Skip to content

Instantly share code, notes, and snippets.

View lolo32's full-sized avatar

Laurent B. lolo32

  • Indre-et-Loire, France
  • 08:39 (UTC +02:00)
View GitHub Profile

Keybase proof

I hereby claim:

  • I am lolo32 on github.
  • I am lolo32 (https://keybase.io/lolo32) on keybase.
  • I have a public key whose fingerprint is 23C4 AAB8 212D 3AC4 FEB3 29EB 6D79 A5C9 0532 54EF

To claim this, I am signing this object:

@lolo32
lolo32 / gpg-ssh-setup.md
Created February 27, 2022 23:56 — forked from mcattarinussi/gpg-ssh-setup.md
A setup guide to use a personal gpg key for ssh authentication

GPG - SSH setup

Generating the master key

Here we create the master key. We want only Certify capability: we use the master key only to create the subkeys, Sign - Encrypt - Authenticate capabilities will be assigned to the subkeys.

Run the following command to start the master key generation process. Select the set your own capabilities creation process (type 8)

  ▶ gpg --full-generate-key --expert

gpg (GnuPG) 2.2.9; Copyright (C) 2018 Free Software Foundation, Inc.

@lolo32
lolo32 / 99-recommended.conf
Created May 24, 2021 17:46
Debian APT not recomended
@lolo32
lolo32 / ZFS_native_encrypted_from_Alpine.md
Last active November 4, 2020 22:47
Installer Alpine avec ZFS chiffré depuis le mode rescue avec MBR ou UEFI

Avant propos…

Dans cette page, nous allons voir comment installer Alpine Linux sur une partition ZFS chiffrée, le tout avec des commandes pour le MBR et pour le UEFI.

En bonus, des commandes afin de mettre le tout en RAID1/mirroir.

Démarrer avec l'ISO d'installation de Alpine Linux

@lolo32
lolo32 / randomize.go
Last active August 9, 2018 21:43
Fast (>100MBps) CSPRNG to randomize hard drive before encryption. Compile one time, use without any dependency everywhere with static compilation.
// Based on https://gist.github.com/aeris/2a0f9beeed94102fd0cb2a8caad964d0
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/binary"
"os"
@lolo32
lolo32 / generating_tlsa_dane.sh
Last active May 16, 2017 09:46
Creating TLSA/DANE DNS record
#!/bin/sh
# Usage Number 0 – CA specification
# Specifies the Certificate Authority (CA) who will provide TLS certificates
# for the domain. We can only say that the domain will use TLS certificates
# from a specific CA. Like we are using Geotrust as CA. It only will allow
# Geotrust. It is difficult to get a SSL/TLS certificate from Geotrust
# without being WE.
# Usage Number 1 – Specific TLS certificate
# Specifies the exact TLS certificate that should be used for the domain.
@lolo32
lolo32 / .vimrc
Last active January 12, 2017 12:45
Configuration de Vim
" Active la coloration syntaxique
syntax on
" Coloration à utiliser
colorscheme elflord
" Affichage des caractères invisibles (tabulations, espaces de fin de ligne)
set list
set listchars=trail:·,tab:»·,nbsp:%,extends:╕,precedes:╘
" Affichage des paires correspondantes
@lolo32
lolo32 / LET'S ENCRYPT SUBSCRIBER AGREEMENT
Last active July 11, 2016 15:49
LET'S ENCRYPT SUBSCRIBER AGREEMENT - Differences between releases
We couldn’t find that file to show.
From https://github.com/cloudflare/sslconfig/blob/master/patches/nginx__http2_spdy.patch
From: Lolo32
Date: Wed, 15 Jun 2016 22:35:52 +0200
Subject: [PATCH] Add SPDY support back to Nginx with HTTP/2, based on cloudflare patch
This patch was based on https://github.com/cloudflare/sslconfig/blob/master/patches/nginx__http2_spdy.patch
that is for v.0.9. It's tested and working, but need, maybe, additional tests for high load charge.
This work on v.1.10.1 and v.1.11.1 of Nginx.
---

CLang optimizations on Mac OSX

Version:

Apple LLVM version 6.0 (clang-600.0.57) (based on LLVM 3.5svn)
Target: x86_64-apple-darwin14.1.0
Thread model: posix

This was made with commands: