Author: leonletto

The Time Formatting Rabbit hole

/ leonletto / Leave a comment

This past weekend I decided to go down the rabbit hole for a few hours on time formatting for different timezones. I thought I would dig deeper and do the same for Windows, Mac and Linux.

I work with a lot of log files and trying to remember the date in UTC ( or others) and convert in your head gets tiresome when you have logs from different systems that you are trying to correlate.  

Lets say you are working in the console and want to quickly know what the date is in some other timezone, these are the commands to do that on Linux, MacOS and Windows Powershell

Query the list of Timezones

Note: Using London England here

On Linux ( for London)

timedatectl list-timezones | grep London

On MacOS

sudo systemsetup -listtimezones | grep London

On Windows Powershell

(Get-TimeZone -Name "*GMT*").Id

To use the above to show the current date and time in the place you queried from in your terminal

Current time in London and give me the date in 24hour format

On Linux 

TZ=$(timedatectl list-timezones | grep London) date +"%a %b %d %Y  %T"

Same with 12 hour time format

TZ=$(timedatectl list-timezones | grep London) date +"%a %b %d %Y %I:%M:%S")

On MacOS 

Note: you have to know the Zone ( can’t query easily in the terminal without sudo – see above)

echo $(TZ="Europe/London" date +"%a %b %d %Y  %T")

On Powershell you have to know the Zone (  “Get-TimeZone -ListAvailable”  to see the list )

[datetime]::UtcNow, (Get-TimeZone -Name "*GMT*").Id

To create an Alias in your current terminal ( not persistent)! 

( I am using “gt” as Great Britain Timezone here)

Current time in London – 24 hour time

alias gt='echo $(TZ=$(timedatectl list-timezones | grep London) date +"%a %b %d %Y  %T")'

Same with 12 hour time format

alias gt='echo $(TZ=$(timedatectl list-timezones | grep London) date +"%a %b %d %Y %I:%M:%S")’

On MacOS 

alias gt='echo $(TZ="Europe/London" date +"%a %b %d %Y  %T")'

On Powershell its Two Lines

Function WD {Write-Host ([datetime]::UtcNow, (Get-TimeZone -Name "*GMT*").Id)}
Set-Alias gt WD

Finally – If you want to make this persistent on your OS by putting an Alias in your profile

Note:  I am using ~/.zshrc here but you can also use ~/.profile or ~/.bash_profile depending on where your current settings are stored.

Notice all the “\” backslashes so that you can echo “’s and $’s

For Linux

echo "alias gt='echo \$(TZ=\$(timedatectl list-timezones | grep London) date +\"%a %b %d %Y  %T\")'" >> ~/.zshrc

For MacOS

echo "alias gt='echo \$(TZ=\”Europe/London\” date +\"%a %b %d %Y  %T\")'" >> ~/.zshrc

For Powershell:

For your Persistent Profile in Powershell its quite complicated:

You need to decide whether only your username will use the profile

  • If only your user:
    • whether you want it while just running a Powershell terminal ($myProfile) 
    • or also when you are in the ISE editor ($myISEProfile)

Note: the default I have shown below is for both…

If you want all users to use the profile:

  • Then decide:
    • whether you want it while just running a Powershell terminal ($globalProfile64)
    • or also when you are in the ISE editor as well ($globalISEProfile64)
  • And finally whether you want the 32-bit Powershell profile available:
    • in Powershell32 ($globalProfile32) 
    • in ISE editor on Powershell32 ($globalISEProfile32)

I have tried to make it easy enough to set for your user by default.

You just copy and paste the following and run it.

Note: You need to modify $profiles if you want to set it globally (bottom of the script)

#You need this folder anyway
md $HOME\Documents\WindowsPowershell -ErrorAction SilentlyContinue

#If you want to execute in powershell windows for you only
$myProfile="$HOME\Documents\WindowsPowershell\Microsoft.PowerShell_profile.ps1"

#If you want to execute in powershell ISE windows for you only
$myISEProfile="$HOME\Documents\WindowsPowershell\Microsoft.PowerShellISE_profile.ps1"

#If you want to execute in powershell 64-bit windows for All Users
$globalProfile64="C:\Windows\System32\WindowsPowerShell\v1.0\Microsoft.PowerShell_profile.ps1"

#If you want to execute in powershell ISE 64-bit windows for All Users
$globalISEProfile64="C:\Windows\System32\WindowsPowerShell\v1.0\Microsoft.PowerShellISE_profile.ps1"

# This is weird but but the 32-bit profile is in the syswow64 folder
#If you want to execute in powershell 32-bit windows for All Users
$globalProfile32="C:\Windows\SysWow64\WindowsPowerShell\v1.0\Microsoft.PowerShell_profile.ps1"

#If you want to execute in powershell ISE 64-bit windows for All Users
$globalISEProfile32="C:\Windows\SysWow64\WindowsPowerShell\v1.0\Microsoft.PowerShellISE_profile.ps1"

#Change the $profiles here to whatever you want to set from above
$profiles=@($myProfile,$myISEProfile)
$profiles | ForEach-Object -Process {
Add-Content -Path $_ -Value 'Function WD {Write-Host ([datetime]::UtcNow, (Get-TimeZone -Name "*GMT*").Id)}'
Add-Content -Path $_ -Value 'Set-Alias gt WD'
}

I hope this helps you out. Drop me a line or comment if there are mistakes obviously.

Leon

How to use your Comodo e-mail key for work with SSH

/ leonletto / Leave a comment

I was recently reading a great new @substack  npm package for sending and receiving encrypted messages. The package automatically looks on github for the public key for anyone registered there and uses that. Neat trick.

That got me thinking about how to verify who your sending a message to and how they can verify who you are.   Adding a self-signed key to your Github account but no-one knows that is actually you except you.  I use  Comodo e-mail key for my work and personal e-mails and wondered if there was way to use that since Comodo is saying its me.

Note: I know – they don’t verify my identity beyond sending to my e-mail but its something at least and a third party can check the key chain so its not totally without value.

One nice thing about this is that I now have a semi permanent public key that I can post online and use for logging into the servers I manage.  I think this is good.  I may be convinced otherwise if I am making some security faux-pa.

So without further ado, here are the instructions for using a Comodo key as your key for more than just e-mail.

Go to Comodo and get your free key.

Update: Step by step notes on that process and how it works.

Once you import this into your key store, export it to your P12 file (with a really secure password please! ) – and BACK IT UP 🙂

Now convert your shiny new email cert to a ssh private key.

Note: I worked this out on OSX – I haven’t tried all the steps on linux or windows yet.

Copy your myemail@someserver.com.p12 file to your ~.ssh directory.

Now open a terminal and cd into your ~.ssh directory

Run this command

openssl pkcs12 -in myemail\@someserver.com.p12 -nocerts -nodes | openssl rsa > id_rsa

This gives you a new private key file in rsa ssh format

Now you have to correct the access on that file.  Run this command

chmod 600 id_rsa

Next run the following command to extract the public key – which you can put on your remote servers to login securely

ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub

If you only have one identity, this is all you need to do

Multiple Identities

If you have more than one identity – say a personal email address and a work email address and you want to login to both from your main computer – here are the directions:

First backup what you have done so far.

Next you are going to rename the above files to something that makes sense eg:

mv id_rsa myemail_myserver_id_rsa
mv id_rsa.pub myemail_myserver_id_rsa

Now follow the above instructions to create a new comodo cert for your other email, convert the new cert to an id_rsa and id_rsa.pub and rename them as so:

mv id_rsa myotheremail_myserver_id_rsa
mv id_rsa.pub myotheremail_myserver_id_rsa

Next you have to tell ssh which identity to use when logging into your servers.

Modify your /etc/ssh/ssh_config (linux) or /etc/ssh_config (osx) to add the following lines

Host friendly-name-myemail
HostName long.and.cumbersome.server.name
IdentityFile ~/.ssh/myemail_myserver_id_rsa
User username-on-remote-machine

Host friendly-name-myotheremail
HostName long.and.cumbersome.other.server.name
IdentityFile ~/.ssh/myotheremail_myserver_id_rsa
User username-on-other-remote-machine

## This line should have the default identity file you want to send
Host *
SendEnv LANG LC_*
IdentityFile ~/.ssh/myemail_id_rsa

NOTE: you will only need the “User” line (#4) if you have multiple identities on the server you are trying to login to with the same ssh key.

Now you can login using:

ssh friendly-name

Publishing your (PUBLIC) key

The last tip is about publishing your public key so that people can find it on the internet and send you encrypted messages. I am going to use Github as an example here because of the @substack  (James Halliday) great npm package cipherhub for sending and receiving encrypted messages. The package automatically looks on github for the public key for anyone registered there and uses that. Neat trick.  I also noted that @tjholowaychuk has written an shell script version.

Find them both here

So basically, take your shiny new public key and add it to github (or your blog, or some other public place so people can find it and send you secure messages ).   I think you need to

If you don’t have a Github account, here are some other places to publish your key which you can then link to eg.

The PGP Global Directory

Many thanks to these users questions and answer for tips.

How to get the private key converted:

How to get the public key out of the private key:

How to setup multiple identities: