Chris Danis cdanis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam' | |
| default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes' | |
| default['sshd']['sshd_config']['PasswordAuthentication'] = 'no' |
mtigas
/ onion-svc-v3-client-auth.sh
Last active
July 15, 2023 16:00
experiments with using v3 onions with client auth (as of tor 0.3.5.X)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # needs openssl 1.1+ | |
| # needs `basez` https://manpages.debian.org/testing/basez/base32hex.1.en.html | |
| # (but something else that decodes the base64 and re-encodes the raw key bytes | |
| # to base32 is probably fine too) | |
| ##### generate a key | |
| openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem |
ttimasdf
/ 00-Systemd_service_for_autossh.md
Last active
April 9, 2024 19:36
— forked from thomasfr/autossh.service
Systemd service for autossh
curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/autossh@host1 | \
sudo tee /etc/default/autossh@example
curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/autossh@.service | \
sudo tee /etc/systemd/system/autossh@.service
sudo useradd -g nogroup -s /bin/false -m tunnel
sudo -u tunnel mkdir -p ~tunnel/.ssh # and copy your private key here