Skip to content

Instantly share code, notes, and snippets.

View csobankesmarki's full-sized avatar
💭
Just meditate.

Csoban Kesmarki csobankesmarki

💭
Just meditate.
4 followers · 6 following
  • Hungary
View GitHub Profile
@jameshfisher
jameshfisher / How to make a private Gist public.md
Created January 5, 2014 16:31
How to make a private Gist public

Github provides no facility to do this via the UI. This is sad, because it would be extremely useful in order to draft something before publishing it. It would also be trivial for them to implement. Never mind; here's how to do it manually:

  1. Get the "Clone this Gist" text from the left-hand side of the private Gist, e.g. https://gist.github.com/b9cc265982870c091a1e.git, and extract the ID b9cc265982870c091a1e.
  2. Go to https://gist.github.com/ and create a dummy new public Gist.
  3. Get the "Clone this Gist" text from the left-hand side, e.g. https://gist.github.com/8270253.git, and extract the ID 8270253.
  4. git clone [email protected]:b9cc265982870c091a1e tmp-dir && cd tmp-dir && git push -f [email protected]:8270253.git
@rglastra
rglastra / gist:3ef9582c6292470a1743
Last active September 2, 2022 16:23
Check available certs in ca-certificates.crt by subject.
#!/bin/bash
echo "All certificates in ca-certificates.crt, listed by subject:"
awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
echo "All certificates in ca-certificates.crt, listed by subject, check for presence of VeriSign's 'Class 3 Public Primary - G5':"
awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt | grep "G5"
@salex89
salex89 / key_and_certificate_conversions.sh
Last active April 24, 2025 12:22
Different private/public key conversions GnuPG, OpenSSH and OpenSSL
# Source: http://www.sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG%2C-OpenSsh-and-OpenSSL
# OpenSSH private keys are directly understable by OpenSSL. You can test for example:
openssl rsa -in ~/.ssh/id_rsa -text
openssl dsa -in ~/.ssh/id_dsa -text
# So, you can directly use it to create a certification request:
openssl req -new -key ~/.ssh/id_dsa -out myid.csr
# You can also use your ssh key to create a sef-signed certificate:
@wizioo
wizioo / gitignore_per_git_branch.md
Last active April 24, 2025 04:55
HowTo have specific .gitignore for each git branch

How to have specific .gitignore for each git branch

Objective

My objective is to have some production files ignored on specific branches. Git doesn't allow to do it.

Solution

My solution is to make a general .gitignore file and add .gitignore.branch_name files for the branches I want to add specific file exclusion. I'll use post-checkout hook to copy those .gitignore.branch_name in place of .git/info/exclude each time I go to the branch with git checkout branch_name.

@13Cubed
13Cubed / update_dnsbl.sh
Last active October 23, 2020 06:55
Download DNS adware and malware blacklists in BIND format and add them to a blacklist zone file. This is a modified version of the script from Paul's Security Weekly (http://wiki.securityweekly.com/wiki/index.php/Episode472).
#!/bin/bash
HOME=/var/named
ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext"
MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones"
ADLISTFILE=/tmp/adlistfile
MWLISTFILE=/tmp/mwlistfile
# Download newest blacklists
curl -s -o $ADLISTFILE $ADLISTURL
@kekru
kekru / Docker connect to remote server.md
Last active March 21, 2025 01:29
Connect to another host with your docker client, without modifying your local Docker installation

Run commands on remote Docker host

This is how to connect to another host with your docker client, without modifying your local Docker installation or when you don't have a local Docker installation.

Enable Docker Remote API

First be sure to enable the Docker Remote API on the remote host.

This can easily be done with a container.
For HTTP connection use jarkt/docker-remote-api.

@tiran
tiran / README
Created January 3, 2017 13:30 — forked from atdt/README
A minimal ssh-agent for using a smartcard with PIV for public-key authentication with OpenSSH through PKCS11.
org.wikimedia.ssh-pkcs11-agent.plist -> ~/Library/LaunchAgents
OPENSC_LIBS=/usr/local/Cellar/opensc/0.15.0/lib
ssh-add -s $OPENSC_LIBS/opensc-pkcs11.so
@briansmith
briansmith / how-to-generate-and-use-private-keys-with-openssl-tool.md
Last active March 21, 2025 11:43
How to generate & use private keys using the OpenSSL command line tool

How to Generate & Use Private Keys using OpenSSL's Command Line Tool

These commands generate and use private keys in unencrypted binary (not Base64 “PEM”) PKCS#8 format. The PKCS#8 format is used here because it is the most interoperable format when dealing with software that isn't based on OpenSSL.

OpenSSL has a variety of commands that can be used to operate on private key files, some of which are specific to RSA (e.g. openssl rsa and openssl genrsa) or which have other limitations. Here we always use

@gtaban
gtaban / PKCS8-PKCS1-format-conversion.md
Last active January 14, 2025 12:29

The default format of keys was changed in OpenSSL 1.0. From OpenSSL 1.0 change log:

Make PKCS#8 the default write format for private keys, replacing the traditional format. This form is standardised, more secure and doesn't include an implicit MD5 dependency. [Steve Henson]

Good explanations of the difference between the two formats: https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem

Converting RSA private key:

@artizirk
artizirk / gnupg_scdaemon.md
Last active April 22, 2025 18:10
OpenPGP SSH access with Yubikey and GnuPG

NB: This document describles a 'Old-School' way of using Yubikey with SSH

Modern OpenSSH has native support for FIDO Authentication. Its much simpler and should also be more stable with less moving parts. OpenSSH also now has support for signing arbitary files witch can be used as replacement of gnupg. Git also supports signing commits/tags with ssh keys.

Pros of FIDO

  • Simpler stack / less moving parts
  • Works directly with ssh, ssh-add and ssh-keygen on most computers
  • Simpler
  • Private key can never leave the FIDO device

Cons of FIDO