Archive for November 4th, 2007

Leopard Firewire Target Mode OS Install

Posted in Leopard, Mac OS X, System Administration on 11/04/2007 02:17 pm by jmccune

Leopard InstallerThe DVD drive on my desktop Mac is broken, making it difficult to install the operating system. I wanted to put Leopard on this machine today, so I tried installing to the machine from my MacBook Pro.

Since Leopard is now Universal for both PowerPC and Intel, this ended up working nicely. The one note, however, is that installer will complain about the partition table when it’s executing on an intel machine, but installing to a PowerPC disk. The installer thinks it’ll be booting from the drive, so it doesn’t like the Apple Partition Map, demanding a GPT table instead.

The solution is to set the CM_BUILD variable, allowing installation to the target disk.

  export CM_BUILD=CM_BUILD
  export COMMAND_LINE_INSTALL=1
  export SRC="/Volumes/Mac OS X Install DVD"

  installer -verbose \
    -pkg "$SRC"/System/Installation/Packages/OSInstall.mpkg \
    -target "/Volumes/Macintosh HD 1/" \
    -lang en | tee /tmp/installer.log
 

User Level VPN with Leopard

Posted in Leopard, Shell, Solution, System Administration on 11/04/2007 11:14 am by jmccune

CaminoOne of the small, but incredibly useful features for me in Leopard is that ssh-agent is automatically running for each user account. This relatively small change allows me to log into remote machines without entering my password each time.

Using the SOCKS proxy built into ssh, we’re also able to setup a quick and easy secure tunnel. I wanted to check some sensitive information this morning, but I’m at a coffee shop that doesn’t pass VPN traffic, so I quickly hacked together the following:

Setup a new Location in the Network System Preference Pane to configure the SOCKS proxy at 127.0.0.1, port 4088. This connects most Apple applications to the secure and encrypted tunnel.

Network Preferences Socks ssh Proxy

Next, I configured ssh to automatically setup the SOCKS proxy whenever I type “ssh ford”, which is an alias for my workstation back at the office.

# ~/.ssh/config
host ford
  User mccune
  HostName ford.math.ohio-state.edu
  # Handle sleep/wake robustly with TCPKeepAlive
  TCPKeepAlive no
  Port 22
  # DynamicForward is a SOCKS proxy server.
  DynamicForward 4088
  ForwardX11 no

With this configuration, I’m able to load my SSH public key into the ssh-agent running by default on Leopard, type “ssh ford” to setup the encrypted SOCKS proxy, then change location to “SSH Socks Proxy” to automatically have Mail.app, iChat, Safari and Camino use the secure proxy.

An easy way to verify the proxy is working is to add an IP Address gadget to your personal google home page:

Google ip Address

Finally, with the Network Location module for Quicksilver, you can easily switch back and forth between the encrypted proxy.

Quicksilver SSH Network Location