Blog posts

OpenSSL Heartbleed... :\



Wow... Scary... A terrifying nightmare

Yesterday (April 7, 2014), the famous bug has been revealed and we found out that it existed for two years and no one knew about it. If you want to know what harm it can cause, just check this web site http://www.heartbleed.com/

It is really scary because, this means that almost every SSL private key could be stolen with the user passwords. Well, if the user passwords have already been stolen, there are nothing to do much on the server side. We can only warn users to change their passwords and I suggest everyone to change their e-mail, banking, forum, etc... passwords.

Well, if we want to stop our user passwords to be stolen by sniffing or interpreting our communication with the user, first, we should change our SSL keys. With the help of this web site, I have prepared following document to sign your own SSL certificates. Unfortunately, web page is dead now, but it can be reached through Web Archives.

  • Firstly, we need to generate a key for our server

  • openssl genrsa -des3 -out server.key 4096


  • Then, a signing request is needed

  • openssl req -new -key server.key -out server.csr


  • Now, using both signing request and key, we can sign our certificate

  • openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt


  • We need to make a version of our key which doesn't require password. So, apache won't ask users to enter a password when they access to our web site.

  • openssl rsa -in server.key -out server.key.insecure
    mv server.key server.key.secure
    mv server.key.insecure server.key


  • Finally, these files should be copied into right directories (depends on your web server software)



  • This was what I did, also, I have replaced my OpenSSH server and client keys;

  • Deleted host keys and reconfigured OpenSSH;

  • rm /etc/ssh/ssh_host_*
    dpkg-reconfigure openssh-server


  • Updated client keys;

  • ssh-keygen



    That's all for tonight :) Please take immediate action for Heartbleed bug...


    P.s.: if you didn't already, you must upgrade your OpenSSL version to 1.0.1g in order to prevent future abuses.


    by zgrw on 2014-04-09 11:54:41

    CUDA Aware MPI

    Hello,

    Today I will introduce you CUDA-Aware-MPI. CUDA aware MPI is a brand new technology which shows high potential when used with GPUDirect technology. Basically, it is a CUDA application witch has been divided multiple nodes. So, it is also a MPI application too. It is just like a dream. You may find official introduction blog post of Nvidia through this link.

    I want to show you how to compile and run it.

    First of all, you should have more than one nodes with Nvidia GPU card. Secondly (if you are used to MPI you already know this part), you have to sync working directories. As it mentioned [url=https://ccv.brown.edu/doc/mixing-mpi-and-cuda.html=here[/url], we have to use object files to mix MPI and CUDA. We need to have two different source files, one for MPI (main code) and one for CUDA (parallel part).

    CUDA Part;

    /* multiply.cu */
    #include <cuda.h>
    #include <cuda_runtime.h>

    __global__ void __multiply__ (const float *a, float *b)
    {
    const int i = threadIdx.x + blockIdx.x * blockDim.x;
         b[ i ] *= a[ i ];
    }

    extern "C" void launch_multiply(const float *a, float *b)
    {
         /* ... load CPU data floato GPU buffers a_dev and b_dev */
    float *a_dev, *b_dev;
    cudaMalloc(&a_dev, 5);
    cudaMalloc(&b_dev, 5);
    cudaMemcpy(a_dev, a, 5, cudaMemcpyHostToDevice);
    cudaMemcpy(b_dev, b, 5, cudaMemcpyHostToDevice);


         __multiply__ <<< 1,1 >>> (a_dev, b_dev);


            cudaMemcpy(b, b_dev, 5, cudaMemcpyDeviceToHost);
    cudaFree(a_dev);
    cudaFree(b_dev);

         /* ... transfer data from GPU to CPU */
    }


    Main Code

    /* main.c */

    #include <mpi.h>

    void launch_multiply(const float *a, float *b);

    int main (int argc, char **argv)
    {
            int rank, nprocs;
         MPI_Init (&argc, &argv);
         MPI_Comm_rank (MPI_COMM_WORLD, &rank);
         MPI_Comm_size (MPI_COMM_WORLD, &nprocs);

         /* ... prepare arrays a and b */
    float a[5]={1,2,3,3,4};
    float b[5]={9,8,7,6,5};

         launch_multiply (a, b);

         MPI_Finalize();
           return 0;
    }


    Then, we have to compile cuda code and create an object file;

    nvcc -c multiply.cu -o multiply.o



    Finally, using this object file (and necessary other libraries), we will compile the whole application

    mpicc main.c multiply.o -L/usr/local/cuda-5.5/lib64 -L/usr/local/lib/openmpi/ -lcudart -lstdc++ -o main



    Finally, you may use your application main.

    Note that, there a few important points here;

    1) In CUDA part, there is a launcher function called "launch_multiply". It is defined as extern "C", so it will be able to be called from the main code.

    2) mpicc has parameters for both cuda libraries and mpi libraries paths. Also, libcudart and libstdc++ are must.

    That's all :)



    by zgrw on 2014-02-07 20:40:31

    Server Shutdown

    Today, I have encountered an unexpected on failure on my hardware. First of all, my RaspberryPi got stuck, and when I restart it (plug in and out the cable), it wasn't able to obtain IP address for some reason.

    Due to this hardware failure on my RaspberryPi, I had to move my files to my spare RaspberryPi.

    In order to backup my server data, my webpage won't be available on Feb 5 2010 between 18:00 GMT to 20:00 GMT.

    I am still working on it to understand the problem. Sorry for any inconvenience.


    Unfortunately, I was unable to detect the problem and still working to find out. Looks like my board is dead! I will try to fix it if there is something to do.

    In order to protect my current board, I've bought a RaspberryPi cover from www.dx.com.


    by zgrw on 2014-02-05 20:44:47

    cudaMemcpyToSymbol problems

    Hello,

    I have faced with two different types of errors. Here is the solutions

    Error 1: cudaMemcpyToSymbol invalid argument

    this is because of missing arguments;

    use this;
    __constant__ int x[100];
    int x_h[100];
    cudaStatus = cudaMemcpyToSymbol(x, x_h, sizeof(int) * 100, 0, cudaMemcpyHostToDevice);

    instead of this;
    __constant__ int x[100];
    int x_h[100];
    cudaStatus = cudaMemcpyToSymbol(x, x_h, sizeof(int) * 100, cudaMemcpyHostToDevice);



    Error 2: cudaMemcpyToSymbol invalid device symbol

    This is a bit more surprising. Documentation says function definition as follows;

    cudaError_t cudaMemcpyToSymbol ( const char * symbol,
    const void * src,
    size_t count,
    size_t offset = 0,
    enum cudaMemcpyKind kind = cudaMemcpyHostToDevice
    )



    But, when you are trying to copy just 1 variable instead of the error. You don't need address of the destination (Weird :))

    Use this;
    __constant__ int x;
    int x_h;
    int x_h[100];
    cudaStatus = cudaMemcpyToSymbol(x, &x_h, sizeof(int), 0, cudaMemcpyHostToDevice);

    instead of this;
    __constant__ int x[100];
    int x_h[100];
    cudaStatus = cudaMemcpyToSymbol(&x, &x_h, sizeof(int), 0, cudaMemcpyHostToDevice);



    I hope this article be helpful for you


    by zgrw on 2013-06-29 23:53:42

    1 2 3 4 5