Jan-Piet Mens

I need to provide secure file copy to clients, simultaneously forbidding them to log in to our systems. To this effect I'm looking at rssh, the restricted shell for use with OpenSSH and the other alternative known to me, which is scponly.

Both tools do their job. rssh is more flexible in its configuration, and I know for a fact that it is also used by some large Internet Service Providers (ISP). Both tools support chroot jails which is good.

rssh appears to have the better logging features, but it lacks subdirectories in chroot jails.

On the other hand, scponly supports home-directories in the chroot environment with the // syntax (/var/chroot//home/jpm), meaning the chroot jail is in /var/chroot and the initial working directory is in /home/jpm thereunder. Unfortunately, there is no way to lock a user into the jailed home except by restricting permissions of the directories above (more like security through obscurity). I could of course create a chroot for each user, but that is cumbersome and a huge waste of disk space…

I've tested both tools with OpenSSH's SFTP, as well as with Windows versions of WinSCP and FileZilla without any issues, but I still have to make up my mind on which to use.

I've updated whatmon to support Firefox 2.0. Go grab it.

According to the release notes, version 8.2 of PostgreSQL (which has entered beta testing) supports native LDAP authentication. This is good news as it allows platforms without PAM support to use an LDAP directory for authentication.

The news that Serbia & Montenegro now have their own top-level country domain names (rs and me respectively), opens up a load of new possibilities for amusing domain names: perl.re, kiss.me, etc.

My Nokia 6230 has had some wear and tear, and I wanted a new phone with a better camera, so I have ordered a Nokia N70 which will also be my first Series 60 phone.

I've been looking for a new mobile phone for some time now. Some of the Sony Ericsson phones are both good looking and feature-packed, but I wanted to stay with Nokia. I've owned a 1011, a 2120, a 6120, a 7100 (now used by Hanna), and a 6230 and have always been quite pleased with the devices.

I'll admit to have had an eye for the N73, but it is too expensive for my needs.

Offensichtlich ist es die Bug-Woche: beim Internetportal des Bundeszentralamtes für Steuern habe ich folgendes Denglisch (oder Germisch) entdeckt:

Nachdem ich das Formular ausgefüllt hatte, wollte ich es drucken:

After some testing, the tools I wrote for pushing out pages to BlackBerry devices via MDS are going into production starting today.

As a reminder, the tools and documentation are here.

SQLiteDBMS delivers

a database management server for SQLite. It allows an sqlite3 process to be accessed via a TCP/IP network. It provides Extended SQL, SSL, basic authentication, query caching, WebDAV, access control, and replication. It includes a simple Web server that takes HTTP requests and sends XML responses.