petiepooo
/ ssh-askpass
Created
January 6, 2017 06:34
OSX 10.9 script to allow confirmation of ssh keys on each use (/usr/libexec/ssh-askpass)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # An SSH_ASKPASS command for MacOS X | |
| # | |
| # Author: petiepooo | |
| # License: CC_SA | |
| # | |
| # This script is called by ssh-agent when SSH_ASKPASS environment | |
| # variable is set. It allows use of confirm each use when adding | |
| # an ssh key (ssh-add -c <key>). |
petiepooo
/ after.rules.salt.patch
Created
June 30, 2016 20:03
A patch to UFW's after.rules file to allow "knocking harder" protection for SaltStack ports
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- after.rules.orig 2016-06-30 14:56:53.155072361 -0500 | |
| +++ after.rules 2016-06-30 14:38:06.839093867 -0500 | |
| @@ -15,6 +15,9 @@ | |
| :ufw-after-forward - [0:0] | |
| # End required lines | |
| +### add salt-stack knocking chains | |
| +:salt-new-conn - [0:0] | |
| + | |
| # don't log noisy services by default |
petiepooo
/ after.rules.patch
Last active
June 30, 2016 19:48
/etc/ufw/after.rules patch to allow SSH when "knocking harder"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- a/after.rules 2012-04-05 13:16:41.000000000 -0500 | |
| +++ b/after.rules 2015-04-02 09:10:19.911426348 -0500 | |
| @@ -13,6 +13,8 @@ | |
| :ufw-after-input - [0:0] | |
| :ufw-after-output - [0:0] | |
| :ufw-after-forward - [0:0] | |
| +# new chain just for knocking connections: after input so user rules take precedence | |
| +:ufw-after-input-ssh - [0:0] | |
| # End required lines | |