fail2ban. Info can be found here: http://amazonlinuxami.wordpress.com/2012/10/08/fail2ban/. In particular, this is slightly trickier than usual, since it's not the usual yum software set.sudo yum --enablerepo=epel install fail2ban
| # This is a pretty generic short-circuiter class that makes it | |
| # convenient to error out of an iced function on the first error | |
| # to occur. | |
| # | |
| # It assumes that every callback is of the form (err, otherstuff...) | |
| # More general classes are possible using the same technique though. | |
| # | |
| class ErrorShortCircuiter | |
| constructor : (@cb) -> | |
| # Cryptographic blinding: compute random r, | |
| # r_e <- r^e mod n | |
| # and x <- x*r_e mod n | |
| n = @pub.n | |
| await SRF().random_zn n, defer r | |
| r_inv = r.modInverse(n) | |
| r_e = r.modPow(@pub.e,n) | |
| x_1 = x.multiply(r_e).mod(n) | |
| # calculate xp and xq |
One problem we all now realize about the SSH authorized keys system is that from the server administrator's perspective, there's no way to know how the corresponding private keys are kept. Maybe they are unencrypted. Maybe they are guarded with weak passphrases. Maybe they are stored on comprimised machines.
At the same time, developers need remote access, whether they are telecommuting or fixing an emergency bug in the middle of the night. And remote access should not mean typing your password (or an OTP) for every remote shell that's required.
Here is a system that you can hack together to solve these problems in tandem.
| type Wrapper struct { | |
| fd int | |
| } | |
| func open(s string) *Wrapper { | |
| return &Wrapper{ openPipe(s); } | |
| } | |
| func (w *Wrapper) Close() { | |
| Close(w.fd) |
| @namespace("foo.1") | |
| protocol bar { | |
| enum BoopType { | |
| NONE_0, | |
| BURN_1, | |
| BILLY_2, | |
| TILLY_3 | |
| } |
| @namespace("shit.1") | |
| protocol bar { | |
| enum Types { | |
| NONE_0, | |
| BOZO_1, | |
| BIPPY_2, | |
| AGGLE_3, | |
| FLAGGLE_4 |
It's been a real challenge to continuously merge my IcedCoffeeScript branch with the CoffeeScript mainline. The more progress Jeremy and the team make in master, the harder a time I have in the branch. The core issue here is the the iced transform is quite deep. It's doing a CPS translation of the entire abstract syntax tree, rendering the emitted code all but unrecognizable if iced features are at play.
Whenever ES6 is ready for primetime, yield and generators can do all of this heavy lifting, meaning
the ICS patch can much simpler. Here's an example that I hand-coded. The input is the first file
input.iced, which does basic ICS loops and if/else control flow exercises. The hypothetical output
| record Cat { | |
| map<Blurp,Noozle> bird; | |
| map<Noozle> bee; | |
| map<Blurp,array<Noozle>> birds; | |
| map<Blurp,int> pickles; | |
| map<string,int> penny; | |
| map<int,string> pa; | |
| array<map<Blurp,array<Noozle>>> wow; | |
| } |
As part of this verification process, I am signing this object and posting as a gist as github user maxtaco
{
"body": {
"key": {
"fingerprint": "8efbe2e4dd56b35273634e8f6052b2ad31a6631c",
"host": "keybase.io",