csobankesmarki
/ unix_socket_expose.sh
Created
October 21, 2021 13:20
use the socat utility to expose sockets manually over network ports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| socat TCP-LISTEN:12345 UNIX-CONNECT:/var/lib/socket.sock |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Create private key: | |
| openssl ecparam -genkey -name prime256v1 -noout -out ecdsa256.pem | |
| Create public key: | |
| openssl ec -in ecdsa256.pem -pubout -out ecdsa256.pub | |
| Sign something | |
| openssl dgst -sha256 -sign ecdsa256.pem -out youranyfile.sig256 youranyfile | |
| To verify: |
csobankesmarki
/ generate_fido_key.sh
Last active
January 4, 2022 17:48
Generate Yubikey FIDO2 resident key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # List plugged in Yubikeys and get the serial from the list | |
| ykman list | |
| # Generate new FIDO2 resident key on the Yubikey plugged in (keep on plugged in, only) and saving the attestation certificate | |
| # Without speficing the '-O user="..."' there is going to be a 32x ascii 0 filled into the user part and would overwrites exisiting keys without asking | |
| # Complex user="..." part creates a 31 char long string adding random values to the end (max length is 31 as 32nd must be 0) | |
| # Parameter -Z <cipher> can be different, valid values can be checked with 'ssh -Q cipher' command, default is aes256-ctr when omitting | |
| ssh-keygen -t ed25519-sk -a 64 -O resident -O user="$(echo -n <user>@<FQDN>_$(date +'%Y%m%d')_$(uuidgen | tr -d '-') | cut -c 1-31)" -O write-attestation=id_ed25519_sk_<yubikey serial>_attest -f id_ed25519_sk_<yubikey serial> -C "<user>@<FQDN>-$(date +'%Y%m%d')-<yubikey serial>" -Z [email protected] | |
| # parameter '-O attestation=<filename>' part can be omitted as more likely the Yubico general attestation c |
csobankesmarki
/ cloudflare-ddns-update.sh
Created
September 5, 2024 07:00
— forked from Tras2/cloudflare-ddns-update.sh
A bash script to update a Cloudflare DNS A record with the external IP of the source machine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # A bash script to update a Cloudflare DNS A record with the external IP of the source machine | |
| # Used to provide DDNS service for my home | |
| # Needs the DNS record pre-creating on Cloudflare | |
| # Proxy - uncomment and provide details if using a proxy | |
| #export https_proxy=http://<proxyuser>:<proxypassword>@<proxyip>:<proxyport> | |
| # Cloudflare zone is the zone which holds the record |
OlderNewer