I thought that it would be nice to share this not only because it would save others a lot of time figuring out this mess. So if you find something that could be improved or is just wrong, I will happily update this post.
This is a fork of @lizthegrey excellent gist on securing SSH with 2FA but modified to focus on the first steps one can take toward securing ssh access to Github (or other version control systems) with Apple touch ID button. Designed to prevent key theft from the systems we connect to with 2FA, while maintaining ease of use. From the project "If your Mac has a Secure Enclave, it also has support for strong access controls like Touch ID, or authentication with Apple Watch. You can configure your key so that they require Touch ID (or Watch) authentication before they're accessed. If you store your keys in the Secure Enclave, it's impossible to export them, by design."
Use TouchID to authenticate logins to GitHub! Since sekey is no longer maintained, let's use secretive instead.
Install the binary:
# typed: true | |
# frozen_string_literal: true | |
require('dev') | |
require('fileutils') | |
module Dev | |
module Helpers | |
class APFSVolume | |
extend(T::Sig) |
This GitHub Gist details the manual configuration needed on a UniFi controller to enable IPv6 tunneling with Hurricane Electric's Tunnelbroker service.
This is what works for me personally. Stuff you'll need to do to adapt this to your ends:
- Replace "local-ip" with your USG's public IPv4 address.
- Replace "remote-ip" with the address of your Tunnelbroker tunnel server.
- Replace "address" with the IPv6 address that your are allocated.
#!/bin/bash | |
ADIF=VE2HEW.adi | |
SATS=sats.adi | |
ADIFCONF=sats-confirmed.adi | |
ADIFUNCONF=sats-unconfirmed.adi | |
WORKED=ve2hew-unconfirmed.log | |
CONFIRMED=ve2hew-confirmed.log | |
head -n 7 $ADIF | tee $SATS $ADIFCONF $ADIFUNCONF >/dev/null | |
grep '<PROP_MODE:3>SAT' $ADIF > $SATS |
#Based on https://github.com/kevinhughes27/audiogrep-docker | |
# DOCKER-VERSION 1.4.0 | |
FROM ubuntu:14.04 | |
RUN apt-get update | |
RUN apt-get install -y software-properties-common | |
# FFMPEG | |
#The repository needs updating from the original | |
#Note that ffmpeg not standardly available for Ubuntu 14.04: http://www.faqforge.com/linux/how-to-install-ffmpeg-on-ubuntu-14-04/ |
#!/bin/sh | |
LLVM_HOME=/usr/local/Cellar/llvm/3.6.2/bin | |
PONY_HOME=/path/to/pony/repo | |
PONY_LIBS=${PONY_HOME}/build/debug | |
TARGET_ARCH=x86-64 | |
OUT_LL="$1.ll" | |
OUT_BC="$1.bc" | |
OUT_S="$1.s" |
TYPE="Ethernet" | |
BOOTPROTO="dhcp" | |
DEFROUTE="yes" | |
IPV4_FAILURE_FATAL="no" | |
IPV6INIT="yes" | |
IPV6_AUTOCONF="yes" | |
IPV6_DEFROUTE="yes" | |
IPV6_FAILURE_FATAL="no" | |
NAME="eno16777728" | |
DEVICE="eno16777728" |
1 - Create a *private* GitHub/Bitbucket or similar git repo. Here I assume the repo is: | |
https://github.com/calkan/bash_history.git | |
2 - Create .history directory and initialize it for the repo: | |
mkdir $HOME/.history | |
cd $HOME/.history | |
git init | |
touch README.md |