Skip to content

Instantly share code, notes, and snippets.

View Snawoot's full-sized avatar

Snawoot

282 followers · 1 following
  • Odessa, Ukraine
View GitHub Profile
@dojoe
dojoe / dkms-module-signing.md
Last active April 24, 2024 18:50
Make DKMS sign kernel modules on installation, with full script support and somewhat distro independent

On systems with UEFI Secure Boot enabled, recent Linux kernels will only load signed modules, so it's about time DKMS grew the capability to sign modules it's building.

These scripts are extended and scriptified variants of https://computerlinguist.org/make-dkms-sign-kernel-modules-for-secure-boot-on-ubuntu-1604.html and https://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur/768310#768310 and add some error checking, a passphrase around your signing key, and support for compressed modules.

dkms-sign-module is a wrapper for the more generic sign-modules which can also be used outside of DKMS.

Installation

  1. Create a directory under /root, say /root/module-signing, put the three scripts below in there and make them executable: chmod u+x one-time-setup sign-modules dkms-sign-module
@MawKKe
MawKKe / cryptsetup-with-luks2-and-integrity-demo.sh
Last active April 29, 2024 21:19
dm-crypt + dm-integrity + dm-raid = awesome!
#!/usr/bin/env bash
#
# Author: Markus (MawKKe) ekkwam@gmail.com
# Date: 2018-03-19
#
#
# What?
#
# Linux dm-crypt + dm-integrity + dm-raid (RAID1)
#
@polonskiy
polonskiy / encrypted-git-repo.md
Created February 7, 2018 12:13
Transparent Git Encryption

Transparent Git Encryption

This document has been modified from its [original format][m1], which was written by Ning Shang (geek@cerias.net). It has been updated and reformatted into a [Markdown][m2] document by [Woody Gilk][m3] and [republished][m4].

Description

When working with a remote git repository which is hosted on a third-party storage server, data confidentiality sometimes becomes

@unakatsuo
unakatsuo / raw_udp4.go
Last active April 17, 2024 12:51
Send UDP packet using Linux raw socket.
// +build linux
package main
import (
"fmt"
"net"
"os"
"syscall"
@PurpleBooth
PurpleBooth / Dockerfile
Last active March 21, 2024 09:33
Create a static binary in go and put it in a from scratch docker container
FROM golang:1.9
WORKDIR /go/src/github.com/purplebooth/example
COPY . .
RUN go build -ldflags "-linkmode external -extldflags -static" -a main.go
FROM scratch
COPY --from=0 /go/src/github.com/purplebooth/example/main /main
CMD ["/main"]
@gravitylow
gravitylow / codesign_gdb.md
Last active April 16, 2024 02:18 — forked from hlissner/codesign_gdb.md
Codesign gdb on macOS

If you are getting this in gdb on macOS while trying to run a program:

Unable to find Mach task port for process-id 57573: (os/kern) failure (0x5).
 (please check gdb is codesigned - see taskgated(8))
  1. Open Keychain Access
  2. In menu, open Keychain Access > Certificate Assistant > Create a certificate
  3. Give it a name (e.g. gdbc)
@miekg
miekg / udpserv.go
Created May 10, 2017 09:29
Simple udp server in Go
package main
import (
"log"
"net"
)
func main() {
// listen to incoming udp packets
pc, err := net.ListenPacket("udp", ":1053")
@brandond
brandond / sslscan.py
Created March 25, 2017 09:02
Stupid simple Python SSL certificate chain scanner
#!/usr/bin/env python
from __future__ import print_function
import sys
import socket
import requests
import datetime
from OpenSSL import SSL, crypto
@Brainiarc7
Brainiarc7 / ffmpeg-livestream-to-streaming-sites-vaapi-nvenc.md
Last active April 21, 2024 04:22
ffmpeg livestreaming to youtube via Nvidia's NVENC and Intel's VAAPI on supported hardware

Streaming your Linux desktop to Youtube and Twitch via Nvidia's NVENC and VAAPI:

Considerations to take when live streaming:

The following best practice observations apply when using a hardware-based encoder for live streaming to any platform:

  1. Set the buffer size (-bufsize:v) equal to the target bitrate (-b:v). You want to ensure that you're encoding in CBR mode.

  2. Set up the encoders as shown:

@jim3ma
jim3ma / http_proxy.go
Created January 25, 2017 02:11
Register Dialer Type for HTTP&HTTPS Proxy in golang
package main
import (
"bufio"
"fmt"
"net"
"net/http"
"net/url"
"crypto/tls"