Friday, 8 March 2013

Flax Bread Recipe (Gluten-Free)


There are lots of recipes for gluten-free (GF) bread out there, but they are typically made with white rice and tapioca starch along with a tiny bit of some grain. So little grain that it would seem that it is just for colour, or as a gesture towards good nutrition. The store bought breads are the worst for this; take a look at a 'whole grain' GF bread in the supermarket some time and see how far down the list something containing fiber occurs. So, I've been experimenting with different GF yeast leavened bread recipes for a while to make something that compares with the nutrition and flavour of my dad's whole wheat bread recipe.


I like this bread a lot because it ends up with a nice nutty flavour from the flax. Also, It holds together pretty well, stays moist and doesn't crumble when you look at it. This recipe is meant to be a fairly heavy, nutritious and solid bread but it does rise a fair bit with the yeast as leavening agent.


125 ml rice, whole white
125 ml flax, whole seed
125 ml rice, whole brown
125 ml sorghum Flour
1/2 tsp xanthan Gum
1 tsp salt
1 tablespoon yeast
2 tablespoons brown sugar
190 ml water (warm)
2 egg
1/4 cup olive oil


First I ground my flax and rice in the Vitamix to start the flour mixture, and then mixed in the xanthan, sorghum, and salt.

In another bowl mix the sugar and warm water (41C to 46C) until the sugar is dissolved and then add the yeast.

In another small bowl beat the eggs together; once the yeast has begun rising stir in the eggs and olive oil and add to the dry ingredients.

Next, oil a loaf pan and place the dough in it. Like most gluten-free doughs it will be too sticky to need the way you would a wheat dough, but it should be nearly the same consistency at this point.

Now, heat your oven to 200C (~400F) and set the dough aside to rise for about 25 minutes.

Put it in the oven to bake for about 40 minutes.

Tuesday, 5 March 2013

RPi Remote Access Using SSH

Secure Shell (SSH) is a remote communication tool that uses cryptographic methods to create a secure connection between two computers. Your local computer needs to have a client which supports the SSH protocol and the remote host, the computer you want to control needs to have a server that also supports the protocol. This security protocol uses a public and private key pair in order to encrypt information before sending it between the client and the server.

From now on I will refer to the local host (my desktop) as the client, and the remote host (the RPi) as the server. The pair of encryption keys is composed of a public key and a private key; the client keeps copies of both and exposes only the public key, which is sent to the server. Some further authentication is used when the client and server devices first communicate through the use of a hash code. You can also protect the keys on your client through the use of a password that is set when the keys are first created; but this would be overkill in my case.

The client I am using for all of my secure connection needs is called Bitvise, it works very well and is free to use; you can obtain a copy here. The Raspberry Pi (RPi) 'Wheezy' OS comes with an SSH server installed.

We need to generate a key-pair for our use, and this can be done directly within Bitvise using the key-pair manager. On the Login tab click on the User keypair manager link and hit the Generate new button. I created a key-pair using the ssh-rsa format with a 2048 bit length and no pass-phrase.

We are also going to need the IP address of the server, this can be accomplished by using the command ifconfig at the command prompt. This same command provides a number of functions for the ethernet adapter settings, if you ever want additional instructions for a particular command you can often use the --help parameter (for example ifconfig --help).

Now we can connect to the server by setting up the Bitvise login tab with these parameters:

host: <serversipaddress>
port: 22
Username: pi
Initial method: password
Password: <yourpassword>

The server will then provide a key in order to verify that you are communicating with the correct server, since I highly doubt someone has hacked through my firewall this morning I'll just Accept for this session without checking the signature (hash). When the connection is established it opens both a terminal window and a secure file transfer protocol (SFTP) window .

Now we can remove the default ssh keys that came with the OS and then regenerate them (this improves our security). In order to remove all the keys at once we run the rm command using a partial file name (using the elements that the file names have in common) and a 'wild card' as seen in the image below. To regenerate the servers keys we then run dpkg-reconfigure on the openssh-server.

Note: all of these commands must be run as a super user (using the sudo command), it's equivalent in windows is to Run as administrator.

Next we need to add our public key to a file containing our user's authorized keys (in this case the user is pi and the home directory is  /home/pi). There are a number of steps involved in doing this:
  1. hit the Export button within the key-pair manager and save the file locally in OpenSSH format.
  2. copy the public key over to the users home folder using SFTP
  3. make a directory to house the ssh keys for user pi as shown below (mkdir).
  4. modify the file permissions (chmod) so that the owner has read/write and execute permissions (700)
  5. add the text from the key file to the end of the authorized_keys file (cat).
  6. modify permissions of the authorized_keys file so that only the owner can read and write to the file (600).
  7. and finally move (mv) the new key into the .ssh folder. 
Note: the ~ symbol denotes the current users home directory so ~/ can be taken as /home/pi/

This procedure can be repeated as the root user. For both safety and security reasons, it is best to always install and modify things using a non-root account. However, sometimes a program or service will need to be installed and configured while logged in as root.

Now that everything is configured correctly we can log out of our session on Bitvise and log back in by selecting Initial method publickey and choosing the slot where your key resides. You can also re-save your profile in Bitvise and from now on all you need to do is load that profile and hit the login button.

I find security a fascinating topic and I'm interested in learning more about this type of security in the future, but for now I'm satisfied with learning how to use it.
If you would like to learn more about it, in the guise of pure entertainment, there is a great teen novel by Cory Doctorow called Little Brother. In the novel he offers a simplified explanation of some authentication and encryption techniques, and weaves it into the story.

Here is a great Wikipedia article on the topic

There are a number of simple configuration changes we can make to improve security, but we'll save those for a follow up post.