Michael W. Lucas's Blog, page 79

Several years ago, I badgered Joseph Kong (author of Designing BSD Rootkits) into writing a book on FreeBSD device drivers. His FreeBSD Device Drivers book finally hits the shelves next month.

I’ve read it. It’s good. It makes me think that I could write a device driver. (It would have to be in Perl, and bad Perl at that, but still…)

No Starch Press is having a pre-release sale on FDD this week. The code DRIVERS gets you 40% off. Plus, you get the ebook free with the print purchase direct from...

Amazon has discounted the SSH Mastery paperback, from the list price of $19.95 to 14.36. It appears that Barnes & Noble has, in response, finally offered the paperback and matched the price. If you’ve been waiting for the discount to get the paperback, this is your chance.

On a related note, SSH Mastery is now available in paperback from Amazon’s UK, FR, DE, and IT stores. They appear to be sold through third-party resellers, but they’ve discounted the price to about 15 pounds/euros. I’m still...

Lots of people have offered to tech review the second edition of Absolute OpenBSD before it goes to print. Peter Hansteen is doing the final tech edit, but I still need a reality check before it goes to him.

Henning Brauer has offered to do this for me. He’s reviewed a few chapters already, and he’s caught a vast array of my inadequacies. I’ve decided to rely on Henning for fact-checking, rather than my usual volunteer community review process.

This will probably disappoint those of you who rea...

I have a love-hate relationship with RADIUS. RADIUS is the cheap white glue of authentication. Just about everything speaks it, so you can use it as cheap glue to unify passwords across your gear. But it's a finicky protocol, with lots of edge cases, and those edges can be SHARP.

Okay, perhaps it's more of a tolerate-hate relationship. But still.

OpenBSD supports using RADIUS to authenticate user accounts. Why would you possibly want to do this? For one thing, if you're using authpf, it gives y...

I just got asked one too many times, "What's in this book that's not in the man pages?" And I've snapped.

I'm blogging my answer, so I can point here and save myself from typing the answer again.

I'm best known for writing about BSD technologies, a field where the developers are notoriously detailed in their documentation. If you look at the man pages for any open-source BSD, you'll see that everything is included. If something is missing, it's a bug. In addition there are extensive...

I promised several authors results of my private label publishing experiment. I now have sales numbers from February from Amazon, B&N, Smashwords, and CreateSpace. Just like the January post, this comes with some caveats:

This includes only SSH Mastery. I have removed my fiction from the totals. Again, fiction sales are considerably lower, but growing.
This excludes the 200 copies bought at cost by the OpenBSD/OpenSSH team for fundraising, and the 40 review copies I ordered.
I’m not going to reg...

I promised several authors results of my private label publishing experiment. I now have sales numbers from February from Amazon, B&N, Smashwords, and CreateSpace. Just like the January post, this comes with some caveats:

This includes only SSH Mastery. I have removed my fiction from the totals. Again, fiction sales are considerably lower, but growing.This excludes the 200 copies bought at cost by the OpenBSD/OpenSSH team for fundraising, and the 40 review copies I ordered.I'm not going to...

I will be at BSDCan 2012. In addition to poking my nose where it doesn't belong, spouting insouciance and irrelevance, and derailing important technical discussions with tediously pointless anecdotes about my pet rats, I am teaching a course on SSH.

If you don't have time to work your way through the SSH book, take a couple hours and and get dragged through it. The course will include material not included in the book, unless it goes too long, in which case I'll spout off about extra material ...

I'm deploying IPv6 for my employer. While getting corporate servers up on IPv6 is nice and all, of course I put priority on my own personal Web server.

Just because IPv6 is still populated mostly by early adopters, doesn't mean we can neglect basic system security. That means that the server needs a packet filter for both IPv4 and IPv6. PF supports filtering both protocols in one ruleset.

The following is a unified IPv4/IPv6 PF ruleset for a small server. It:

Allows all traffic from management ...

Lots of people claim to have "the secret" to promoting books. After all, your book is awesome, isn't it? The problem must be that you aren't promoting it. You can attend workshops, courses, and buy books that all proclaim The Secret.

For SSH Mastery, I'm responsible for all of the promotion. I've followed the usual advice: I have a blog, I have Twitter, I have a fan page on Facebook, and so on. You can stalk me through any method you choose. I also have real-time access to sales data from...