Tips'n'tricks

SSH - Signing Files

Signing Files with SSH 8.0 unsigned file $ cat hosts 127.0.0.1 localhost ::1 localhost 1.2.3.4 egal sign $ ssh-keygen -Y sign -f id_rsa -n file hosts Signing file hosts Write signature to hosts.sig signed file $ cat hosts.sig -----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALJB+O4WCOM7V56H1xigpd uJem52Izwltl2cG9GQOO94HClebcr7C5aD24iI4wDcT9Ajv5/fu9cDVEXku83I/U0blUZe oMd8qCIH+4O+RVYyCvKFyEkcZ6n+RRH1G5EgcP0UXtmo4J3p8Hyo/6jtPA/r28+idi84A6 7yW1cmC5GpIw24Vr5aqA3e3rCJdFBZThzsTrwu/DHzIueQstEQdldycUit4X9UPBaCVnov +nhyijO9b8adzkTMxjcJAl65fdLUmwuJ5h3z0owdKOmrcNlbWxqTIuGU0in25ZDQVxLssc WI8oW7vR5F7+cXSV7fYliTG/XPsCkD1KpWc/xSOr35bALRQpxD1+T48mrbKToZuzu4hage cUSOvRI3R0hKIvcXYyf2SQoBfLNlpvl5CRcatlw2fMhFQPrVz0Bh543chEFsF4nxKQw8yq riJbqkvhW8tzKCnMA7vyTRxey6uSDJrw0YchXIJdprNUlgM1t+z9J3AwC4ugpvhgVd6H0v 9QAAAAxob3N0cy5zaWduZWQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAA ABgAB9zAZStPsSvPIBh66lAgGLE/JWPk0voZjTUz9pO5wl81aM6Kn1clY9n4jysEkiQ0xy yy/tWgFzKi10mVfh/SJ34L2Mdo8t+vBnha1KNlkFwXZl+GXiCLlVl+ei6xpRfp9knheoIh LyEHoxgkuI6lO0c8pi4ymNnrlfvkg9SvvZfSdXWUMfTWHDlHvFIGqMg3BWQu7ylTEgQVDF obpqDInU3hkisfsywQRQh6KVVe8eSUc0qVH/FSSLoG8X/IX9Vh3g4tT/2FJPrE4k464yie GdnLkp5edcnnE+jjoSQroMs52QWy2a3XXZC5KTaDL6w4mcry1RpavhXb5aJQ7o0852Pkc9 wDkwX/11JZhMmxNZbDlg+tHsWy12KUubKAxAjJ1HUFXMjTFI6HMu8WyU989e3dOTt/bL3W l7sDo5P8SGv3/6+tJxugz9shz8WaN9Xz6Oh2AfCM6+IROXaeUgWMXtDmGS5bUZxUOSxHa1 ww7wzYR0NKXuOk3IeJMSQ2f97g== -----END SSH SIGNATURE----- verify file allowed signers $ cat /etc/allowed_signers mail@world.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyQfjuFgjjO1eeh9cYoKXbiXpudiM8JbZdnBvRkDjveBwpXm3K+wuWg9uIiOMA3E/QI7+f37vXA1RF5LvNyP1NG5VGXqDHfKgiB/uDvkVWMgryhchJHGep/kUR9RuRIHD9FF7ZqOCd6fB8qP+o7TwP69vPonYvOAOu8ltXJguRqSMNuFa+WqgN3t6wiXRQWU4c7E68Lvwx8yLnkLLREHZXcnFIreF/VDwWglZ6L/p4coozvW/Gnc5EzMY3CQJeuX3S1JsLieYd89KMHSjpq3DZW1sakyLhlNIp9uWQ0FcS7LHFiPKFu70eRe/nF0le32JYkxv1z7ApA9SqVnP8Ujq9+WwC0UKcQ9fk+PJq2yk6Gbs7uIWoHnFEjr0SN0dISiL3F2Mn9kkKAXyzZab5eQkXGrZcNnzIRUD61c9AYeeN3IRBbBeJ8SkMPMqq4iW6pL4VvLcygpzAO78k0cXsurkgya8NGHIVyCXaazVJYDNbfs/SdwMAuLoKb4YFXeh9L/U= verify

Git Clear your History

Clear History have you ever checked in some binarys, confidential stuff or something else by mistake ? Git will keep all your history, that’s their design and purpose. how ever, if you need to cleanup once, here is a short tutorial. Kill Git Config cd myrepo cat .git/config -> note down the url url=$(git config --get remote.origin.url) rm -rf .git Create New Repo git init git add . git commit -m "Removed history, .

Git

Some Git Commands Customizing Git Switch from “Master” to Main globally git config --global init.defaultBranch main Merge two Repos “merge unrelated histories” git pull origin master --allow-unrelated-histories git push git pull add local Folder and Push to Upstream echo "# test" >> README.md git init git config init.defaultBranch main git add README.md git commit -m "first commit" git branch -M main git remote add origin git@github.com:stoege/test.git git push -u origin main Find deleted file, sort uniq git log --all --pretty=format: --name-only --diff-filter=D | sort -u bla bla.

Puffy Spezial

Tips, Trick, Notes and Snippets around OpenBSD Adding Static Default GW man route route add -inet default 192.168.1.1 route add -inet6 default 2001:db8:efef::1 Use Puffy as Jumphost Redirect incomming Traffic from a certain Source and also NAT the Outgoing Traffic so we remain in the “Line” ;) # Apply SNAT for outgoing Traffic match out log on em0 inet from !(egress) to IP_OF_TARGET_HOST nat-to (egress) # Forward Port 22 to another (hidden) Host via DNAT pass in log quick on egress inet proto tcp from SRC_IP_OF_HOST to egress port 22 rdr-to IP_OF_TARGET_HOST port 22 pass in log quick on egress inet proto tcp from SRC_NET/MASK to egress port 22 rdr-to IP_OF_TARGET_HOST port 22 Debug OpenSMTPD doas rcctl stop smtpd doas smtpd -dv -Tall tty0 to fb0 on ARM you may need to redirect tty0 on arm64 boxes