// generate rsa pub from priv
$ openssl rsa -in ~/.ssh/foo -pubout > foo.pub
// format that to ssh-rsa from the pubout
$ ssh-keygen -f ~/.ssh/foo.pub -i -mPKCS8 > bar.pub
// for some reason you can't redirect to the file being read in
$ mv bar.pub foo.pub
Joe Kirwin joekir
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu | |
| CERTNAME=cert.pem | |
| KEYNAME=key.pem | |
| COMBINED=certs_and_key.pem | |
| openssl req -x509 -newkey rsa:1024 -keyout ${KEYNAME} -out ${CERTNAME} -days 365 -subj '/CN=localhost' -passout pass:foobar | |
| openssl rsa -in ${KEYNAME} -out ${KEYNAME} -passin pass:foobar |
joekir
/ sshPubFromGenericPriv.md
Last active
October 5, 2018 22:59
reminder on how to gen rsa pub from priv and export to ssh pub
joekir
/ MurmurHash3Test.java
Last active
April 7, 2018 23:01
Code snippets for blog https://josephkirwin.com/2018/04/07/z3-hash-inversions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class MurmurTest { | |
| public static void main(String args[]){ | |
| byte[] data = { 90, 1, 2, 44}; | |
| System.out.format("0x%x\n", murmurhash3_x86_32(data, 0, data.length, 0xefef)); | |
| } | |
| /* | |
| * This is verbatim from: | |
| * https://raw.githubusercontent.com/yonik/java_util/master/src/util/hash/MurmurHash3.java | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .SILENT: | |
| FILES = main.c | |
| OUT_BIN = out | |
| build: $(FILES) | |
| # https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html | |
| gcc -Werror=all -Werror=conversion -Werror=stack-protector \ | |
| -Werror=pointer-sign -Werror=cast-align -Werror=cast-qual \ | |
| -Wextra -Werror=format-security -Wfatal-errors -o $(OUT_BIN) $(FILES) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import "fmt" | |
| func main() { | |
| const big int = 0x7FFFFFFF/2 | |
| s := [big]int{3} | |
| fmt.Println(s[big-1]) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| if [ -z "$1" ]; then | |
| echo please provide the input qr content file name | |
| exit 1 | |
| fi | |
| qrencode -s 10 -d 10000 -o test.png `cat $1 | radamsa` && display test.png |
Cloud Setup
- Using sshd_conf from my other place configure a bastion to run on 2 ports
- use the other random port to help you set all this up!
- expose them on GCP
- also expose udp/62201 for the knock (62201 is the default, but you can change in the config)
- on a debian instance install
fwknop-server - configure ip tables as follows:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Port <some high port> | |
| PermitRootLogin no | |
| PubkeyAuthentication yes | |
| IgnoreRhosts yes | |
| PasswordAuthentication no | |
| PermitEmptyPasswords no | |
| ChallengeResponseAuthentication no | |
| X11Forwarding no | |
| PrintMotd no | |
| PrintLastLog yes |
NewerOlder