Posts
fix: Git Slow On Windows
git on my Windows machine was reheheally slow when running commands such as git diff and git log, but only when I had network connectivity. If I removed my network connection it was fast again ¯\(ツ)/¯. I couldn’t figure it out, but found some stack overflow post with a fix which solved it for me.
click start type "git bash" right click icon, left click "Run as administrator" # get current user entry and cache it in /etc/passwd mkpasswd -c > /etc/passwd # Set home directory to existing directory /c/Users/<your-username> vim /etc/passwd # edit nsswitch and comment out "db" to prevent accessing Microsoft AD vim /etc/nsswitch.
Posts
Check SSL certificate expiration on remote SMTP server
Check SSL certificate expiration on a remote SMTP server using openssl
printf 'quit\n' | openssl s_client -servername <servername> -connect <ip/hostname>:<port> | openssl x509 -enddate -noout
Posts
CSR In One Go
Generate a Certificate Signing Request (CSR) in one command
openssl req -new -newkey rsa:2048 -nodes -out <common name>.csr -keyout <common name>.key -subj "/C=SE/ST=/L=/O=<organization>/CN=<common name>" Send the generated .csr to the issuer Get back an issued certificate from the issuer Use the generated .key for the issued certificate
Posts
Undo git add
When you get ahead of yourself and stage a file that you’re not finished with. Undo with
git restore --staged <filename>
Posts
Keyboard keys to exit unresponsive SSH sessions
When SSH session is unresponsive and you want to exit Just press:
⮐ ~. This should exit the unresponsive ssh session. Sometimes you need to repeat the steps.
Posts
Extract private key and cert from pfx
Procedure Take the file you exported (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed. Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.
Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem Run the following command to remove the passphrase from the private key: openssl rsa -in key.
Posts
ZFS - Send and recv incremental backup
When we have done the full backup below we need to send incremental backups every day or so to get everyday changes.
It is quite similar like below with some few exceptions. We will only send the difference between the originating snapshot (backup) and the new one (backup-incremental).
zfs snapshot -r zroot/usr/jails/jail1@backup-incremental Then we also need to prep the receiving side so that your normal user can receive the backups.
Posts
ZFS - Send and recv backup
ZFS explained
So I needed a way to backup all my jails. Lucky for me all my jails are run in a ZFS dataset. ZFS to the rescue.
First. Allow your datasets to be {snapshot,send,hold} by your normal user on the jail server to avoid using root.
sudo zfs allow -u <user> hold,send,snapshot zroot/usr/jails/jail1 Then create the recursive snapshot.
zfs snapshot -r zroot/usr/jails/jail1@backup Then we also need to prep the receiving side so that your normal user can receive the backups.
Posts
Bruteforce mitigation - fail2ban filter for ocserv
Fail2Ban can be explained in more detailed by this
Short explaination of fail2ban:
Fail2ban scans log files and bans IP’s that show the malicious signs – too many password failures etc. The following filter identifies failed authentications on the oserv (OpenConnect Server).
cd /usr/local/etc/fail2ban/filter.d cat ocserv.conf [Definition] failregex = (?:ocserv\[\d+\]: worker\[\w+\]: )(?P\S*)(?: worker-auth\.c\:\d+: failed authentication for ') (?P<user>\S*)(?:').*
Posts
Exclude duplicates using awk
cat >> foo.txt << EOF HELLO HELLO2 HELLO HELLO3 HELLO4 EOF cat foo.txt | awk '!x[$0]++' HELLO HELLO2 HELLO3 HELLO4