Monthly Archives: July 2010

iPad for the sysadmin

Posted on by
1

A few weekends ago I had the privilege of being assigned to evaluate an iPad for use as a support tool by my boss. (thanks Ike!)

The first order of business was to figure out some basic tasks that we would need to accomplish as sysadmins that we could realistically use the iPad for.

Remote control via ssh for a unix server

For ssh I already had the iSSH application by Zinger-Soft [iTunes]. Fortunately they updated the application to be a universal application for both the iPhone and the iPad. I had used it with a fair amount of success on my iPhone in the past to reboot several servers over both WiFi and 3G data, most notably when I needed to reboot a MySQL server will on the way to Atlanta on I-75.

I was pleased with the changes that they made for the expanded screen real estate of the iPad. The split screen function when in portrait mode is quite useful when you need to juggle two connections at the same time, even if it can be a bit confusing at first.

The ability to handle X11 forwarding is also a nice touch, because there are some administration activities that require the GUI even on a unix system (think that favorite Oracle installer that we all know and love).

Remote access via RDP to Windows servers and desktops

Generally this is actually an easier task to sort out, due to the number of RDP clients that exist of the iPad. There are more clients out to handle this than you can shake a stick at, however they don’t all have the same features. The fly in the ointment with RDP support is the ability to work with the widest variety of server and desktop os installations, with encryption, etc. The large majority of them did state that they supported Server 2003, 2008 as well as Windows XP, Vista and 7.

What took some doing to was to find a client that would work in our security environment. Currently we require that all off-site RDP connections be tunneled through SSH. It turns out that none of the RDP clients out there support this yet. One of the most promising from this standpoint looks like iTap RDP by Honeder Lacher Wallner Softwareentwicklung OEG [iTunes]. This client supports FIPS and NLA. They have a nice compression algorithm that makes the connection work well even on a 3G network. While they don’t currently support RDP over SSH tunnels this is a planned feature in a future release.

Another possibility, depending on where we go with our VDI initiative is Wyse PocketCloud by Wyse Technology [iTunes]. PocketCloud for iPad supports both VMWare View connections and standard RDP connections.  This is the application I ended up testing, and I must say, I was pretty happy with it.  The manner in which it handles the mouse functionality is superb.  The support for the application seems a little subpar, but there is a fairly active forum.

Currently the only solution that I was able to find was to use iSSH for a tunneled VNC connection, since iSSH supports this. Of course, this means that you will need to install a VNC server on your desktop or server, but in my testing it did seem to work fairly well if a little sluggishly. One advantage to this is the fact that Mac OS X includes a VNC server by default, making connections to Mac servers and clients a fairly easy thing to accomplish. With WIndows 2008, it was a little more challenging due to the changes in security that were added by the UAC system from MS. I was unsuccessful in getting RealVNC Enterprise trial to work properly, however the beta of TightVNC worked nicely.  The latest version of iSSH does support ssh tunnels.  When you combine this with multitasking support on iOS 4 you then have ability to access a remote machine through a perimeter firewall without the need for VNC server. Unfortunately, this support is useless on the iPad until we get iOS 4, but it is nice to know that it is there.

Access to various web-based support services

This is not really much of a challenge, however it is worth mentioning that there are a number of web-based systems that don’t cooperate easily with Mobile Safari for various reasons. Some of them are Flash-based, which obviously won’t work, others are just not designed to work properly on a touchscreen device. Your mileage may vary.

Password storage

As is the case with most system admins, I have way too many passwords to keep up with than I can easily remember. When you combine that with the necessity of locking accounts after a certain number of failed attempts, it becomes rapidly necessary that I have a secure method of carrying passwords with me.

On my iPhone I have been using Lockbox Pro by GEE! Technologies [iTunes] for a while now, however in investigating an app for the iPad I spent a fair amount of time playing around with SplashID by SplashData [iTunes]. (Also, it looks like GEE! Technologies is having issues, since the company website link for their app in the AppStore doesn’t work and the support website looks fairly similar to the myriad of web-squatter websites that are out there.) Now if you use password managers, you most likely have run into SplashID before. One of the major points in it’s favor is the use of both 256-bit Blowfish encryption. New for the iPad version is the ability to use a swipe pattern to unlock the application, similar to the process that you can use to unlock some Android-based devices. It also supports numeric and alpha passwords for unlocking the database.

One of my favorite features of Lockbox Pro is the ability to have a large number of additional fields for an entry, not just a username and password. SplashID also has this feature. Also, another great advantage to SplashID is the ability to have a desktop application (both Mac and Windows) that you can sync your mobile device to. Not only does SplashID support the iPhone, iPad and iPod Touch, they also have clients for Android, WebOS, PalmOS, Blackberry and Series 60. The simple fact that I can sync my password data between multiple devices as well as my desktop makes this an ideal application. SplashID also supports auto-fill for websites, if that is your thing.  Of course, if you want it all on your the iPhone, iPad and the desktop your are going to have to fork out a lot of money, since each application is a separate charge.

Access to notes, procedures and documentation

As an admin, one of the most useful applications is one that allows me to have notes, procedures and documentation available when I need it. It can be difficult the juggle a keyboard, serial cable and a big fat, dead tree manual when in a datacenter, so having the essential docs on hand in a mobile environment is a must.

I think there are actually more possibilities in this particular category than any other I researched for this post. I have been a big fan of Evernote by Evernote Corp [iTunes] since it was released. It syncs to both the iPhone and iPad, as well as to the client on my desktop. Combine those abilities with web-clipping functionality in both Safari and Firefox on the desktop and you have a great tool for support.

Of course, sometimes you will need to store large documents, and unless you feel like paying for storage with Evernote, it might not work to upload the entire Solaris 10 reference, or the latest edition of the PHP function reference. To begin with I started searching for the perfect sysadmin application in the App Store, then I realized that I already had it, iBooks [iTunes]. With iBooks 1.1, Apple made PDF storage easy. Just drag the PDF into your Books section in iTunes and sync. Voila! Of course to make the docs more useful, they need to be converted into eBook format so that you can use the highlighting and search features, but in a pinch a raw PDF is quite handy.

I wish I could do that

There are still somethings that I wish I could do with the iPad, however I doubt I will get them.  One item on my wishlist would be a mechanism to allow me to use the iPad as a serial terminal.  Frequently I have to use a laptop with a serial port (or USB-to-serial adapter) to connect to a server in order to access the console.  It would be really nice to be able to do this from the iPad.  Another feature that would be nice would be something along the lines of the certificate management that you have in the Keychain Access application on the Mac.  I can see where it could come in handy to be able to import and export SSL certs from the device.

Life without cable – Part 3

Posted on by
Reply

This is the third in a series of articles on my trials and travails about living the cable-free life. The first part dealt with moving to Apple’s AppleTV platform by way of MythTV and Tivo.  In part two talked about the reasons why I moved from an AppleTV to a Mac Mini-based HTCP setup. This article will focus on the software I am running to make all of this palatable along with a few hardware and OS tips thrown in for good measure.

I am going to start out with a few hardware and OS items, because these will be important in deciding where to go with the software.

Video Output

As I noted in part two, I purchased an Apple Mac Mini 2.26GHz (Late 2009) to replace the 40GB AppleTV. This particular model has two video output options:

  • Mini-DVI
  • Mini DisplayPort

This allows for easy conversion to S-Video, DVI, or VGA.  In the box you receive an adapter that will allow you to connect directly to a DVI-D (dual link or single link) cable or port.  Unfortunately the adapter does not allow you to connect a DVI-D cable.  If you want to use the Mini DisplayPort output (instead of or in addition to the Mini-DVI port) you will need to buy an additional adapter.  Apple sells several different ones to accomplish different goals:

For some reason, while Apple sells an adapter to allow for conversion to VGA from Mini DisplayPort they do not sell one to convert to S-VIDEO or composite video, in fact it doesn’t appear that anyone does.  If that is your goal, then you will need to daisy chain the Apple Mini-DVI to Video Adapter adapter to the included Mini-DVI adapter.

If you want to connect the Mac Mini directly to an HDMI component then you will need to buy either a Mini-DVI to HDMI adapter, Mini DisplayPort to HDMI adapter, or add a DVI-D to HDMI adapter to the included Mini-DVI to DVI adapter.  Initially I was using a Belkin DVI-D to HDMI adapter, however I have since moved to using a single piece Mini DisplayPort to HDMI cable from monoprice.

Audio Output

When it comes to audio output from the Mini, your choices are a lot simpler, at least in the beginning.  The Mac Mini supports two audio output options from a combined port:

  • standard stereo analog via a 1/8″ inch (3.5mm) cable
  • S/PDIF format optical via a mini-toslink adapter or cable to a toslink input

Most people won’t have any issues, however in my case I had a problem where my receiver disabled the digital input jack when I connected the Mini to HDMI on the receiver (either by using a Mini DisplayPort to HDMI cable, or when running through the Mini-DVI/DVI-D HDMI adapter/HDMI cable combo).  Here’s what I got from Sony on this one:

This issue can occur with an Audio/Video (A/V) receiver that has HDMI® Active Intelligence. HDMI communicates with all of the HDMI-connected devices and requires authentication (a.k.a. handshake) from each device. Since the DVI jack on the TV is not HDMI, authentication cannot occur and may cause the A/V receiver to not produce any audio.

In my case I ended up connecting the digital audio to the receiver and the video to the second HDMI input on my television.

One possible solution to this would be to purchase an adapter that will take the Mini DisplayPort video signal and combine it with the digital audio signal to a single HDMI output.  Both monoprice and Kanex make an adapter to accomplish this.  Kanex also makes an adapter that will take analog audio and add it into a combined signal.  I have yet to actually purchase either and test it, however I will be doing so in the future.

Software Choices

Back in the good old days I was using a MythTV setup and I really liked the interface (up to a point anyway, it wasn’t near as polished as some of the commercial options, but at that point I was gung-ho on opensource movement).  After moving to the AppleTV, I became spoiled by the polish that I was seeing with the Apple interface as well as the Boxee project.  After settling on the hardware choice of the Mac Mini, I then began looking for a suitable software product.  Now I know several folks that use iTunes, Safari and FrontRow to handle most of this, however I wanted an all-in-one solution as much as possible.  I settled on using Plex.  This is a Mac OS centric fork of the XBMC project, so it may look familiar to some of you out there (Hey Joe Newton!).

The Plex application is quite similar to Boxee in that it maintains the XBMC application structure.  There is a developer SDK available and you can easily write small apps to fill the holes in the ether.  For instance, there is a rather nice application for viewing the TED Talks.

Unfortunately there are still somethings that a standalone application does better.  I prefer the Hulu Desktop application, especially since Hulu goes out of their way to shun all third-party integration into their ecosystem.  I also prefer using the NetFlix web interface over the Plex app.  There are just some pieces to the integration that doesn’t function to my satisfaction.  Also, to listen to my SACD and Digital Audio content, I am forced to use iTunes.  This is due to a bug in the way that audio content is handled with respect to the frequency settings for digital audio in Plex.  According to the developers this will be fixed in the release of version 0.9.

Getting Your Content

Here is one area where we are still at the mercy of the content creators and providers.  If all the content you watch is ripped from legally purchased dvds and cds then you should have no problems, since Plex has been able to handle every format I have thrown at it.  If you buy or rent video content from the iTunes store, then you are going to have to use FrontRow or iTunes, since the video content (unlike the music) is still encapsulated with DRM encryption.  If you are in search of current tv show episodes, then your best bet is going to be to use Safari and watch the shows through the browser or to use Hulu (which is even better now that Hulu Plus has come into being).

Controlling the HTPC

When it comes to controlling your media center, most people expect that they will be able to use the ubiquitous remote control that we all seem to have so many of these days.  Some of use still remember when you had to get up and physically change the channel on the television (seems like a quaint notion nowadays).  Then we progressed to having wired remote controls, then on to infrared remotes, then to RF remotes that can work through walls!  Well, I have a Logitech Harmony 550 remote that is programmable and can control all of my components.  I can setup macros (or activities, as Logitech calls them) to do certain things, like go from tv watching mode into listening to the turntable mode (yeah, I still own a turntable and LPs).  One of the nice things about the Mac Mini (like the AppleTV) is that it has a built-in infrared port, so that I can control Plex using my Harmony.  Plex comes with built-in support for either the Apple Remote or the Logitech Harmony.

As for browsing the web, I still use a keyboard and mouse.  Thankfully Apple makes this easy with their built-in bluetooth support.  Currently I am using the new Apple wireless keyboard and a Might Mouse.  At some point I plan on trying out the Logitech PS3 keyboard, since it has a built-in trackpad for cursor control.

Final Thoughts

Having been cable free for almost two years now, I can definitely say that it was a journey worth taking.  Not only have a I reduced the financial costs associated with watching media, I also pay more attention to exactly what I am watching.  Since my media storage is not infinite, I have to care more about what I keep and what I don’t.  With the advent of NetFlix instant streaming, Hulu, and the prevalence of companies like ESPN, CBS and others that allow you to watch current content over the web, the storage burden has been lessened, but it is still something to keep in mind.

The main problem with this solution is for content that hasn’t made it to the new media generation.  Many of the media providers still have the idea that cable is king and that they need to charge outrageous prices in order to maintain the monopoly.  What they should be doing is allowing us access to the content, no matter how we want to watch it.  One example of the bone-headed thinking out there is the way that Hulu has handled the interaction with systems like Plex and Boxee.  The claim is that the content owners (NBC, ABC, CBS, etc.) have directed them to attempt to block usage that will conflict with standard transmission methods, such as cable and satellite.  What they don’t seem to understand is that the way in which I watch the content is less important than if I watch it at all.  On Hulu the content is ad-supported.  On the ABC website, the content is ad-supported.  I don’t think that it should really matter where the ads are seen, as long as they are, but apparently this is not the belief of the big-wigs in the boardrooms.

References