diceline-chartmagnifierquestion-marktwitter-whiteTwitter_Logo_Blue

Today I Learned

Use F12 as "Insert" in macOS terminal

On Apple keyboards we don't have an Insert key, and this is most annoying when using the command line or CLI tools like Midnight Commander.

We can fix this by re-assigning the F12 key:

  • Remove F12 as key from System Settings->Mission Control
  • Enable Use F1, F2, etc. keys as standard function keys in System Settings->Keyboard->Keyboard
  • Go to Terminal->Preferences and set the default profile as Pro
  • Go to Terminal->Preferences->Profiles->Keyboard and Replace F12 code with \033[2~

Make macOS remember your SSH keys after restart

We need to tell macOS to add the keys to the agent, in order to make them persistent after reboot.

We have to create new file in ~/.ssh/ called config

vi ~/.ssh/config

with the following content:

Host *
   AddKeysToAgent yes
   UseKeychain yes   

Then, we need to add our keys to the agent and macOS keychain (so your private key password is remembered).

ssh-add -D
ssh-add -K ~/.ssh/*

To verify that our keys are present in the agent:

ssh-add -l

Upgrade your SSH Keys to the new Ed25519 standard

Why should you upgrade?

Your ssh key is most probably half a decade or more old, as with all technlologies, cryptographic algorithms evolve and all of them become less secure with time as vulnerabilites are discovered, or computing power increases. Good SysOps and DevOps often rotate their keys and you should too!

See all the benefits of Ed25519 here: https://ed25519.cr.yp.to

You need to upgrade right now if:

  • your key was generated using DSA you need to upgrade right now
  • your key was generated using RSA less than 3072bit length
  • your key was generated using ECDSA

Ed25519 is the public-key algorithm you should use today.

How to generate your key:

I like to have custom names for my keys, and I also add relevant information to key comments like: role, name and e-mail. The -o 100 option, increases the brute force resistance of your key by increasing the KDF rounds.

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/zeno.popovici.ed25519 -C "Graffino Member :: Zeno Popovici (zeno@graffino.com)"

Don't forget to provide a strong password for your key.

Deploy (macOS)

You can now deploy your key. First, you need to add it to your keychain like this:

ssh-add -K ~/.ssh/zeno.popovici.ed25519

To copy your public key to the clipboard and paste it into GitHub or other services you're using, just issue:

pbcopy < ~/.ssh/zeno.popovici.ed25519.pub

That's it!

How to change JPEG compression rate in WordPress

Our client wants pixel perfect images in his WordPress site. Truth is WordPress is a bit agressive in compressing JPEGs.

WordPress default is 75% compression quality. A higher setting will generate better looking images, to the expense of larger filesize.

Add this to your functions.php file:

// Change JPEG compression rate - 85 is much more reasonable setting
$jpeg_compression = function() { 
    return 85; 
};

add_filter( 'jpeg_quality', $jpeg_compression );

How to validate your password with regex

Example password validation regex

  • rules below can be concatenated
^(?=.*?[^a-zA-ZÄÖÜäöüß0-9])(?=.*?[0-9])(?=.*?[a-zäöüß])(?=.*?[A-ZÄÖÜ])(?!.*\d{2,}).{8,}$

Special character matching

  • Matches (operator is ?=) any string that has at least a special character e.g.: sadsds@asdasd
    (?=.*?[^a-zA-ZÄÖÜäöüß0-9])

Number matching

  • Matches (operator is ?=) any string that has at least a number: e.g.: s1adsdsasdasd
    (?=.*?[0-9])

Small letter matching

  • Matches (operator is ?=) any string that has at least a small letter: e.g.: SADSa
    (?=.*?[a-zäöüß])

Big letter matching

  • Matches (operator is ?=) any string that has at least a big letter: e.g.: SADSa
    (?=.*?[A-ZÄÖÜ])

Consecutive numbers matching

  • Doesn't match (operator is ?!) strings that have consecutive numbers in them: e.g.: asdasd42dada
    (?!.*\d{2,})

Sequential numbers matching (cannot be used at the same time with previous rule)

  • Doesn't match (operator is ?!) strings that have sequential numbers in them: e.g.: 12asdasd42dada
  • It will allow numbers that are separated by other letters e.g.: adasd1asd2asd3
  • It will allow consecutive numbers e.g.: ahadADS22dhsg44
    (?!.*((12)|(23)|(34)|(45)|(56)|(67)|(78)|(90)|(01)))

Length of string matching (should be placed last)

  • This will match any string that is less than 8 characters
    .{8,}

Work with "unsafe" HTTPS connections on localhost in Chrome

If you work with HTTPS connections on your localhost development environment, you will often get an un-secure notification from Chrome, and this will be getting annoying.

To disable those notifications in Chrome type this in your address bar:

chrome://flags/

search for:

Allow invalid certificates for resources loaded from localhost.

and click on "Enable". Done!

As a precaution: You should use separate browsers for personal use and another for development. I do development in Chromium and my regular browsing in Safari.