Tuesday, March 07, 2006

Don't leave your console unlocked!

Aaaah the console. So raw and powerful. I use it so heavily that I usually get a little bothered by leaving it open when I leave my computer momentarily. I'm not one of those SUDO freaks or "su -c" nazis, so I usually have one of my consoles open as root, or in some cases the scripts I run need to be root, and I don't want to have to worry about changing tail to /sbin/tail for every script I want to write! But, in the immortal words of uncle ben (the spiderman one, not the rice one) with groot power comes great rootsponsability. So leaving an ssh session or a terminal open as root unattended doesn't seem like the smartest thing to do. But the problem is that if you log out (especially in an ssh session) you have to log back in and reestablish the connection before you can continue work.

Enter vlock

vlock will lock out your console and require you to enter either the password of the user logged in, or the root password. Nice, eh? Well, NICE but not particularly pretty...

Enter cmatrix

Yes, a matrix screensaver for your console. Kick ass? Yes. I use 'cmatrix -a -b -u 5' it kicks ass. But if only you could make it a password protected console screensaver...

Enter ; (semi-colon)

By simply adding the alias:
alias 'lock'='cmatrix -a -b -u 5; vlock'

You've got yourself a fully functional password protected console screensaver! Now you're not only secure, you look cool doing it. You can tell all your friends that not only have you found the matrix, you're viewing it over an encrypted SSH tunnel!

Well, now you can leave that terminal open as root, and not worry about who may be taking advantage of it while you're away. Now the tough stuff; how to deal with people asking you what that matrix-y thing is on your screen. You can say you've encrypted your session and that if they look at it funny it will "hack the mainframe" and "port the phone" to call the FBI. Then for effect you can throw some more threatening jargon at them, and hold your coat open to appear larger and repeat the jargon loudly to scare off the lesser user sniffing around your claim...

Sigh. Gone are the days when someone would ask you what you did, you could simply answer "computer stuff," now they're much more "savvy" and prod for further information. I don't like telling people I'm a hacker of any sort because they don't understand my skillset and the knowledge I have. It's your standard "I don't understand anything about what you do except what I read about in the paper" effect, people are dubious about trusting someone who knows more about something than they do; especially when it involves "hacking the internets" Doubleplussigh...

No comments: