, or rather lazy ways. You may have heard or read about the classic faulty use of the command cat.
Say for example you want to get the line containing information about the root user from the /etc/passwd file. How would you do this? Many people would execute the following command, cat /etc/passwd|grep "root". As much as this may work it’s a unneccesary way of doing it. You are starting two different processes for one simple use, the cat and the grep command. If we want to be extra harsh we are using three, if your are counting the pipe command.
You can just use the grep command for the same desired result, grep "root" /etc/passwd. Here we are only using the grep command. We only had to use one process for our desired result.

Now, I was writing a script earlier today to get certain information from the df command. I wanted to get current use in percent from the /dev/sda1 partition. I wanted the output to only be interpreters, for example “10”. Now if we first run the df command and inspect the output we can see the layout and start to approach a way to get our desired information.

# df
Filesystem                  1K-blocks     Used  Available Use% Mounted on
udev                            10240        0      10240   0% /dev
tmpfs                          819540     2400     817140   1% /run
/dev/sda1                   110664528  6484064   98559012   7% /
tmpfs                            5120        0       5120   0% /run/lock
tmpfs                         2596920      152    2596768   1% /run/shm

Here we can see the output of the filesystems disk usage for all the mount points. We can see that “/dev/sda1″ is mounted on “/” (root). We can see that the percent use is at “7”. Now how would we get that information, the “7%”, without the percent symbol or any other information surronding it.

We can start by trying to grep our partition.

# df |grep "/dev/sda1"
/dev/sda1                   110664528  6484064   98559012   7% /

We now only have information revolving the “/dev/sda1″ partition. How would we be able to only grep the “Use%” or “7%” part? Let’s try using awk.

# df |grep "/dev/sda1"|awk '{print $5}'
7%

Now we are really getting somewhere. But there is a percent symbol in our output, we only want the interprenter. How would we be able to remove the percent symbol? Lets try using sed for that.

# df |grep "/dev/sda1"|awk '{print $5}'|sed 's/%//g'
7

It works! We now only have the desired interprenter in out output. Well done.
Lets look at our syntax and break it down.

First we used the command df to get information about our filesystem disk usage for all of our mounted partitions. Second we used the grep command to grep a certain line in from the output of the df command. We got the desired line revolving the “/dev/sda1″ partition. Third we used the awk command to only grep a specific part of our former grep command (the “Use%” or “7%” part). We used awk to grep a specific part out of the grep command, we told awk to print the fifth element from the grep command (print $5) and got “7%”. Lastly we wanted to remove the “%” symbol from our output. We used the sed command for this desired outcome and told sed to substitute “%” for nothing (“”). Finally we got our desired output “7”.
Lets count how many processes we used for this task, 4 (7 if your are counting pipe). That is a lot of processes for one simple task. What if I told you this could be done with only 2.

Lets try doing this with only the use of the df and the awk command.

# df|awk '/\/dev\/sda1/ {print $5+0}'
7

Wow, that was quite simple and looks more pleasing to the eye.

Lets break it down. First we used the df command again to get information about the filesystem disk usage for all of our mounted partitions. Then we used awk to grep and substitute our output for the desired outcome. Awk have the ability to act as the grep command by using the “/” symbol, for example, awk /root/ /etc/password would generate the same information as, grep "root" /etc/passwd would. That means we can eliminate the use of grep and just use awk for this purpose. Next we wanted to grep a specific part of our output and we used the awk command for this purpose earlier and we can of course do it again (print $5). Lastly we wanted to substitute the “%” symbol with nothing, or in layman’s term, remove it. Thankfully awk can use “+0″ that will force “$5″ to be converted into a number. Remember “$5″ holds “7%”. So in that case “%” becomes invalid and gets dropped and $5 only holds “7”.
In the end we have our desired output while only using 2 processes instead of 4.

Lets try this again with only using the df and the sed command.

# df --output=pcent /dev/sda1 |sed -e 's/%//g' -e '1d'
7

Lets break this one down also. First we used the df command again. But this time we fully utilized some of the df command’s flags or operators.
We first used the –output command to “grep” a specific part of the df output, in this case the “Use%” part. Then we told df to only output information about “/dev/sda1″. Lastly we used sed to restructure the output given from the df command. We first removed the “%” percent symbol with ‘s/%//g’ and lastly we removed the “Use%” part with ‘1d’.

Some people might argue that starting 2 extra processes would not have such a big inpact in the permormance of a system. And that might be true in 99% of the cases. But one day you may stumble upon a system that can’t handle that many processes and maybe would result in a kernel panic or something similar. Or let’s say you are running a script that uses this method every minute. Wouldn’t it be way more efficient to just have to start 2 processes instead of 4 every minute? Yes of course it would. Therefore it would be really unnecessary and rather dumb to use the double amount of processes when you could only use half.
If I would tell you, you could make 200,000$ a year or 400,000$ year under the same circumstances would you pick the 60,000$ over 120,000$? Of course not you wouldn’t. This is the same principle as running more processes than you need in a script.

To sum this little “rant” up. Stop using more processes than you need. Stop being lazy and start being efficient.

Bridging a interface has some advantages. When using KVM as a virtual environment you may want or must use a bridged interface.
VirtualBox has this feature already built in. But using something like virt-manager (libvirt) you have to set it up yourself.
This differs a little from doing it on Ubuntu, we need to do this by using netctl instead.

Note: I have done this on Arch Linux without removing or disabling the NetworkManager package towards what we had to do on Ubuntu.
I’m running Arch Linux with Cinnamon (DE) installed, therefor I can’t remove NetworkManager.

The first thing we have to do is copy an example profile for netctl, we do this by typing the following:

sudo cp /etc/netctl/examples/bridge /etc/netctl/bridge

Then we have to edit the profile by opening the file with a editor:

sudo vim /etc/netctl/bridge

Then we have to edit the file to our liking, mine looks like following:

Description="Example Bridge connection"
Interface=br0
Connection=bridge
BindsToInterfaces=(eno1)
IP=dhcp
## Ignore (R)STP and immediately activate the bridge
#SkipForwardingDelay=yes

The important thing to change here is the BindsToInterfaces option. My default NIC interface is eno1 and therefor i’m bridging that interface.
Note: The nic interafaces on Arch Linux differs very much from system to system, so you have to check what your NIC interface name is.
We can do that by simply issuing the ip addr command.

After we have edited the file to our liking we have to save it (:wq for vim).

Next we have to disable the dhcpcd service. We do this by issuing the following command:

sudo systemctl disable dhcpcd.service

After we have done that we are going to try our newly created netctl (bridge) profile. We do this by typing the following:

sudo netctl start bridge

After we have done this we can check if the interface is up and running by typing ip addr.
As you can see from my screenshot a new interface by the name br0 has been created and has a ip address. We can also seed that our old
interface (eno1 in my case) is inactive.

Finally to make our bridge start on boot we issue the following command:

sudo netctl enable bridge

This creates and enables a systemd service.
After this everything is done and you have a bridged interface!

2015-02-14-170831_739x236_scrot1

Bridging a interface has some advantages. When using KVM as a virtual environment you may want or must use a bridged interface.
VirtualBox has this feature already built in. But using something like virt-manager (libvirt) you have to set it up yourself. But thankfully it’s not that hard.

Note: To bridge a interface in Ubuntu you have to remove the Network Manager (the network icon in the upper right corner of your screen). This is because Network Manager
keeps overwriting any changes you make to the interfaces in Ubuntu. But don’t worry if you regret your decision you can just install it again with the command sudo apt-get install network-manager
If you still want a type of network manager, making it easier to connect to wifi networks, you could install wicd. I’ve tried it and i’m satisfied with it functionality. To install it, simply type; sudo apt-get install wicd-gtk

First we need to install bridge-utils to be able to create a bridge interface, we do this by issuing the following command:

sudo apt-get install bridge-utils

Then we need to remove the Network manager, we do this with the command:

sudo apt-get purge network-manager

Then we have to add a bridge interface, we do this with the command:

sudo brctl addbr br0

Now we have to configure the interface settings, open the file /etc/network/interfaces with your favorite editor.
Then change the file to the following:

#auto eth0
#iface eth0 inet dhcp

auto br0
iface br0 inet dhcp
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off

After this is is done we have to reboot.

sudo reboot

The process is done and we now have a bridged interface.
Check your settings with ifconfig and try to ping Googles public dns (8.8.8.8).

Screenshot-from-2014-11-03-130604-300x162

Note: This should work on most of the Linux distributions that are using net-tools. One famous distribution that this do not work on is Arch Linux. That is because Arch Linux is not using net-tools as default, they’re using systemd stuff. But it can be made possible with the use of netctl. I’ve written a post about it and you can find it here: Bridge Interface in Arch Linux

Me and 4 other friends drove up to Gothenburg from Helsingborg last Saturday to see the band Ghost. It was quite a long ride, 2 hours, but well worth it!

The concert actually took place at a amusement park, one of Sweden’s largest amusement park, Liseberg. We didn’t have to buy tickets or anything like that. Instead it was a entrance fee of 90kr (12~$) which was an insignificant amount of money for such a thing like a Ghost concert. We walked around in the park and checked things out when we saw a familiar face walking among the people in the park. It was the singer from Ghost, Papa Emeritus II, which real name shall be untold. We had a pleasant talk with him and he invited us to come to a pub in Gothenburg after the show. Of course we said yes and thanked him for inviting us. This was an opportunity we couldn’t said no to.

We parked ourselves at the very front of the crowd 2 hours early and waited patiently for Ghost to enter the stage.
Finally after the long wait we could hear the famous, eerie “Masked Ball” theme playing and the crowd answered with a powerful cheer. All the the nameless ghouls was first to enter the stage and started of with the song “Infestissumam”. Shortly after, Papa Emeritus II entered the stage and the crowd went insane.

The concert overall was exactly what I expected, tremendous! The energy and charisma Ghost succeeds to deliver on stage is almost unbelievable. This is my 3rd time seeing Ghost live and they have been absolutely stunning every time, even if it’s at a festival, in a club or at a amusement park. There’s something about Ghost that just makes them the perfect band. The sound, the appearance, the feel. Everything is just there. And I’m so grateful for Ghost being that perfect band.
It feels like they know exactly what I like and produce it in such a remarkable way.

We took the tram after show to the pub “Sticky Fingers” were we hopefully would meet some of the the members of Ghost. And boy let me tell you, we actually did! We meet Papa Emeritus II and both the guitarists, Alpha and Omega. They were such nice people, more humble than you would think. Because of their real identity being secret there wasn’t any other Ghost fans talking to them and whatnot. They told us that not many people recognize them, except maybe Papa Emeritus II.
Being at the same bar, shaking hands and toasting with the members of Ghost was one of the best experiences of my life. No doubt.
Unfortunately we didn’t take any pictures with them. The reason for that is that we wanted to show our respect to them and not spoiling their real identity. But I can easily say that having a real “down to earth” conversation with the members of Ghost is worth a lot more than a picture.