Hacker Newsnew | past | comments | ask | show | jobs | submit | tyrel's commentslogin

I've been using https://www.npmjs.com/package/html2pdf.js for a project, and it works pretty nicely - it will render a DOM element into a PDF for me.


[Seeking: REMOTE]

I'm a senior software engineer with thirteen years of experience - mainly in Python development. I started off working at small agency, a couple startups, a biotech company, and most recently an enterprise insurance leads sales company.

I really enjoy working with Python, and try to focus my career and communities around Python. I've worked with and would work with again both Go and Ruby. For Ruby I've done Rails and Sinatra, and Go I've built a CLI tool and and APIs. While primarily backend focused, I have progressively expanded my front-end skills over time, transitioning from jQuery to VueJS. Collaborating well with fellow engineers is one of my strengths, and I find great satisfaction in mentoring and supporting others in their growth.

  Location: Durham, NC
  Remote: Only.
  Willing to relocate: No.
  Technologies: Primarily looking for Python [13y], Go[4y], Ruby on Rails [4y]
  Résumé/CV: https://tyrel.dev/blog/pages/Tyrel-Souza-Resume.pdf
  Email: REDACTED because of spammers like [khawlael444@gmail.com]


Https://tyrel.dev/ A decade of intermittent blogging. Nothing much of substance but I still try to maintain it. Combines Tech, Flying, Coffee, and more.

Pelican site, HTML, images, and CSS only, no JS!


Yeah, knowing one of the developers personally, they actually didn't post this. Someone else posted this to Twitter/Reddit/HN.


One of my co-workers preordered this, I hope to skim through it if he brings it into the office.


http://youpronounce.it/search.jsp?q=Llanfair%C2%ADpwllgwyngy...

Bummer!


Oh, but it's there!

https://youtu.be/fHxO0UdpoxM

It is however touted as 'an easy and fun way to improve your English'..

Village name marketing gimmicks aside, good tool.


Ah darn, I thought this was an iOS version of Timely. https://play.google.com/store/apps/details?id=ch.bitspin.tim...


Will you be adding more customization of the "User" or is all customization per channel?

It was difficult to figure out how to set an avatar at first, I had to go under my stream page and edit there, rather than in the settings. Maybe I'm confused between the distinction between a user and a stream?


You can think of your channel as like your profile - so that is where the customization happens. It should perhaps be made clearer where you should upload your avatar, thanks for the feedback.


I've used this before and it works really well. I migrated the same wordpress install multiple times with it (once to move domain, the other to change it to https) and I didn't have a problem either time.

Of course -- YMMV, and you should definitely back up your database before.


Seeing a key with substring of "Tyr" as the username and that substring of my key matching scared me a bit.

If you want to check how many bits your key is, use

ssh-keygen -l -f ~/.ssh/your_key.pub

(It wasn't mine, while it is an older key, mine is larger than 768 thankfully)

Edit: look at timdorr's example for a better visual.


Most people will want to run this verbatim:

  ssh-keygen -l -f ~/.ssh/id_rsa.pub
You'll get an output like so:

  ⚡~ $ ssh-keygen -l -f ~/.ssh/id_rsa.pub
  2048 f6:2d:94:54:c0:96:18:64:24:fb:c2:ad:ed:6a:1d:68  timdorr@Pixelicious.local (RSA)


There's probably a better way of doing it, but this should check all your public keys if you use more than one, assuming they're in ~/.ssh

  for file in $(ls ~/.ssh/*.pub); do ssh-keygen -lf $file; done


Not better, but could also be written as:

  find ~/.ssh -name '*.pub' | xargs ssh-keygen -lf
Here's a simple bash function to check all your GitHub keys:

  function check_github_keys {
    username=$1
    i=0
    curl -sw "\n" "https://github.com/${username}.keys" | while IFS="\n" read -r line ; do
      tmp=`mktemp -t githubkey`;
      echo "$line" > $tmp
      res=$(ssh-keygen -lf $tmp)
      rm $tmp
      ((i=i+1))
      echo "${username}.keys:${i}  ${res/ $tmp/}"
    done
  }
Invoke as:

  check_github_keys <username>
I'm sure there's a better way to write that one though!


Your initial "find" version would be better if it used print0 because it would avoid failing on files with spaces in their names:

find ~/.ssh -name '*.pub' -print0 | xargs -0 ssh-keygen -lf


This of course can be rewritten as find ~/.ssh -name \*.pub -exec ssh-keygen -lf {} \;


If you use ssh-agent, you can do:

    ssh-add -l
to list all your registered keys.


    4096 63:f2:23:00:c9:0d:07:3b:6d:ad:4d:a9:98:32:f5:25  ***@*** (RSA)
Am I good?


Your key is 4096 bits, you're good.


True, this will be default if you don't namespace your keys and use ssh config files like I do, I should have just said that.


how much safe are we, with a 2048 bits key?

is this something we should be upgrading (like to 4096) in the near future?


Not much point in upgrading from 2048 bit RSA to 4096 bit RSA. Instead, you should plan to upgrade to ed25519 keys when your client and servers support them - faster and better security than RSA.


Of course that is an "if" one should carefully think about -- e.g. it is OK if all you are using is OpenSSH at version 6.5 or later. (That can be a problem with many older boxes). But other than that, last I checked only SSH.NET and tinyssh supported ed25519 keys. Shameless plug for some more data on this: http://ssh-comparison.quendi.de/comparison.html (yeah, that page could be a lot better -- pull requests are welcome)


Does anybody have a good (and easy!) guide how to do that on my Mac or Linux machine (client and server) ?


If you have experience with RSA key pairs, using ed25519 key pairs is easy. To generate a key pair just run: ssh-keygen -t ed25519

As with RSA, this command generates a public and private key file. Put the public key in the authorized_keys file on the server side.

You'll need OpenSSH 6.4 on both the server and the client side. If you have an older version, I would not recommend upgrading outside of your operating system's normal upgrade channel because then you'll be responsible for security updates. Instead I would wait until your operating system has it.


It amounts to doing this:

  $ ssh-keygen -t ed25519
As usual, on the server, you do something like

  $ cat generated-key.pub >> ~you/.ssh/authorized_keys
EDIT: sibling post was quicker off the bat. Oh well, that'll teach me to not refresh a tab :p


2048 is fine for the foreseeable future; it's the same key length used for most SSL certificates (including CAs!). Your next key upgrade should probably be to another key type entirely, most likely ED25519.


I don't have a qualified answer but given he says it would take 24 minutes to crack a 256bit key and 3 days to do a 512bit, I would extrapolate (given exponentially difficulty as you add more bits) to roughly:

- 180x per doubling bit size would be - 512 doubled twice, would mean 3 days * 180 * 180 = 97,200 days

I think you're safe.


That's not how the math works.

First, 2048 bits is not 512 bits doubled twice, but rather doubled 1536 times (512 doubled twice would be 514). If this were a symmetric cipher, you could stop here and conclude that a 2048 bit key was 2^1536 times stronger than a 512 bit key.

However, RSA has diminishing returns on security as you increase the key length. The strength is determined by the complexity of the GNFS, the fastest known way of breaking RSA[1]. That tells us that breaking 256-bit RSA takes ~2^46 operations, 512-bit RSA takes ~2^63, 2048-bit RSA takes ~2^116, and 4096-bit RSA takes ~2^156. 2^116 is a lot of operations - they say the amount of energy required to break that would be nearly enough to boil all the water on earth.

[1] http://crypto.stackexchange.com/questions/8687/security-stre...


> they say the amount of energy required to break that would be nearly enough to boil all the water on earth.

Not wanting to be alarmist, but what you're saying is that someone breaking my ssh key (which is 2048 bits) is the end of the world...


great answer!


On his/her admittedly subpar machine. Keep in mind that this will vary wildly for different hardware.


i had the same moment of panic and ended up removing old keys and regenerating my keys that are in use. i wish i'd seen this comment beforehand -_-


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: