Simon Willison’s Weblog


Thursday, 20th February 2003

SSH public key authentication

I’ve been having fun with SSH lately. Did you know you can set up SSH so you can log in to servers without having to provide a password? It’s called “public key authentication” and is apparently more secure than using a normal password. You generate a public/private key using a program called ssh-keygen, and store a copy of the public key on the server(s) you wish to authenticate with. When you attempt to log in, the server sends you a message encrypted with your public key—your machine decrypts it and sends back the original message, proving your identity.

[... 194 words]

Python for Java programmers

Python and Jelly: Scripting Power for Java and XML incorporates an excellent introduction to Python and Jython for Java programmers, with a whole bunch of comparative code samples and comprehensive coverage of differences between the two languages.

[... 38 words]

More Python advocacy

Intelligent Enterprise: For all of you unfamiliar with Python, get ready for the “next big thing.”

[... 18 words]

Watch out for Javascript in referrals

Here’s a good reminder why you should always encode < and > as HTML entities when displaying content from an untrusted (i.e external) source: Kasia in a nutshell was hit by a false referrer containing javascript deliberately aimed at hijacking the page the referrer was displayed on:

[... 76 words]

Get a better browser!

Via Scott, this oh-so-true quote from a Microsoft “next-generation technology” consultant:

[... 377 words]

Calendars and crawlers

Douglas Bowman has been having some amusing problems with robots and his calendar. The calendar, visible on every page of the site, automatically adds a “next month” and “previous month” link to allow surfers to browser through the archive in both directions. Unfortunately, Doug ommitted the logic to stop showing a “previous month” link when there were no earlier entries. An enterprising crawler started following the links, and didn’t stop until it had reached 1542!

[... 113 words]

DNS mess

As the recent lack of updates demonstrates, I’ve been getting stuck in to a pretty time consuming new project. It should have launched several days ago but I made a right royal hash of the DNS settings—hopefully everything will be working fine in about 24 hours time.

[... 119 words]

2003 » February