- Generate your master key only on an air-gapped PC booted from a live Linux distribution on a bootable USB drive
- Generate your master key only with only the CERTIFY action
- Add separate subkeys for SIGN, ENCRYPT, and AUTHENTICATE actions
- Set an expiration date for all subkeys
- Export your secret master key in ASCII armored output
- Do not transfer your secret master and subkeys to a hardware authentication device UNTIL you have exported them in ASCII armored output
- Export your secret subkeys in ASCII armored output
- Store your exported secret master and subkeys offline, never on a PC with network access
John Ciardullo ciardullo-apps
ciardullo-apps
/ README.md
Last active
December 9, 2023 14:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- ------------------------ | |
| -- Demonstrates SQL statements in MySQL, such as | |
| -- Subqueries | |
| -- Aggregate functions | |
| -- GROUP BY and HAVING | |
| -- JOINS | |
| -- | |
| -- PM me for a link to see additional Chinook queries that demonstrate the following: | |
| -- Advanced Subqueries | |
| -- Advanced JOIN and GROUP BY |
ciardullo-apps
/ README.md
Last active
August 23, 2021 21:17
How to deploy self-signed certificates using a self-certifying authority
If you want to use encrypted connections for a host that you control, you need a TLS certificate. You can create a self-signed TLS certificate, but unless it has been signed by a Certifying Authority (like Verisign), you'll see a browser warning that the site is not secure. Here, you'll learn how to become your own certifying authority for hosts used internally.
A better approach is to become your own local Certifying Authority. Here, you'll learn how to become your own certifying authority for hosts used internally.
Your browser will not trust a certificate that has not been signed by a Certifying Authority. You'll need a root certificate with a private key in order to employ a certifying authority to sign your certificates for use by your host's server processes, like a web server or app server. In this order, do the following:
- Generate a private key. You'll be prompted for a passphra
ciardullo-apps
/ gist:dea3df181d052206e9c6ea84b7f6ecc4
Created
August 28, 2019 21:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Verifying my Blockstack ID is secured with the address 15LJcxzsM2nuPfj2JpnN9vec53KPw1UMhK https://explorer.blockstack.org/address/15LJcxzsM2nuPfj2JpnN9vec53KPw1UMhK |