Generating a SHA-1 HMAC in Python

When signing a message posted to an API, sometimes an SHA1 digest or hash is required. This example shows the signing of a payload, and insertion of an X-Hmac header – however you may need to modify this depending on the API you are using.

def make_digest(message, key):
    key     = bytes(key, 'UTF-8')
    message = bytes(message, 'UTF-8')

    digester =, message, hashlib.sha1)
    sig = digester.hexdigest()
    return sig

The below shows an example API call against the Genband API, this shows the JSON payload being signed.

from requests import Session
import hmac
import hashlib
import json

def make_digest(message, key):
    key     = bytes(key, 'UTF-8')
    message = bytes(message, 'UTF-8')

    digester =, message, hashlib.sha1)
    sig = digester.hexdigest()
    return sig

s = Session()

base_api_url = ""
json_payload = "{}"
hmac_key = 'key-goes-here'
digest = make_digest(json_payload, hmac_key)

headers = {
        'X-Group-ID'    : 'group-id',
        'X-User-ID'     : 'user-id',
        'X-User-Token'  : 'token-here',
        'X-Hmac'         : digest

url = base_api_url + "path/to/method"
ret = s.get(url, headers=headers, json={})

Below shows the generation in PHP


$key = 'your-secure-key-here';
$payload = '{}';

echo hash_hmac('sha1', $payload, $key);

How to download YouTube videos using Docker on Linux

I recently found a 2 hour YouTube video where I wanted to listen to the audio only.  On trying to install youtube-dl on my server, I was shocked to see the number of packages that it was trying to install.

I run Ubuntu, but this should work in any Linux distro.  Using a docker container saves polluting your server with a lot of dependencies you might not need.

If you don’t already have it, install docker:

# curl -fsSL -o
# sh ./

The following will download a video to the current working directory:

# docker run --rm  -v $PWD:/downloads wernight/youtube-dl "

This will extract just the audio and give you the output as an mp3:

# docker run --rm  -v $PWD:/downloads wernight/youtube-dl --extract-audio --audio-format mp3  ""

Expanding a Dell PERC H800 RAID array with additional MD1200 shelves

Here is a short guide to creating a RAID 10 array on a PERC 800.  In my case, additional drives were added via 2 new MD1200 which were chained onto the existing shelves.

Continue reading “Expanding a Dell PERC H800 RAID array with additional MD1200 shelves”

Forcing cURL to use DNS though SOCK5 proxy

I recently had to code a REST call to a service I could only access behind a SOCK5 proxy.  Unfortunately, the hostname of the service wasn’t publicly resolvable so the DNS had to be resolved on the other side of the proxy.  Whilst this is pobbible in cURL itself by using the CURLOPT_PROXYTYPE option and setting it to CURLPROXY_SOCKS5_HOSTNAME or by using the flag –socks5-hostname – the constant isn’t available within PHP.  This feature was requested in however hasn’t yet been implemented.  This can simply be worked around by setting the proxy type to 7.  The code below shows an example of doing this using the Httpful library, however if you were using curl natively you’d just use curl_setopt()


$r = HttpfulRequest::post($url)
->addOnCurlOption(CURLOPT_PROXY, 'localhost:8080')
->addOnCurlOption(CURLOPT_PROXYTYPE, 7)

How and why I cracked a password hash

This was originally 2 years ago with references to the product and vendor. Unfortunately I got threatening legal letters, and almost lost my job! I’ve now stripped out the vendors references and am putting it up simply because I think others will find my methodologies and write up interesting.

Continue reading “How and why I cracked a password hash”

Installing VMWare’s ESXi guest tools on Ubuntu 11.10

There seems to be a lot of confusion in the IRC channel about how to install the guest tools on linux – with a lot of people recommending that you install the tools via the tools installer and the script. I really don’t like to do things this way – as I believe things should be installed using the package manager, and creating .debs of the tools means you don’t need to install a compiler on all of your guests.

Continue reading “Installing VMWare’s ESXi guest tools on Ubuntu 11.10”

Creating a custom form field type in symfony 2

I am finally starting to dive into symfony 2 properly. Yes – it’s taken a while, work has taken me in different directions! I found myself needing to create a custom form field type pretty quickly, but couldn’t find much in the way of documentation to do so, so I thought I’ld throw it up here; partly to help others, but mostly to get feedback to make sure I’m not approaching this from the wrong angle.

Continue reading “Creating a custom form field type in symfony 2”

Customising the kickstart script for ESXi automated installs

After my last post, ‘Installing VMware ESXi via PXE’, I found that I needed to do a little customisation of the kickstart script on a per host basis. This post shows how I went about that, with a simple hack to aquire the MAC address and then customise the script based on that. This is a very simple example, but you could modify this easily for your needs. Notice I have two MACs per host below, this is because the machines could PXE over either of their 2 interfaces.

Continue reading “Customising the kickstart script for ESXi automated installs”

Installing VMWare ESXi via PXE

We’re going down the route of virtualising our infrastructure at Timico, which means I’m having to get my hands dirty with VMWare. We’ve tried the Xen route, and not really got on with it – so it’s time to move on to something a little more polished.

In this article, I’ll outline how I plan on speeding up the provisioning of new tin to run as VM machines. The plan is to be able to plug in a new node whenever one is needed, and have it fully auto-provisioned from start to end. The first step in doing that is to automate the installation of vmware ESXi – which is done by PXE booting.

Continue reading “Installing VMWare ESXi via PXE”