Jauder Ho jauderho

## gist:67ff70804f21d88bd66e69d84e5d8783
#!/bin/sh
#
# from https://forum.openwrt.org/t/openwrt-23-05-0-rc1-first-release-candidate/162544/27
#
# auc will not work as-is to upgrade from 22.03 to 23.05 due to the mbedtls switch
# therefore, we need to first switch from wolfssl to mbedtls while on 22.04 before using auc
#

cd /root || exit
opkg update

## gist:6b7d42030e264a135450ecc0ba521bd8
### WARNING: READ CAREFULLY BEFORE ATTEMPTING ###
#
# Credit to anfractuosity and fgimenezm for figuring out additional details for kernels
#

# Make sure everything is up-to-date
sudo apt-get update && sudo apt-get dist-upgrade

# Point to bookworm repos instead
sudo sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list

## gist:d48141e2ce46c288a1ca4daaf4662c42
# https://grimminck.medium.com/building-a-threat-intelligence-feed-using-the-twitter-api-and-a-bit-of-code-5787808e32ef
# https://news.ycombinator.com/item?id=31544816

curl https://twitter.threatintel.rocks/ --silent | jq -r '.malicious_urls | .[]' | sort -u | grep -v …

## gist:fac23f45196860a3a7f4413ff139f859
#!/bin/bash

  # Retries a command a with backoff.
  #
  # The retry count is given by ATTEMPTS (default 100), the
  # initial backoff timeout is given by TIMEOUT in seconds
  # (default 5.)
  #
  # Successive backoffs increase the timeout by ~33%.
  #

## prodfiler-compose.yml

services:
    prodfiler:
        container_name: prodfiler
        image: optimyze/pf-host-agent:release-1.0.0
        privileged: true
        pid: host
        command: ["/root/pf-host-agent", "-t", "all"]
        environment:
          - PRODFILER_PROJECT_ID=${PRODFILER_PROJECT_ID}

## Public time servers with anycast NTP support.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              0 stars
            
          
                jauderho
                / Public time servers with anycast NTP support.md
            
            
              Last active
              September 8, 2021 15:43
            
              
                This is a curated list of NTP time servers that have anycast IP addresses. This is useful for devices/appliances that can only use IP addresses for defined NTP servers.
              
          
      View Public time servers with anycast NTP support.md
  
      
    Cloudflare (AS13335)

server 162.159.200.123
server 162.159.200.1

Facebook (AS32934)

server 129.134.28.123 # SJC


## Time Servers with NTS support.md

      
              1 file
            
          
              2 forks
            
          
              30 comments
            
          
              33 stars
            
          
                jauderho
                / Time Servers with NTS support.md
            
            
              Last active
              November 22, 2023 16:26
            
              
                A curated list of NTP time servers that support NTS
              
          
      View Time Servers with NTS support.md
  
      
    *** ALERT ***
This gist has migrated to the repo below.
Please submit new entries as pull requests to https://github.com/jauderho/nts-servers.
Initial source: https://docs.ntpsec.org/latest/NTS-QuickStart.html

  
## gist:2b04da39d8a4a359ab0c59793d079d93
IMAGE                                                                     CREATED        CREATED BY                                                                                                                                  SIZE      COMMENT
sha256:b78927657a42e26b8cac0b9b8e0a4db006f2d570178f029fd6b1bff015dab4a8   2 weeks ago    /bin/bash -c #(nop)  SHELL [/bin/bash -c]                                                                                                   0B
<missing>                                                                 2 weeks ago    /bin/sh -c #(nop)  HEALTHCHECK &{["CMD-SHELL" "dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1"] "0s" "0s" "0s" '\x00'}                0B
<missing>                                                                 2 weeks ago    /bin/sh -c #(nop)  LABEL url=https://www.github.com/pi-hole/docker-pi-hole                                                                  0B
<missing>

## secure ssh
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
Ciphers chacha20-poly1305@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com

## PAT

PAT="mypat123"
REPO_URL="https://myorg@dev.azure.com/myorg/myrepo/_git/myrepo"
AUTH=$(echo -n ":$PAT" | openssl base64 | tr -d '\n')
git config --global http.$REPO_URL.extraHeader="Authorization: Basic $AUTH"

git -c http.$REPO_URL.extraheader="Authorization: Basic $AUTH" clone $REPO_URL --no-checkout --branch master
	#!/bin/sh
	#
	# from https://forum.openwrt.org/t/openwrt-23-05-0-rc1-first-release-candidate/162544/27
	#
	# auc will not work as-is to upgrade from 22.03 to 23.05 due to the mbedtls switch
	# therefore, we need to first switch from wolfssl to mbedtls while on 22.04 before using auc
	#

	cd /root \|\| exit
	opkg update
	### WARNING: READ CAREFULLY BEFORE ATTEMPTING ###
	#
	# Credit to anfractuosity and fgimenezm for figuring out additional details for kernels
	#

	# Make sure everything is up-to-date
	sudo apt-get update && sudo apt-get dist-upgrade

	# Point to bookworm repos instead
	sudo sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list
	# https://grimminck.medium.com/building-a-threat-intelligence-feed-using-the-twitter-api-and-a-bit-of-code-5787808e32ef
	# https://news.ycombinator.com/item?id=31544816

	curl https://twitter.threatintel.rocks/ --silent \| jq -r '.malicious_urls \| .[]' \| sort -u \| grep -v …
	#!/bin/bash

	# Retries a command a with backoff.
	#
	# The retry count is given by ATTEMPTS (default 100), the
	# initial backoff timeout is given by TIMEOUT in seconds
	# (default 5.)
	#
	# Successive backoffs increase the timeout by ~33%.
	#

	services:
	prodfiler:
	container_name: prodfiler
	image: optimyze/pf-host-agent:release-1.0.0
	privileged: true
	pid: host
	command: ["/root/pf-host-agent", "-t", "all"]
	environment:
	- PRODFILER_PROJECT_ID=${PRODFILER_PROJECT_ID}
	IMAGE CREATED CREATED BY SIZE COMMENT
	sha256:b78927657a42e26b8cac0b9b8e0a4db006f2d570178f029fd6b1bff015dab4a8 2 weeks ago /bin/bash -c #(nop) SHELL [/bin/bash -c] 0B
	<missing> 2 weeks ago /bin/sh -c #(nop) HEALTHCHECK &{["CMD-SHELL" "dig +norecurse +retry=0 @127.0.0.1 pi.hole \|\| exit 1"] "0s" "0s" "0s" '\x00'} 0B
	<missing> 2 weeks ago /bin/sh -c #(nop) LABEL url=https://www.github.com/pi-hole/docker-pi-hole 0B
	<missing>
	KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org
	HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
	Ciphers chacha20-poly1305@openssh.com
	MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com

	PAT="mypat123"
	REPO_URL="https://myorg@dev.azure.com/myorg/myrepo/_git/myrepo"
	AUTH=$(echo -n ":$PAT" \| openssl base64 \| tr -d '\n')
	git config --global http.$REPO_URL.extraHeader="Authorization: Basic $AUTH"

	git -c http.$REPO_URL.extraheader="Authorization: Basic $AUTH" clone $REPO_URL --no-checkout --branch master