BROWNIES! — The Programmer’s Moment

There I was… testing my Python scripts to remotely adminster the radio station computers. I had been coding for a few hours trying to add support for remote admin logins. This required having the server send a public encryption key, letting the client get the potential password from the user, encrypting it with the key, sending it back to the server, having the server decrypt the potential password. Then… I saw it: “Password is:brownies”  shining brightly in the terminal running on the server. Proof of success at long last!

It is that feeling that I call ‘The Programmer’s Moment’ it’s a feeling of overwheling success because you just spent x amount of time on a feature, and you are finally convinced it is going to work like you planned. I am sure other professions experience this same sense of accomplishment, but I experience this most frequently when I am coding. It’s that feeling that makes long nights (or days) staring at a screen worth anything at all. It can motivate you to continue coding and keep you from giving up on a project that seems hopeless.

Here is a little screen shot of that terminal with such simple text that brought some happiness to this crazy coder 🙂

Finally... got the password being sent over the network

Finally... got the password being sent over the network

Advertisements

2 Responses to BROWNIES! — The Programmer’s Moment

  1. Wes says:

    That is an insecure password mister. A more secure password would be br0Wn135. I can’t believe you would use such an insecure password…

    Kidding aside, do you do encryption for the communication between the client/server?? If so, do you use the Diffie-Hellman key exchange?! If so, do share, that would be awesome to hear about.

  2. jintoreedwine says:

    “That is an insecure password mister. A more secure password would be br0Wn135. I can’t believe you would use such an insecure password…”

    I use common words as passwords to all important services… doesn’t everyone?

    “Kidding aside, do you do encryption for the communication between the client/server?? ”

    No, in fact nothing is encrypted except for the password exchange and that uses public/private key encryption. When the client first connects it gets sent the public key (which is fine to send unencrypted because it’s the public key ^_^ ). Then when the client makes an attempt at logging in if must use the public key to encrypt the password. This is enforced necessarily but the server will assume you have encrypted the password with the public key so if you didn’t you’ll just be rejected 🙂

    “If so, do you use the Diffie-Hellman key exchange?! If so, do share, that would be awesome to hear about.”

    Sorry… no Diffie-Hellman here. I’ll reserve that for the open-ssh team. Since the server generates a new key pair each time it is run I consider that sufficient. If someone really wants to try and brute force the public/private key on this setup they obviously have too much time on their hands…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: