I hereby claim:
- I am petertonoli on github.
- I am petertonoli (https://keybase.io/petertonoli) on keybase.
- I have a public key whose fingerprint is 3EFC 12A4 88B9 4B45 68B9 20C9 F0D1 3A64 74E7 C66F
To claim this, I am signing this object:
# Puppet recipe to to install dependencies for FromThePage https://github.com/benwbrum/fromthepage under Debian 8 | |
# By Peter Tonoli (peter+fromthepage@metaverse.org) | |
package { 'apt-transport-https': ensure => 'installed' } | |
package { 'ca-certificates': ensure => 'installed'} | |
package { 'nginx-extras': ensure => 'installed'} | |
package { 'passenger': ensure => 'installed'} | |
package { 'zlib1g': ensure => 'installed'} | |
package { 'zlib1g-dev': ensure => 'installed'} | |
package { 'ruby2.1': ensure => 'installed'} | |
package { 'rubygems': ensure => 'installed'} |
#!/bin/sh | |
# For the totally paranoid. Create new 8192 bit OpenSSH moduli file! Inspired by http://entropux.net/article/openssh-moduli | |
# This will take hours, possibly days | |
ssh-keygen -G /etc/ssh/moduli.all -b 8192 | |
ssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all | |
mv /etc/ssh/moduli.safe /etc/ssh/moduli | |
rm /etc/ssh/moduli.all |
I hereby claim:
To claim this, I am signing this object:
# Select the ciphers to enable Forward Secrecy | |
ssl_prefer_server_ciphers on; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_ciphers ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES256-CGM-SHA256:ECDHE-RSA-AES256-SHA256:RC4:HIGH:!aNULL:!MD5:-LOW:-SSLv2:-EXP; | |
ssl_session_cache shared:SSL:10m; | |
ssl_session_timeout 30m; | |
# Browsers will go directly to the SSL site - cache this setting for a year | |
add_header "Strict-Transport-Security" "max-age=86400"; | |
# Enable OSCP stapling - For a faster certificate revokation check | |
resolver <ip_address_of_your_dns_server>; |