Episode 617 – Certificate Authentication, Persistent Live Linux

Forget typing your password to SSH, Certificate based Authentication is where it’s at. Darren demonstrates with an Interceptor, Dropbear and Ngrep. Want a Linux Live USB key with persistent storage? Shannon has just the tool. Plus your picks on SSH tools and answers to your WordPress questions.

Download HD Download MP4 Download XviD Download WMV

SSH Feedback

After bantering about our upcoming travels to Waynesville, Missouri and Toronto, Ontario and a little griping about zipit segmentation faults, we get into your feedback on recent SSH segments.

Dzaztur recommends Gnome SSH Tunnel Manager. It’s a sleek front-end for managing SSH tunnels, port redirects and more. Tunnel configuration is stored in a simple XML formal, great for portability, and the tunnels can be managed individually through one simple GUI. Thanks for the tip Dzaztur

Lozo points out that Mac OS-X has SSH built into the terminal, much like Linux. So true. We banter with Paul-the-camera-guy about the Mac OS-X kernel, which turns out is XNU — an accronym for X is Not Unix. So there ya go!

Sp4m says if you’re running Firefox over SSH you might want to look into remote DNS lookups. By default DNS lookups aren’t done through the proxy. This can be resolved by typing about:config in the address bar, and enabling the network.proxy.socks_remote_dns setting. Thanks Sp4m.

And Finally Post_Break from < a href="http://iamthekiller.net/" target="_blank">IamTheKiller.net points us to Secret Socks — a SSH Socks Proxy GUI front-end for Mac OS-X that he likes a ton more than SSHTunnel 1.6. [Edit: We made a mistake and called it Secure Socks in the segment]

And finally we go kitteh before moving on…

Certificate Authentication for SSH

In this segment Darren explains why certificate authentcation is a bajillion times better than password authentcation and demonstrates the configuration using Ubuntu 9.10 and an Interceptor running OpenWRT Kamikaze. This forum thread details setting up authorized_keys with Dropbear — the SSH daemon that comes standard on OpenWRT.

Next week we’ll be breaking this down with a little Man-in-the-middle action. Until then send your feedback to [email protected]

Build a free Linux Live USB Key in minutes

when it comes to finding the right Linux distribution for you it’s best to try a bunch out. And what better way then to make some bootable Live Linux USB keys? Shannon demonstrates Linux Live USB — a Windows tool that makes it super simple to build a Linux USB key in minutes. It features automatic distribution downloading AND Persistence!

Questions on WordPress Theme Hacking

Ricky writes:

I just recently started using wordpress, and I am having alot of trouble trying to design a layout for it, I was wondering if you had any references or anything to help me learn how to do this, I understand HTML and only know a little of PHP. Any help would be greatly Appreciated.

Darren recommends setting up a local LAMP stack, that is to say the web server, database and scripting language to support a WordPress install. The easiest way to get started is with either WAMP on Windows or XAMPP on just about any platform.

The WordPress install is dead simple.

Mostly I use PHP.net as my go to resource, but we’ll also be hooking you up with a copy of Mario Lurig’s PHP Reference: Beginner to Intermediate PHP5. Hope that helps. ๐Ÿ™‚

The WordPress Codex is also an invaluable resource when you really get your hands dirty when theme code. Things like the loop and trim_excerpt are well detailed. Once you start learning the WordPress functions you’ll realize what a powerful content management platform it really is.

And finally we recommend WordPress.org/Support for their forums. If you know of a better forum for WordPress Theme Hacking please let us know!


  • Pingback: Certificate Authentication, Persistent Live Linux | ./h43x

  • Soupman

    Really great episode as always guys(despite waiting all day for it!). Might have to go re-read up on SSH because Darren’s segment seemed to move a little too fast for me, although I still learned from it.

    so, so stoked about that Linux USB stick tool. I have been trying out ubuntu amongst other distros using unetbootin and literally wishing there was a tool like this. Thanks for the heads up!

    Also wut wut in the butt reference…. made me laugh, hard.

    Can’t wait for the next episode, peace ๐Ÿ™‚

  • sp4m

    About remote-dns it’s not only that dns goes over the line so 3rd can see where you’re going. 3rd party can also dns-spoof you to ev0l server. Play safe, remote DNS is the only way to go ๐Ÿ˜‰

    Love your show, keep going!

  • Craig

    I would also like to point out Zend Server for developing local websites. The community edition is free, easy to use and available for Linux and Windows. It ties in great with Zend Studio to for those who go for that commercial IDE route. I’ve been using it a while now after my Uni lecturer suggested it and I’ve had a much better experience with Zend Server than I have with XAMPP – give it a try!

  • geeked

    Hey guys! Great show. Just wanted to point you in the correct direction for using ScummVM at a decent size. Hunter Davis posted up an excellent video on YouTube detailing how to set the scale size on the software so that it actually looked right on the Zipit. Here’s the link to the entry on his blog: http://hunterdavis.com/archives/253

  • Techno

    Great episode! I really enjoyed the USB stick tool and I am working on that now.
    Also, I cannot wait for next week to see the breakdown of the SSH segment. Keep up the great work!

  • winggeek


    all the way from ireland ….you guys should come here :-)…. great show ๐Ÿ™‚ can the new usb app do multiple os on one usb and save the files ? or do you do the method like in unetbootin where i edited the menu list file and copied the files across one os at a time to form a multiple os usb with a user unique grub menu ๐Ÿ™‚


  • system error

    I used the LiLi USB Creator with Ubuntu 9.10…wonderful awesomeness as expected. Curious if anyone knows how to get this going with Dreamlinux 3.5 (gnome)? It throws the error message that it’s not supported but there’s certainly a workaround out there somewhere! I really wanna do that, and also get grub2 loaded on there to boot my ISO files. Anyay, thanks for another awesome episode!
    BTW, absolutely LOVED the “Until next week, we’re reminding you…[usb unplug/replug]” ๐Ÿ™‚

  • Pingback: Hak5 โ€“ Technolust since 2005 ยป Episode 617 โ€“ Certificate … | Linux Affinity

  • Ryonni

    Awesome Darren,
    Keep up the good work. Loved the episode otherwise. A ton of cool things you both had going. Can’t wait to see the next episode and all the other goodies you guys have.
    Have a great weekend.

  • soupman again

    lili USB creater is kinda buggy (for me).

    When running Ubuntu 9.1 in the VM I get some read/write errors and struggle to run programs. Also when trying to boot from the drive, before the graphical boot screen loads I get an I/O error. This is using a sanDisk Cruzer 2gb. I guess my drive is unsupported :/

  • Shadowplay

    Stupid me I ran virtual box from the stick after installing puppy, thinking it was going to run from MY installation of VB already installed on my laptop. So now I get that error she was talking about and all the installs on my VB seemed FUBAR now. : (

    How did she ever fix her error? Or do I have to install all my damn OS’s again in VB?

  • Shadowplay

    Checking in again… I was able to restore my VB OS’s since I had a backup in my user folder. I don’t even know how the backup got there, but it had the full backup of my OS’s. So I was able to restore the .vdi files and other needed files thank goodness.

  • skimpniff

    Great show guys. Does the Live Linux USB function in a way that facilitates multipass USB’s any easier, or is it just a one distro per stick tool?

  • soupman


    I think it works on a 1 install per stick basis. However You could try install another OS on in (making sure to un-check ‘format with FAT32’) and it might work.

  • cosmophobia

    Hi guys , my name is Rosen. Since i started to watch some of your episodes i am getting “in shape” for my examination after one month. You guys make awesome clips and i would like to start from the very first, because i feel i can learn a lot of things. However i am following this episode and i have one simple question:
    I did well with the wlan0 settings , but when i want to connect to with SSH tunneling, my terminal tells me : no route to host. Now i am newbie , but i still know that is the gateway for my network. What am i doing wrong and how can i make a breach to the router. Does my router necessary support SSH ?

  • ??

    ???????????? ????????????????????PAC???????I/O??????????I/O????????????????????????PC??????????????????????????????????????????????????????????????????????????????????????????PAC???????I/O??????????I/O????????????????????????PC??????????????????????????????????????????????????????????????????????????????????????????www.luycontrol.com?[url=http://www.luycontrol.com]????[/url].

  • golf store franchise

    Hi there, just became aware of your blog through Google, and found that it is truly informative. I am gonna watch out for brussels. Iโ€™ll be grateful if you continue this in future. A lot of people will be benefited from your writing. Cheers!

  • Quinn Unga

    Its like you read my mind! You seem to know a lot about this, like you wrote the book in it or something. I think that you could do with some pics to drive the message home a little bit, but other than that, this is fantastic blog. A fantastic read. I’ll certainly be back.

  • il lottery

    The larger the deposit, the improved motivation you buyers show to complete
    the agreement il lottery when tires remain outside for a number of weeks, their gum hardens.

  • Daffodils By William Wordswort

    Taking financing handle lasting repayment schedule will make
    you happy as you might be permitted to enjoy money freely and
    you happen to be not pressurized to produce the payments at one go Daffodils By William Wordswort
    these fundamental components from the holiday can range from $10-15 approximately $50, depending about the complexity and
    popularity from the particular costume.

  • http://tinyurl.com/268a92b20049c0870f639a93e90576fb

    Hello excellent website! Does running a blog such as this take
    a great deal of work? I have very little expertise in coding however
    I had been hoping to start my own blog soon.
    Anyhow, should you have any recommendations or techniques for new blog owners please share.
    I understand this is off subject nevertheless I simply wanted to ask.

    Thanks a lot!

  • Hermes Bags UHJ7037

    And now which you know the options at the disposal, it is possible to proceed and apply for one right away Hermes Bags UHJ7037 search term of omega customer care pay day
    loans you will discover 1000 lenders from this web.

  • Sandi

    Fantastic goods from you, man. I’ve take note your stuff prior to and you are just too fantastic.
    I actually like what you’ve received here, really like what you are stating and
    the best way through which you are saying it. You make it entertaining
    and you continue to take care of to stay it wise.
    I can’t wait to read far more from you. This is actually a
    wonderful website.

  • CriseldaKDotts

    Howdy! I’m at work browsing your blog from my new iphone 4!

    Just wanted to say I love reading your blog and look forward to all your posts!
    Keep up the outstanding work!

  • ScottieBGrboyan

    You really make it seem so easy with your presentation but I find this topic to be actually something that I think I would never understand.
    It seems too complicated and extremely broad for me.

    I am looking forward for your next post, I’ll try to get the hang of it!

  • GilberteWGoates

    I’m curious to find out what blog platform you are working
    with? I’m experiencing some small security issues with
    my latest website and I would like to find something more safe.
    Do you have any solutions?

  • ChristeneIQuimet

    Hmm is anyone else having problems with the images on this blog loading?

    I’m trying to figure out if its a problem on my end or if it’s the blog.
    Any feed-back would be greatly appreciated.

  • MosesLGalves

    I don’t know if it’s just me or if perhaps everybody else encountering issues with your website.
    It appears as though some of the written text on your content are running off the screen. Can somebody else please provide feedback and let me know if this is happening to them as well?
    This could be a problem with my internet browser because
    I’ve had this happen previously. Cheers

  • CarrolGFjeseth

    Hi superb website! Does running a blog such as this require a lot of work?
    I’ve virtually no knowledge of coding but I had been hoping to start my own blog in the near future.
    Anyways, if you have any recommendations or techniques for new blog owners please share.
    I understand this is off topic but I simply wanted to ask.
    Thanks a lot!

  • AleshiaCLudlam

    Hi, i feel that i noticed you visited my
    site so i came to go back the choose?.I’m trying to find
    things to enhance my web site!I suppose its ok to make
    use of some of your concepts!!

  • CaitlinMDandrea

    Neat blog! Is your theme custom made or did you download it from somewhere?
    A design like yours with a few simple tweeks would really make my blog shine.
    Please let me know where you got your theme.
    Thanks a lot

  • DoretheaKWimsatt

    I just could not depart your site prior to suggesting that I extremely enjoyed the standard information an individual supply
    for your visitors? Is gonna be back often in order to investigate cross-check new posts

  • IsiahPNickolls

    This design is spectacular! You definitely know
    how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!)
    Wonderful job. I really enjoyed what you had to say,
    and more than that, how you presented it. Too cool!

  • CarlotaWArchambeault

    Excellent weblog right here! Also your web site lots up very fast!
    What host are you the usage of? Can I get your affiliate hyperlink to your
    host? I wish my website loaded up as fast as yours lol

  • ArronTLingardo

    I must thank you for the efforts you have put in penning this website.
    I’m hoping to check out the same high-grade blog posts from you in the future as well.
    In fact, your creative writing abilities has inspired me to get my very
    own site now ๐Ÿ˜‰

  • tickets for Carolina Panthers

    Now, by simply going on their webpage, you’ll be
    able to sign up for a low credit score loan online and
    instantly know very well what form of interest levels and quotes you can anticipate to
    handle tickets for Carolina Panthers depressions are sometimes
    long and long, but they are brimming with many surprises along the way in which.

  • mondiale

    This number of investing permits traders the possibility to trade a substantial collection of fiscal instruments
    which include stocks, commodities, currencies, and a lot more mondiale if you’re
    right beyond high school and also have been working throughout, you ought to be capable of qualify which has a qualified cosigner.

  • RenaldoHFarve

    I was wondering if you ever thought of changing the structure of your
    blog? Its very well written; I love what youve got to say.
    But maybe you could a little more in the way of content so
    people could connect with it better. Youve got an awful lot of text for only having one or two pictures.
    Maybe you could space it out better?

  • Greta Mancos

    Do know that using a poor credit score you is going to be susceptible to higher interest rates, and
    perhaps higher fees Greta Mancos voters failed to maintain rudd but
    were unenthusiastic regarding the coalition, too.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>