cphrmky

Enable Touch ID for sudo

Thanks to this awesome Six Colors post: Quick Tip: Enable Touch ID for sudo

The short of it:

1. In your terminal go to cd /etc/pam.d/.
2. Now open the sudo file with your favorite command-line/GUI text editor.
   • Note that if you open it via the command-line, you’ll need to use sudo itself to do so, since the file is (understandably) protected.
3. With the sudo file open, add the following command below below the first line. auth sufficient pam_tid.so

cphrmky

Home/Core                            TX9XD-98N7V-6WMQ6-BX7FG-H8Q99        
Home/Core (Country Specific)         PVMJN-6DFY6-9CCP6-7BKTT-D3WVR  
Home/Core (Single Language)          7HNRX-D7KGG-3K4RQ-4WPJ4-YTDFH  
Home/Core N                          3KHY7-WNT83-DGQKR-F7HPR-844BM 
Professional                         W269N-WFGWX-YVC9B-4J6C9-T83GX 
Professional N                       MH37W-N47XK-V7XM9-C7227-GCQG9
Professional Enterprise				 
Professional Workstation			 
Enterprise                           NPPR9-FWDCX-D2C8J-H872K-2YT43 
Enterprise N                         DPH2V-TTNVB-4X9Q3-TJR4H-KHJW4 

cphrmky

Client-side SSL

For excessively paranoid client authentication.

---

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

cphrmky

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096

cphrmky

Keybase proof

I hereby claim:

• I am cphrmky on github.
• I am cphrmky (https://keybase.io/cphrmky) on keybase.
• I have a public key ASBl_oXe3joXyxrX74wlQDrvYbEOUSzTrp7tbCmCq2wRogo

To claim this, I am signing this object:

cphrmky

How to get a stack trace for each thread in a running python script

Sometimes a python script will simply hang forever with no indication of where things went wrong. Perhaps it's polling a service that will never return a value that allows the program to move forward. Here's a way to see where the program is currently stuck.

Install gdb and pyrasite

Install gdb.

# Redhat, CentOS, etc

cphrmky

from sseclient import SSEClient
import requests

from queue import Queue
import json
import threading
import socket


class ClosableSSEClient(SSEClient):

cphrmky

BUCKET = 'your-bucket-here' # protocol prefix like s3://your-bucket-here is not required

import boto3

s3 = boto3.resource('s3')
bucket = s3.Bucket(BUCKET)
bucket.object_versions.delete()

# if you want to delete the now-empty bucket as well, uncomment this line:
#bucket.delete()

cphrmky

// ==UserScript==
// @name         Make JSON Pretty
// @version      0.1
// @description  Make JSON look nice
// @include      *.json
// @grant        none
// ==/UserScript==

function prettySource(obj) {
	var maxDepth = 250,

cphrmky

vault mount pki
vault mount -path=pki1 pki
vault mount -path=pki2 pki
vault mount -path=pki3 pki
vault mount-tune -max-lease-ttl=87600h pki
vault mount-tune -max-lease-ttl=87600h pki1
vault mount-tune -max-lease-ttl=87600h pki2
vault mount-tune -max-lease-ttl=87600h pki3
vault write pki/root/generate/internal common_name="Vault Testing Root Authority" ttl=87600h