Explore >> Select a destination
|
You are here 
|
prezu.ca | ||
| | | | |
rcoh.me
|
|
| | | | | I always wondered how Google Authenticator style 2-factor codes worked. The process of going from QR code to rotating 6-digit pin seemed a bit magical. A few days ago, my curiosity found itself coupled with some free time. Here's what I found: What's in the QR Code I scanned the QR code from Github with a barcode scanning app. Here's what's inside: otpauth://totp/Github:rcoh?secret=onswg4tforrw6zdf&issuer=Github Not too surprising. It tells us the protocol, TOTP, who is issuing this OTP code (Github), and most importantly the secret:1 | |
| | | | |
blog.ropnop.com
|
|
| | | | | After compromising an OpenNMS server, I recovered salted password hashes. I couldn't find any info online, so I reversed them and wrote a tool to crack them | |
| | | | |
supabase.com
|
|
| | | | | MFA Auth with enforcement via RLS | |
| | | | |
dustymabe.com
|
|
| | | It is common practice among Linux users to exchange ssh keys between machines so that you can ssh between them without having to authenticate. The manual process for doing this involves taking the public key of the local host (~/.ssh/id_rsa.pub or ~/.ssh/id_dsa.pub) and appending it to the ~/.ssh/authorized_keys file of the remote host you wish to log in without a password. This process is simple, but requires a few different steps. | ||
