- Install GPG4Win.
- Start up Kleopatra (a UI tool from 1) and make sure your YubiKey is loaded there.
- You can also add GPG4Win to Startup folder using a link with this Target:
This will only load the agent at Startup, and you won't be bothered by any UI or tray agent."C:\Program Files (x86)\GnuPG\bin\gpg-connect-agent.exe" /bye
- You can also add GPG4Win to Startup folder using a link with this Target:
- Download wsl2-ssh-pageant into your Windows
%userprofile%/.sshdirectory (Windows dir is important for performance).
Denis Loginov dinvlad
dinvlad
/ Yubikey GPG inside WSL2.md
Created
December 15, 2021 20:55
dinvlad
/ pre_request.js
Last active
April 11, 2024 02:57
Auto-generate Google Access and ID tokens from a Service Account key and save it in Postman
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* This script auto-generates a Google OAuth token from a Service Account key, | |
| * and stores that token in accessToken variable in Postman. | |
| * | |
| * Prior to invoking it, please paste the contents of the key JSON | |
| * into serviceAccountKey variable in a Postman environment. | |
| * | |
| * Then, paste the script into the "Pre-request Script" section | |
| * of a Postman request or collection. | |
| * | |
| * The script will cache and reuse the token until it's within |
dinvlad
/ retries.ts
Last active
February 2, 2024 16:18
Retries with exponential backoff and jitter for idempotent background Google Cloud Functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // one can also use Google Cloud Firestore library, | |
| // with a slight change in semantics | |
| import { firestore } from 'firebase-admin'; | |
| import { EventContext, runWith } from 'firebase-functions'; | |
| import { promisify } from 'util'; | |
| const eventCollection = 'function-events'; | |
| enum EventStatus { | |
| RUNNING = 'running', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ trufflehog filesystem . --debug --trace | |
| 2023/06/28 15:53:38 [updater parent] run | |
| 2023/06/28 15:53:38 [updater parent] checking for updates... | |
| 2023/06/28 15:53:39 [updater parent] failed to get latest version: Post "https://oss.trufflehog.org/updates": stopped after 10 redirects | |
| 2023/06/28 15:53:39 [updater parent] starting /usr/local/bin/trufflehog | |
| 2023/06/28 15:53:40 [updater child#1] run | |
| 2023/06/28 15:53:40 [updater child#1] start program | |
| 2023-06-28T15:53:40-04:00 info-2 trufflehog trufflehog 3.40.0 | |
| 2023-06-28T15:53:40-04:00 info-2 trufflehog engine started {"workers": 16} | |
| 2023-06-28T15:53:40-04:00 info-0 trufflehog loaded decoders {"count": 3} |
dinvlad
/ get-aws-token
Created
October 25, 2016 23:32
Get session token for virtual MFA-enabled actions through AWS CLI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Thanks to MattJ at: | |
| # http://www.brassmill.net/2015/10/using-the-aws-cli-with-roles-security-token-service-and-mfa/ | |
| # | |
| # User must have 'iam:GetUser' permission on themselves that doesn't require MFA | |
| [ -z $1 ] && echo "Please enter your MFA code" && exit 1 | |
| user=$(aws iam get-user \ |
dinvlad
/ gist:7d2f505c56bffb9e743c2ce8f4b2a746
Created
August 22, 2022 21:43
Trufflehog hangs indefinitely on scanning a Jupyter notebook
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ trufflehog git https://github.com/dinvlad/pyro-cov.git \ | |
| --branch bkotzen-CEPI --max-depth 2 \ | |
| --since-commit 9cd031577750f88648a0cee5f8d6ed781f717c6b --trace | |
| DEBU[0000] running version dev | |
| DEBU[0000] running version dev | |
| DEBU[0000] running with up to 1 workers | |
| DEBU[0000] loaded 2 decoders | |
| DEBU[0000] loaded 694 detectors total, 694 with verification enabled. 0 with verification disabled | |
| DEBU[0000] Cloning remote Git repo without authentication |
dinvlad
/ filesystem_vs_git_local.txt
Last active
August 10, 2022 15:52
Truffelhog not detecting AWS secrets, with or without -max-depth 1 option
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ trufflehog filesystem --directory . --trace | |
| DEBU[0000] running version dev | |
| DEBU[0000] running version dev | |
| DEBU[0000] running with up to 32 workers | |
| DEBU[0000] loaded 2 decoders | |
| DEBU[0000] loaded 694 detectors total, 694 with verification enabled. 0 with verification disabled | |
| 🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷 | |
| Found unverified result 🐷🔑❓ | |
| Detector Type: AWS |
dinvlad
/ cloudrun.jinja
Created
September 6, 2019 15:51
Create Cloud Run Service through Deployment Manager
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {% set PROJECT = env['project'] %} | |
| {% set REGION = properties['region'] | default('us-east1') %} | |
| {% set PARENT = 'projects/' + PROJECT + '/locations/' + REGION %} | |
| {% set PREFIX = env['deployment'] %} | |
| {% set CLOUDRUN_TYPE_PROVIDER = PREFIX + '-provider' %} | |
| {% set CLOUDRUN_SERVICE_TYPE = PROJECT + '/' + CLOUDRUN_TYPE_PROVIDER + ':projects.locations.services' %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| import hmac | |
| import os | |
| from time import time | |
| from flask import Request, abort | |
| SLACK_SIGNING_SECRET = os.environ['SLACK_SIGNING_SECRET'] |
dinvlad
/ terraform-init.sh
Last active
May 10, 2020 01:29
Script to configure encrypted GCS backend and GCP project-specific .tfvars for Terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # define GCP project and GCS bucket backend for Terraform state | |
| GCP_PROJECT="$1" | |
| BACKEND_BUCKET="${2:-${GCP_PROJECT}-terraform}" | |
| # create versioned bucket if it doesn't exist, skip otherwise | |
| if gsutil mb -p "${GCP_PROJECT}" "gs://${BACKEND_BUCKET}" ; then |
NewerOlder