Skip to content

Instantly share code, notes, and snippets.

View bhouse's full-sized avatar

Ben House bhouse

22 followers · 11 following
View GitHub Profile
@bhouse
bhouse / vault_intermediate_ca_setup.sh
Created May 7, 2016 23:05
Setting Up Hashicorp Vault with an intermediate CA based on https://gist.github.com/jefferai/092d2cd728ff66089f17
#!/bin/bash -e
# Setup a Root CA in vault
# Generate and sign an Intermediate cert
#
# Requires:
# * A running vault server already initialzed and unsealed
# * Environment variable VAULT_TOKEN is set
# * vault cli (https://www.vaultproject.io)
# * httpie (https://github.com/jkbrzt/httpie)
@bhouse
bhouse / gist:70a38f5738a44acace0807e3261e04bf
Created May 18, 2016 19:31
Vault demo setup
mkdir vault_demo && cd vault_demo
wget https://releases.hashicorp.com/vault/0.5.2/vault_0.5.2_darwin_amd64.zip
unzip vault_0.5.2_darwin_amd64.zip
export PATH=$(pwd):$PATH
cat > vault.conf <<EOF
backend "file" {
path = "file_backend"
}
listener "tcp" {
@bhouse
bhouse / setup.md
Created January 22, 2020 21:28
YubiKey GPG + GitHub setup

Yubikey + GPG + Github + Keybase

The following guide are steps that can be used to generate GPG keys on a YubiKey, use the gpg keys to sign github commits, and publish the public gpg key to Keybase.

Why is this a good idea?

  1. Generating and storing GPG keys on a YubiKey allows the private key to be protected and ported between physical machines.
  2. Signing git commits adds an extra layer of verification that code changes originated from an trusted source.
  3. Using a YubiKey + touch-to-sign requires a physical presence to use the GPG signing key.
  4. GitHub supports restricting commits to a repo to only those that are signed.
  5. Putting a physical stamp on your code commits invokes a feeling of pride.