Connecting to a VPN automatically when not at home

When I’m on my home Wi-Fi, I rarely connect to a VPN. When I’m out, I always make the habit of doing so, except when I forget. I was hoping VPN clients would have a feature to automatically connect based on a list of networks, but after some quick research, I guess not. Maybe I’m wrong, but ended up with this nifty solution. I’m currently using Viscosity as my VPN client, but should work similarly for other clients that allow some scripting.

Continue reading “Connecting to a VPN automatically when not at home”

DevOpsCT Talk: osquery

These are the slides for a recent talk on osquery I gave at a DevOpsCT meetup.

Python Type Hints

These are the slides for a recent 5 minute talk on Python Type Hints I gave at newhaven.io meetup. Slides are also available on Speaker Deck.

Running osquery on CoreOS

Most things in CoreOS Container Linux can be run in containers, except when it doesn’t make sense. Here’s how I got osquery up and running.

osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.

Continue reading “Running osquery on CoreOS”

PGP Key Transition

Keybase | Gist

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

PGP Key Transition Statement
José Padilla 
Fri Jul 28 12:54:01 UTC 2017

I have created a new OpenPGP key and will be transitioning away from
my old key. The old key has not been compromised and will continue to
be valid for some time, but I prefer all future correspondence to be
encrypted to the new key, and will be making signatures with the new
key going forward.

I would like this new key to be re-integrated into the web of trust.
This message is signed by both keys to certify the transition. My new
and old keys are signed by each other. If you have signed my old key,
I would appreciate signatures on my new key as well, provided that
your signing policy permits that without re-authenticating me.

The old key, which I am transitioning away from, is:

pub   2048R/9B2987B1 2014-03-04
      Key fingerprint = 6120 BB14 9792 D8E9 A371  B03C AAE3 EF57 9B29 87B1

The new key, to which I am transitioning, is:

pub   4096R/B55434E2 2017-07-28
      Key fingerprint = 58FD 4723 5047 E944 BDE3  4DC7 9A11 1405 B554 34E2

I disown all other and prior keys, so please don't use them.
Specifically, the following keys are not valid for me:

* 0x33CFB6D79478C173
* 0x56921E75F4A66D4C
* 0x7C09FCF380E5AFA3
* 0x55FCA69C27265701
* 0xAAE3EF579B2987B1 (as provided above)

The entire key may be downloaded from: https://keybase.io/jpadilla/pgp_keys.asc?fingerprint=58fd47235047e944bde34dc79a111405b55434e2

To fetch the full new key from a public key server using GnuPG, run:

  gpg --keyserver keys.gnupg.net --recv-key B55434E2

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs B55434E2

If you are satisfied that you've got the right key, and the User IDs
match what you expect, I would appreciate it if you would sign my key:

  gpg --sign-key B55434E2

You can upload your signatures to a public keyserver directly:

  gpg --keyserver pgp.mit.edu --send-key B55434E2

Or email [email protected] (possibly encrypted) the output from:

  gpg --armor --export B55434E2

If you'd like any further verification or have any questions about the
transition please contact me directly.

/jpadilla
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJZezRFAAoJEKrj71ebKYexuL0H/RG388KJwp+fWA8hR0jMrSFX
OC4zgsMB6GLsSiZJhivDvYTXJdcFc2x6l9Cgh4YQTZwsDLsK2O7+Ao+AxcUAC5rQ
zb2UIX6GzEly7i7+2HNKpv2AKcpdI5yNwuvjvTJMeivDAnSr9ymSTkbzIMyUuGkh
bEuIodVuuf0jvrgECw8I8DLsyKPt3KkVPYjc1Ji3Q0w0uVtQhndvaD1Etc7wO3Vw
h28Rkw7a6bK8Dt/ZmC+PI50/rKMDWPlSV2+ATCpitKZrDvEyk843d4ue39NaZ6uo
rKLn6Fv0kZLZzX2VnEi64TKUfu7s2LzTOoKLT4km6M2ExcT7rj84nNlPCZrICluJ
AhwEAQEKAAYFAll7NEUACgkQN2XJ6h5H7264vRAAtn7Z3rey+Hsi1g7tBEeYs0wY
pjrn3hPQ5Ej1A+V5kpZuTH0Hh8TaW1LxmClRLE0jmMZV9bhRbCfyG9GMaSFeJp1W
NXZAfXW2vtNurCKgsyBJhtk1MNZg7pbURvcaXifq+gt/Z7UZ6X/YlAfPLsmp22e+
wVA7i0TUlXYcQOtNwhhDD2N/hoG1lMgB2XkC8uzvRIOn06kSneFORzegyeK60rBw
GdbzhuQrkzqZ0inhuEIXzDHFA7yIfOKg3aabx4Mc/K++42iy+bBZzx9UDHGoKay3
RSdnzRNCiQAL2S0Ckk+qo56rHzTqsz0XFtaLdMjp/c58knrLnVekMnPMJMXnnxwj
dAzV31Lyxk4VZomw2z2PA/1R/C9bY2msJ5hCggqICguwM2bnRzn17mEawwAKTY0S
rCK/744woagAa57muhVZyQk7eVXKxiS7EVjNGVM83jk0hwuUBv+v55Zawi3hm8fL
RUMXwxIkv+HHD76x//mBmLOrjkdHMlZ1WyPiOFbRQrthpUabZ3V27h7IObsOZcbv
S9e5hh69jEcOZffL/I5iuu4zc6Wcq3F7G5oiMoVGPUSUQUxhZtZX9OK1PzrMQezw
2ejhY3+1ktS5rsPTMw6qjiei0E0MIa+Yluw2u6CeT7oxQlJXuSFKCQB1CAnEOE/l
iWstOpXJiOkvoLtMrPM=
=hyse
-----END PGP SIGNATURE-----