Password Management with "pass"

Prefacecommit 7bc712f8955f9c1bde81a12f0c3d27b3c120d1fa Author: Thomas Preissler <thomas@preissler.co.uk> Date: Thu Aug 6 18:52:55 2015 +0100 Add current contents of password store. This is how it all started when I migrated from KeePass (keepassx on Linux to be precise) to pass. It was a good move,…

GPG Key Transition

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1,SHA512 I am transitioning GPG keys from an old 1024-bit DSA key to a new 4096-bit RSA key. The old key has already been revoked, so I prefer all new correspondance to be encrypted in the new key, and will be making all signatures…

Moved to Jekyll

I found some time finally to move my Wordpress blog to Jekyll. I wasted quite some time on finding the right layout. So, anyway, here it is, I am sure there are some mistakes, some conversion accidents so to speak, but I will keep working on it as I learn…

Using DShield's 'bad' network lists to block proactively

The "Daily Stormcast podcast" of the Internet Storm Center by Johannes Ullrich mentioned at some point that you could use the DShield 'bad' networks list to proactively block traffic. This is what I did - using shorewall as the blocking backend. Enjoy! Download dshield.sh #!/bin/bash # 25 Feb 2015…

Raspbian and iSCSI, minor issues

Just a quick one - how to fix some annoyances when you are booting Raspbian off an iSCSI volume. I will also submit these to the Raspbian project... Preventing a "DHCPRELEASE" when rebootingYour /etc/network/interfaces must not have any references at all for eth0, not even a "iface eth0…

Wake-on-LAN stops working under Linux

I just had the problem again, that my computer doesn't respond to WOL MagicPacketâ„¢. The thing todo on Linux is as follows: # Run ethtool on your network interface ethtool enp3s0Have a look for Supports Wake-on: pumbg Wake-on: d whereas these flags "pumbg" mean (taken from man ethtool): p Wake on…

Creating TLS certificates with OpenSSL

# Use 4096 when you can use ECDSA openssl genrsa -des3 -out $DOMAIN.key 2048 cp $DOMAIN.key $DOMAIN.key-org openssl rsa -in $DOMAIN.key-org -out $DOMAIN.key # Vanilla OpenSSL versions since 1.0.2 set the hash by default to SHA-256 openssl req -new -sha256 -key $DOMAIN.key -out $DOMAIN.…