The magic SSH command

I love SSH's port mapping features. They're a bit complex to figure out, but they can prove to be very handy.

Once, I was updating a friends Fedora installation but I had to head home... He was behind a firewall and so I wouldn't be able to do remote access, even though sshd was running. Port mapping to the rescue! I logged in via SSH to my home machine and mapped his port 22 to a port on my local machine, so when I got home I was able to ssh to localhost and thereby get into his machine.

I've come up with my favourite SSH command that combines a few tricks - it goes as follows:

ssh -p port -l username hostname.or.ip -L lport:localhost:rport -D proxyport

I'll run through it step-by-step:

  • ssh -p port -l username hostname.or.ip

    This instructs SSH to connect to hostname.or.ip on port as username.

  • -L lport:localhost:rport

    This maps rport on the remote machine to lport on localhost (aka the machine you're currently using). Essentially, connection to port lport on localhost is the same as connecting to the remote host on port rport. It's very useful for mapping services running on the remote machine (such as VNC) to the local machine over a secure channel.

  • -D proxyport

    This makes SSH act as a SOCKS 4 proxy on localhost using port proxyport, which is needed for allowing traffic on ports which would otherwise be blocked (ie BitTorrent, FTP, POP, SMTP, etc in places that only allow traffic on port 80)

For example:

ssh -p 22 -l me -L 5905:localhost:5900 -D 5678

This maps the VNC screen :0 on (port 22, username "me") to the local VNC screen :6, and makes a SOCKS proxy on port 5678. If I connect to localhost:5906, it's the same as connecting to except thanks to SSH everything passes through an encrypted channel!


The MacBook Pro Latch

If you've been following my blog (I don't post often do I don't blame you if you don't Wink) you know that I've become a pretty big fan of Apple. Even though you do end up paying a slight premium for Apple hardware compared to a Dell let's say, the peace of mind from using OS X and the bundled software is well worth the extra cost.

I only have three complains about my MacBook Pro 4,1 (early 2008 model): A small and very bright white dot on the screen that only appears when displaying white pixels, small amounts of corrosion on the hand rest area near the trackpad (aluminum pitting), and finally the latch button to pop up the display has been stuck pressed in for the past two days and so the screen won't stay close properly.

Turns out that there isn't much I can do about the first problem; many other owners of MacBook models with LED-backlit screens also seem to have the same problem. The second is slightly annoying, but rather harmless... I doubt my sweat will be able to react all the way through the aluminum casing. However, the last one also seems to be a relatively common problem, and fortunately it's easy to fix! After two hours of fidgeting with a paperclip and protractor trying to push the latch forward, I finally decided to shine a flashlight into the small holes near the trackpad and latch mechanism. Sure enough, there was a small piece of plastic that had fallen into the hole and was blocking the latch from springing forward. I used a small metal hook to carefully move the piece of plastic upwards and not slide it ;across ;(where it would eventually just obstruct the latch again) and then removed it. Voila, the latch was working again!

New website online!

As I talked about a few posts ago, I've been trying out Drupal and designing a new section of the Diffingo website with it that is devoted to its open-source software. I polished it a bit and it's now online at Now that I have a developer blog there, I'll be posting info relevent to fwbackups and my other software there... But the rest will still be here.

Writing cross-platform applications with Git, Qt and CMake

I've been working a lot on the new fwbackups branch, where my main goal was to make it faster, more versatile and cross-platform. I decided to write it in C++ and use Qt for the interface, since when combined with CMake it would be very easy to have it compiling on all platforms. Stick the code into a git repo and you've got cross-platform building with cross-platform revision control! If you're looking for a way to setup a cross-platform application, I've listed the steps I took below:

Step 1: Install the Dependencies

Before we begin, you'll have to install a few dependencies:

Step 2: Create the git repository

Now that you have Git installed, it's time to create the Git repository which will host your project. Open up a command line and type:

  • Linux (Applications Menu > System Tools > Terminal), Unix or Mac OS X (Macintosh HD > Applications > Utilities > Terminal):

    mkdir -p ~/development/ProjectName
    cd ~/development/ProjectName
    git init
  • Microsoft Windows (Start > Run, type "cmd"):
    mkdir "My Documents"
    mkdir "My Documents\development"
    mkdir "My Documents\development\ProjectName"
    cd "My Documents\development\ProjectName"
    git init

This will initialize a git repository called ProjectName inside the "development" folder in your home. You can replace ProjectName with whatever you'd like, but just remember to replace all further instances of it in this tutorial with the same name.

If you'd like to share the project and authorize with other developers to commit to the Git repository, be sure to check out gitosis.

Step 3: Directory Layout

While it's not required, I chose to use an out-of-source build to help keep the source directories clean and keep the build files for each platform separate. Inside your newly-created ProjectName folder, create the following directory tree:

  • build/
  • build/mingw/
  • build/linux/
  • build/osx/
  • build/unix/
  • pixmaps/
  • src/
  • translations/

Step 4: Configure CMake

The last step is to configure CMake. When CMake is invoked, it reads the CMakeLists.txt file and then automatically generates Makefiles for your platform. Use this template CMakeLists.txt file and save it in the ProjectName directory created earlier:

# Name of the project
project( ProjectName )

# Essentially, just split up your project version numbers by the dot.
# These variables map version 0.0.1 of ProjectName.
set( VERSION_MAJOR "0" )
set( VERSION_MINOR "0" )
set( VERSION_PATCH "1" )

if( APPLE )
  # If we're running OS X, we need CMake 2.6.0
  cmake_minimum_required(VERSION 2.6.0)
  set( CMAKE_OSX_ARCHITECTURES "ppc;i386" )
else( APPLE )
  # Otherwise, CMake 2.4.8 is fine
  cmake_minimum_required( VERSION 2.4.8 )
endif( APPLE )

# This project requires Qt4 and Gettext
# If your project does not use Qt or Gettext, simpy remove these lines.
find_package( Qt4 REQUIRED )
find_package( Gettext REQUIRED )

# Enable all compiler warnings
add_definitions( -Wall )

# Process the "src" subdirectory

If you're using gettext for translations (as many open-source projects do) then all you need to change is the ProjectName at the beginning and the version number. You'll notice that "add_subdirectory(src)" is called, so the next step is to create the CMakeLists.txt in the ProjectName/src directory:

# All cpp files go here

# Headers with signal/slot definitions go here
# Remove me if not using Qt

# Qt designer interface files go here
# Remove me if not using Qt

# Qt RC files go here, uncomment if applicable
# Remove me if not using Qt
#set(RC_FILES ProjectName.qrc)

# Remove me if not using Qt
qt4_wrap_ui( UI_HDRS ${UI_FILES} )
qt4_wrap_cpp( MOC_SRCS ${MOC_HDRS} )
# If you're using Qt RC files, uncomment this too
#qt4_add_resources( RC_SRC_FILES ${RC_FILES} )
# Includes the standard Qt libraries
include( ${QT_USE_FILE} )

# Include your headers in the build and source directories
# If you need to include more directories, add them here
include_directories( ${ProjectName_BINARY_DIR}/src

if( APPLE )
  # Define some settings for the Bundle
  set( MACOSX_BUNDLE_ICON_FILE ProjectName.icns )
                                 Copyright 2008 ProjectName team" )
  set( MACOSX_BUNDLE_COPYRIGHT "(C) 2005-2008 Stewart Adam" )
  # create a bundle with an icon too!
  # If you're not using Qt, uncomment the next line and comment the line below it:
  #add_executable( ProjectName MACOSX_BUNDLE ${SRC_FILES} )
  add_executable( ProjectName MACOSX_BUNDLE ${SRC_FILES} ${MOC_SRCS} ${RC_SRC_FILES} ${UI_HDRS} )
  # Allows for bundle re-creation just by running "make". Also installs bundle icon
  add_custom_target( osx_bundle_dirs
    COMMAND cp ../../../pixmaps/${MACOSX_BUNDLE_ICON_FILE}
    # Qt translations - uncomment this line when you need to install them to the bundle
  add_dependencies( ProjectName osx_bundle_dirs )
  # This tells cmake where to place files inside the bundle
  set_source_files_properties( ${ProjectName_RESOURCES} ${ProjectName_TRANSLATIONS}
else( NOT APPLE )
  # Builds a binary for windows (without cmdline showing), regular for Linux
  # If you need the cmdline showing, remove the WIN32 attribute
  # If you're not using Qt, uncomment the next line and comment the line below it:
  #add_executable( ProjectName WIN32 ${SRC_FILES} )
  add_executable( ProjectName WIN32 ${SRC_FILES} ${MOC_SRCS} ${RC_SRC_FILES} ${UI_HDRS} )
endif( APPLE )

# Link Qt to the executable
target_link_libraries( ProjectName ${QT_LIBRARIES} ) 

Step 5: Build the project

Now that CMake is configured, you're good to go! To build the project, run:

cd ~/development/ProjectName/build/osx
cmake . ../../

If you'd like to build for Unix or Linux instead of Mac OS X, change the "build/osx" to "build/unix" or "build/linux" respectively. If you're running Windows, you need to reverse the slash direction and add an additional parameter to CMake:

cd "My Documents\development\ProjectName\build\mingw"
cmake . ..\..\ -G "MinGW Makefiles"

Qt, Drupal, iTunes, DRM and a bunch more

I saw this story on slashdot today and wanted to share it - this is exactly why I will never buy anything DRM-protected. If you missed the other article a while back, this is the second music store to shut down in the past few months and leave its users in the dark. I say "in the dark" because both Yahoo! and MSN took down their key servers along with the service, so any user who needs to authorize a new computer to play the music they legally purchased is unable to do so - forcing them to rebuy the songs they've already paid from for somewhere else. This is the perfect example of why I think DRM is a bad, bad technology. Another reason was something I read in a comment on slashdot (sorry, don't have the link this time): When you think about it, the users who pay are getting the short end of the stick. If you pay and recieve DRM content, you're getting a service that's worse than what you get from pirating that same content! For example, music. People who illegally download music are getting high-quality (320kbps) MP3 files without any content restrictions for free, while the users who pay to download music will typically get a 128kbps AAC or MP3 file, with DRM restrictions... Something has to change. Soon.

If you agree with me, try to opt for DRM-free music or simpy don't purchase DRM-encumbered music. While a CD will cost you a few more dollars, it has a much higher sound quality and it's not restricted in any way. Hopefully if the music industry sees the common trend of users moving towards DRM-free music, we can get rid of DRM once and for all. I've started purchasing from the iTunes store now that iTunes Plus is getting more popular, and I must admit I'm liking it. I can choose to purchase only select songs from an album, the prices are very reasonable ($0.99/song) and the sound quality is great - 256kbps AAC! What's best of all is that I can play the songs anywhere without the need for authorization - including on Linux or on other non-iPod media players (like Creative MuVos for example) since I can convert the song to any format: ogg, flac, mp3, etc.

Anyways, now that that rant is out of my system, I'll tell you what I've been up to recently. I've been creating a new website for the open-source section of with the Drupal CMS. I still like Joomla since there's lots of support and community extensions available, but Drupal was recommended by a few friends so I figured I'd give it a shot. And I'm happy I did.

The first thing I noticed was that it was lightning-fast - at least twice or three times faster than Joomla. Not only that, but to my surprise it was much easier to use. I found the interface much cleaner and easier to look at... Everything faded nicely and there seems to be some pretty advanced Javascript stuff built right-in to the administator interface. The WYSIWYG "TinyMCE" editor packaged with Joomla is available for Drupal, so I felt right at home. Drupal also does away with the whole sections and category thing which is really nice. Instead, content items are created as "nodes" and you can cross-categorize nodes if you'd like to.

Blogging is also supported out-of-the-box, which was a big plus since I call this a "blog" but really it's just Joomla content items displayed on a homepage (this is going to be moved to Drupal soon, too). I found themeing Drupal to be a bit more difficult than theming Joomla, however that was made up by Drupal's wonderful access controls. Drupal supports creating user roles, and each role hasa set of permissions. This effetively lets my control who gets to what, when, where and how. I created three simple groups to start with (co-administrators, registered users and anonymous users), but there's a lot of potential in there that I'm hoping I can tap into later.

So, as I blogged about last time I'm also working on a new version of fwbackups. I've changed almost everything I could behind the scenes - from autotools to CMake, from GTK to Qt and from Python to C++. I plan on keeping the interface as similar to as it was before, but it's going to be much simpler and easier to use. It's also going to be much faster under the hood - I'm going to have more info about the next version soon, as soon as I get the new drupal site up ;)

One problem I had when making all these changes was how to set things up properly - it took me a few days, but right now the interface in Qt is done and the very little of the program that's been completed is C++ builds on Mac OS X (10.3.9 and later), Windows (MinGW required) and Linux of course. If you're looking for a way to do this with one of your projects, I'm going to blog about getting the structure for all that setup soon, so check back in a week or two!