Install the OpenSSL on Debian based systems
sudo apt-get install openssl
#!/usr/bin/python | |
""" | |
Python script to create a Connect-Connect tunnel. For those times ncat/socat can't be put on the box and python is available.. | |
Author: Etienne Stalmans <etienne@sensepost.com> | |
Version: 1.0 (22_01_2015) | |
Usage: python pyforw.py <targetIP> <targetPort> <jumpbox> <jumpboxPort> | |
python pyforw.py 10.1.1.1 3389 179.0.0.100 8081 | |
""" | |
from socket import * |
set -e | |
SUBJ="/C=US/ST=Texas/L=Austin/O=The VirtualGL Project/OU=Software Development/" | |
# Fake Server CA | |
openssl genrsa -out ca_server.key 2048 | |
openssl req -new -newkey rsa:2048 -nodes -out ca_server.csr -keyout ca_server.key -subj "$SUBJ""CN=VeNCryptFakeServerCA" | |
openssl x509 -req -days 3650 -startdate -enddate -in ca_server.csr -signkey ca_server.key -out ca_server.crt | |
rm -f *.csr *.srl |
# Create strong LUKS key | |
openssl genrsa -out /root/luks.key 4096 | |
chmod 400 /root/luks.key | |
# Fill random data to the device | |
shred -v --iterations=1 /dev/xvdb | |
# Format device | |
echo "YES" | cryptsetup luksFormat /dev/xvdb --key-file /root/luks.key |
### | |
# Proxmox or other server kernel params cheap tune and secure. | |
# Try it if you have heavy load on server - network or memory / disk. | |
# No harm assumed but keep your eyes open. | |
# | |
# @updated: 2020-02-06 - more params used, adjust some params values, more comments on params | |
# | |
### NETWORK ### |
Use mksquashfs
to create a compressed image from a directory. Depending on how compressible the files are you could put on much more than 4.7 GB on a single disc.
mksquashfs /path/to/my/directory image.sqfs
You can use a different compression algorithm with e.g. -comp zstd
or append multiple times to one archive to fill it up to almost the allowable size.