- Updated on May 29 to accommodate etcd container not having
/bin/shavailable anymore.
curl -sL https://get.rke2.io | sh
systemctl daemon-reload
systemctl start rke2-server
Moritz Schlarb moschlar
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # A highly non-scalable CGI DNS-over-HTTPS proxy in Bash. Have fun. | |
| # Here's an endpoint running this script: https://doh.team-frickel.de | |
| # Relevant Firefox settings: | |
| # network.trr.mode = 2 -> DoH and fall back to DNS (default) | |
| # network.trr.mode = 3 -> DoH only -> MUST use bootstrapAddress | |
| # network.trr.uri = https://doh.team-frickel.de |
rjhansen
/ consequences.md
Last active
October 1, 2022 04:28
SKS Keyserver Network Attack: Consequences
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
Back in late February, the Internet Freedom Festival put together a roundtable of communications security nerds to help dissidents in Venezuela figure out how to organize and communicate in the face of widespread DNS poisoning. I contributed a brief HOWTO explaining what the Maduro regime was doing and some simple, effective mitigations. At the very top of the HOWTO was a paragraph of security considerations. Chief among them was a caution that this document came with an OpenPGP digital signature: before relying on the information in the document they ought ensure nobody had tampered with it, either to install malware into the PDF or to alter the advice I was giving.
I put this HOWTO out in the wild. I've had four people send me thank-you notes for writing it. I figure that means it's been seen by between fo
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.
alirobe
/ reclaimWindows10.ps1
Last active
May 8, 2025 13:16
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ### | |
| ### UPDATE: For Win 11, I recommend using this tool in place of this script: | |
| ### https://christitus.com/windows-tool/ | |
| ### https://github.com/ChrisTitusTech/winutil | |
| ### https://www.youtube.com/watch?v=6UQZ5oQg8XA | |
| ### iwr -useb https://christitus.com/win | iex | |
| ### | |
| ### OR take a look at | |
| ### https://github.com/HotCakeX/Harden-Windows-Security |
jirutka
/ ldap.conf
Last active
July 17, 2024 10:40
Simple script for OpenSSH server to load authorization keys from LDAP. It requires just POSIX shell and ldapsearch utility. To manage keys in LDAP, use https://github.com/jirutka/ssh-ldap-pubkey.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/ssh/ldap.conf | |
| # See ldap.conf(5) for details | |
| # This file should be world readable but not world writable. | |
| BASE ou=People,dc=example,dc=org | |
| URI ldap://localhost |
gtallen1187
/ scar_tissue.md
Created
November 1, 2015 23:53
talk given by John Ousterhout about sustaining relationships
04/26/2103. From a lecture by Professor John Ousterhout at Stanford, class CS142.
This is my most touchy-feely thought for the weekend. Here’s the basic idea: It’s really hard to build relationships that last for a long time. If you haven’t discovered this, you will discover this sooner or later. And it's hard both for personal relationships and for business relationships. And to me, it's pretty amazing that two people can stay married for 25 years without killing each other.
[Laughter]
> But honestly, most professional relationships don't last anywhere near that long. The best bands always seem to break up after 2 or 3 years. And business partnerships fall apart, and there's all these problems in these relationships that just don't last. So, why is that? Well, in my view, it’s relationships don't fail because there some single catastrophic event to destroy them, although often there is a single catastrophic event around the the end of the relation
It's hard to quarrel with that ancient justification of the free press: "America's right to know." It seems almost cruel to ask, ingeniously, "America's right to know what, please? Science? Mathematics? Economics? Foreign languages?"
None of those things, of course. In fact, one might well suppose that the popular feeling is that Americans are a lot better off without any of that tripe.
There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way throughout political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
Politicians have routinely striven to speak the language of Shakespeare and Milton as ungrammaticaly as possible in order to avoid offending their audiences by appearing to have gone to school. Thus, Adlai Stevenson, who incautiously allowed intelligence and learning and wit to peep out of his speeches, found the American people
scottsb
/ resetting-csync2-cluster.md
Last active
October 25, 2021 20:28
Guide to Resetting a csync2 Cluster
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Moved to a proprer repositoy, TSWS is a real boy now! | |
| https://github.com/dfletcher/tsws | |
| PRs welcomed. |