Bits on Humberto Rocha

Setup ssh keys for remote access

Mon, 23 Mar 2026 00:00:00 +0000

To easily setup your public keys into freshly created servers, specially when copy and paste is limited like in proxmox web console you can benefit for one of your accounts in a public or private git servers reachable by your server like Forgejo, Github, and Gitlab.

They all have the same API where you can fetch your public keys under the pattern:

https://<git-server>/<username>.keys

Try it in your browser to see the output.

Extract certificate from a domain

Sun, 06 Jul 2025 00:00:00 +0000

To extract the certificate use:

openssl s_client -showcerts -servername humberto.io -connect humberto.io:443 </dev/null 2>/dev/null

If your target is not using SNI you don’t need to use the -servername <fqdn> option.

Then you can pipe it with other OpenSSL commands to extract information in the format that you need.

To extract PEM formatted cert:

| openssl x509 -outform PEM

To extract the public key:

| openssl x509 -pubkey -noout

To extract the Fingerprint:

Extract certificate and key from .pfx file

Mon, 10 Jul 2023 00:00:00 +0000

Extract the certificate from the .pfx file:

openssl pkcs12 -in <DOT_PFX_FILE> -clcerts -nokeys -chain -out certificate.crt

Extract the private key in .pem format without encryption from the .pfx file:

openssl pkcs12 -in <DOT_PFX_FILE> -nocerts -nodes -out private_key.pem

Convert the .pem into RSA key format:

openssl rsa -in private_key.pem -out id_rsa

If you are using OpenSSL 3 it will default it’s output to be in PKCS8 format, that contains encapsulation boundaries like this:

Connect to a Kubernetes Pod

Wed, 07 Dec 2022 00:00:00 +0000

To open a session it’s first required to know the Pod’s name.

kubectl get pod -n <namespace>

Then open a bash session by running:

kubectl exec --stdin --tty <pod name> -n <namespace> -- /bin/bash

It’s also possible to open a shell session:

kubectl exec --stdin --tty <pod name> -n <namespace> -- /bin/sh

Sometimes it’s need to spawn a new Pod from an image that has the required tooling to inspect something.

Interactive session in a Docker container

Tue, 22 Nov 2022 00:00:00 +0000

Opening a bash session in a given container:

docker exec -it <container-name> /bin/bash

In case the image is more bare bones you can still open a shell session:

docker exec -it <container-name> /bin/sh

You can only open sessions in containers that are running so check their status with docker ps before trying to open the session.

If you are not sure about the container names you can list them with:

Docker without root

Sat, 30 Jul 2022 00:00:00 +0000

Create the docker group.

sudo groupadd docker

Add your user to the docker group.

sudo usermod -aG docker $USER

Apply the changes to the group.

newgrp docker

Verify if you can run docker.

docker version

This is not recommended on internet facing servers, keep docker privileges to the root user.

Run laptop with the lid closed

Sat, 30 Jul 2022 00:00:00 +0000

Edit the /etc/systemd/logind.conf file, and change the following lines:

HandleLidSwitch=ignore
HandleLidSwitchExternalPower=ignore
HandleLidSwitchDocked=ignore

Then restart the service:

sudo systemctl restart systemd-logind.service

Turn off laptop screen automatically

Fri, 29 Jul 2022 00:00:00 +0000

Edit the /etc/default/grub file adding the following to the GRUB_CMDLINE_LINUX variable:

GRUB_CMDLINE_LINUX="consoleblank=300" # turn off the screen after 5 minutes

Then update grub:

sudo update-grub

Pull from multiple repositories

Mon, 23 May 2022 00:00:00 +0000

A tip for when you have a list of git repositories to update:

find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && git pull && cd .." \;

The \( ! -name . \) pattern is used to skip executing the command inside the . folder.

Match and replace line breaks in vim

Sun, 20 Feb 2022 00:00:00 +0000

There are 2 different special characters when dealing with line breaks:

\n represents the new line character byte 0x0a
\r represents the carriage return byte 0x0d

But in vim at the replacement side of the pattern things change a bit:

\n becomes the null character 0x00
\r becomes the new line character 0x0a

So at the search side you should use \n while at replace \r.

Example:

%s/\n/\r/g

Empty commit

Fri, 18 Feb 2022 00:00:00 +0000

Sometimes you just need to make an empty commit to trigger a CI pipeline or a webhook.

git commit --allow-empty -m "Trigger CI"