Skip to content

Instantly share code, notes, and snippets.

View jshen28's full-sized avatar

jshen28

12 followers · 48 following
View GitHub Profile
@jshen28
jshen28 / generate-self-signed-ca-and-sign-client.md
Last active November 5, 2018 00:32 
# generate ca key & certificate
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -sha256 -days 10000 -out ca.crt

# generate client key & csr
openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr

# sign request and get client certificate
@jshen28
jshen28 / ps-cheatsheet.md
Last active November 1, 2018 08:48

POWERSHELL CHEATSHEET

ENABLE REMOTE DESKTOP

# https://www.interfacett.com/blogs/methods-to-enable-and-disable-remote-desktop-locally/
Set-ItemProperty -Path hklm:"HKEY_LOCAL_MACHINE\SYSTEM\CurRentControlSet\Control\Terminal Server" -Name fDenyTSConnections -Value 0
@jshen28
jshen28 / configure-firewall.md
Last active October 30, 2018 05:29

CONFIGURE FIREWALLS

WINDOWS

On newer windows,

netsh advfirewall set  allprofiles state off/on

:: or equivalently
@jshen28
jshen28 / sniff-ssl-traffic.md
Last active October 30, 2018 03:35

SNIFF SSL TRAFFIC

Recently I get confused on how to sniff HTTPS traffic, I think I need a proxy and it turns out correct. I setup a proxy chain by using stunnel.

SETUP

I use two machines (which is not optimal), one is used for executing command and serving stunnel server; then other one is used for stunnel client and sniffing.

STUNNEL SERVER & CLIENT

@jshen28
jshen28 / upload-image-to-glance-by-curl.md
Last active October 29, 2018 00:18 
#!/bin/bash
set -e

source ${ENV_FILE}

# set image name
IMAGE_DEF=

# set url
@jshen28
jshen28 / git pull allow unrelated history.md
Created October 27, 2018 11:55 
# from a directory with some stuff 
# but still want to push to an existing repository
git init
git add -A
git commit -m "some rants"

git remote add origin <origin url>
git pull orgin <branch> --allow-unrelated-histories
@jshen28
jshen28 / Get router gateway network id
Last active October 25, 2018 07:21
# get router gateway external gateway network id
ROUTER_ID=
openstack router show ${ROUTER_ID} -f value -c gateway_external_info | jq '.network_id' | sed 's/"//g'
# router namespace is named in the form of qrouter-<ROUTER-ID>
# snat namespace is named with snat-<ROUTER-ID>
# fip namespace is named with fip-<EXTERNAL-NETWORK-ID>
# dvr layout
# edge node
@jshen28
jshen28 / README.md
Created October 21, 2018 09:40 — forked from smoser/README.md
MAAS and curtin debug

Debugging curtin from within MAAS

Deploying a node with MAAS cli

You can deploy a node with the maas cli which is often preferable to clicking a button on a web UI.

$ SYSTEM_ID=node-787b19d8-d25c-11e4-9f9e-00163eca91de
$ NAME="random-nodename"
$ MAASNAME="maaslocal"

$ maas $MAASNAME machine allocate "name=$NAME"

@jshen28
jshen28 / README.md
Created October 13, 2018 13:06 — forked from gdamjan/README.md
Setup for an easy to use, simple reverse http tunnels with nginx and ssh. It's that simple there's no authentication at all. The end result, a single ssh command invocation gives you a public url for your web app hosted on your laptop.

What

A lot of times you are developing a web application on your own laptop or home computer and would like to demo it to the public. Most of those times you are behind a router/firewall and you don't have a public IP address. Instead of configuring routers (often not possible), this solution gives you a public URL that's reverse tunnelled via ssh to your laptop.

Because of the relaxation of the sshd setup, it's best used on a dedicated virtual machine just for this (an Amazon micro instance for example).

Requirements

@jshen28
jshen28 / apt trick
Created September 18, 2018 08:57
# force reinstall existing packages
apt install --reinstall -y ${PAKCAGE}