Skip to content

Instantly share code, notes, and snippets.


Tim Weber scy

View GitHub Profile
scy /
Last active Nov 29, 2020
Opening and closing an SSH tunnel in a shell script the smart way

Opening and closing an SSH tunnel in a shell script the smart way

I recently had the following problem:

  • From an unattended shell script (called by Jenkins), run a command-line tool that accesses the MySQL database on another host.
  • That tool doesn't know that the database is on another host, plus the MySQL port on that host is firewalled and not accessible from other machines.

We didn't want to open the MySQL port to the network, but it's possible to SSH from the Jenkins machine to the MySQL machine. So, basically you would do something like

ssh -L 3306:localhost:3306 remotehost
scy /
Created Sep 20, 2013
How to delete a file from a Git repository, but not other users' working copies

How to delete a file from a Git repository, but not other users' working copies

Suppose you have, by mistake, added your IDE's project folder (you know, these .idea folders with all kinds of local paths and configuration data and settings in it) to the Git repository of your project. (We're talking about a whole folder here, but the same rules apply to individual files as well.)

Of course, you only realize that two days after the fact and have already pushed it, and your colleagues have already pulled it. They use the same IDE as you do, so whenever they change a setting or fix paths, they can either

  • commit that, causing nasty merge conflicts for you and others or
  • ignore the changes and carry around a modified file until the end of time without ever committing it.

Why .gitignore won't help

scy / login-notify
Created Dec 7, 2017
Only allow SSH logins after a push notification to your phone has been sent
View login-notify
# Only allow SSH logins after a push notification to your phone has been sent.
# Also sends a notification after logging out.
# This uses the Pushover service (
# If Pushover cannot be reached, the login will be denied!
# Add something like this to /etc/pam.d/sshd:
# session required /usr/local/bin/login-notify
# For Debian, a good place is after "@include common-account".
scy /
Last active Aug 22, 2020
My OSX PF config for #30C3.

My OS X “VPN only” Setup For #30C3

You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.

Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.

If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.

Target audience

scy /
Last active Mar 19, 2020
Log results to IoTPlotter
# Requires the (official) Speedtest CLI app available at ./speedtest
# Get it at <>
# Usage: feed_id api_key
# Get the two arguments from your feed.
# Currently, a single server (ID 1746) is hardcoded.
# I'll make this configurable soon™.
scy /
Last active Feb 8, 2020

Keybase proof

I hereby claim:

  • I am scy on github.
  • I am scy ( on keybase.
  • I have a public key ASAdsSlXz8yCDiWmbQDYVCO2FiNRysGf4rIxRieOYynBIgo

To claim this, I am signing this object:

scy /
Created May 21, 2014
Simple PhantomJS installer for Linux
set -e
if [ "$(id -u)" -ne 0 ]; then
printf 'WARNING: You will most likely need to be root, but continuing anyway ...\n' >&2
if [ -z "$url" ]; then
printf 'Please go to <> and find the\n'
scy / packets.txt
Last active Jan 11, 2020
Checksum of a proprietary RS485 protocol
View packets.txt
Packets with “?” may have a wrong checksum, I’m not sure about those.
Format of a packet seems to be:
1 start byte
3 bytes header (I don’t understand it yet)
1 byte payload length
n bytes payload
1 byte checksum
Interested in what else I found out? Check the project page:
scy / SuperCollider on
Last active Sep 26, 2019
My attempt to build SuperCollider on Termux/Android
View SuperCollider on

This was supposed to be posted on the SC forums at, but I ran into the spam filter and thus saved it as a Gist first. It's on the forums now: My attempt to build SuperCollider on Termux/Android

I've been thinking about using SuperCollider on my phone. There's glastonbridge/SuperCollider-Android which hasn't been touched since 2014, so I thought I'll try to build a current version from source, based on the guide for Linux. Also, since Termux provides a great Linux CLI environment, including build toolchains, directly on the device, I wanted to try building SC under Termux.

Spoiler alert: I didn't manage to do it. The main problem is not having an audio driver, since the Linux build requires libjack, and neither Android nor Termux provide it. (Termux has

scy / gw2-golang-poc.go
Last active Jan 2, 2019
Example on how to access the Guild Wars 2 Mumble Link API on Windows using Go. Not supposed to be good Go code, but it works.
View gw2-golang-poc.go
package main
import (
You can’t perform that action at this time.