Forget typing your password to SSH, Certificate based Authentication is where it’s at. Darren demonstrates with an Interceptor, Dropbear and Ngrep. Want a Linux Live USB key with persistent storage? Shannon has just the tool. Plus your picks on SSH tools and answers to your WordPress questions.

Download HD Download MP4 Download XviD Download WMV

SSH Feedback

After bantering about our upcoming travels to Waynesville, Missouri and Toronto, Ontario and a little griping about zipit segmentation faults, we get into your feedback on recent SSH segments.

Dzaztur recommends Gnome SSH Tunnel Manager. It’s a sleek front-end for managing SSH tunnels, port redirects and more. Tunnel configuration is stored in a simple XML formal, great for portability, and the tunnels can be managed individually through one simple GUI. Thanks for the tip Dzaztur

Lozo points out that Mac OS-X has SSH built into the terminal, much like Linux. So true. We banter with Paul-the-camera-guy about the Mac OS-X kernel, which turns out is XNU — an accronym for X is Not Unix. So there ya go!

Sp4m says if you’re running Firefox over SSH you might want to look into remote DNS lookups. By default DNS lookups aren’t done through the proxy. This can be resolved by typing about:config in the address bar, and enabling the network.proxy.socks_remote_dns setting. Thanks Sp4m.

And Finally Post_Break from < a href="http://iamthekiller.net/" target="_blank">IamTheKiller.net points us to Secret Socks — a SSH Socks Proxy GUI front-end for Mac OS-X that he likes a ton more than SSHTunnel 1.6. [Edit: We made a mistake and called it Secure Socks in the segment]

And finally we go kitteh before moving on…

Certificate Authentication for SSH

In this segment Darren explains why certificate authentcation is a bajillion times better than password authentcation and demonstrates the configuration using Ubuntu 9.10 and an Interceptor running OpenWRT Kamikaze. This forum thread details setting up authorized_keys with Dropbear — the SSH daemon that comes standard on OpenWRT.

Next week we’ll be breaking this down with a little Man-in-the-middle action. Until then send your feedback to darren@hak5.org

Build a free Linux Live USB Key in minutes

when it comes to finding the right Linux distribution for you it’s best to try a bunch out. And what better way then to make some bootable Live Linux USB keys? Shannon demonstrates Linux Live USB — a Windows tool that makes it super simple to build a Linux USB key in minutes. It features automatic distribution downloading AND Persistence!

Questions on WordPress Theme Hacking

Ricky writes:

I just recently started using wordpress, and I am having alot of trouble trying to design a layout for it, I was wondering if you had any references or anything to help me learn how to do this, I understand HTML and only know a little of PHP. Any help would be greatly Appreciated.

Darren recommends setting up a local LAMP stack, that is to say the web server, database and scripting language to support a WordPress install. The easiest way to get started is with either WAMP on Windows or XAMPP on just about any platform.

The WordPress install is dead simple.

Mostly I use PHP.net as my go to resource, but we’ll also be hooking you up with a copy of Mario Lurig’s PHP Reference: Beginner to Intermediate PHP5. Hope that helps. :)

The WordPress Codex is also an invaluable resource when you really get your hands dirty when theme code. Things like the loop and trim_excerpt are well detailed. Once you start learning the WordPress functions you’ll realize what a powerful content management platform it really is.

And finally we recommend WordPress.org/Support for their forums. If you know of a better forum for WordPress Theme Hacking please let us know!

Category:

Episodes, Season 6

Leave a Reply

Your email address will not be published. Required fields are marked *

*

30 Comments

  • Soupman 5 years ago

    Really great episode as always guys(despite waiting all day for it!). Might have to go re-read up on SSH because Darren’s segment seemed to move a little too fast for me, although I still learned from it.

    so, so stoked about that Linux USB stick tool. I have been trying out ubuntu amongst other distros using unetbootin and literally wishing there was a tool like this. Thanks for the heads up!

    Also wut wut in the butt reference…. made me laugh, hard.

    Can’t wait for the next episode, peace :)

  • Great show, keep it commin. Looking forward to next weeks SSH-segment. Hope to see some zipit-power. 😀

  • Jakob 5 years ago

    As posted in comments for earlier episode on SSH, I recommend MyEnTunnel for windows ssh-tunneling.

  • About remote-dns it’s not only that dns goes over the line so 3rd can see where you’re going. 3rd party can also dns-spoof you to ev0l server. Play safe, remote DNS is the only way to go 😉

    Love your show, keep going!

  • Kudzu 5 years ago

    I use Bitvise’s Tunnelier (http://www.bitvise.com/tunnelier) on Windows 7 to do my SSH work and it works great. Although not GPL, it is free and works very well. It generates and maintains keys very well.

  • Great show guys. You have a error in your show notes, Iamthekiller link has not been embedded correctly.

  • Craig 5 years ago

    I would also like to point out Zend Server for developing local websites. The community edition is free, easy to use and available for Linux and Windows. It ties in great with Zend Studio to for those who go for that commercial IDE route. I’ve been using it a while now after my Uni lecturer suggested it and I’ve had a much better experience with Zend Server than I have with XAMPP – give it a try!

  • geeked 5 years ago

    Hey guys! Great show. Just wanted to point you in the correct direction for using ScummVM at a decent size. Hunter Davis posted up an excellent video on YouTube detailing how to set the scale size on the software so that it actually looked right on the Zipit. Here’s the link to the entry on his blog: http://hunterdavis.com/archives/253

  • Techno 5 years ago

    Great episode! I really enjoyed the USB stick tool and I am working on that now.
    Also, I cannot wait for next week to see the breakdown of the SSH segment. Keep up the great work!

  • winggeek 5 years ago

    hi,

    all the way from ireland ….you guys should come here :-)…. great show :-) can the new usb app do multiple os on one usb and save the files ? or do you do the method like in unetbootin where i edited the menu list file and copied the files across one os at a time to form a multiple os usb with a user unique grub menu :-)

    thanks

  • system error 5 years ago

    I used the LiLi USB Creator with Ubuntu 9.10…wonderful awesomeness as expected. Curious if anyone knows how to get this going with Dreamlinux 3.5 (gnome)? It throws the error message that it’s not supported but there’s certainly a workaround out there somewhere! I really wanna do that, and also get grub2 loaded on there to boot my ISO files. Anyay, thanks for another awesome episode!
    BTW, absolutely LOVED the “Until next week, we’re reminding you…[usb unplug/replug]” :)

  • Ryonni 5 years ago

    Great Episode guys.
    SSH stuff getting stale.
    Something Else?

  • @Ryonni, agreed. I’m done. Promise. I only kept going since I was getting a ton of feedback on it.

  • Ryonni 5 years ago

    Awesome Darren,
    Keep up the good work. Loved the episode otherwise. A ton of cool things you both had going. Can’t wait to see the next episode and all the other goodies you guys have.
    Have a great weekend.
    ~Ryonni

  • Thanks for introducing LiLi USB, nice tool and thanks for the great tips on wordpress, I am looking forward to reading through the book.

  • soupman again 5 years ago

    lili USB creater is kinda buggy (for me).

    When running Ubuntu 9.1 in the VM I get some read/write errors and struggle to run programs. Also when trying to boot from the drive, before the graphical boot screen loads I get an I/O error. This is using a sanDisk Cruzer 2gb. I guess my drive is unsupported :/

  • Shadowplay 5 years ago

    Stupid me I ran virtual box from the stick after installing puppy, thinking it was going to run from MY installation of VB already installed on my laptop. So now I get that error she was talking about and all the installs on my VB seemed FUBAR now. : (

    How did she ever fix her error? Or do I have to install all my damn OS’s again in VB?

  • Shadowplay 5 years ago

    Checking in again… I was able to restore my VB OS’s since I had a backup in my user folder. I don’t even know how the backup got there, but it had the full backup of my OS’s. So I was able to restore the .vdi files and other needed files thank goodness.

  • skimpniff 5 years ago

    Great show guys. Does the Live Linux USB function in a way that facilitates multipass USB’s any easier, or is it just a one distro per stick tool?

  • soupman 5 years ago

    @skimpniff

    I think it works on a 1 install per stick basis. However You could try install another OS on in (making sure to un-check ‘format with FAT32′) and it might work.

  • If anyone develops PHP on a linux platform I have done a remaster of the XAMMP for Linux package to include the entire PHP documentation available on php.net.

    If you want it you can download it at http://invariabletruth.com/?p=44

  • Hi guys , my name is Rosen. Since i started to watch some of your episodes i am getting “in shape” for my examination after one month. You guys make awesome clips and i would like to start from the very first, because i feel i can learn a lot of things. However i am following this episode and i have one simple question:
    I did well with the wlan0 settings , but when i want to connect to 192.168.0.1 with SSH tunneling, my terminal tells me : no route to host. Now i am newbie , but i still know that 192.168.0.1 is the gateway for my network. What am i doing wrong and how can i make a breach to the router. Does my router necessary support SSH ?

  • Tristan 5 years ago

    I’m catching up on the last month of episodes.

    This was a Kirby heavy episode. That cat is such an attention seeker.

  • Lol @ your friend. Most hosts now have 1 click installs of WordPress using something like Fantistico.

    Regards,
    topwpskins.com

  • ???????????? ????????????????????PAC???????I/O??????????I/O????????????????????????PC??????????????????????????????????????????????????????????????????????????????????????????PAC???????I/O??????????I/O????????????????????????PC??????????????????????????????????????????????????????????????????????????????????????????www.luycontrol.com?[url=http://www.luycontrol.com]????[/url].

  • Hi there! Do you know if they make any plugins to safeguard against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any tips?

  • Hi there, just became aware of your blog through Google, and found that it is truly informative. I am gonna watch out for brussels. I’ll be grateful if you continue this in future. A lot of people will be benefited from your writing. Cheers!

  • Its like you read my mind! You seem to know a lot about this, like you wrote the book in it or something. I think that you could do with some pics to drive the message home a little bit, but other than that, this is fantastic blog. A fantastic read. I’ll certainly be back.

  • The larger the deposit, the improved motivation you buyers show to complete
    the agreement il lottery when tires remain outside for a number of weeks, their gum hardens.

  • Taking financing handle lasting repayment schedule will make
    you happy as you might be permitted to enjoy money freely and
    you happen to be not pressurized to produce the payments at one go Daffodils By William Wordswort
    these fundamental components from the holiday can range from $10-15 approximately $50, depending about the complexity and
    popularity from the particular costume.

  • Hello excellent website! Does running a blog such as this take
    a great deal of work? I have very little expertise in coding however
    I had been hoping to start my own blog soon.
    Anyhow, should you have any recommendations or techniques for new blog owners please share.
    I understand this is off subject nevertheless I simply wanted to ask.

    Thanks a lot!

  • Hi there, I wish for to subscribe for this web site to take most recent updates, thus where can i do it please help out.

  • It’s enormous that you are getting thoughts from this paragraph
    as well as from our dialogue made at this time.

  • And now which you know the options at the disposal, it is possible to proceed and apply for one right away Hermes Bags UHJ7037 search term of omega customer care pay day
    loans you will discover 1000 lenders from this web.

  • Fantastic goods from you, man. I’ve take note your stuff prior to and you are just too fantastic.
    I actually like what you’ve received here, really like what you are stating and
    the best way through which you are saying it. You make it entertaining
    and you continue to take care of to stay it wise.
    I can’t wait to read far more from you. This is actually a
    wonderful website.

  • Howdy! I’m at work browsing your blog from my new iphone 4!

    Just wanted to say I love reading your blog and look forward to all your posts!
    Keep up the outstanding work!

  • You really make it seem so easy with your presentation but I find this topic to be actually something that I think I would never understand.
    It seems too complicated and extremely broad for me.

    I am looking forward for your next post, I’ll try to get the hang of it!

  • What’s up, I wish for to subscribe for this weblog to take latest updates, thus where
    can i do it please assist.

  • I’m curious to find out what blog platform you are working
    with? I’m experiencing some small security issues with
    my latest website and I would like to find something more safe.
    Do you have any solutions?

  • Hmm is anyone else having problems with the images on this blog loading?

    I’m trying to figure out if its a problem on my end or if it’s the blog.
    Any feed-back would be greatly appreciated.

  • I don’t know if it’s just me or if perhaps everybody else encountering issues with your website.
    It appears as though some of the written text on your content are running off the screen. Can somebody else please provide feedback and let me know if this is happening to them as well?
    This could be a problem with my internet browser because
    I’ve had this happen previously. Cheers

  • Hi superb website! Does running a blog such as this require a lot of work?
    I’ve virtually no knowledge of coding but I had been hoping to start my own blog in the near future.
    Anyways, if you have any recommendations or techniques for new blog owners please share.
    I understand this is off topic but I simply wanted to ask.
    Thanks a lot!

  • Hi, i feel that i noticed you visited my
    site so i came to go back the choose?.I’m trying to find
    things to enhance my web site!I suppose its ok to make
    use of some of your concepts!!

  • Neat blog! Is your theme custom made or did you download it from somewhere?
    A design like yours with a few simple tweeks would really make my blog shine.
    Please let me know where you got your theme.
    Thanks a lot

  • I just could not depart your site prior to suggesting that I extremely enjoyed the standard information an individual supply
    for your visitors? Is gonna be back often in order to investigate cross-check new posts

  • This design is spectacular! You definitely know
    how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!)
    Wonderful job. I really enjoyed what you had to say,
    and more than that, how you presented it. Too cool!

  • Excellent weblog right here! Also your web site lots up very fast!
    What host are you the usage of? Can I get your affiliate hyperlink to your
    host? I wish my website loaded up as fast as yours lol

  • This information is invaluable. Where can I find out more?

  • When some one searches for his required thing, so he/she wishes to be available that
    in detail, therefore that thing is maintained over here.

  • I must thank you for the efforts you have put in penning this website.
    I’m hoping to check out the same high-grade blog posts from you in the future as well.
    In fact, your creative writing abilities has inspired me to get my very
    own site now 😉

  • What’s up, just wanted to tell you, I liked this post.
    It was practical. Keep on posting!

  • Now, by simply going on their webpage, you’ll be
    able to sign up for a low credit score loan online and
    instantly know very well what form of interest levels and quotes you can anticipate to
    handle tickets for Carolina Panthers depressions are sometimes
    long and long, but they are brimming with many surprises along the way in which.

  • Hi there, always i used to check blog posts
    here early in the break of day, because i like to find out more and more.