Random numbers with bash

I needed to get some quick random numbers that would represent a time on the form HH:SS. In my case the time should be between 10:00 and 12:55.

I did this in bash with:

#!/bin/bash
# If the random number is 1, then LAST-number is set to 0.
# Else it would be set to 5.
if [ $(( $RANDOM % 2 )) -eq 1 ];then
  LAST=0
else
  LAST=5
fi

# Print a number between  10 or 12,
# then a semicolon, then a number between 0-5,
# and finally either 0 or 5.
echo "0"$(( $RANDOM % 2 + 10 ))":"$(( $RANDOM % 6 ))$LAST

Authenticate Postgresql client agains backend ldap

We have a Postgresql server open to many different people at our organization. In order to add a ldap authentication you can add these 3 lines to your current pg_hba.conf file:

host all username    127.0.0.1/32       ldap ldapserver="ourserver.uib.no" ldapbasedn="ou=people,dc=uib,dc=no"
host all username    129.177.XXX.YYY/32 ldap ldapserver="ourserver.uib.no" ldapbasedn="ou=people,dc=uib,dc=no"
local all username                      ldap ldapserver="ourserver.uib.no" ldapbasedn="ou=people,dc=uib,dc=no"

where the first one will allow users that access the server from localhost (either from a shell or 127.0.0.1 connections). The second line is allowing a computer from the following IP adresse: 129.177.XXX.YYY.

Finally the last line will use ldap backend for local connections. That means a Linux user that logged in with SSH, will still be validated agains the ldap server, regardless of local password.

Remember this is only authentication, so you have to add the username to Postgresql database anyway (hint: use createuser command).

If you want to allow a user to connect remotely over web, remember to use SSL in the webserver, HTTPS, so that the password is not transmittet un-encrypted.

Note also:  This is also only LDAP, not LDAPS connections. So data going from the Postgresql server to the ldap is not encrypted. In short: Keep the distance between the postgresql server and the LDAP server short, or try to implement LDAPS, which I did, where I failed, so far…