Thunderbird, please sort on date. Now!

Tutorial on how to sort your Thunderbird emails on date using a keyboard shortcut


Precondition
Install Keyconfig extension and DOM Inspector addon.


Finding the keycode for date sort and descending

1. Tools > DOM inspector
2. File > Inspect Chrome Document > Inbox ... 
3. Search for "sort"
4. Use Search next until you see id "sortByDateMenuItem" in the left panel
5. In the right panel copy the value for oncommand: MsgSortThreadPane('byDate')
6. In the left panel you can navigate down to a node with id "sortDescending", click it
7. In the right panel copy the value for oncommand: MsgSortDescending()

Creating a new keyboard shortcut

1. Tools > Keyconfig...
2. Button "Add a new key"
3. Give the key a name and paste the two oncommand values
4. Choose a keyboard shortcut and click "Apply"

Done.

Setup SSL-certificate and dynamic DNS on Synology NAS

I've written Qnap, SSL-certificate and dynamic DNS before, and now it's time for Synology (tested on ds412+). These steps are about the same -simpler though. You can always read the official guide.

1. SSH into your Synology NAS.
2. Generate private key: openssl genrsa -out priv.key 1024
3. Generate certificate: openssl req -new -key priv.key -out server.crt -x509 -days 365 (where x509 is the certificate format and 365 is the number of days the certificate is valid). Nota bene! For Common name use for example the address of the site you wish to access!: "Common Name (eg, YOUR name) []:my-own.dyndns.org"
4. Move both files to your computer.
5. Add files to NAS: login to DMS > Control Panel > DSM Settings > HTTP Service > Import Certificate. Here you add the private key and certificate.
6. Open the certificate file on your computer, you should be prompted to install it. Make sure you install it in the "Trusted Root..." (see screenshot).
7. Shut down all browser windows.
8. Open browser and HTTPS into NAS. Your certificate is working!

FTP + SSH with Total Commander

Short tutorial on how to get going with SFTP in Total Commander. Stay tuned to the forum for latest.

1. Download the SFTP plugin from http://www.ghisler.com/plugins.htm
2. Open the zip-file using Total Commander, it should ask you to install the plugin. Do install.
3. Download Curl package v.7.26. Nota bene! The latest version 7.27 from http://curl.haxx.se/ doesn't seem to work (according to ghisler: forum) so watch out. I got some "Exception in sftpplug.wfx:FsFindFirstW!").
4. Copy, to the plugin directory, the following Curl package files located in ..\curl-7.26.0-devel-mingw32.zip\curl-7.26.0-devel-mingw32\bin\ 
• libeay32.dll
• libssh2.dll
5. In Total Commander hit alt+F1 > \ (for Network Neighborhood) > Secure FTP (the plugin you installed) > _Quick Connection. 

And you are doing SFTP with TC!

Secure and simple picture repo

This article is about how to access your pictures stored on your NAS in a easy and secure way. Getting there is not easy, I have therefore written this tutorial :)

Background

I take a lot of pictures using different capture sources. Sometimes I need to add missing GPS-coordindates and sometimes I correct them when they are off. It happens that I move all my pictures, from one NAS to anothher for example. To control all this I rely on version control, and a centralized one like SVN suits me well. I have Svnserve running on my Synology ds412+ NAS -serving me whenever and wherever I need the pictures. This is something I want to be done securely and easy.

What you will be able to do
Access your NAS repository securely using only a few keystrokes

Preconditions

• Svnserve installed on NAS (I'm using Synology ds412+, but if you have a Qnap you should get along quite well) with a repository for pictures
• some basic Linux skills 
• Vi editor skills
• Windows on client
• You will need the following tools
• TortoiseSVN
• Putty
• Pageant
• PuttyGen
• Slickrun
• Cygwin (with svn-package)
• KeePass (well, not mandatory)

Lets go!

Create user on NAS
I didn't want to use my NAS' admin account, so I created a new user, let's call it "picture-user". Do the following on your NAS

1. create  picture-user
2. make sure "User home service is enabled": control panel > User > User Home button > "Enable user home service". (We need this so that we can store the user's rsa keys).
3. make sure you can SSH with the created user. In Cygwin: ssh picture-user@nas-ip. If it is not working, enable it this way
1. ssh root@nas-ip
2. vi /etc/passwd
3. change from "/sbin/nologin" to "/bin/ash" for picture-user

Make sure Home Service is enabled in Synology DSM

Key authentication is on
Make sure you can use rsa keys for authentication on your NAS

1. ssh into NAS as root
2. vi  /etc/ssh/sshd_config
1. make sure "PubkeyAuthentication yes" and is not prepended with a # 
2. make sure "AuthorizedKeysFile .ssh/authorized_keys" and is not prepended with a # 
3. If you have made any changes and saved the file, restart sshd: /usr/syno/etc.defaults/rc.d/S95sshd.sh restart &

Create SSH keys for user

1. SSH in to the NAS with picture-user
2. (since you enabled home services you should be in picture-user's home directory. If not, make sure you are)
3. create SSH directory: mkdir .ssh
4. navigate: cd .ssh
5. create keys:
1.  ssh-keygen -t rsa
2. accept the file path suggested
3. enter a passphrase and save. If you want to KeePass to auto type it then create a new entry and in the "Auto-Type" tab write "Cygwin*" for the Target Window and "{Password}{ENTER}" for the Keystroke Sequence.
6. Verify that you have the following files in your picture-user's .ssh directory
   1. id_rsa (private key)
   2. id_rsa.pub (public key)
7. create the authorized_keys file: cat id_rsa.pub >> authorized_keys
8. Verify that 
1. picture-user is owner of .ssh folder and authorized_keys. Run the following when being in picture-user's home directory: ls -la
2. .ssh folder has permissions chmod 700
3. authorized_keys has permissions chmod 600
9. copy the private key to your Windows machine
10. verify that you can log in to NAS with the keys you have created: ssh picture-user@nas-ip -i <path_to_private_key>  (make sure Cygwin understands the path, no "c:\", use "/c/" instead). Enter the passphrase when the Cygwin asks you (or autotype it using KeePass auto type: ctrl+alt+A).
11. repeat the step above, but access the repository from outside of you LAN. Make sure your router redirects calls for SSH (port 22) and svn (port 3690) If you have a dynamic ip, verify the SSH access together with a dynamic DNS service.

Create a Putty session
We need to create a session in Putty since TortoiseSVN's Repo-browser will be using it (automagically) when connection to the repository.

1. Under "Session"
1. Under "HostName...": write your static IP or dynamic DNS name
2. Under Port: write the port you are redirecting SSH calls in your router
2. Under "Connection" > Under "Data" > "Auto-login username": picture-user
3. Go back to "Session" and under "Saved sessions" write for example the same entry as for "Host Name". This session name will be used in the path in the Repo-browser.
4. Save!
5. Verify that the session is working by pressing "Open"-button. You should see "Authenticating with public key..." and a demand for a passphrase. Make sure you are able to connect after entering the passphrase.

(You do not need to put the private key under "SSH" > "Auth" > "Private key file for authentication" since we will be using Pageant instead).

The session will be stored in the registry at HKEY_CURRENT_USER > Software > Simon Tatham > Sessions.

Convert the private key to Putty lingo

We will be using TortoiseSVN togheter with Pageant to access the repository. For Pageant to accept our key we need to convert to Putty format.

1. Run PuttyGen
2. Press "Load", change file type from "Putty Private Key Files (*.ppk)" to "All files" (*.*)" and select the private key
3. Enter the pass-phrase for the private key (do you have the passphrase in KeePass?)
4. Change the value under "Key comment" to something more meaningful. Doing this will make you differentiate the keys in Pageant.
5. Press "Save private key", enter a name and save it

Pageant and passphrase

It is annoying to have to enter the passphrase each time you access your repository, so we let Pageant handle it. You will then only have to enter the passphrase once for each time you start Pageant.

1. Open Pageant and press "Add Key"
2. Select the private-ppk key and provide the passphrase. The key is now accessbile instantly without passphrase whenever TortoiseSVN (Putty) requests it.

If you log off and log in again in Windows the key will be forgotten by Pageant. To simplify this, you can create a shortcut to Pageant and in "Target" provide all the keys you want to be there when Pageant starts:

"<path_to_pageant>\pageant.exe <path_to_key_1>id_rsa.ppk <path_to_key_2>\id_rsa.ppk

Wrapping up

Lets wrap thins up and see how it works by using TortoiseSVN and SSH to access the repository

Open TortoiseSVN's Repo-browser and enter the path to your repository: svn+ssh://<dynamic_dns_name.com>/<repository_path>. If everything is working you should be see the repository in a securely fashion.

Let us simplify the opening of the Repo-browser by using SlickRun.

1. Run SlickRun and create a new "MagicWord"
1. Under "Filename or URL": write the path to TortoiseSVN's Repo-browser (c:\Program Files\TortoiseSVN\bin\TortoiseProc.exe)
2. Under "Parameters", write: /command:repobrowser /path:svn+ssh://<dynamic_dns_name.com>/<repository_path>

New MagicWord in SlickRun. (User name is optional if you have it set in Putty. Between @ and /, you use the the Putty session name).

When you're done, everything you need to do is to activate SlickRun by its shortcut and type a "p". Hit enter and TortoiseSVN's Repo-browser should appear.

Fast access to Repo-browser by typing magic words in SlickRun

If you do not want to use a Putty session name and prefer an IP then you need to configure TortoiseSVN if you are using a non standard SSH port. See picture below.

Specifying the non standard SSH port

Troubleshooting

Problem: "ash: svnserve: not found"
Solution: create a symlink as root "ln -s /opt/bin/svnserve /usr/bin/svnserve"

Summary
We started createing and configuring user on the NAS and we made it sure that the NAS would accept log in with keys. Then we created the keys and verified that we can use them. We created a Putty session to be used by TortoiseSVN's Repo-browser. We added the private key to Pageant and connected to our repo without entering a passphrase. Finally, we used SlickRun to simplify the access to the repository.

Yes, there is a lot configuration to do, but now you have a fast and secure access to your repository.

Please feel free to comment on improvements.

EDIT 1: added more accurate instructions.
EDIT 2: added comment for the SlickRun MagicWord image.
EDIT 3: added troubleshooting section.
EDIT 4 (april 29th, 2013): Added screenshot for non standard SSH port in TortoiseSVN

Security concerns and possibilities with BankID on bank card

Some months ago I couldn't pay for lunch since I had forgotten my VISA card at home. The frustrating thing was that I had my wallet but not my VISA card. Where was it? I then remembered that my bank had simplified the identification needed to access the online bank services. It had become possible to login and sign transactions using a bank card with BankID, card PIN number and a card reader. Compared to the previous solution this meant less input from the user, entering a PIN is enough. The catch is however not to forget the VISA card in the reader when your done with your online bank errands. Well, I forgot.

VISA card with BankID, a card reader asking for card PIN to access online bank services

Some days ago I started thinking about how I could use the simplified identification without running the risk of forgetting my card in the reader. What if I just had two VISA cards? Having one official extra card would come with an extra fee. So, what about having an inofficial extra card, meaning I order a new and keep my old. Yes, the old would be blocked for payment, but I am only interested in its BankID function. I called my bank and they told me it was not possible to login with an old card since it would be blocked as soon as the new was activated. They even double checked that with BankID personnel while I was waiting on the phone. However, I ordered a new card.

Today I received the new card and tried log in with it using BankID. It worked. I tried to log in with the old card and it worked. Since my new card wasn't activated I then activated it through the online bank serice. This didn't make any difference, both cards are valid for log in and transaction signing using BankID.

This is great, I can now keep new card in my wallet and the old in the card reader. But this means also that if you lose your card, you cannot simply order a new one without being fully safe. There is a risk that, if someone has your (old) card and PIN, a person could monitor your transactions and transfer your money to other accounts!

UPDATE 2013-12-09: received a new card with new card numbers. So, once again I was in need to get a second card for my card reader. But this time I was honest when calling SEB and explained fully the purpouse of the second card. The operator said that having two cards with same number and using BankID was "technically not possible". He said that he knew this since he had been working long time with BankID. However, a second card is now on the way.

In addition, when a credit card is completely blocked then BankID stops working the same second.

Were are you?

It is not always easy to know which window is the current active one. Specially when you have multiple monitors and an operating system with the bad habit to suddenly activate "important" windows to get your attention.

Active windows are almost always indicated in some graphical way, but not that distinct that you would be able to tell the active window in a split second. And that is how fast you would like to, wouldn't you?

Here is a AutoHotKey script for you. Activate it by ctrl+super+space and toggle with super+alt+space.

; This script puts a red border on the current window. 
; Nice to have something clearly indicating what is active.

; Author: @danielgasinski
; Source of inspiration http://blog.sveri.de/2010/01/27/script-to-draw-a-border-around-an-active-window-with-autohotkey/
Toggle:=0

^#space::
 Loop
 {
  if(Toggle != 1)
  {
   b = 6 ; border 
   full_width = 1936 ; w value from WinGetPos, lite more than screen width
   
   WinGetPos, x, y, w, h,  A
   
   if(w >= full_width)
   {
    b:=12 ; We make the border thicker when in full screen, otherwise it may not be visible
   }
   
   width:=w-b
   height:=h-b

   Gui, -Caption +Lastfound +AlwaysOnTop +Toolwindow
   Gui, Color, FF0000
   
   WinSet, Region, %b%-%b% %b%-%height% %width%-%height% %width%-%b% %b%-%b%  0-0 %w%-0 %w%-%h% 0-%h% 0-0
   
   Gui, Show, w%w% h%h% x%x% y%y% NoActivate, 
  }
  Sleep, 50 ; Chance/time to interupt
 }
return

; Toggle on of alt+win+space 
!#space::
Toggle := Toggle<1 ? 1 : 0

Gui, Show, w0 h0 x0 y0 NoActivate, 
return

Example of how the script works. Nota bene: ignore the semicolons on row 18 and 39. It is something fishy with the AutoHotKey highlight script making them appear in the post. Sorry.

Cloud sync, thumbs down

I often switch between my computers and have spend a lot of time to make it as easy as possible. It is not simple since I want to synchronize files, applications  and configurations. One infrastructure for synchronizing are services like Dropbox and SugarSync. However, this is also problematic. Here are some problems I have encountered:

• SugarSync freaked out and started to eat memory, over one 1 GB before I got tired and turned it off. Reinstalling with the latest version did not help stop the memory leak.
• You are limited to small sizes if you are not willing to pay for more.
• Some files get locked while in use, like database files, and are therefore not synchronized. ArsClip's .db-files are example of that. Another example are (TrueCrypt etc) files that do not change their size and timestamp making them to appear unchanged.
• Some applications touch a lot of files (installing new plugins in Eclipse), other touch few but big. One example is Dito that makes changes to a file that is about 50 MB each time you copy something. Synchronizing a large number of files and bytes is not fast.
• The worst part of using synchronization services is the time you have to wait for the files to get synchronized. When I leave home and my desktop computer I sometimes want to continue using the same files on my laptop while sitting on the train. Waiting for a folder to be downloaded from the cloud is like being a farmer waiting for rain.

The answer to these problems is to use thumb drives instead. My experiences so far is more positive than negative. Since you probably get the pros, here are the cons:

• Anti-virus program starts when you plug-in the thumb drive. Kaspersky won't actually stop scanning just because you press escape and the scanning window disapear.
•  Watch out for thumb drives with plastic connectors, you will plug and unplug quit often and mine broke after two weeks. Make also sure that the part that is connected to your key chain is something harder than a small piece of rubber.
• From time to time you get a small delay while using the programs located on the thumb drive. Thunderbird is an exception, the delay is often extreme. Then suddenly, it works like a charm. Make sure you spend some extra money on a fast drive.

The white plastic is almost completely gone and the metal is visible  

Not so clever to use rubber... It broke and I had  move the key chain further up

They have done some speed tests on thumb drives Tom's hardware and here are some suitable quotes from the article:
"...accessing files and programs stored 'in the cloud' is not possible in real-time for many users".