SSSG Ninja


SSSG Ninja is my new open source project - It is a all-in-one managemenet tool for SSSG (Site Shield Security Group), it not only makes recommendations but also can do the jobs for you. If you are interested to try, it can be found in my Github repo. Here are current supported features: Make recommendations based … Continue reading SSSG Ninja

Advertisements

Double SSH Hops example


Client -ssh only--> Jumpbox00 -ssh only--> Jumpbox01 --http only-> Internal network Here is how to ssh to jumpbox01, and visit websites in internal networks from Client. 1) Ensure you have a private key that is trusted by both jumpbox00 and jumpbox01. For example, jb.pem under ~/.ssh/, then run the following command: ssh-add ~/.ssh/jb.pem  2) Add the following … Continue reading Double SSH Hops example

Incomplete certificate chain


There are 3 methods to test the incomplete certificate chain: 1) https://www.ssllabs.com/ssltest/analyze.html?d=example.com The error is: Chain issues Incomplete 2) curl -v -o /dev/null https://example.com The error is: * NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER) * Peer's Certificate issuer is not recognized. 3) openssl s_client -showcerts -verify 10 -connect example.com:443 The error is: Verify return code: 21 (unable … Continue reading Incomplete certificate chain