- You can power the Raspberry using the USB cable alone. If you connect your A+/B+ to a power source do not connect the red lead to the Raspberry PI.
- Always read the instructions before connecting your computer to anything (DUH :-).
- Apart from how to connect the cable to the Raspberry PI the Adafruit guide:
https://learn.adafruit.com/adafruits-raspberry-pi-lesson-5-using-a-console-cable/overview
...is somewhat out of date. - The OS X driver linked to from the Adafruit article:
http://changux.co/osx-installer-to-pl2303-serial-usb-on-osx-lio/
...has issues with Yosemite, all you get when you install it and run the screen command is a blank terminal window. If you check in the console logs you will find something resembling the following entries.
28/09/15 22:28:36,000 kernel[0]: nl_bjaelectronics_driver_PL2303(0xffffff8029049800)::allocateResources failed - no fpInterface.
28/09/15 22:28:36,000 kernel[0]: nl_bjaelectronics_driver_PL2303(0xffffff8029049800)::start Allocate resources failed
28/09/15 22:28:36,000 kernel[0]: nl_bjaelectronics_driver_PL2303(0xffffff8029049800)::CheckSerialState - StartSerial failed
...the reason for this is apparently that the driver has issues with OS X kernel signing. - After growing sick and tired of trying to get this thing to work I uninstalled it:
sudo rm -r /System/Library/Extensions/osx-pl2303.kext
sudo kextunload /System/Library/Extensions/osx-pl2303.kext
and found out that there is a manufacturer supplied driver for the PL2303:
http://www.prolific.com.tw/us/showproduct.aspx?p_id=229&pcid=41
...that now supports OS X10.10 and OS X 10.11 (El Capitan). After installing it the Adafruit Serial/USB cable finally worked. Don't be fooled if you get a blank terminal window after running the screen command:
screen /dev/cu.usbserial 115200
... for some reason the 'raspberrypi login:' prompt did not appear on my system but entering the username and hitting [Return] caused the familiar 'Password:' prompt to appear. - Finally, if you get a bunch of errors like this:
Cannot open line '/dev/cu.PL2303-000013FA' for R/W: Resource busy
...or:
dev/cu.PL2303-000013FA: ioctl TIOCEXCL failed: Resource busy
It may be because you are improperly terminating the screen command. The proper way is:
[Ctrl]+[A], then [K] and finally, [Y] to shut the program down.
0xc0de - Kristjan's Blog
Moments of idleness.
Monday, September 28, 2015
Getting the Adafruit serial cable to work on OS X 10.10 (Yosemite)
After trying for a couple of hours to get the Adafruit serial cable to connect to my Raspberry PI A+ I learned some lessons:
Thursday, October 31, 2013
Adding a certificate to the global certificate chain in Fedora 19
I had the worst kind of problems with Websense rewriting every single SSL certificate for all sorts of Linux terminal commands including 'yum', 'wget', 'svn' and others. Unfortunately it took a bit of research to find out how to properly fix this so I though I'd share what I found out. It's not essential to understand (roughly) what a X509 certificate is and what the difference is between PEM and DER as well as the different kinds of certificate files but it sure helps. As it turns out you can add a certificate in Fedora regardless of whether it is PEM or DER encoded but since I'm a nerd I like to know this kind of stuff. If you are impatient you can skip the next section, it is mostly technical background info.
Example 2: A certificate chain in PEM format:
Certificate files come with a confusing variety of file extensions depending on the encoding:
openssl x509 -inform DER -outform PEM -in foobar.crt -out foobar.pem
This command also works in reverse to transcode PEM encoded certificates back to ASN1 DER format.
$ su -
$ cd /etc/pki/ca-trust/extracted/pem
$ mv email-ca-bundle.pem email-ca-bundle.bak
$ mv objsign-ca-bundle.pem objsign-ca-bundle.bak
$ mv tls-ca-bundle.pem tls-ca-bundle.bak
$ cp /path/to/your/certificate/foo.pem /etc/pki/ca-trust/source/anchors/
$ update-ca-trust
The update-ca-trust command takes any PEM or DER encoded certificates you added to the source/anchors directory and adds them to your global certificate chains. You should now see a new set of certificate chains with the *.pem files extension in the /etc/pki/ca-trust/extracted/pem directory (/usr/share/pki/ca-trust-source/anchors/ on some systems) and each chain should contain a copy of your certificate. To make sure your certificate made it into the each of the new keychains just grab a random Base64 encoded line from the PEM encoded certificate you wanted to add and grep for it. The string should appear in the *.pem files but not the *.bak files:
$ grep -l BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2\
/etc/pki/ca-trust/extracted/pem/*.*
/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem
/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
For more information you might want to read the man file for update-ca-trust which, unlike some other man files, is actually human readable.
A bit about PEM/CRT/CER/DER files:
Unfortunately there seems to be a bit of confusion about PEM and DER encoded certificate files. Technically speaking a certificate in PEM format is simply a X.509 certificate encoded in ASN1 (DER) encoding and then run through a Base64 encoder. Each Base64 encoded certificate is enclosed in BEGIN/END ASCII string tags. Multiple such certificates can be concatenated into a single file (using the Linux 'cat' command if necessary). This is what a single certificate and a chain of certificates in PEM format look like:Example 1: A single certificate in PEM format:
-----BEGIN CERTIFICATE----- MIIEIzCCAwugAwIBAgIJAIjKQlbSh33iMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEUMBIGA1UEBwwLTG9zIEFuZ2Vs ZXMxFzAVBgNVBAoMDkxhenkgRHVkZSBJbmMuMRswGQYDVQQLDBJIYW1tb2NrIERl cGFydG1lbnQxFDASBgNVBAMMC1N1cmZlciBEdWRlMSEwHwYJKoZIhvcNAQkBFhJu b2JvZHlAbm93aGVyZS5jb20wHhcNMTMxMDMxMDgyNzIzWhcNMTYwODIwMDgyNzIz WjCBpzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAcM C0xvcyBBbmdlbGVzMRcwFQYDVQQKDA5MYXp5IER1ZGUgSW5jLjEbMBkGA1UECwwS SGFtbW9jayBEZXBhcnRtZW50MRQwEgYDVQQDDAtTdXJmZXIgRHVkZTEhMB8GCSqG SIb3DQEJARYSbm9ib2R5QG5vd2hlcmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEArylGf3zVhGQ4MoOuNH0PqdIx43t1qjOCTF1JnQFSHjvHgKUs iueG0PWJdHHkNACeKFBjKnHnbiri4wcNFV7Hgmz0cNVkoLcDTkXnG6JFSro8ddz0 J3LWEy8SBe4c3KXxyhxbf0L1O81Ax1vRbD9JxJXyyeoUis5YkYR37bCgnPOha2ZL yaViDcJib3lps0m6WVx/HiXWMpP4vOU3r2dGbO19HpdLo4yFxmjVUBimz/qYk+A/ zqOVLqtYp0rU8MUPSBL1t6sbzTgpMleWEZVNPwE3xzS/DVhJwHC/q1WOMlkzRXmb lnc3iipByxaS6cDBZ852VP3uRW7Kq8dfyceLewIDAQABo1AwTjAdBgNVHQ4EFgQU +WANOPp+8UmNGqEy5U+M9gD5W0cwHwYDVR0jBBgwFoAU+WANOPp+8UmNGqEy5U+M 9gD5W0cwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEArCXsPaRR0gwb kVo9y32t4j7Mf84WWfxvxnIhc31BRkl1fOhA0O6CtHMtzpRXbx2IlF2OxEsiS3Hr 6q0bkDEs+IBdw/T2xRFMj814RCQRUR3iR5yuOSnvGT6+nth1mzEP+kVpbvIQfRg2 H4qQEUWC2Bp65Tq4gVjG4difpyC+cTXxLK2Dr6IwnheXqCythO6fTKM7p1asxYc9 EbTfydorCuqhG/pUDMp0At6kqGcCYd5ZzXfD9Hopwn3AI8Nk9rEX9qfqlwXtwkQD 9j+TErlxUt+OzLRfawDECwxegCLxPU4DQt/btqAJd/7P4uCiC9Ah7i2ySWb3Dnd2 dGx4k0s26g== -----END CERTIFICATE-----
Example 2: A certificate chain in PEM format:
-----BEGIN CERTIFICATE----- MIIDnDCCAoSgAwIBAgIJAJmHnWWcvUFkMA0GCSqGSIb3DQEBBQUAMDcxDzANBgNV ** snip ** PGC1csm4MaulhuQCWrlXVRmWFC0hVYhzAClxF/Y0gadO/SaG+G5ceXGZPpcdwjaY 9d9ljwimr1xFkeB22yXyxw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIDzzCCAregAwIBAgIDAWweMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB ** snip ** mYHovjrHF1D2t8b8m7CKa9aIA5GPBnc6hQLdmNVDeD/GMBWsm2vLV7eJUYs66MmE DNuxUCAKGkq6ahq97BvIxYSazQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE ** snip ** r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK Z05phkOTOPu220+DkdRgfks+KzgHVZhepA== -----END CERTIFICATE-----
Certificate files come with a confusing variety of file extensions depending on the encoding:
- *.pem - Certificate in PEM format (ASN1 DER and Base64 encoded). This file extension is common on Linux/Unix systems.
- *.crt - Certificate is either in PEM format or ASN1 DER encoded. Recognized by Windows and Linux/Unix.
- *.cer - Certificate is either in PEM format or ASN1 DER encoded. Alternate form of '*.crt' that is recognized by Windows.
- *.der - Certificate is ASN1 DER encoded only.
openssl x509 -inform DER -outform PEM -in foobar.crt -out foobar.pem
This command also works in reverse to transcode PEM encoded certificates back to ASN1 DER format.
Adding your certificate to the global keychain in Fedora 19
It turns out that once you know what the difference between *.pem, *.crt, *.cer and *.der files is adding your Websense certificate to Fedora's global certificate chain is pretty simple. Your Websense system administrator should be able to provide you with a root authority certificate for your Websense system. Once you have that, all you have to do is, get a root shell, copy your *.pem file to the right directory and run one command. I prefer to back up the generated keychains that shipped with Fedora 19 just in case but you can skip that step if you want to:$ su -
$ cd /etc/pki/ca-trust/extracted/pem
$ mv email-ca-bundle.pem email-ca-bundle.bak
$ mv objsign-ca-bundle.pem objsign-ca-bundle.bak
$ mv tls-ca-bundle.pem tls-ca-bundle.bak
$ cp /path/to/your/certificate/foo.pem /etc/pki/ca-trust/source/anchors/
$ update-ca-trust
The update-ca-trust command takes any PEM or DER encoded certificates you added to the source/anchors directory and adds them to your global certificate chains. You should now see a new set of certificate chains with the *.pem files extension in the /etc/pki/ca-trust/extracted/pem directory (/usr/share/pki/ca-trust-source/anchors/ on some systems) and each chain should contain a copy of your certificate. To make sure your certificate made it into the each of the new keychains just grab a random Base64 encoded line from the PEM encoded certificate you wanted to add and grep for it. The string should appear in the *.pem files but not the *.bak files:
$ grep -l BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2\
/etc/pki/ca-trust/extracted/pem/*.*
/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem
/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
For more information you might want to read the man file for update-ca-trust which, unlike some other man files, is actually human readable.
Tuesday, October 8, 2013
I wanted to compile a C++11 example on OS X 10.8.5 but it took me a while to figure out how. Using good old g++ with the -std=c++11 option will not work like it does on Linux since g++ is only a symlink to llvm-g++-4.2 on OS X 10.8. Apparently the Gnu compiler is no longer installed due to license issues. What works is to use clang++, the new(ish) front-end to Apples llvm compiler and for some reason that you have to tell clang++ which C++ standard library to use. For now I'm to lazy to investigate why that is but the following compiled the C++11 example code on cplusplus.com:
clang++ -std=c++11 -stdlib=libc++ cpp11example.cpp -o cpp11example
... or you can download the Gnu compiler and install it but for a few example code that seemed like overkill.
clang++ -std=c++11 -stdlib=libc++ cpp11example.cpp -o cpp11example
... or you can download the Gnu compiler and install it but for a few example code that seemed like overkill.
Monday, May 7, 2012
Cscope on AIX 7
AIX 7 does not seem to install cscope by default. It took me a while before I found this place:
http://www.perzl.org/aix/.
The cscope packages in the AIX 7 binary section and are marked AIX 5 but they work on AIX 7 nonetheless.
http://www.perzl.org/aix/.
The cscope packages in the AIX 7 binary section and are marked AIX 5 but they work on AIX 7 nonetheless.
Friday, April 20, 2012
Ok, just set up Ubuntu 11.10, so far so good. VIM kept spitting out A, C, B characters when operating the arrow keys in insert mode. Strangely enough that was cured by copying /etc/vim/vimrc to $HOME/username/.vimrc. Other than that Unity kind of sucks but mostly because it is buggy. I don't know what all the hullabaloo regarding Unity is about, I rather liked it as a desktop environment once I had tweaked it into shape, but as I said it still needs a bit of work.
Wednesday, April 4, 2012
RHEL 6.0 network configuration.
When one selects the default minimal desktop installation RHEL 6.0 does not configure the ethernet interface. To get it working edit the file: /etc/sysconfig/network-scripts/ifcfg-eth0 and set NM_CONTROLLED="no". This ensures the device is no longer slaved to the network manager. Then restart networking:
and finally get DNS working by editing: /etc/resolv.conf
sudo service network restart
and finally get DNS working by editing: /etc/resolv.conf
search **yourdomain**
nameserver **address**
nameserver **address**
nameserver **address**
It's a workaround but it got my box connected.
Thursday, January 19, 2012
I ♥ MacBook Air
I just bought a MacBook Air (Model 4,2) and IT ROCKS!!! This is largely thanks to the SSD but the 50% weight reduction from my old MacBook also helps. Boot time is drastically shorter and Photoshop files hundreds of megabytes in size load in mere seconds. My disk space has just been cut in half to 250 Gb but I'm not complaining. The product of the last 10 years of amateur photography will just have to be farmed out to a USB disk (or a 'vagrant' as we call it up here in the arctic) and I'll find a way to live with USB 2.0 until I can afford a Tunderbolt ™ drive. Of course if history is anything to go by, and given my recent strain of catastrophically bad luck, Apple will announce a new MBA with USB 3 ports and a Retina Display tomorrow. Incidentally the Apple Genius who sold it to me my new MBA was wrong, you can upgrade the SSD in the model 4,1 and 4.2 MacBook Airs.
Subscribe to:
Posts (Atom)