A random collection of posts

Converting an OpenSolaris Xvm HVM-domU to VMware Fusion


The problem

My development machine is a virtualized machine running Linux in an OpenSolaris xvm domU. I do all my work via NX. This is not a problem, when I work locally but sometimes/someplace latency is too bad for comfortable working. For that reason I wanted to clone my virtual machine as a VM for VMware Fusion.

The process itself is really painless, just run vdiskadm on Solaris, edit the .vmdk file and import it into VMware.

OpenSolaris SSH: Only Allow Public-Key Authentication


The problem

If you allow users to log into sensitive servers by providing passwords, you are tempting fate. Users and Passwords are a notoriously bad combination: passwords are weak and/or reused for several purposes. Exposing user passwords over SSH is not quite like leaving the key under the doormat, but I think it is a bad idea anyway.

Public key authentication and SSH are a perfect team: it provides a kind of two-factor authentication (assuming that the users keyfile is encrypted with a strong password) is trivial to set up.

Live Memtest II


Earlier this year, I wrote about the neccesity of a live memory test (or memory scrubbing) for low- to medium end servers. The recently published google paper (“DRAM Errors in the Wild: A Large-Scale Field Study”) shows that the current situation is worse that I imagined. As a consequence, I will write a memory scrubber for the Linux kernel. This posting descibes the whys and some of the planned hows.

The follwing three sections spotlight three important results of the google study and elaborate onon their relation to the yet-to-be memory scrubber.

KVM, OpenSolaris and Large IDE Drives That Corrupt Data


Currently I am evaluting KVM as new virtualisation solution for my home-server. For me it is very important that I can run OpenSolaris as zfs based storage server (NFS, SMB, iSCSI).

The base for my evaluation is a dual core system with two SATA drives. The first drive (sda, 250 GB) is used as system drive for my host, the second drive (sdb, 1 TB) will act as one half of my yet-to-be zfs-mirror.

For a maximum performance and a minimum of filesystem stacking (just consider the iSCSI case of ext3 on iSCSI on zfs on virtualized ide on ext3 ..) I will pass sdb directly in the Solaris domain. The OpenSolaris domain itself lives on a qcow2 image which itself is hosted on the (Linux)host drive.