# Day 1 Laboratory: Developer Fundamentals

## Setting up command line proxies

Start Terminal (black icon on the bottom)

You will be using web proxies activated by you AUBnet password during this laboratory. For the purposes of this exercise, it is recommended that you change your password so that it contains:

• an underscore
• no other special characters

Then export these environment variables using the following commands at the terminal

proxy_user=your_aubnet_username_here

export ftp_proxy=http://$username:$password@proxya.aub.edu.lb:3128/
export http_proxy=http://$username:$password@proxya.aub.edu.lb:3128/
export https_proxy=http://$username:$password@proxya.aub.edu.lb:3128/


## Setting up the web proxy for Firefox

Start Firefox (orange icon on the top)

Go to Edit -> Preferences -> Advanced -> Network -> Settings

Select Automatic proxy configuration URL and enter: http://autoproxy.aub.edu.lb/autoproxy.pac

Passphrase: 00000000000000100010100101100000

## Crack the Repository

Not just anybody can be an attendee of the HPC @ AUB course. You must first prove yourself to me by breaking into my pizza repository at http://aron.ahmadia.net/hpcataub/pizza using your knowledge of UNIX fundamentals and by adding yourself to the list of participants in the course.

You have all the tools you need to decipher out the passwords, private keys, and passphrases that I've hidden from you. Use the techniques I've shown you, or invent new ones. If you complete the exercise ahead of schedule, try to help other participants or write your entire solution into a single shell or python script.

Your ssh-Agent is going to be with you every step of this assignment. She will be responsible for maintaining your identity and authenticating you as you negotiate with foreign entities. Please set up a secure public/private keypair for authentication using the following steps:

# generate ssh key
# The default file /home/user/.ssh/id_rsa is fine
# Enter a secure passphrase at the prompt!
ssh-keygen -t rsa -C "youremail@aub.edu.lb"

# initiate ssh-agent
exec ssh-agent /bin/bash

# remember that when logging into remote systems, your agent can accompany you if you specify
# the -A flag (e.g. ssh -A shaheen.hpc.kaust.edu.sa)


Your public identity key is stored in ~/.ssh/id_rsa.pub. You can easily submit this to another system with a single command line entry:

ssh-copy-id -i ~/.ssh/id_rsa.pub user@shaheen.hpc.kaust.edu.sa


Your private identity key file is stored in ~/.ssh/id_rsa. Guard this like a credit card or your wallet! Your passphrase is the second level of security protecting your private key, but it is still not a good idea to leave it lying around on untrusted systems.

## Acquiring the (Broken) Decrypter

Who encrypts pieces of their homework assignments using XOR?

I do!

You will!

The decrypter repository is part of the official hpc @ aub course repository hosted on bitbucket at http://bitbucket.org/ahmadia/hpc_at_aub

Clone the repository to a local directory on your workstation:

git clone git@bitbucket.org:ahmadia/hpc_at_aub.git


## Building the Decrypter

The decrypter subdirectory contains the source code for the decrypter, as well as a Makefile for building it. You can issue a build directive to make from the command like this:

make decrypt


You didn't think I was going to make this that easy, did you :D? Both the Makefile and the C source code have slight errors in them, use your knowledge of Makefile and C syntax to figure out what is going wrong here.

## Extract from encrypted and split tarballs

Use the strings command on hidden.o to recover the passwords, and then the nm utility on hidden.o to determine which passwords match to each of the three binary files on my site (use wget to download them):

wget http://aron.ahmadia.net/hpcataub/day_1/citizen.bin


Use decrypt (which reads from stdin and decrypts to stdout) and the shell redirection operators < and > to convert each of the binary files to a .gz file. You will need to modify xor_crypt.c and recompile each time you change the password (or you could make it a command line option). You should now have the following three files in your directory: citizen.gz, marx.gz, and monty.gz. You can verify that you are correctly decrypting by typing:

file citizen.gz marx.gz monty.gz


The three files should all report their contents as gzip compressed data. If they do not, you may not be using the correct password to decrypt them. Unzip the three files using gunzip, then concatenate them using cat in the following order: marx monty citizen and using a pipe | to the tar command with the following command line options: -xv -f -. The - argument to the -f command line option instructs tar to read its input from stdin, which is in this case connected to stdout (and the three concatenated files) from cat.

tar should find and extract a single file, id_dsa. This is your key! Once you have the passphrase, you'll be able to push changes to the pizza page repository.

## A Passphrase in the Game of Life

You will also notice a life subdirectory under day_1 which contains a simple implementation of the Game of Life in Python. Adjust the code so that it runs for 100 iterations, then run it with the following command line:

python life.py print_as_phrase


You can then:

ssh-add ../id_dsa


Modify the HTML in this repository to leave your mark on the site.

## Commiting Your Changes and Opening a Pull Request

I would like to record, for posterity, all the students who have attended this course. You will help do this recording for me, by following these steps:

git clone git@bitbucket.org:yourname/hpc_at_aub.git

• modify the file web/participants.rst and add some information about yourself that you would like to share.
git add web/participants.rst