Ari Rubinstein

Security Engineer

Cloudflare Origin Pull Configuration

In order to set up per-hostname origin pull mTLS auth for Cloudflare Enterprise, you need to utilize the API to load in the certificate in the Cloudflare router. The following steps show you how to utilize the API to do that. It isn’t exactly straightforward from the documentation here, so I’ve added a few extra steps, and missing parameters required in the API call that aren’t documented in the Cloudflare API documentation below.

SSH Git Signing

Recently I needed to automate a git signer setup and wanted to explore the new ssh-signing approach. It turns out to be relatively easy: You can utilize an ED key or an RSA key. I included an example RSA key setup below: This is an example ~/.gitconfig [user] name = Your Name email = [email protected] signingkey = /Users/username/.ssh/ [commit] gpgsign = true [gpg] format = ssh alternatively, these commands will edit the ~/.

Hear: macOS CLI Transcription

Recently, I needed to run around 1000 mp3 files through a speech-to-text engine. Despite using dictation tools daily like Siri, Hey Google, and Alexa, this is surprisingly not available to use out of the box. After researching online services through GCP and Amazon that charge by the minute, I realized I could use the default dictation capability in macOS. It’s possible to use an application like Rogue Amoeba’s Loopback and a Kernel driver to automate one file at a time; however, this approach would require the removal of only-apple-signed Kernel drivers, which is sub-optimal.

ChatGPT Fun

Some initial simple prompts for OpenAI’s ChatGPT that were entertaining “Write a song in the style of 90s Will Smith explaining why you should use unique passwords and a password manager” Verse 1: I used to be like you, never thought twice About my passwords and usernames, they were all just nice But then I learned the hard way, when my account got hacked Lost all my data and my reputation, I was attacked