Hole in the Ceiling

For the most part upgrading to Mountain Lion has been surprisingly smooth.
However, I did run into a problem with SSH. After upgrading to Mountain Lion I noticed that connecting to servers at work via SSH was no longer working. Instead of connection I would just get:

Read from socket failed: Connection reset by peer

If you are curious as to what is happening keep reading. If you just want it fixed scroll down to the solution.

Why did it break

The issue appears to be that with the upgrade to Mountain Lion we have upgraded the version of OpenSSH. Googling around I found this page [http://www.held.org.il/blog/2011/05/the-myterious-case-of-broken-ssh-client-connection-reset-by-peer/] which describes a similar situation. It speculates that the list of ciphers being sent with the request is too long and somehow triggering the server to drop the connection. One of the workarounds is to specify the cipher list manually and sure enough that seems to fix my problem.

The solution

The fix is to specify the list of ciphers manually. The question is now which cyphers to use. The Apple documentation for the ssh config file specifies the default as being:

The default is:

aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
aes256-cbc,arcfour

and that worked well for me.

You can specify this manually on the command line each time:

ssh -c="aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour" yourserver.com

but that is tedious. The better solution is to setup a local ssh config file that will set this for you automatically. If you don’t already have a config file setup just run the following command:

touch ~/.ssh/config

Then edit the file ~/.ssh/config and add the following:

# Fix connections that broke in mountain lion.
Host *.yourserver.com
   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour

Obviously you will have to change yourserver.com to the host you are connecting to. If you want this to apply for all connections use ‘Host *‘ and it will match against all connections.

Save that file and you should be good to go.

I’ve been trying to figure out how best to access my local Django dev server from other machines on my network. Now I seem to have found an answer.

What I was doing

Running with just:

manage.py runserver

only makes the system available via localhost which is of course useless for other machines on the network. To solve this I was looking up the ip for my machine and passing that to runsever:

manage.py runserver 192.168.10.2:8000

That works for the most part but now I also have to use the ip in the url (localhost doesn’t work anymore). Also for some reason this was not accessible from my iPhone or iPad which makes testing on them harder. (I think this is because of my network setup since I have different subnets).
After putting up with this for a while I started looking around for a better way to handle this and I found it!

The better way

From searching I found this Django ticket (#396) which has a very interesting comment

Use runserver 0.0.0.0:8000 to make it listen on all interfaces

Could it really be that simple? So I tried it out and yep it totally is.

manage.py runserver 0.0.0.0:8000

Now I can access my Django dev server using localhost on the local machine, my ip address from other machines and even my_machine_name.local:8000 from my iPhone or iPad. Awesome.

Conclusion

You might want to be careful how you use this since you are obviously allowing access from way more places but for myself (and I’m guessing a lot of others) this is far more convenient. I was using a bash alias to launch runserver with my ip address. I’ll be changing that over to this method right away.

I’ve been having recent problems with spotlight’s mds process taking up a lot of cpu. In searching I found this:

… and I discovered the main culprit: Backblaze (cloud backup) was generating file lists whenever anything was change don the system, and mds was indexing them.

Sure enough that was the problem. So, if you are using Backblaze you should probably add it to the System Preferences -> Spotlight -> Privacy list.

HTML5 Edition for Web authors is the HTML5 spec without the ugliness.

The announcement is worth checking out too.

A really fun HTML5 platformer. Made with the canvas tag and javascript. Not touch enabled but pretty stellar anyway.

There is also a video that talks a little about how it’s made.

This game is awesome. Even when it’s ridiculously hard it’s fun, and it does get hard. Definitely check out the demo.

I’m happy to announce the release of a plugin for XBMC. I know some of you have been asking for it. Go to the plugins page to download.

Yep, it still rocks. Quicksilver ß57 (Snow Leopard only)

Wear a blue beanie.

I have received multiple requests about a plugin for EyeTV. I don’t have the EyeTV software so making a plugin required some help from someone who does. Thankfully some of those wanting the plugin were able to provide me with the info that I needed.

It works in Snow Leopard and is available on the Front Row Plugins page.

Special thanks go out to Roger Quinton and Claudelee for making this happen.