4 posts

Linux: query remote ntp (and show time difference)

Sometimes you just want to query a remote ntp server (and maybe see the difference between the two clocks). In this case you can use the tool sntp.
From the sntp man page:
The default is to write the estimated correct local date and time (i.e. not UTC) to the standard output….

use something like:
$ sntp
2018-04-19 11:36:26.538479 (-0100) -0.004752 +/- 0.023788 s2 no-leap

OpenSSL Cheat Sheat

I know I know, there are plenty of openssl cheat sheets out there already(( But as I keep using googling it again and again to find the most useful openssl commands I decided to do my own – the first version of the blog entries is already 3 years old actually. Another reason for creating the list is that I remember things better when I am writing the down.

Show contents of a certificate (( ))

openssl x509 -fingerprint -sha256 -noout -text -in

Show contents of a certificate request (CSR)

openssl req -text -noout -verify -in CSR.csr

OpenSSL HTTPS Client with SNIĀ (( ))

openssl s_client -connect -servername

Generate a CSR to send to an external CA

openssl req -new -newkey rsa:2048 -sha256 -nodes -out  -keyout  -subj "/C=US/ST=NY/L=NY/O=Roman Pertl/OU=Hostmaster/"

Generate a Self-Signed SSL Certificate

openssl req -x509 -nodes -days 365 -newkey rsa:4096 -sha256 -keyout -out -subj "/C=AT/ST=Korneuburg/L=Korneuburg/O=Pertl/OU=Hostmaster/CN=*"

Newer versions of browsers e.g. Chrome require to set the DNS alt attribute instead/additional of the CN field: ((

openssl req -x509 -nodes -days 365 -newkey rsa:4096 -sha256 -reqexts SAN -extensions SAN -config <(cat /System/Library/OpenSSL/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:*')) -keyout -out -subj "/C=AT/ST=Korneuburg/L=Korneuburg/O=Pertl/OU=Hostmaster/CN=*"

Generate a Self-Signed CA Root Certificate

openssl req -nodes -newkey rsa:4096 -x509 -sha256 -days 3650 -keyout rootCA.key -reqexts v3_req -extensions v3_ca -out rootCA.crt -subj "/C=AT/ST=Korneuburg/L=Korneuburg/O=Pertl/OU=Hostmaster/CN=pertl CA"

Generate custom dh param file

openssl dhparam -out 4096

View “raw” diff on Github

Viewing a “raw” diff in Github is easy – if you know how.

If you are viewing a commit on github the URL looks something like this:

Adding “.diff” to the URL will generate the raw diff for you which you can pipe to patch etc. The full URL is: