feat: Lumos -> lmohc - close enough ? static id for secure origin

[sublimator]

I mean it's typically going to be pretty obvious when your fans whir up that something is accessing the LLM, but setting OLLAMA_ORIGINS=chrome-extension://* is a bit too loose.

#!/bin/bash -u
# We use set -e and bash with -u to bail on first non zero exit code of any
# processes launched or upon any unbound variable.
# We use set -x to print commands before running them to help with
# debugging.
set -ex

TARGET_ID="lmo*"

while true; do
    # Generate a private key
    openssl genrsa -out private.pem 1024

    # Extract the public key from the private key in DER format and hash it
    ID=$(openssl rsa -in private.pem -pubout -outform DER 2>/dev/null | shasum -a 256 | head -c32 | tr 0-9a-f a-p)

    # Check if the ID starts with the target string
    if [[ $ID == $TARGET_ID* ]]; then
        echo "Match found!"
        echo "Private Key: private.pem"
        echo "Public Key ID: $ID"
        break
    fi

done

[sublimator]

Related:
ollama/ollama#2335 (comment)

[andrewnguonly]

Sorry, I meant to get to this. I believe it's still valid.

[sublimator]

Do you want to do anything with this?

[andrewnguonly]

Do you want to do anything with this?

Yup, sorry. Still thinking through this and some other things.