space spacexnasa

How to setup your own CA with OpenSSL

For educational reasons I've decided to create my own CA. Here is what I learned.

First things first

Lets get some context first.

Setting up postfix on MacOS High Sierra

MacOS Sierra High comes with preinstalled postfix. Follow these steps to configure it on a local system:

1. Create a `sasl_passwd` file

sudo nano /etc/postfix/sasl_passwd

Add this to the file

Bash Shell启动方式与rc脚本

Shell的不同分类

根据启动Bash Shell的方式不同，对Shell有两种分类方式

登录Shell与非登录Shell

根据Shell的启动方式不同，可以将Shell分为

Mutt (or NeoMutt) with Gmail and GPG on Mac OS X

This note describes how to set up the Mutt or NeoMutt email client on Mac OS X to work for Gmail and GnuPG.

Software versions

The software versions used in this note are:

macOS Catalina (version 10.15.4)

Nginx TLS SNI routing, based on subdomain pattern

Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.

prerequisites

at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
check nginx -V for the following:
```
...
TLS SNI support enabled
```

	#!/bin/bash
	# geoip on firewall in centos 7
	# this file: /etc/cron.weekly/bogonsblocks.sh
	# sudo chmod +x /etc/cron.weekly/bogonsblocks.sh

	## create tmp dir
	# sudo mkdir /var/tmp/ipbogons
	## create list on ipset
	# sudo ipset create bogonslist hash:net maxelem 1000000
	## create rule on firewall-cmd

	#!/bin/bash

	##
	# Name: GeoIP Firewall script
	# Author: Pandry
	# Version: 0.1.1
	# Description: This is a simple script that will set up a GeoIP firewall blocking all the zones excecpt the specified ones
	# it is possible to add the whitelisted zones @ line 47
	# Additional notes: Usage of [iprange](https://github.com/firehol/iprange) is suggested
	# for best performances

-#!/bin/bash
-#
-# Script to remove GPG key from git-crypt
-#
-# It will re-initialize git-crypt for the repository and re-add all keys except
-# the one requested for removal.
-#
-# Note: You still need to change all your secrets to fully protect yourself.
-# Removing a user will prevent them from reading future changes but they will
-# still have a copy of the data up to the point of their removal.

	{
	"stats": {},
	"api": {
	"services": [
	"StatsService"
	],
	"tag": "api"
	},
	"policy": {
	"levels": {

	# $language = "python"
	# $interface = "1.0"

	import base64
	import hmac
	import struct
	import sys
	import time

	TOTP_KEY = 'YOUR_GOOGLE_AUTH_KEY'