Tom Ryder (tejr)

Systems administrator and programmer living in New Zealand.

FA09 C06E 1B67 0CD0 B2F5  DE60 C142 86EA 77BB 8872


I maintain a blog called Arabesque, with posts mostly about Unix terminal tools. Its byline is “Systems, Tools, and Terminal Science”. People seem to like the Unix as IDE series, the Linux Crypto series, and the Vim Koans.


In February 2016, the second edition of my book Nagios Core Administrator’s Cookbook was published with Packt Publishing. It explains how to set up Nagios Core to solve various monitoring problems. The first edition reviews pretty well on Amazon. It was originally published in 2013.

I’m interested in writing more books, but probably not about Nagios Core or other monitoring tasks.


I’m particularly interested in Awk, C, Perl, and shell script programming, especially for the purposes of automation, reporting, and monitoring. I tinker with Nagios Core plugins a lot. I also still write a lot of PHP and JavaScript for work; I started my technical career as a web developer.

I publish code on my cgit instance. It varies a lot in usefulness and seriousness. I used to have some of the stuff on GitHub as username “tejr”, but I removed it all in June 2016 in favour of self-hosting. Here’s a list of some of the more interesting/useful/complete projects:

Personal scripts and configuration files for mostly command-line Unix-like tools. This is something I write about a lot on the blog. There’s quite a lot of shell scripting, configuration, and extension going on here.
Plugin for Nagios that can perform multiple NRPE checks and return a status based on the aggregated results, in a similar way to check_cluster.
Wrapper for cron(8) tasks to encrypt stdout and stderr with gpg(1) before sending to the MAILTO address. I wrote this because I sometimes see relatively sensitive information sent in cron(8) output, and often over untrusted networks.
Brick-stupid wrapper around Unix crypt(3) for quick prototyping on the command line, but definitely not production scripts and systems—go fight with mkpasswd(1) for that. It even has a man(1) page for section 1, just to annoy you when you want to look up crypt(3).
Write timed lyric files (.lrc format) for currently playing songs in Music Player Daemon to stdout.
Shell scripts for command-line interaction with a Nagios server via MK Livestatus to save the hassle of using the CGI scripts.
Shell script wrapper for tasks to send appropriate passive Nagios service checks using send_nsca. The use case for this is sending passive Nagios service checks for calls to a logical binary that you can’t or won’t edit yourself to include send_nsca interfacing. It tends to be handy to wrap around at(1) or cron(8) tasks to ensure someone’s notified if they don’t complete properly.
Shell script for easy use of the ndiff(1) program included with the Nmap suite. This is designed to be called from cron(8) to make it easy to detect changes in network services, so you can hopefully catch misconfigurations or compromises early.
Find and play media from your collection in your shell, based on a lazy keyword search wrapper around find(1).
Persistent SSH daemon setup for Debian-like systems using start-stop-daemon(8). This is designed to be used in ~/.profile as part of a user’s typical login sequence. I’ve found it handy for setting up oft-used tunnels and proxies.
Motions towards SGML (HTML, XHTML, XML) tags in the text editor Vim.


I made a few presentations on cryptography and text editing to the Palmerston North Linux Users’ Group:


I’ve contributed small patches to dodo, ngIRCd, tmux, and Vim.


There’s an an email interview with me about text editor usage patterns on How I Vim.


Free Software Foundation
Free Software Foundation


My public key is available here, over what should be a secure TLS connection in modern browsers:

pub   4096R/0xC14286EA77BB8872 2013-03-12 [expires: 2017-04-17]
      Key fingerprint = FA09 C06E 1B67 0CD0 B2F5  DE60 C142 86EA 77BB 8872
uid                 [ultimate] Thomas Ryder (tyrmored, tejr) <>
sub   4096R/0x96C2CD91E67AC61D 2013-03-12 [expires: 2017-04-17]
sub   4096R/0xB5AF5F8925926609 2013-03-12 [expires: 2017-04-17]

All of the HTML pages on this site have a detached PGP signature available in ASCII format. For example, you can check this page from a Unix shell with cURL and GnuPG like so:

$ curl -O
$ curl -O
$ gpg --verify index.html.asc index.html


Nothing on this site uses (or needs) cookies. I don’t publish a Do Not Track policy because I can’t be bothered meeting all its requirements for a simple personal site. I log requests serverside and periodically inspect them to see what people are looking at. I don’t use any form of client-side tracking. The site should be accessible via the Tor anonymity network.