A utility to automate the installation, maintenance, and debugging of Asterisk/DAHDI, while integrating additional patches to provide the richest telephony experience. Useful for: Automating installation and maintenance of Asterisk, Asterisk Test Suite, Asterisk Test Framework, DAHDI Linux, DAHDI Tools, and related resources; validating Asterisk configuration; finding common syntax errors in dialplan code; finding missing audio files referenced by the Playback, BackGround, and Read applications; suggesting optimizations that can be made to dialplan code to make it more readable and efficient; generating Asterisk user documentation; debugging Asterisk configuration; generating core dumps, automating PhreakNet boilerplate dialplan installation.
Primarily supported on Debian-based Linux systems. Support has also been added for FreeBSD. Pull requests to add support for other Linux distros or BSD are welcome.
ssh-audit is a tool for ssh server and client configuration auditing. Analyzes client and server configuration, connection negotiation parameters, and cryptographic settings and outputs a security report. Has no dependencies.
Someone built a list of all of Pelican's configuration settings and variables, and what they mean. Useful as a reference to the templating language.
How to configure later-generation nVidia drivers to do their own power management now that it's supported on some models.
Applicable to Turing GPUs and Coffee Lake CPUs. Windbringer does not have the former (the GTX 1050Ti is a Pascal architecture, not a Turing architecture). Still, there are options.
Edit your ~/.gitconfig
file and add the following:
[alias]
pushall = !git remote | xargs -L1 -P0 git push --all --follow-tags
To use it in a Git repository, git pushall
after committing changes to your local copy.
Prefer using SSH over HTTP(S) for git.
In your ~/.gitconfig file:
[url "git@github.com:"]
insteadOf = http://github.com/
insteadOf = https://github.com/
Wants to be the "cryptographic right answers" document, but for SSH.
Archived.
Maybe have Glitch monitor it?
/etc/ssh/sshd_config:
Protocol 2
AuthenticationMethods publickey
PasswordAuthentication no
PermitEmptyPasswords no
X11Forwarding no
AllowAgentForwarding no
# The problem with having "MaxAuthTries 2" is, the more keys your
# SSH agent has, the more chances you'll have to get locked out.
# I set it to <my number of SSH keys> +2.
MaxAuthTries 10
MaxSessions 10
HostbasedAuthentication no
IgnoreRhosts yes
PermitRootLogin no
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.
The focus of this guide is merely to give current best practices for configuring complex cipher suites and related parameters in a copy & paste-able manner. The guide tries to stay as concise as is possible for such a complex topic as cryptography. Naturally, it can not be complete. There are many excellent guides (II & SYM, 2012) and best practice documents available when it comes to cryptography. However none of them focuses specifically on what an average system administrator needs for hardening his or her systems' crypto settings.
A boot selector for the Raspberry Pi. Interactively pick, download, and install multiple OSes for the RasPi to the same SD card. The selection can be changed later. Also lets you use USB drives for storing those OSes instead of an SD card. HDMI enabled.
How to override CSS, develop your own, and install new themes for Shaarli.
Teaching the server tech you need for development and production. Eliminating the frustration of server configuration. Databases, configuration management, containers, proxies, security, PHP, and much more.
Secure your email server with STARTTLS Everywhere! Your email service can be insecure in numerous different ways. The service below performs a quick check of your email server's security configuration, including whether STARTTLS is supported, and whether it may qualify for the STARTTLS Policy List.
A perl script that can retrieve the config files of a variety of network devices for administrative or auditing purposes.
A list of the top 20 security practices for the NginX web server. Worth it for the SElinux and /etc/sysctl.conf modifications alone.
This is a configuration file maintained by the Python project which optimizes (g)vim for writing Python code. You don't have to replace your existing .vimrc with it; in fact, it has conditionals that only fire if vim detects that you're editing Python code so it shouldn't mess with anything else you work on. Here's how I use it:
0) Copy this file as ~/.vim/vimrc.python
1) Add the following line to ~/.vimrc:
source /home//.vim/vimrc.python
Uncomment automatic indentation at the end of the file, otherwise this file won't do much for you. I also uncommented syntax highlighting.
How to configure dnsmasq to return the same IP address for any A record a client might request. This feature was added for people constructing public access points.
How to configure dnsmasq to return the same IP address for any A record a client might request. This feature was added for people constructing public access points. The difference between this one and the other one is that this one is how to do it from the command line and not the configuration file.
How to configure Ejabberd so that every client that connects to a server immediately gets a buddy list containing every registered user on that server.
How to test an ejabberd.cfg file before restarting the server. Easier than it seems - why not make it a shell alias?
cat ejabberd.cfg | erl | grep syntax
If that command returns a syntax error line, you know there is a problem in the config file. If there is no output, ejabberd.cfg parses correctly.