I find iptables to be a bit of a beast… so for posterity (or my own sanity, in case I lost this, I might recover from search engine caches!) this simply forwards a port (A) of a certain protocol from one host (B) to a second port (C) on a 2nd IP (D). Linux only, unless your OS happens to support iptables… no error checking, although it will echo […]
… well, literally… or pseudo literally? To generate 128 bits of pseudo-randomness: dd if=/dev/urandom bs=16 count=1 2>/dev/null| hexdump |awk ‘{$1=""; printf("%s", $0)}’ | sed ‘s/ //g’ Block size 16 = 16 bytes… do that once (count=1); that’s 16 bytes * 8 bits/byte = 128 bits. I’ve been using this in scripts lately, like “foo=$(…)”.
In conjunction with the openssl scripts… a little bit of python code to fire up an ssl server… lots of them out there, this one is mine. #!/usr/bin/env python # # fire up an HTTPS/ssl web server in the PWD (defaults to localhost:8081) # # optional – give a file name to serve up, like "$0 foofile.html" # If you use this option it’ll wait a few seconds and […]
I put a script or two on github; generates a CA and server and client certs, suitable (I hope!) for openvpn and https and all that. Based on the easy-rsa scripts, but I didn’t find them that easy to use. A haiku to openssl: openssl a black crane over the lake may you rot in hell Image is Hokusai’s “Mount […]
… here’s how to decrease the security of your mac…. It was one of those situations that are hard to explain, but I wanted to execute an X program on a remote system and have it show up on my Mac’s screen WITHOUT using ssh. This was on Snow Leopard with the XQuartz X server, but probably similar in most macs. Back in the age of dinosaurs you could […]