Zakame::BlogZak B. Elep's little weblogWhere's the Open- May 14, 2008 Ok, so it seems that the whirlwind on OpenSSL has settled down a bit. Posts about it are coming from everywhere, ranging from rants on package maintenance to blame-pointing on both upstream and packager sides. And, of course, Slashdot. Where does all this leave the end user with Well, probably not much except to regenerate weak SSH keys with the new openssh-server (now enhanced with openssh-blacklist, see the new advisory) and hope to $DEITY all gets well soon. And maybe, just maybe, a...http://blog.zakame.net/news/wheres-the-open OpenSSL Ouch- May 13, 2008 I won't repeat it here, but there's DSA-1571-1 waiting for your attention, especially if you made some material out of openssl over the last couple of years or so. Yes, you read it right: COUPLE. Upgrading to the new OpenSSL is easy. Generating new keys is another story. To save (or add to, depending on how you handle this) your pain, there is a simple checker that can currently see if your OpenSSH or OpenVPN public keys are weak enough to warrant replacement. I await a version that can...http://blog.zakame.net/news/openssl-remote-dsa-1571 Adding Some Blog Bling- May 11, 2008 I added some more bling to this blog last night, like a spiffy new CSS theme (based on twocolumncss) and a handful of plugins to improve feed generation, readable and extensionless URIs, and support for comments and trackbacks. Blosxom indeed is such a flexible toolkit for making a blog! :D That said, I did find one or two quirks in the plugins existing in the blosxom and blosxom-plugins CVS repository; I'll post patches to my git mirrors of these repositories. I'll probably add some more...http://blog.zakame.net/news/blog-bling Apache2 Worker MPM on Low Memory Servers- May 10, 2008 If you're running Apache2 on a memory-constrained system (like in a virtual machine,) you may want to choose the prefork MPM to save memory at the cost of more process forks. However, if you have more than one CPU on that same machine, you may also want to consider using the threaded worker MPM and tweak its MaxClients and ThreadsPerChild settings from the default configuration. On a typical apache2 installation on a Debian system, the worker MPM configuration looks like this: <IfModule...http://blog.zakame.net/tips/apache2-worker-lowmem |