Amelia Crate a-crate

## readme.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                a-crate
                / readme.md
            
            
              Created
              September 2, 2025 18:11
            
              
                URL open reverse-forwarding over SSH
              
          
    These are all the configuration bits required to make URLs opened on a remote host from an ssh session appear in a browser locally on the client.
It's possible (and easier) to do this with reverse port forwarding rather than reverse socket forward, but I dislike this because it means that anyone on the server can make you open URLs on the client. This way, write access to the socket on the server is required for the ability to open URLs. If you make it 0700, that means only you can do so effectively.
Client side bits

You need a systemd user service that listens for URLs on a socket and runs xdg-open on them
amelia-crate@amelia-crate-16 ~> systemctl --user cat url-listen
# /home/amelia-crate/.config/systemd/user/url-listen.service


## gist:7d6b65b56948fe5dd0fabb5304cdf79c
#!/usr/bin/python3

import os
import re
import sys
import subprocess
import argparse
from ruamel.yaml import YAML

# https://github.com/wolfi-dev/os/pull/42723

## gist:bea928d386acf8c48827b2c9f1522293
======================
Proton: 1696584680 proton-8.0-4b
SteamGameId: 961200
Command: ['/home/amy/.local/share/Steam/steamapps/common/Predecessor/PredecessorLauncher.exe', '-dx11']
Options: {'forcelgadd'}
depot: 0.20231005.62324
pressure-vessel: 0.20230928.1 scout
scripts: 0.20230928.1
sniper: 0.20231005.62324 sniper 0.20231005.62324
Kernel: Linux 6.5.7-arch1-1 #1 SMP PREEMPT_DYNAMIC Tue, 10 Oct 2023 21:10:21 +0000 x86_64

## gist:a9cbe1b31bb2615cfe3409fcd5eaa839
Computer Information:
Manufacturer: LENOVO
Model: 20L6S6N500
Form Factor: Laptop
No Touch Input Detected
Processor Information:
CPU Vendor: GenuineIntel
CPU Brand: Intel(R) Core(TM) i7-8650U CPU @ 1.90GHz
CPU Family: 0x6
CPU Model: 0x8e

## gentoo-pam-gnome-keyring.txt
~> cat /etc/pam.d/system-auth
auth		required	pam_env.so
auth		requisite	pam_faillock.so preauth
auth		optional	pam_gnome_keyring.so
# try_first_pass seems to be a required option here
auth            [success=1 default=ignore]      pam_unix.so nullok  try_first_pass
auth		[default=die]	pam_faillock.so authfail
account		required	pam_unix.so
account         required        pam_faillock.so
password	required	pam_passwdqc.so config=/etc/security/passwdqc.conf
	#!/usr/bin/python3

	import os
	import re
	import sys
	import subprocess
	import argparse
	from ruamel.yaml import YAML

	# https://github.com/wolfi-dev/os/pull/42723
	======================
	Proton: 1696584680 proton-8.0-4b
	SteamGameId: 961200
	Command: ['/home/amy/.local/share/Steam/steamapps/common/Predecessor/PredecessorLauncher.exe', '-dx11']
	Options: {'forcelgadd'}
	depot: 0.20231005.62324
	pressure-vessel: 0.20230928.1 scout
	scripts: 0.20230928.1
	sniper: 0.20231005.62324 sniper 0.20231005.62324
	Kernel: Linux 6.5.7-arch1-1 #1 SMP PREEMPT_DYNAMIC Tue, 10 Oct 2023 21:10:21 +0000 x86_64
	Computer Information:
	Manufacturer: LENOVO
	Model: 20L6S6N500
	Form Factor: Laptop
	No Touch Input Detected
	Processor Information:
	CPU Vendor: GenuineIntel
	CPU Brand: Intel(R) Core(TM) i7-8650U CPU @ 1.90GHz
	CPU Family: 0x6
	CPU Model: 0x8e
	~> cat /etc/pam.d/system-auth
	auth required pam_env.so
	auth requisite pam_faillock.so preauth
	auth optional pam_gnome_keyring.so
	# try_first_pass seems to be a required option here
	auth [success=1 default=ignore] pam_unix.so nullok try_first_pass
	auth [default=die] pam_faillock.so authfail
	account required pam_unix.so
	account required pam_faillock.so
	password required pam_passwdqc.so config=/etc/security/passwdqc.conf