Slashdot Mirror

As I pointed out above (But realized I may have placed the response in the wrong thread). It would be a good idea to compare critical sections in threads against coroutines as they both involve transfer of data between different functions without a context change.
Is it really worth using threads with coroutines can be done? Why do round-robin scheduling when you can simply have your functions call each other?

As long as they were going to talk about critical sections, shouldn't they have discused
co-routines?

Don't they both have to do with communication without a context change?

Codewarrior has some nice features for sure, but after the license fiasco at UK, I'll never use it.

Synopsis:
For intro to programing (CS115) the gods above decide it was time to move to an IDE, so packaged with our text(excellent book for intro C/C++ programing BTW), they bundled a copy of CodeWarrior 4 that had license keys that expired about a week after classes began. So the CS department had to scramble with Metrowerks to get new keys, but I kept chuging along with HTML-Kit, puTTY and the student webserver, with my ~home/bin mounted on my windows box. Every program was compiled with -ansi and -wall switches. I double checked on codewarrior to make sure it would compile before submitting programs, but that was about it.

This actually available in OSX (duh) and in Win2k (and XP, I presume). For 2k (and prolly XP) you have to buy an addon called WindowFX that does all sort of crazy UI things, but the best reason is to be able to set transparencies. Also, virtual desktops (to allow for multiple, full-screen apps to run parallel would be great to see worked into the mainstream (I hear XP has an implementation of this, and, of course, Linux WMs have done this for ages).

There's no need to buy anything. There are a number of freeware and shareware apps out there that will manipulate alpha blending in 2K/XP, mainly due to the fact that it's pretty damned easy to do programmatically. Also, alongside the more generic, modify-every-window type of apps, there are more specifically-targetted applications of alpha blending. For instance, there's <shameless-pimpage>Lucidamp for Winamp 2.x (I'll be working on a Winamp3 version soon that will hopefully be cross-platform, leveraging XFree86 4's new XRender extensions eventually) and my hack of the PuTTY win32 ssh client.<shameless-pimpage>

Also, if you're interested in adding alpha blending support to your win32 applications (called "Layered Windows" in win32 parlance), you can check out this MSDN page. Layered windows also go well with XP Visual Styles, so if you write win32 code, make sure you leverage side-by-side Common Controls to keep everybody happy.

There is little open source software for windows, because authors of open source software do not want to support microsoft.

Sorry, this is false. I run Windows 2000, primarily because this is the sole machine that both my girlfriend and I use, and she is not comfortable with Linux desktop environments. OSS I have installed right now? Putty, GNU Emacs, bash(under Cygwin), BitchX, and an IDE based on mingw32 that utilizes ports of gcc and gdb.

I have run the Gimp on Windows, but that's actually kind of jarring; GTK look and feel just smacked down in the middle of everything else. I probably would have gotten used to it eventually, though.

Do you honestly think we are rid of 'dumb' wintel boxes that can only 'telnet'?

Yes. If a Wintel box can HTTP, it can SSH. From Google.com, type in putty ssh and click "I'm Feeling Lucky" to be taken to PuTTY, an X11-licensed SSH client for Win32. (If your firewall restricts HTTP and FTP downloads of binary programs, it probably also restricts outgoing telnet and ssh.)

Bah, Eliza already passed the Turing test :).

Another TINI-based MP3 player is here [greenend.org.uk], although it's still in the planning stages.

One that has been tested and works is the MP3Elf, based on the cool Java-based TINI board from Dallas Semi. Another TINI-based MP3 player is here,
although it's still in the planning stages. The nifty thing about the MP3Elf is that it's open source _and_ hardware so you can build your own. They've sold some bare boards so you can assemble your own, although I'm not sure what they're planning for the future.

It's sounds as if these Linux admins handled the whole situation really badly although instituting a better security policy is not, IMHO, ever a bad thing.

> Alot of people wont use scp.

Yeah, well, it takes all kinds to make the world spin. Send them an sfx containing a shortcut and PSCP.EXE; if they're too thick to type ``pscp file luser@server:'' then they can click on the shortcut to do the post - how hard is that?

PSCP, like the interactive version (PuTTY), runs on all known Windows (win32s and beyond) and doesn't have any DLLs (or indeed any install) to cause the traditional tragedy-of-errors that happens so often on WIndows at install time.

AFAIK, there is no Open-licence SSH server for Windows - if anyone knows better, please email me *now* and tell me!

This legislation is already in place in the UK, leading Ross Anderson to conclude that he is an international terrorist (though not for economic reasons).

I use SecureCRT at work, PuTTY at home. SecureCRT does have a few more features, but it costs $100. PuTTY is fast, stable (more so then SecureCRT) and as has already been pointed out, tiny. I recommend it to all my customers. Get it at http://www.chiark.greenend.org.uk/~sgtatham/putty/

And doesn't SSH2 rely on DSA public keys? I don't trust them either, for pretty much the same reason that PuTTY doesn't (see the non-wish-list) - namely, that if anything goes wrong with the random number generator, it's the private key that gets compromised, not just a single session.

Can anyone more knowledgeable confirm or deny this?

For all you jingoistic Americans fearing an insult to your national hacking pride, rest assured by visiting At http://hacks.mit.edu/

In June 1958, four engineering students at Cambridge University put an Austin Seven van on the roof of the Senate House overnight. There's a writeup of the methods used and the story of that night, complete with diagram, written by one of the conspirators. It's a document worth reading for anyone planning to follow in their hallowed footsteps.

M

My opinion on it? Quit telneting into it and and install the dang free SSHD from the link that I mentioned above already!! :P Then go grab PuTTY (a Win32 ssh client, but great for all kinds of terms) if you're going to be connecting to it from another Win32 box.

As far as stopping and starting services from the command line, use "net (start | stop) servicename ". For example, now that you've installed SSHD (you did install SSHD, right? ;) ), you can stop the telnet service, which is named "TlntSvr" by typing "net stop TlntSvr".

To start it back up:net start TlntSvr

To list all running services:net start

One other thing, is that the services have both a short name and a long name (at least it seems like they all do). You can use either in the net start/stop command, but if the name of the service contains a space, you need to put quotes around the service name, like: net start "Perl Socket Service"

BTW, a good place to ask questions like yours is the newsgroup news://msnews.microsoft.com/microsoft.public.win20 00.cmdprompt.admin

Cheers,

Its license opens it up for any use whatsoever.

OpenSSL is under the LGPL so you can use it if you want, but you have to be able to relink with a revised version, so dynamic linking is the order of the day...

This is mailstart's primary purpose ... to let you check pop accounts. I don't use those third party things to get any of my pop accounts for this exact reason. I get fetchmail to check the pop servers that I can't encrypt to ... meaning that the only people who are supposed to rec'v that password (the pop server itself) are the ones who do.

Might sound a little lame, but I actually keep a copy of PuTTY in a www directory that I can get to from anywhere ... its about 200K, and supports ssh1 (the latest v also supports ssh2), so I can grab it really quick wherever I am (even on a slow dialup), shell in, use pine or whatever and never deal with sending a password in the clear. The only trouble with this method is if you hit a library/shop/lab that only has Macs ... ssh clients for the mac are rare things, or were as of about a year ago...

http://www.chiark.greenend.org.uk/~sgtatham/putty/

I realize its not the "web-based" sol'n you were looking for, but there are places that will give you a shell account, and I wouldn't be terribly surprised if several of them have fetchmail up and running. Toss a copy of putty into a yahoo! or geocities web directory that you can remember the location of, and your shell account is always accessible! :)

(that is, of course, unless the ISP you happen to be using firewalls outgoing stuff on 22 ...)

I'm surprised they haven't mentioned the TINI from iButton, it doesn't run Linux but a Java based OS and only costs $50, it's the size of a standard DIMM and includes a serial port, ethernet, and 1-wire bus. These things have various applications, somebody is building a MP3 player with one.

In the article, Kurt spends a couple of paragraphs expostulating on the lackluster way in which SSH clients present new/changed key issues. While I agree that SSH clients should be more strenuous in warning the user of new/changed keys, the failure to do so is not a fault of the protocol, simply of the writers of the software.

I use PuTTY on my Win boxes to SSH into my servers, and its messages are exactly as he says they should be... "Warning!", etc, so clearely, this is not a universal problem.

Also, AFAIK, there is no facility in the SSL/SSH protocols themselves to deal with alert messages such as this, although I don't think that the protocol itself is the place for these kinds of messages.

To put it succinctly, it's not the protocol's fault if a user blindly accepts these new keys as authentic.

Akardam Out

May I suggest Putty?
FAQ

May I suggest Putty?
FAQ

I can't count the number of times (in HTML or in any other language) I've accidentally left off the closing part of something (a tag, a comment, whatever) and inadvertantly nullified half of the file. Syntax highlighting is remarkably effecitve at preventing this and making you more productive overall (e.g. questions of "is that the right way to spell that reserved word" are moot when it's a different color when it's right).

On windows, my favorite programmer's editor ($20, 30 day trial shareware) is EditPlus. Small, fast, incredibly featureful and easy to extend. On Unix, Vim is the way to go (small, fast, simple interface you could learn in 10 minutes, syn coloring, etc.). If you're connecting into a remote unix machine to edit your code, check to make sure (ask the admins if need be) that your terminal emulator on the client machine is et right to support color (e.g. xterm-color for the $TERM variable).

If you're using windows and want a good free SSH and SCP (like a secure, network aware version of cp(unix)/copy(dos)), check out PuTTY SSH. Putty supports setting the TERM variable on login like I mentioned above. You can also use SSH to "tunnel" other applications over the encrypted stream (like FTP, checking mail, rsync, CVS, X11, etc etc.), but that's beyond the scope of this post (see the docs or do a web search).

--

First, get the cygnus (now owned by RedHat) toolkit . This gives you a great many unix type commands (tar, ls, cp, dd, less, cat, pwd, ftp, cut, sort, etc), and a real bash shell, and a decent terminal window. Just having the bash autocompletion and command line history is worth the price of download, not to mention your directory slashes now go the right way :)

Next, get yourself the activestate perl port for windows. This gives you perl, which combined with the cygnus toolset makes easy and highly portable scripts very easy to throw together.

Next, get the putty secure shell tools . This gives you pscp (like rcp, but better in every regard) and a pssh (a secure telnet replacement). These will both connect right up with a RedHat 7 system running the openSSH stuff right out of the box.

Of course, get the latest version of emacs for windows.

Finally, just for good measure, throw on Apache so you can serve up files in a pinch. This is handy in case you need to move files around with a system that lacks secure shell for whatever reason. Just throw together a quickie page and use browsers to do all the transfers.

I keep all these tools on a single burned CD (with room to spare). They are the first things I put on any system I use. With this toolset, windows goes from a useless development platform to a slightly annoying development platform, which is better then nothing when your clients require windows on your desktop box.

There's also PuTTY -- telnet, ssh, and scp for win32.

--

I'm a bit up in the air myself, and will eagerly pursue any other replies... in the meantime, maybe take a look at Coroutines in C. It's by PuTTY's author, and there's an example of such coding in it's SSH code apparantly.

1. Download PuTTY.
2. Save it as c:\windows\putty.exe or c:\winnt\putty.exe as the case may be
3. Rename the existing telnet.exe file in that directory as, say, win_telnet.exe
4. Rename (or copy) PuTTY.exe to telnet.exe

Wa-la, no more worries -- you now have a telnet that can handle ssh, that cuts & pastes simply by highlighting, has an unlimited scrollback buffer, and is supa-configurable.

Pull the same trick with, say, notepad.exe <-> gvim.exe, cmd.exe (or command.exe) <-> bash.exe, and install a few GNU programs (sed, grep, etc) in c:\winnt\system and you're well on your way to having a useful computer.

Have fun!

Because telnet is much more ubiquitous than ssh/scp? ... much to my chagrin...

much less turn it on by default?

Any installer worth its salt will let you TURN IT OFF before you boot for the first time. This, I can agree with. Joe User doesn't need telnet turned on automagically.

If only my win* users would use PuTTY, I could abolish telnet for good.

--

As for the parent post, ftp, if you use Kerberized ftp clients and servers, uses secure authentication, and can optionally encrypt the data. UNIX and Mac ftp clients are available, as well as UNIX ftp daemons. Recent RedHat distributions even come with MIT Kerberos V.

Check out http://web.mit.edu/kerberos/www

We use all these programs at my company (i'm the sysadmin), and they work very well.

-Ryan

Whenever anyone asks me for a hosting recommendation, I always recommend Seagull.

No, Seagull is not an ISP. While it would be nice to have a secure ISP, you're better off using any random joker for your ISP, owning your own domain name so you can relocate it in the event your service tanks (I discuss this in Market Yourself - Tips for High-Tech Consultants) and accessing the hosting service via SSH and SCP (secure copy). Note that it does no good to only use SSH - you have to use SCP as well.

Here's a sample SCP command line, in case you can't figure it out, it's very simple but I had a hard time from the man page:

scp foo.bar crawford@www.goingware.com:.

The above places file foo.bar in the home directory of user crawford on www.goingware.com.

scp crawford@www.goingware.com:web/index.html stash

This copies index.html from directory "web" on www.goingware.com and places it in directory "stash" on the local machine.

Please read my web page on Why You Should Use Encryption

Besides being a good service, it's a small enough company to offer personal service. I've sent support email to the webmaster at 2am his time and had the problem fixed and the mail answered within the hour.

But even though it's a small service, it's not a low-quality service. They have high-performance machines, they are in a good colo facility with a high-speed connection to the backbone, they upgrade their service regularly and the webmaster, Paul Celestin, is just a damn nice guy.

I'm not sure if he still publishes it but Celestin used to produce a CDROM full of useful free source code for the Macintosh. Some of my own Mac open-source programs were on it.

These are the sites I personally have located there:

• http://www.goingware.com/ - My consulting company, GoingWare Inc. My livelihood depends on the reliability of this site.
• http://www.wordservices.org/ - Seagull hosts this public-service site for free in exchange for me placing a small banner ad on some of the pages
• http://www.geometricvisions.com/

I have a couple tips for you on checking email. I use PGP when I'm trying to be secure, but it's really not that much that I really care for complete security. But I just don't like people snooping on me, mostly I think it's none of their damn business what's in my mailbox even if it's spam.

So mostly I read my email at seagull using elm while logged in via SSH, and when my mailbox gets big, I move it to my home directory and copy it to my home machine via SCP:

goingware$ cp /usr/spool/mail/crawford ~

goingware$ echo "" /usr/spool/mail/crawford

back on my home machine:

C> pscp crawford@www.goingware.com:crawford .

It is also possible to download your email via POP with SSH via port forwarding. I describe this on the BeOS Tip Server. It doesn't seem to be responding right now but if you go to its search and enter "ssh" you'll find the tip I submitted called something like "Secure email download via ssh". The instructions have some BeOS specific items but most of what's there will work on any systems.

Don't have SSH? Try one of these:

• Nifty Telnet/SSH for Macintosh - includes a graphical SCP client!
• putty for Windows (also supports NT/Alpha) and pscp for secure copy
• CygWin - a GNU environment for Win32 - use bash, compile with GCC, a lot of linux code builds right out of the box in Cygwin
• The Secure Shell Community Site
• SSH Communications Security (commercial)

Relevant URLs:
Dan Bernstein's page. Home of Qmail and djbdns.
The OpenBSD and OpenSSH home pages are full of useful information.
PuTTY, a free Windows SSH client Great for on road trips, internet cafe's, consulting, etc.
Mutt, the One True mail client. Takes some getting used to, a good .muttrc doesn't hurt either.

People seem to overlook qmail when setting up a reliable, secure system. Having dealt with Sendmail and Qmail, I would suggest the latter to anyone who cares about security or performance. The same logic applies to BIND vs. djbdns.

Hacking away from the inside can be the only thing that keeps you sane. When I found that our corporate http proxies were blocking chiark I started playing with ways to avoid them. So far I am winning (witness this post), but I have had the interesting experience of having my home IP address blocked at the corporate firewall.

Sometimes it doesn't seem fair. After all, if they had any brains at all they wouldn't be working in information security, would they? But they have all the budget, and all the hardware, so it evens out.

At the time of writing, this is the first non-troll post.

--

I use SSH for my personal email as well. For me, the primary upshot was that it was secure, but there was the added benefit of not needing to use the crappy Windows telnet client. Using puTTY is almost as good as having an xterm, anyway.
--

Alex Bischoff
Interested in building a roof over your cubicle?
---

Well, our 'official' emulator at work is Teemtalk, by Pericom. It's worth going to their homepage just to marvel at the world's longest ALT tag. Teemtalk is pretty useful, with a lot of configuration options and a wide emulation range. But, as one of the first posters said, puTTY is the way to go. It's os, it has ssh, it's lean, and it works like a dream. It's not extensively documented (except for the fact you can read the source code), but it doesn't really need to be: run it, and go. Beautiful.

• can handle ssh and telnet
• can resize the window
• can define your own colors
• and fonts (I think)
• nice and small, just an executable; no installation process

PuTTY is a very usable, free Win32 ssh/telnet client.

It has the added benefit of being small. I have it up on my webserver so that if I'm on some random Win9x/NT box with a net connection, I can punch in a URL and have PuTTY come up so I can log into my computers at home. Even over a 56K dial-up connection, it only takes a minute or so to download.

_/_
/ v \
(IIGS( Scott Alfter (remove Voyager's hull # to send mail)
\_^_/

"free/legal clients for Mac and Windows."

Putty for Windows

and

NiftyTelnet 1.1 SSH for the Mac.

I've used both and they work well

For MacOS, there's NiftyTelnetSSH, which includes SCP support. (and decent, fast terminal emulation, unlike NCSA telnet.)

All these programs are gratis, but NiftyTelnet might not be libre. (PuTTY and pscp are.)

For Unix, of course, there's OpenSSH.

For VMS, there's an FAQ, which recommends a server and a client.
#define X(x,y) x##y

Try puTTY. A nice, one-binary-only windows client that is Free!

That is a very nice program, thank you for telling me about it. It makes windows much more bearable. Though there could be patent issues for it in the US (an issue for colleges who want their students to use it), it looks like they will clear up soon (in September 2000). I'll definitely suggest it when I get back on campus in September (though it could be more well documented...).

Also, I didn't see anything about port-forwarding when I wandered through the webpage or in the program itself. But that could probably be added fairly painlessly, if it isn't in there now.

Just as an aside; how recently is it that SSH has become a standard part of Linux distributions.

I has been a standard part of at least the non-free parts of linux for around 2 or 3 years AFAIK. Now that OpenSSH is out, it is essentially standard on all systems where it isn't specificly unwanted.

-nh

I wrote:

Given that SSH implementations are now available on most any platform you care to mention, telnet should rightly be regarded as a legacy protocol. Anonymous ftp obviously has its place, but the 'nonymous' version could easily be supplanted by SCP style functionality

kawaii wrote:

Except that on Windows, ssh is not a stock part of the OS (there are /no/ free versions that I'm aware of, and even the pay versions don't seem to support tunnelling[1], etc), and there is no secure way to access email, ftp, etc. IMHO this is one of the worst aspects of Windows (low emphasis on security), but it means that there is no way to force security without more work than most people are interested in.

You need some PuTTY - it makes Windows usable. It's a free SSH client for Windows, that also (if I remember correctly) supports port-forwarding etc. It is released under the MIT licence (kinda similar to the BSD licence) which is 'Open Source certified'.

Just as an aside; how recently is it that SSH has become a standard part of Linux distributions?

Cheers, Nick.

PuTTY is a very usable, free Win32 ssh/telnet client.

I also struggled with TeraTerm.

why don't you check out 'PuTTY' it's a telnet/ssh/raw client:
http://www.chiark.greenend.org.u k/~sgtatham/putty/

it works great !

(plus it has basic xterm mouse-handling !!! so you can just cut'n'paste between Windows and the terminal with your mouse-buttons !!!)

--
Dutch Linux Users Group

--

fixed

The main reason I like it is because it's just one .exe file. I always find when I'm in need of ssh there is no ssh-client installed on the machine I'm working on...
PuTTY doesn't waste my time with fancy installshields: you download it and you start it. That's it.

I must admit most of the time I'm working on unix machines, PuTTY is just to fill the gap... :-)

http://www.chiark.greenend.o rg.uk/~sgtatham/putty.html

I use PuTTY. a win32 ssh client and have found it works great. Supports color terminals, resizable windows, multiple connections, etc. Plus it's 1 file. No .dll's and it fits on a floppy.... Click here for the home page..... jeff_C

Check out mindterm (a Java SSH implementation) and PuTTY (a Free Windoze Telnet/SSH)

1. Putty

3. LiteStep

Not that either of these makes Windows perfect, but definitely a lot more usable.