I hereby claim:
- I am rmrfslashbin on github.
- I am rmrfslashbin (https://keybase.io/rmrfslashbin) on keybase.
- I have a public key ASCcgFp0cp9qksvUqIs9i9iaiMscJkzD-mRGYbeLpCHGiQo
To claim this, I am signing this object:
Robert Sigler rmrfslashbin
Sometimes /dev/urandom sounds nice.
$ cat /dev/urandom | padsp tee /dev/audio > /dev/null
What about /boot?
$ sudo cat /dev/nvme0n1p2 | padsp tee /dev/audio > /dev/null
These are some rough notes for deploying a test/dev local CA, a server key/cert, and a client key/cert. The intention is to provide a quick and dirty (don't use in production) local CA with one server and one client. HAProxy is used as an SSL terminator which forces SSL for all connections (via http redirect), then optionally accepts a client cert for authentication.
Follow the install guide for easy-rsa (https://github.com/OpenVPN/easy-rsa)
./easyrsa init-pki
./easyrsa build-ca
So you want to learn how to make a CA...
- This is a proof of concept. It should not be used as a production CA.
- All tasks are presumed to be executed by the same user, on the same manhine.
- A production CA would set up and leverage separation of duties.
- A production CA would not generate CSRs, create the cert, and sign on the same machine.
- As noted below, for user/client certs (ex: use a cert to provide authentication), vs service certs (https, smtps, etc) see the point related to
-extensions usr_cert.
rmrfslashbin
/ RSA-Encryption-Notes.md
Last active
September 20, 2018 17:28
Notes related to using public/private keys to encrypt data
Notes related to using public/private keys to encrypt data.
This section generates a new private key and extracts the public key.
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:4096
openssl rsa -pubout -in private_key.pem -out public_key.pem
rmrfslashbin
/ MediaWiki_on_Heroku.md
Last active
August 16, 2022 06:26
Deploying and updating MediaWiki on Heroku.
This is a very rough guide to deploying and updating MediaWiki on Heroku. Lots of assumptions are made. Be sure to keep your MediaWiki deployment up-to-date!
- A GitHub account.
- A Heroku account.
- A configured app on Heroku.
- A MySQL (or compatible database. This guide assumes the use of Cleardb Heroku add-on).
- Optional add-on: Hosted Graphite.
- Optional add-on: Papertrail.
rmrfslashbin
/ FoxyProxy.md
Last active
May 2, 2023 03:31
FoxyProxy: HOW-TO route all traffic through a proxy EXCEPT blacklisted domains.
This recipe sets up FoxyProxy to route all traffic through a proxy EXCEPT blacklisted domain (they will go out directly).
This receipe assumes a fresh FoxyProxy install, one proxy for everthing, excluding defined domains.
- FoxyProxy should be set to
Use proxies based on their pre-defined patterns and priorities. - Add a new proxy and configure the Proxy Details tab as needed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import binascii | |
| def getHex(string): | |
| x = binascii.hexlify(string.encode()) | |
| y = str(x,'ascii') | |
| print("hex ", y) |
rmrfslashbin
/ aws_ec2_instance_store_lvm2.py
Last active
February 26, 2021 13:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| ## | |
| # This script walks block storage devices and locates | |
| # EC2 instance stores. It then lables the disks as | |
| # LMV2 physical volumes (PV), creates an LVM2 volume | |
| # group (VG), then an LVM2 logical volume (LV) and | |
| # finally formats the new LV as XFS. | |
| ## |
OlderNewer