jimdigriz

Example of how to glue pyspengo to ldap3 to pull off a GSS-SPNEGO authentication.

. /path/to/your/env_configuration
export LDAP_HOST LDAP_HOST_CA LDAP_USERNAME LDAP_PASSWORD
python ldap-auth-ntlm.py

jimdigriz

FreeRADIUS supports using salted hashes for user authentication but there is very little material on how to generate these OpenLDAP style hashes.

When using an SQL backend for your user management it really is useful to have an SQL statement that can create these salted hashes for you which is what this snippet provides below:

• insert.sql: adds a new user to your radcheck table
• update.sql: updates the password for an existing user in your radcheck table

Remember to replace the username (bob) and password (hello) in your prepared statements with templated parameters.

N.B. FreeRADIUS for [some awful reason (there are no good reasons!) records the users plaintext password by default in radpostauth](https://github.com/FreeRADIUS/freeradius-server/blob/v3.

jimdigriz

I wanted to be able to use AWS GetCallerIdentity in a Lambda function but without having to import all of the AWS CLI (and Python runtime) in order to do so.

This involves the AWS Signature Version 4 Signing Process which a lot of online examples made look pretty complicated and were really hard to follow, so I decided to make the situation worse by adding my own implementation to the tirefire!

To use this you need at least AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, but otherwise just run the script. The example shows how to request temporary security credentials and you can use that reponse to populate the environment variables manually when calling the script:

aws sts get-session-token --duration-seconds 900

e