Skip to content

Instantly share code, notes, and snippets.

View tashian's full-sized avatar

Carl Tashian tashian

View GitHub Profile
@jdoss
jdoss / LUKS_and_TPM2_with_Fedora.md
Last active May 22, 2024 17:09
Decrypt LUKS volumes with a TPM on Fedora Linux

Decrypt LUKS volumes with a TPM on Fedora Linux

This guide allows you to use the TPM on your computer to decrypt your LUKS encrypted volumes. If you are worried about a cold boot attack on your hardware please DO NOT use this guide with your root volume!

Preflight Checks

Verify that you have a TPM in your computer:

# systemd-cryptenroll --tpm2-device=list
PATH DEVICE DRIVER
@stettix
stettix / things-i-believe.md
Last active March 20, 2024 17:45
Things I believe

Things I believe

This is a collection of the things I believe about software development. I have worked for years building backend and data processing systems, so read the below within that context.

Agree? Disagree? Feel free to let me know at @JanStette. See also my blog at www.janvsmachine.net.

Fundamentals

Keep it simple, stupid. You ain't gonna need it.

@davidmintz
davidmintz / hashicorp-vault-auth-cert-and-token-role-creation.md
Last active December 16, 2023 10:18
notes on setting up and using Vault TLS authentication, policies, and tokens with named roles

Our goal is to save sensitive data in a MySQL database in a responsible way, and be able to read/write it programmatically in a PHP web application. Asymmetric encryption would be best, but is not practical here. Symmetric encryption with a strong algorithm and hard-to-guess cipher is acceptable, but not if we store the cipher in plain text on the same server where the database credentials also live in plain text!

This work-in-progress is subject to change if/when I come up with a better scheme, but for now, the plan is to:

  • store the cipher as a vault secret;
  • configure TLS authentication so that our PHP application can log in, and then
  • create a token that allows its bearer to read the secret (our cipher);
  • use a PHP component and our cipher to encrypt/decrypt our sensitive data.
@albertbori
albertbori / Installation.md
Last active May 4, 2024 18:21
Automatically disable Wifi when an Ethernet connection (cable) is plugged in on a Mac

Overview

This is a bash script that will automatically turn your wifi off if you connect your computer to an ethernet connection and turn wifi back on when you unplug your ethernet cable/adapter. If you decide to turn wifi on for whatever reason, it will remember that choice. This was improvised from this mac hint to work with Yosemite, and without hard-coding the adapter names. It's supposed to support growl, but I didn't check that part. I did, however, add OSX notification center support. Feel free to fork and fix any issues you encounter.

Most the credit for these changes go to Dave Holland.

Requirements

  • Mac OSX 10+
  • Administrator privileges
@jbenet
jbenet / simple-git-branching-model.md
Last active April 9, 2024 03:31
a simple git branching model

a simple git branching model (written in 2013)

This is a very simple git workflow. It (and variants) is in use by many people. I settled on it after using it very effectively at Athena. GitHub does something similar; Zach Holman mentioned it in this talk.

Update: Woah, thanks for all the attention. Didn't expect this simple rant to get popular.