Quick File Encryption from the CLI Linux

If you have openssl installed, you have all you need to encrypt files. For instance, suppose you want to store some credentials in git, but you don’t want just throw your business all over the place. You could do this:

openssl aes-256-cbc -salt -in -out

when you want to decrypt the file later, do:

openssl aes-256-cbc -d -salt -in -out

there you go, TrueCrypt replacement at your finger tips

Memory Blues on OS X 10.10 Mavericks

So, I have an older MacBook Air, a late 2010 to be precise. Currently, it’s my full time workstation. I love that I can just toss it in my bag and have close to all day computing with me. But, this little guy has 4 precious gigabytes of RAM that are constantly under attack. I received a pro tip from Rebeeca Shen (linkedin) the other day about about clearing file / app cache and I’d like to share this one liner with you:

sudo purge

And vula! You’re system’s memory should look more healthy, and you should notice an up tick in performance. The man page is pretty slim on what’s happening under the hood, but I suspect (warning full speculation here) that OS X makes a RAM disk that it then saves files you’ve worked on recently, and browser cache, etc and attempts to make the machine quicker by having these resources in RAM. Well, it ain’t helping with 4GB of RAM. I’ve saved this as a cronjob to run every 30mins and so far I haven’t had any swap usage. Obvious side effects may include slower application start times, and file retrieval, so you may want to tune the cronjob to your liking.


EDIT: Rebecca dropped some more knowledge on me, if you’re dealing with WindowServer and/or kernel_task sucking the life out of your CPU and/or RAM try these steps.



Java keystore with existing keys

I’m tired of looking this up, so I’m posting it here:

lifted from: http://stackoverflow.com/questions/17695297/importing-the-private-key-public-certificate-pair-in-the-java-keystore

# Create PKCS12 keystore from private key and public certificate.
openssl pkcs12 -export -name myservercert -in selfsigned.crt -inkey server.key -out keystore.p12

# Convert PKCS12 keystore into a JKS keystore
keytool -importkeystore -destkeystore mykeystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias myservercert

keytool -list -v -keystore mykeystore.jks

Note on PostgreSQL backups

So, Postgres has a neat feature to backup in parallel by dumping the tables in multiples at a time. This isn’t difficult to find online, in fact here you go:

pg_dump -j num -Fd  out.dir -f dbname

What is IMPOSSIBLE to find is this stupid -j switch for restores. You need it when restore the DB back. Notice that the -j is at the front of the dump. That won’t do when you restore it, you need to put it right before the file you’re restoring from. See below:

pg_restore -h localhost -d dbname -j fileRestoringFrom.tar

Sorry, correction needed. Turns out this won’t do the trick. Here’s what really needs to done:

pg_restore -h localhost -Fd dbname | psql

dbname is what you used on the -f switch above to save the dumpdir for the export. So if at the end of the pg_dump you have dir called mydatabase and it contains the table dumps and the toc.dat file, this is what you’d reference in the “dbname” above. Keep in mind, if you tar this file up to move it, you’ll need to untar it to do the restore.

Best of luck!




a note about tags, aws, and ansible

I had a difficult time finding this information anywhere. I’m sure it exist, but here’s what’s going on.

Assuming you have ansible-playbook -i ec2.py someplaybook.yml working, (test it with ./ec2.py –list) then you may want to address some of your instances by tags.

Here’s the skinny, let’s say create an instance and give it a key pair tag name / webserver-us-east-1a, ansible is looking for “tag_Name_webserver-us-east-1a” not just “webserver-us-east-1a” in the hosts section of your playbook. Here’s an example below:


# webserver deploy

– hosts: “tag_Name_webserver-us-east-1a”
sudo: True
remote_user: ubuntu
gather_facts: True
– nginx
– common