My Question

Can I set permissions on a user (ex: postgres) such that that user is only allowed to login from TCP localhost, but not the Internet?

Trusted Sockets vs Passwords for Remotes

I get that you can initialize postgres to allow local users to login without a password, and remote hosts to login with a password:

initdb \
            -D "$POSTGRES_DATA_DIR/" \
            --username postgres --pwfile "$PWFILE" \
            --auth-local=trust --auth-host=password

Intranet vs Internet

For any system that's connecting across the internet I want to use a user that has a very, very strong (non-memorable) random 128-bit string.

For local and intranet access, however, I'd prefer to be able to have a username and password that I can remember (and type).

Can I do this... or do I just have to set up one user per system that's allowed to connect, with a .pgpass on each?
(I don't want to share keys in plaintext files between computers)

I want to test whether or not an ssh server allows passwords and immediately close the connection without actually attempting a login.

Something like this:

allows_password=$(ssh --some-option example.com)
if [ -z "$allows_password" ]; then
  echo "Insecure Server Options"
else
  echo "Insecure Password Access is not Allowed, Great!"
fi

I've actually done this once before, but I couldn't find old script or docs. Sad day. :-/

I have an Ubuntu server running xen (with xen-tools only) and when the server experiences a power failure I have to manually run xl create /etc/xen/MY_DOMU_GUEST.cfg to restart the vm.

My config settings for restarting look like this:

/etc/xen/MY_DOMU_GUEST.cfg:

on_poweroff = 'restart'
on_reboot   = 'restart'
on_crash    = 'restart'

But it doesn't start on dom0 boot. Am I missing something?

I notice that every time I set up google apps, mailgun, mandrill or whatever I always have to set up domainkeys. That part makes sense - RSA, public/private, etc - I get that.

Intuitively I would think there is a single standard for where to find SMTP domain keys, but instead it seems like one of these prefixes get picked at random: smtp k1 mx pic mailo.

Example:

• smtp._domainkey.example.com (makes sense)
• mx._domainkey.example.net (yup)
• mailo._domainkey.example.org (why the o?)
• k1._domainkey.foo.com (k for key? 1 for primary?)
• pic._domainkey.bar.com (pic? what does that even mean?)

So I'm looking at my list of domains and it appears that only those 5 variations occur, but I'm not seeing a pattern.

• Why isn't there just one standard prefix?
• How does that querying server know which to query?
• Isn't _ an illegal character?
• And if the domainkey prefixes are arbitrary, why only arbitrary-ish?

I'd love to be pointed to some reading material as well as some short and sweet explanations if you have one on hand.

P.S. I've tried googling a little, but I don't know enough to figure out what my query should be. All that I see are tech support how to articles for specific email or hosting providers.

Possible Solution

date --set="2011-12-07 01:20:15.962"  && date --rfc-3339=ns

Original Question

I can get the date with milliseconds like so:

date +"%S.%N"
date --rfc-3339=ns

According to man date I would expect to be able to set it like so:

date --set=%s.%N +`date +"%S.%N"`
date --set="%s.%N" "+1323217126.085882000"

According to my googling I would expect to be able to set the date like so (the inverse of the above):

date +%s.%N -s `date +"%S.%N"`
date +"%s.%N" -s "1323217126.085882000"

Neither work. Can someone clue me in on the issue?

P.S. No, I don't need nanosecond resolution. Yes, I know bash execution takes milliseconds. What I really need is sub-second resolution, 10ths of a second would be good enough.

This seems to work fine:

dhclient eth0
ifconfig eth0:1 192.168.1.105 up

But not this:

ifconfig eth0 192.168.1.105 up
dhclient eth0:1

Is there any way to get dhcp on a virtual address?