Our Blog

SSH host key verification: a few useful tips

By Selvakumar Arumugam
April 13, 2023

The SSH connections between a client and a remote server begin with a host key verification as an initial handshake. If the default key algorithm is not supported between the client and server, the SSH connection attempt is closed with no matching host key type response.

$ sftp username@domain
Unable to negotiate with xx.xx.xx.xx port 22: no matching host key type found. Their offer: ssh-rsa
Connection closed.
Connection closed

In this article, we will explore the host key verification process and discuss ways to handle the non-matching host key issue to establish the connection.

Host keys

By default, OpenSSH automatically generates a public-private key pair on the server and stores it in /etc/ssh. These keys, known as host keys, are created using several encryption algorithms including RSA, DSA, ECDSA, and ed25519.

The pair of private and public keys is available on the host server at the path /etc/ssh.

$ ls /etc/ssh | grep key
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_ecdsa_key
ssh_host_ecdsa_key.pub
ssh_host_ed25519_key
ssh_host_ed25519_key.pub
ssh_host_rsa_key
ssh_host_rsa_key.pub

How does OpenSSH decide which host key to use?

During SSH connection establishment, the …

How To Set Up pgTAP for Writing PostgreSQL Database Unit Tests

By Edgar Mlowe
April 12, 2023

In a previous blog post, my colleague Josh Tolley introduced the concept of using pgTAP, a set of Postgres functions designed for writing unit tests within the database. This post will serve as a supplement to Josh’s post, focusing on the process of setting up pgTAP for testing a Postgres database.

Installing & setting up pgTAP

Note: make sure you have Postgres installed on your system. If you don’t have it, you can follow the Postgres documentation to learn how to install it.

To install pgTAP for Postgres, you will need to follow these steps:

1. Download the pgTAP source code from its GitHub repository.

   git clone https://github.com/pgtap/pgtap.git
   

2. Navigate to the pgtap directory.

   cd pgtap
   

3. Install with make.

   make && make install
   

4. Finally, connect to your Postgres database using psql or any other Postgres client and run the following SQL command to create the pgTAP extension.

   CREATE EXTENSION pgtap;
   

Now you should have pgTAP installed and ready to use in your Postgres database. If you face issues with installation, visit the pgTAP documentation for further help.

Writing simple database tests with pgTAP

Test to check if a table exists:

SELECT plan(1); …

Tennessee Hackathon 2023

By Darius Clynes
March 30, 2023

We just had our first company gathering in our Tennessee office after a hiatus of several years. About 20 End Pointers came to our Johnson City, Tennessee office to work on various VisionPort projects. For several of us, it also provided an opportunity to meet each other in person for the first time.

End Point Tennessee office (EPTN)

Other than our Johnson City-based team, for many of us this was our first look at our Tennessee office from which the VisionPort systems are assembled, tested and shipped.

Our Content Management System (CMS) team worked on some exciting updates to our VisionPort CMS, including important modifications to our touchscreen systems and improvements to the user interface.

Meanwhile our Research & Development team worked on upgrades to the VisionPort system itself, focusing on integrating large and small touchscreens for multimedia presentations. One such improvement was support for 8 tabletop touchscreens integrated to serve 16 museum visitors simultaneously.

Our support team worked on testing and spinning up documentation to bring our inventory up to date and prepare for the next wave of our new VisionPort CMS installations.

Casablanca

The luxurious …

Identifying Vulnerabilities in Code Using Horusec

By Indra Pranesh Palanisamy
March 28, 2023

Horusec is an open source tool which, by orchestrating other security tools, identifies security flaws and vulnerabilities in source code. It puts all the possible vulnerabilities it finds into a database for analysis.

Currently, Horusec supports C#, Java, Kotlin, Python, Ruby, Go, JavaScript, TypeScript, PHP, Swift, C, Dart, Elixir, shell, Terraform, Kubernetes, nginx, HTML, and JSON. You can see an up-to-date list of supported languages in Horusec’s docs.

It can also be integrated with CI/CD to execute the scan every time a developer creates a pull request or merge request.

Horusec CLI Installation

Requirements: Docker, Git.

The easiest installation method listed in the docs is curling Horusec’s install script and piping it into bash:

curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest

Be aware that there is risk to piping unseen commands into the shell like this: It can lead to unintended consequences and it is a bad security practice.

If a user blindly pipes the output of a website response to be run by a shell without fully understanding what each command does, they may inadvertently execute malicious …

Interchange 3rd Party Tax Support

By Mark Johnson
March 21, 2023

New 3rd-party tax API support has been added to core Interchange¹.

In the wake of the Wayfair court decision², many businesses running Interchange catalogs lack the necessary tools for full compliance. A new translation layer has been created in Vend::Tax to connect the standard sales tax structures and routines that operate within Interchange, and the development of vendor-specific 3rd-party tax providers. The goal of the Vend::Tax framework is to create a space to allow for development of any number of vendor-specific tax services to support tax calculation in Interchange.

Vend::Tax defines 3 new tags to support its function:

• [tax-lookup]: Returns calculated tax amount determined by specific 3rd-party provider. Tax may be estimated or live lookup, depending on settings. Data required to calculate tax will be provider dependent.
• [load-tax-averages]: Requests and stores tax averages for running in estimate mode, for providers that support it. Stores estimates by default in the tax_averages table. Further, allows for local tracking of jurisdictions with nexus, which can be used by live lookups to determine if a particular lookup can be skipped entirely. See load_tax_averages Job …

Getting started with Java development using Visual Studio Code

By Trevor Slocum
March 17, 2023

Photo by Garrett Skinner, 2022

Visual Studio Code is a free source-code editor available for Windows, macOS, and Linux. While it includes a lot of features out of the box, you will likely need to extend its functionality to suit your purpose for using it. There are many extensions available, each providing their own set of features and functions.

In this guide we will install the Extension Pack for Java, which is a bundle of several extensions. Installing this extension pack will add the following features to Visual Studio Code:

• Java language support for parsing and highlighting our code
• Java test runner for testing our code
• Java debugger for debugging our code
• Java project manager for managing resources related to our code
• Maven support for building and packaging our code

Note: This guide assumes you have already installed a Java Development Kit. If you haven’t done that yet, OpenJDK is a great option.

Step 1: Install Visual Studio Code

If you haven’t yet, download Visual Studio Code and install it. If you need more help with this step, review the installation instructions linked on this page. Click the link that applies to your operating system to access the …

Programming the Intel NDP in 1983

By Jeremy Freeman
March 12, 2023

The Beginning

I graduated from St. John’s College in Annapolis in 1980. It was an intensive four-year education in math, science, language, poetry, and philosophy. Two years later, I took four computer classes at a community college, and got my first IT job in 1983 at the beginning of the personal computer revolution.

There were two of us: Steve, the owner of the company, and I, working literally in his garage. I was just a fledgling, uncertain and doubtful of my own ability. The IBM PC had come out the summer before, a device IBM seemed to regard as little more than a toy. Steve was by profession a physicist.

Steve noticed the PC had an empty socket on the motherboard, next to the Intel 8088 CPU. He guessed it was for Intel’s 8087 Numeric Data Processor (NDP), also known as a math co-processor, that was designed as a companion to Intel’s 8088/86.

The CPU could operate perfectly well on its own, but if the NDP was installed, they would both read the same code stream. The CPU would ignore NDP instructions and let the NDP execute them. The NDP would ignore non-NDP instructions and let the CPU execute them. While the 8088/86 is running code, it can’t do anything else. With the NDP, …

Interchange rust_link connector

By Jon Jensen
March 6, 2023

The Interchange ecommerce system recently reached 27 years old, measuring from the first public release of its predecessor MiniVend by its creator Mike Heins. It is still hard at work in quite a few ecommerce sites, serving pages, accepting and processing orders, managing warehouse logistics, and more. That is quite an accomplishment in the software world!

The Interchange server/​daemon

Interchange is written in Perl and runs on Linux and other Unix-like servers as a daemon (persistent background process) that listens for requests. Why does it need to run as a daemon?

Like many applications, Interchange starts with a relatively slow initialization procedure that takes a couple of seconds to compile code, load modules, read configuration, connect to databases, and validate everything. We want it to do that only once when the daemon is started, and not for each user request, so it can make quick responses.

Web server connector

General-purpose web servers normally sit in front of an application server, optimized to make speedy encrypted TLS sessions for HTTPS, control access to resources, log requests, redirect old URLs, route traffic to various applications, and directly serve …