2020/10/26

SSH Encryption & Decryption


  #### Credential ####
# cat << EOF > src.txt
This is sercret message.
That will be encrypted.
And decrypted.
EOF
# openssl enc -aes-256-cbc -in src.txt -out file.txt -pass pass:mysecret
# openssl enc -aes-256-cbc -d -in file.txt -out res.txt -pass pass:mysecret
# cat src.txt
# diff res.txt src.txt


# openssl enc -aes-256-cbc -in src.txt -out file.txt -pass file:cred.txt
# openssl enc -aes-256-cbc -d -in file.txt -out res.txt -pass file:cred.txt

# openssl enc -aes-256-cbc -salt -a -in src.txt -out file.txt -k password
# openssl enc -aes-256-cbc -salt -a -d -in file.txt -out res.txt -k password
# openssl enc -aes-256-cbc -a -d -in file.txt -out res.txt -k password

#### Keypair ####
# ssh-keygen -f app -t rsa -b 2048
# cat << EOF > test.txt
This is sercret message.
That will be encrypted.
And decrypted.
EOF
# ssh-keygen -f app.pub -e -m pkcs8 > app.pkcs8
# cat test.txt |openssl rsautl -encrypt -pubin -inkey app.pkcs8 >secret.txt
# cat secret.txt | openssl rsautl -decrypt -inkey app

#### trip ####
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-4} | head -n 1
echo odYJaGVsbG8K |cut -b4- |base64 -d

2020/05/07

stop an automatic redirect from “http://” to “https://” in Chrome

  1. Go to chrome://net-internals/#hsts. Enter 3rdrevolution.com under Delete domain security policies and press the Delete button.
  2. Now go to chrome://settings/clearBrowserData, tick the box Cached images and files and press click the button Clear data.
from: https://superuser.com/questions/565409/how-to-stop-an-automatic-redirect-from-http-to-https-in-chrome

2020/05/06

gcp ssh session expired


sudo /sbin/sysctl -w net.ipv4.tcp_keepalive_time=60 net.ipv4.tcp_keepalive_intvl=60 net.ipv4.tcp_keepalive_probes=5

ref: https://stackoverflow.com/questions/30078348/google-cloud-ssh-timeout-how-to-increase-session-time



2020/05/02

docker ENTRYPOINT and CMD

from: https://stackoverflow.com/questions/21553353/what-is-the-difference-between-cmd-and-entrypoint-in-a-dockerfile


The ENTRYPOINT specifies a command that will always be executed when the container starts.
The CMD specifies arguments that will be fed to the ENTRYPOINT.

FROM debian:wheezy
ENTRYPOINT ["/bin/ping"]
CMD ["localhost"]

2020/04/11

git clone error port 22: Connection refused


$ ssh -T git@github.com
ssh: connect to host github.com port 22: Connection refused

$ ssh -T -p 443 git@ssh.github.com
Warning: Permanently added '[ssh.github.com]:443,[xxx]:443' (RSA) to the list of known hosts. Hi chomjun! You've successfully authenticated, but GitHub does not provide shell access.

$vi ~/.ssh/config
``` # Add section below to it Host github.com Hostname ssh.github.com Port 443 ```


try again
$ ssh -T git@github.com
Warning: Permanently added the RSA host key for IP address '[xxx]:443' to the list of known hosts. Hi chomjun! You've successfully authenticated, but GitHub does not provide shell access.


$vi ~/.ssh/config
Host gitlab.com
    Hostname altssh.gitlab.com
    User git
    Port 443

$ ssh -T git@gitlab.com
Warning: Permanently added '[altssh.gitlab.com]:443,[xxx]:443' (ECDSA) to the list of known hos.

Welcome to GitLab, @xxx!

2020/04/08

Docker Troubleshooting

unable to login with docker: unauthorized

In docker client host, add item to /etc/docker/daemon.json
"insecure-registries": ["0.0.0.0/0"]
and restart docker daemon and try again?

Ref: https://github.com/goharbor/harbor/issues/7464