For excessively paranoid client authentication.
Organization & Common Name: Some human identifier for this server CA.
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
bitraft
bitraft
/ packagist_proxy.php
Created
February 13, 2014 03:01
— forked from beberlei/packagist_proxy.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $baseUrl = "http://localhost/packagist"; | |
| $baseDir = "/var/www/packagist"; | |
| if (!file_exists($baseDir)) { | |
| echo "Base dir $baseDir for local packagist proxy does not exist\n"; | |
| exit(1); | |
| } | |
| $packagesJson = $baseDir . "/packages.json"; |
bitraft
/ gist:609a8089ce2dca4fc1d7
Last active
August 29, 2015 14:11
— forked from mtigas/gist:952344
bitraft
/ xhyverun.sh
Created
April 12, 2016 12:56
— forked from bruienne/xhyverun.sh
xhyve boot2docker sample config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| KERNEL="/path/to/vmlinuz64" | |
| INITRD="/path/to/initrd.img" | |
| #CMDLINE="earlyprintk=serial console=ttyS0 acpi=off" | |
| CMDLINE="loglevel=3 user=docker console=ttyS0 console=tty0 noembed nomodeset norestore waitusb=10:LABEL=boot2docker-data base" | |
| MEM="-m 1G" | |
| #SMP="-c 2" | |
| NET="-s 2:0,virtio-net,en0" |
bitraft
/ semiprivate.md
Created
April 25, 2016 04:05
— forked from tarcieri/semiprivate.md
Ed25519-based semi-private keys
Semi-private keys are an expansion of the traditional idea of asymmetric keys, which have a public/private keypair, to N keys which can each represent a different capability level. In the degenerate case, a semi-private key system has 3 different types of keys. These are, to use the Tahoe terminology:
- writecap: can publish new ciphertexts
- readcap: can read/authenticate ciphertexts
bitraft
/ aefd.md
Created
April 25, 2016 04:22
— forked from tarcieri/aefd.md
Authenticated Encryption for Dummies
It might seem like a silly exercise, but I was looking at the "NIST approved" algorithms in NaCl (i.e. AES, HMAC) and wondering if I could build an authenticated encryption system with them. djb lists AES-GCM as a "todo" secretbox primitive so unfortunately NaCl does not presently expose any AES-based authenticated encryption, only aes128ctr.
This is what I came up with using the algorithms available in NaCl:
A quick rundown:
Encrypt-then-MAC with AES-CTR (128-bit for now, 256-bit later!) encryption and HMAC SHA-512256 (i.e. SHA-512, truncated to 256-bits by NaCl via crypto_auth_hmacsha512256) authentication. MAC comparisons are performed using a NaCl supplied verifier function which is (hopefully!) constant time.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| #-*- coding: utf-8 -*- | |
| ''' | |
| Copyleft (c) 2015 breakwa11 | |
| https://github.com/breakwa11/shadowsocks-rss | |
| ''' | |
| import logging | |
| import socket |
bitraft
/ i7-7700k-igd-passthrough.xml
Created
April 17, 2017 13:16
— forked from kylemanna/i7-7700k-igd-passthrough.xml
KVM + QEMU IGD Passthrough with ASRock Z270 Taichi + i7-7700k
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'> | |
| <name>Win10-IGD</name> | |
| <uuid>YOUR-UUID</uuid> | |
| <memory unit='KiB'>5939200</memory> | |
| <currentMemory unit='KiB'>5939200</currentMemory> | |
| <memoryBacking> | |
| <hugepages/> | |
| </memoryBacking> | |
| <vcpu placement='static'>4</vcpu> | |
| <os> |
bitraft
/ KVM OSX Guest 10.11 (El Capitan) with Clover.md
Created
May 1, 2017 05:28
— forked from gordonturner/KVM OSX Guest 10.11 (El Capitan) with Clover.md
- Some notes about this approach:
- An OSX Installer USB drive for
Install OS X El Capitanis created - Clover is then installed on the USB drive
- Clover Configurator is then run on the USB drive
- The USB drive contents are copied to the VM host
- VNC is used to connect to the guest UI
- An OSX Installer USB drive for
- The qxl virtual video device is used (part of the standard kvm qemu install)
bitraft
/ override_for_missing_acs_capabilities.md
Last active
May 26, 2022 07:03
support kernel 4.10+
Enable overrides for missing ACS capabilities (4.10+)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index be7c0d9506b1..97081bbc9a4e 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2829,6 +2829,15 @@
nomsi [MSI] If the PCI_MSI kernel config parameter is
enabled, this kernel boot option can be used to
disable the use of MSI interrupts system-wide.
bitraft
/ VAAPI-hwaccel-encode-Linux-Ffmpeg&Libav-setup.md
Created
February 14, 2019 16:30
— forked from Brainiarc7/VAAPI-hwaccel-encode-Linux-Ffmpeg&Libav-setup.md
This gist contains instructions on setting up FFmpeg and Libav to use VAAPI-based hardware accelerated encoding (on supported platforms) for H.264 (and H.265 on supported hardware) video formats.
Using VAAPI's hardware accelerated video encoding on Linux with Intel's hardware on FFmpeg and libav
Hello, brethren :-)
As it turns out, the current version of FFmpeg (version 3.1 released earlier today) and libav (master branch) supports full H.264 and HEVC encode in VAAPI on supported hardware that works reliably well to be termed "production-ready".
OlderNewer