SSH won’t use keys / asks for password

Check that no one other than the user has write permissions:

chmod go-w ~/.ssh

Ideally, the rights on .ssh should be chmod 0700

Posted in Linux | Tagged , , , , , , | Leave a comment

Saving RaspberryPi sound configuration

One of the things that’s been bothering me with the Raspberry Pi, even though I’m managing it through Puppet, is the sound configuration.

Sometimes the sound is x% lower for no obvious reason, othertimes it goes through HDMI when I wanted it through the 3.5mm jack. Then I have to go figure out how to set it back all over again.

Turns out, the settings are loaded from a file, located at


This means, that by changing some settings and saving again, it’s possible to see which parameters were modified, and then use this to create a template for use in Puppet.

To save the state:

alsactl store

For example, to change the output between auto/analog/hdmi, one would use the following command:

sudo amixer cset numid=3 1

which isn’t very explicit.

In the file, this will change the number corresponding to “value”:

control.3 {
	iface MIXER
	name 'PCM Playback Route'
	value 1
	comment {
		access 'read write'
		type INTEGER
		count 1
		range '0 - 2'

On a Raspberry Pi, 0=auto; 1=analog; 2=HDMI.

To modify the output volume, you can set the “Value” in the first control to it’s highest value in the range:

control.1 {
	iface MIXER
	name 'PCM Playback Volume'
	value 400
	comment {
		access 'read write'
		type INTEGER
		count 1
		range '-10239 - 400'
		dbmin -9999999
		dbmax 400
		dbvalue.0 400
Posted in Linux, Raspberry Pi, Software | Tagged , , , , , | Leave a comment

Race report: Triathlon de Machilly

woke up around 9 to see the day was looking good, I tried to eat some brefast, bu5 didn’t grt far. I already have a tough time doing so without the pre-race nervousness, so I startex out with the usual hot-chocolate. I later managed to eat only half a toast, so went back to liquids with a hyper-caloric coffee-taste shake.

I had pretty much all my stuff ready, only problem was that my wheels were a bit low on pressure, and since my mom/sister had taken the good bike pump with them for their race, i tried using another one; terrible mistake: wasn’t quite compatible so I now had one tire flat and no way to repair it. My dad who was volunteering told me there should be one at the repaire stand. There wasn’t.
So i walked around for a bit asking people if they had one; most did, but “back at the car”, until i found one guy who did, but said it was terrible. Maybe not the best indeed, but it did the job perfectly.

after getting everything set-up in the bike park and listening-to the pre-racd briefing, i had a good 45mins before it was my turn to swim. I just walked around a bit, did a little warm-up.

I could see the numbers on the caps of the swimmers getting lower, closer to mine.

Starting the swim, i wasn’t going straight towards the buoy but instead towards the right, staying parallel to the floaty-lines. I had to correct my course a few times, and there wasn’t really a way of navigating other than lifting your head; i couldn’t see further than my forearm, not even my hand (literally).
The water was warm enough, with a few cold patches. I managed to overtake a handful of people during the swim.

I ended up taking 15.35mins, rather than about 14 at my best, but it was ok since I went easy to not get tired too early.

I took my time transitioning to bike, making sure to get everything right so  wouldn’t be bothered during the ride.

I’d already done the bike circuit once a few weeks prior with my dad, so i knew what to expect.

Started out easy to recup from swimming, had to push a bit in the first climb, followed by a nice downhill. Then later in THE big climb, which i’d done backwards in the reco-run, was much harder than expected, but after that was 10 easy kms until the finish, so I pushed harder again on those. It finished nicely with a downhill section to rest the legs a bit.

Overall biking time was one hour.

Transition from bike to run was way easier than what I’d done in training, my legs felt much better. Bonus: biking in running shoes meant I only had to drop the bike and helmet.

Getting out of the transition there were kids with a water hose, offering a shower; this was absolutely fantastic as I was all hot from the hour-long bike section.

Running was definitely not my favourite part, but at least the track wasn’t hard. It was mostly flat, with a 2km trace at the end of which you’d turn back and do again, with the final km going around the lake. Up until the 2km mark I was doimg ok, but my ankles were hurting as well as the muscles above my knee. I was also starting to feel the lack of food that morning having an effect, so I stopped for a bit at the ravito, had some water to drink and put on my head. I then started along slowly, but around 3.5kms I had to slow to a walk. Then for a bit it was slow jogging/walking, only to run the last half of the lake.

Ended up running 33mins, which i’d consider reasonable given my training etc.

At the arrival they again had water hoses, small pools, benches and inflatable chairs to relax on.

Overall, I’m quite happy with my performance, I know I’ve got a lot more training to do if I want to be competitive, but having only some training in swimming and close to none in biking and running, it’s alright.

Times (Rank):

Swim: 15:35 (160)

T1: 1:44 (266)

Bike: 1:00:55 (278)

T2: 0:29 (27)

Run: 33:50 (292)

Overall: 1:52:30 (273)

There were 317 finishers, of which 248 men and 69 women.

Posted in Race report, Running, Sports, Swimming | Tagged , , , , | Leave a comment

What class do we have next?

Timetables are one of the things my University just doesn’t get right.

You have to go on the website every now and then to either download your timetable as PDF, or export in iCal format if it’s available. But those aren’t going to be up to date if the timetable changes, and you’ll have to start over.

Up to now, there was always someone to come up with a system to provide an iCal link you could add to you calendar, which would always be up to date. This year however, the other year’s solutions are either down, or not updated for this school year… So I decided to give it a shot!

Since I know it’s possible to generate an ics from the website, I was hoping it would be possible to just call an URL and be done with it. Well, it’s not so simple; this solution doesn’t provide anything useful.

So I searched the web, and found some source code for some previous projects that access the same timetable software as me (ADE Campus).

One solution that came up, was to mimic a user interaction to generate the calendar. This ended up being kinda clunky, and didn’t really work well. Also I had no idea what I was doing.

The best solution however, came from some project who was kind enough to share their code on Google code, and it turns out ADE has a web API which is however undocumented.

This way, after getting a session key and setting a project (~school year) to use, we can retrieve XML data for a given resource (class/group).

Then it’s simply a matter of parsing the XML and creating an iCal with the extracted data.

I’ve again set up a cron job to generate the calendars every day; Once the calendars are uploded to the net, we can add their URL to our Google Calendar, and have an up-to-date timetable right on our phone!

Calendars can be found here:
GitHub repo is here:

 Update (20/01/14)
The University –finally– officially supports the export of calendars from ADE in a way that’s useful.

Posted in Software, University | Leave a comment

Jabber server with Prosody

Update: If you use Puppet, I’ve written a module for Prosody which can be found here:

I’ve recently installed a Jabber server for use within my family, it’s a great way for us to communicate since we’re split among different places, don’t really use Skype or other, and it can be more convenient than SMS or email.

So I figured I’d keep track of my installation steps, and share them here.

In preparation, you will need to set up the following DNS records: A ... CNAME CNAME CNAME

Also open the following Firewall ports:

TCP 5222
TCP 5269


apt-get install prosody lua-sec

I’m not going to be using ‘localhost’ configuration, so I’ll remove its configuration and keys:

cd /etc/prosody
rm conf.d/localhost.cfg.lua
rm certs/localhost.cert certs/localhost.key

Create new configuration file, based on existing example:

cp conf.avail/ conf.avail/

Certificate creation:

openssl req -new -x509 -days 365 -nodes \
 -out \

Fill in the info, then put the keys in their proper location (/etc/prosody/certs/)

Modify your generic (virtualhost defaults) values in prosody.cfg.lua

nano prosody.cfg.lua

Here are the general changes I’ve done:

ssl = {
    key = "/etc/prosody/certs/localhost.key";
    certificate = "/etc/prosody/certs/localhost.cert";
--c2s_require_encryption = false
--s2s_require_encryption = false
c2s_require_encryption = true
s2s_require_encryption = true
authentication = "internal_plain"
authentication = "internal_hashed"

I also removed everything to do with the virtualhost and components, as these will be added on a per-site basis.

You can set your virtualhost configuration in prosody.cfg.lua if you want, but I prefer to make a separate virtualhost file:

nano conf.avail/

VirtualHost ""

-- admins = { "" }

ssl = {
    key = "/etc/prosody/certs/",
    certificate = "/etc/prosody/certs/",

modules_enabled = {

groups_file = "/etc/prosody/imnotacyb.org_groups.txt"

Component "" "muc"
    name = " Conferences"
    restrict_room_creation = true

Create a symlink in conf.d to enable the virtualhost, then (re)start prosody.

Create the user accounts:

prosodyctl adduser

Or for batch registrations:

prosodyctl register johann secretpassword

I’ve defined a file for groups, here’s what it looks like;

[Test group]

[Test group] is the name of the group; putting a + in front of the name ( such as [+Test group]) will make it a public group, viewable by everyone registered on the server.

In this example, a user will see the contact list as such:

Test group

Basically, if you put a name after an address (and an = sign), the users will see that name, instead of the jabber address.

You can now do the following command to reload the server configuration:

service prosody reload

And connect using your favourite client. I personally use Pidgin on Windows, and Xabber on Android.

Posted in Linux, Software | Tagged , , | Leave a comment