Skip to content

Instantly share code, notes, and snippets.

View 100xff's full-sized avatar
๐Ÿ‹
chasing the flow state

Fionn 100xff

๐Ÿ‹
chasing the flow state
  • Hong Kong
View GitHub Profile
@BertanT
BertanT / guide_macskeyinstaller.md
Last active October 15, 2025 05:34
macOS OpenSSH Client Patcher for Hardware Security Key Support (ED25519-SK With YubiKey Etc.)

๐Ÿ” macOS OpenSSH Patcher for Hardware Security Keys

Supports ED25519-SK with Yubikey and other FIDO2 hardware security keys!

๐Ÿค” Discussion

Despite being compiled to support hardware security keys that take advantage of the FIDO2 protocol, the built-in OpenSSH client on macOS Sonoma and above lacks the middleware/library to support these devices. To keep using the built-in client - which is often the most stable and secure method for SSH connections - we need to compile the Security Key Provider from OpenSSH source and tell the macOS client about it ourselves.

This script does all of that for you on both Apple Silicon and Intel Mac computers!

The script installs openssl and libfido2 along with the required build tools from Homebrew. It then clones the latest main branch of OpenSSH Portable and builds from it the Security Key Provider library: sk-libfido2.dylib. It finally moves the built library to /usr/local/lib/, modifies ~/.zshenv to expor

@thelastlin
thelastlin / libsk-libfido2_BUILD_FROM_OPENSSH.md
Last active March 22, 2025 14:07
Build libsk-libfido2.so from OpenSSH-portable

Tested on macOS Sonoma Developer beta 2 (23A5276g)

Build libsk-libfido2.so

Prerequisite

  1. Download openssh-portable source code, install libcrypto, libfido2;
  2. Configure openssh-portable build system by ./configure # [options].

Apply patch

@darahayes
darahayes / ansible_kms_encrypt_decrypt.md
Last active February 18, 2024 18:57
KMS Encrypt and Decrypt filters in Ansible

KMS Encrypt and Decrypt Filters for Ansible

This Gist shows how you can encrypt/decrypt variables with KMS during your Ansible playbook execution. While google searching I couldn't find anything useful on the subject.

Let's say your project has a folder of playbooks called plays.

In that folder, create a folder called filter_plugins and insert kms_filters.py (included in this gist)

@andrewlkho
andrewlkho / gist:e9a8c996c4bc1df23cd2
Last active January 21, 2025 15:44
How to secure debian with two factor authentication (TOTP/HOTP)

First, install the necesssary packages:

% apt-get install libpam-oath oathtool

Generate a key and write it to /etc/users.oath (NB the key will be in hexadecimal; if you are using Authy you will want to convert it to BASE32):

% KEY=$( head -c 1024 /dev/urandom | openssl sha1 | awk '{ print $2 }' )
% echo "HOTP/T30/6 andrewlkho - ${KEY}" >> /etc/security/users.oath
% chmod 600 /etc/users.oath
@roryokane
roryokane / 1 โ€“ myers (default) algorithm.diff
Last active September 30, 2025 21:33
Comparison between Git diff algorithms: myers (default) vs. patience (example favors patience)
diff --git a/file.c b/file.c
index 6faa5a3..e3af329 100644
--- a/file.c
+++ b/file.c
@@ -1,26 +1,25 @@
#include <stdio.h>
-// Frobs foo heartily
-int frobnitz(int foo)
+int fib(int n)