It seems every spring I have to find this video and I always wished I had a simple written record of the steps, so here it is for myself and for others.

Melges Rigging Video

1. Attach head to halyard, luff (green or blue) toward bow, halyard on port side of headstay
2. Run the leech (red) to the clew
3. Attach sheets to clew
4. From the head, run the luff (green or blue) to the tack
5. Make sure the tack line is running over the top of the spinnaker sheets and to port of the headstay
6. Attach the tack line to the tack
7. Ensure the douser runs under/to port of all lines and under the roller (if installed)
8. Run fr…

Read full post →

Since the early days of smartphones -- I had a Treo 600 back around 2005 -- I have been on call in some way...

All that has changed now because of two things:

1. I started using locally-running AI to filter and eventually triage first my email, then most of my incoming notifications and
2. I got an Apple Watch with LTE service, which has allowed me to still be reachable but minimally so.

Read full post →

Motivation

The world is out of IPv4 addresses. While some can be bought and traded, ARIN is no longer issuing new assignments to organizations in the USA. My WISP, Black Mesa Wireless, came up against this problem last year when we asked ARIN for another block of IPv4 addresses and were told we were out of luck. While some ISPs NAT many customers through a few public IP addresses, there are many reasons not to do that and I refuse to. We assign each customer a public IP address. Now we will have to assign most of them IPv6 addresses only, and not IPv4. It's easy to get an allocation of IPv6 a…

Read full post →

I picked up some older Supermicro machines from eBay (GREAT way to get some real server hardware, btw), but they have a VERY old IPMI firmware and no way to upgrade to a more modern version. They can't do standard virtual media -- you have to specify a SMB share with an ISO on it to mount. Once you do that, you have to make it bootable in the BIOS and move it up the boot order. I wasted about an hour trying to figure out why I couldn't enable the device "PepperC Virtual Disc" in the boot order -- the answer is, you have to use the 'x' key to remove unused devices from the 8 available boo…

Read full post →

I recently migrated my system to NVMe drives (great decision, by the way), and part of my reason for doing so was much faster swap, for some outrageously memory-hungry finite element mesh generation stuff. I also wanted to enlarge the swap. I use LVM on top of software RAID, and encrypted home directories on top of that, which means the Ubuntu automatically set up encrypted swap for me. I had a non-encrypted swap volume at: /dev/vg0/swap I didn't have much luck finding information about how the cryptswap is set up by the installer, which is why I'm writing this. It turns out that the …

Read full post →

This is a guest post written by Steve Goertz after he solved this particular issue. Use:

• Filtering and forwarding all emails received by exim4
• Filtering by specific email components (sender information, subject, etc.)
• Forwarding all filtered emails to a specific email address or email addresses

Assuming a working instance of exim4: Create a filter file for exim4 using the appropriate filters and syntax as found in the exim4 filter documentation here: http://www.exim.org/exim-html-current/doc/html/spec_html/filter_ch-exim_filter_files.html You may want to create a directo…

Read full post →

I've been cycling a lot this season, but off-leash dogs are the rule here rather than the exception. They like to chase me on the bike, and even the ones that don't seem likely to directly harm me are liable to cause an accident. To combat this, I use pepper spray. To keep the pepper spray handy, I use this simple device I found on Amazon.com. I was skeptical when I first saw it that it would be stable enough, but actually it has worked quite well. I use Fox OC spray with it, and it has never failed to stop an aggressive dog. The spray is a bit pricey, but if you ride the same route or route…

Read full post →

I am studying for the General license exam and came across question G8B07 (as of April 2015, it will change at some point), asking the following:

What is the frequency deviation for a 12.21-MHz reactance-modulated oscillator in a 5-kHz deviation, 146.52-MHz FM-phone transmitter?

The answer is given as 416.7 Hz, but I looked and couldn't find an explanation. Finally I found one here, sort of. After reading about how the FM phone modulation is done and puzzling a bit at the numbers it became clear. To understand the question, you must understand that the reactance-modulated oscillator produ…

Read full post →

My wireless ISP (WISP) uses the Mikrotik hotspot feature with RADIUS on the back end to authenticate our users. This implements a captive portal that redirects all DNS requests so that the user is taken to a login page if they're not logged in. Once they log in once, the system associates their radio with their account, and they don't have to log in anymore under normal circumstances. However, once logged in, users still have all their DNS requests proxied through the routers. A lot of users want to use their own DNS (like OpenDNS or Google Public DNS), and that's fine with me, but a user r…

Read full post →

And it's looking good today. :)

I am not an expert on this, I just wanted to document a problem I had and a solution I found today, in a concise way. Comments correcting me or suggesting better ways are very welcome. I have a network running OSPF internally, and advertising routes to the upstream ISP over BGP at two separate edge routers (multi-homed, single ISP). We discovered last night that internally bringing down any of the subnets we advertise results in the dropping of those routes from the tables of the edge routers (as expected). This drops the advertisements. What we did NOT expect was that flap damping from ups…

Read full post →

I have been trying, without success, to come up with a cogent explanation of my thoughts on firearms ownership by citizens, government tyranny, those that call for violent revolution, and the costs of police and military intervention. This post is my first attempt to lay out those thoughts in an integrated way. It was prompted by this tweet, though I had been thinking about it before.

Worth linking again. Too late to overthrow the American gov't with guns. Be a grown-up and get politically active. http://t.co/ROwk8yQrvy

— Les Orchard (@lmorchard) October 17, 2014

The founders of the US …

Read full post →

This started out as a very different post. It was going to be a post about weev. Gradually, with the latest Snowden leaks and some other current news, it has become something else. I actually abandoned that draft to start fresh. I truly believe in American exceptionalism, for one reason only -- I believe that this country was founded as the most true embodiment of Enlightenment principles that has ever been intentionally created on this Earth, though I don't believe we've always maintained those principles. We have, perhaps, the strongest protections for freedom of speech in the world. W…

Read full post →

It seems like every time guns are in the news someone misuses terminology, usually in the name of making something sound scary. I'm posting these here so I can refer back to this later.

• Semi-automatic = loads another round after a round is fired, requires a trigger pull for each shot. Basically any modern gun that's not break-action, lever action, pump action, or revolver.
• Fully automatic = can fire multiple shots with one trigger pull
• Assault rifle = fully automatic rifle
• Assault weapon = anti-gun term made up to make semi-automatic weapons sound more scary
• Magazine = holds bullets

Read full post →

If you, like me, live in Gnome Terminal all day and have been frustrated with the recent color scheme changes (particularly, that that the active tab is nearly impossible to distinguish), you will probably find this handy. Worked great for me. Highlighting the active tab in Gnome Terminal.

If you want to be able to pass VLANs along to your linux guests from a linux KVM host, there's a trick. The most common way is to create special bridges for each vlan you want to pass, but that's a big pain. Such an approach is detailed here. After a surprisingly large amount of searching, I came across this article, which details the first way, and then another -- the way to trunk vlans to KVM guests. Here's the key quote that made me understand what I needed to do:

The difference is that when subinterfaces are defined on eth0, as noted previously Linux will strip the vlan tag, but…

Read full post →

I bought some cheap Acer c710 chromebooks, used, off of eBay for WISP use. One as a loaner for customers complaining of speed problems, when we suspect their systems may be the culprit. The other I'm testing as a field laptop for use in the WISP. We keep the management interfaces of our equipment on a separate VLAN (802.1q), and frequently need to access that VLAN in the field. I couldn't find any information online about whether this is supported in Linux. Once I got the chromebooks, I put one in developer mode, and found that the 8021q kernel module is already available. That's good, b…

Read full post →

I have a solar-powered communications tower site for my WISP running on the MPPT60 as listed in the title. That controller is way more charge controller than I needed for the site, and pricey too, but I bought that one because it has a built-in network-connected monitoring and management system. Usually I just check the web interface to make sure everything is good. It can be a little flaky and today it stopped responding. I didn't want to have to cut power to the device, maybe possible without taking down my tower equipment's power for a few minutes, maybe not, and wanted to make sure it w…

Read full post →

I recently did a linux reinstallation on my workstation after more than 4 years of cruft accumulation, but couldn't get ssh to work with my cryptostick. I did all of the normal stuff required to disable ssh-agent and enable ssh-agent support in gpg-agent. Turns out I needed to install the 'gpgsm' package (on Debian/Ubuntu), which replaces the normal gpg-agent with one that supports a smart card. I'm posting this mostly for my own reference, but maybe it will help you too.

New treadmill from wal-mart since the old one died. < $300.

For whatever reason, LG doesn't seem to feel like they need to post the TONE+ HBS-730 Manual on their web site. I looked like crazy online for it before realizing I still had the original box and manual. So here for your reference and later mine, is the scanned manual in PDF. English only, sorry. LG_TONE+_HBS-730_manual_scanned_allpages

This is the second in my "So you want to be a Linux sysadmin?" series. See the first post here and the category here. Now that you have completed Assignment 1 and have a working sandbox Linux system installed, it's time to cover the basics. First, when I started using Linux, I got a boxed set of RedHat that included a nice cheat sheet sticker to go on a keyboard wrist rest. In lieu of that, I just saw this posted today. I recommend you keep it bookmarked and perhaps printed out for reference: Linux Command Shelf Cheat-Sheet. There's a PDF for download on that site. I also recommend you s…

Read full post →

Introduction

There is a shortage of good Linux system administrators. Some friends of mine have an interest in helping to fill that shortage, so I have finally decided to embark upon a series of blog posts based on my experience. First, let's get some things out of the way.

Qualifications

There are plenty of linux sysadmins out there, with varying degrees of experience, and varying methods and opinions. I do not claim to be the leading expert on the subject, I'm just trying to write up what I do know. Constructive comments and suggestions are welcome. People telling me what an idiot I am …

Read full post →

Back when I was, I think, 15, I had the opportunity as a Boy Scout to do a two-week backpacking trek at Philmont Scout Reservation in Northern New Mexico. It was a fantastic two weeks. I learned a lot, lost a ton of weight, and climbed to the top of a mountain called Baldy Mountain, which peaks at about 12,500 feet. To this day I remember how hard I had to breathe, 3 breaths per step, to make it to the very top. I don't think I ever expected to return to Northern New Mexico. Since moving to Northern New Mexico, living only a 2-hour drive from Philmont (and make no mistake, my memories of Ph…

Read full post →

I now have a cluster with InfiniBand network hardware in my garage. This is my bitcoin mining cluster that I've had running for a few years. Last summer I upgraded the CPUs from the cheapest available (Sempron 140s) to something faster but compatible with the same motherboards (Phenom II X4 975 BEs) so that I could run simulations for work, but I ran into scaling issues using 100 Mb/s Ethernet. At that point I got a cheap TrendNet gigabit switch and switched the cluster over to that, and I was able to scale across 2-3 machines (8-12 cores), but after that things really started to slow down. …

Read full post →

I am building an AR-15 from a stripped lower receiver, and had read that it is good to have a vise block to hold the lower in place while installing parts. Rather than buy one, I was going to 3D print a magazine to use for this purpose. However, I was happy to see that defcad.org as a vise block ready to print. I'm warming up the printer now.

UPDATE 2013-04-29

I have created a github for this here. If you have patches please submit pull requests!

UPDATE: I continue to update the kernel as more fixes make it into git. You can check all of the Pixel-related files I'm posting in this Drive folder.

UPDATE 2013-03-27: New kernel with fix for the audio pops, see my G+ post from today.

The Chromebook Pixel is a very nice (if expensive) piece of hardware, designed to run Chrome OS, which is a variant of Linux. Since being noted as favored by Linus Torvalds, inventor and lead maintainer of Linux, support for the various Pixel hard…

Read full post →

The title sounds really cheesy, I know, but this is a subject near and dear to my heart. This post has been on my to-do list since at least October of 2011, possibly earlier. I also want to preface this by saying that I don't know that this is an original idea -- I don't claim it to be, but last time I looked I couldn't find anything tying these three concepts together in this way. I welcome comments pointing me to other, better work. Disclaimers made, here we go. I think that to succeed in any endeavor, you need three things: motivation, aptitude, and skill. Briefly, I will define these as…

Read full post →

The Vinagre VNC viewer included in GNOME on Linux does not currently allow more than 8 characters in a password due to historical limitations of the VNC protocol. Apple has somehow (and I don't pretend to understand this) extended the protocol to use both a username and a password, including passwords longer than 8 characters. Someone provided a patch to the Vinagre project to fix this over six months ago, but they blew it off. I went ahead and patched the source and rebuilt the package on my x86_64 Debian Wheezy/Sid system. You can download it from here, and go pester the developers to…

Read full post →

I have been using Fujitsu ScanSnap double-sided auto-feeding scanner for years. I started with a Mac model (S300M I think? no Windows drivers?) and then moved to a Windows model, the S1500. For the last couple of years I've been running a Windows virtual machine in VMWare Workstation primarily so that I can use my scanner and the included OCR features (turn scans into text). Recently, I've been having a lot of trouble with VMWare Workstation, and I run libvirt/qemu-kvm on my web server, so I decided to try it on my workstation as well. It works pretty well for Windows 7, not a fast as VM…

Read full post →