Skip to content

Instantly share code, notes, and snippets.

View scy's full-sized avatar

Tim Weber scy

158 followers · 24 following
View GitHub Profile
@scy
scy / opening-and-closing-an-ssh-tunnel-in-a-shell-script-the-smart-way.md
Last active March 15, 2024 11:26
Opening and closing an SSH tunnel in a shell script the smart way

Opening and closing an SSH tunnel in a shell script the smart way

I recently had the following problem:

  • From an unattended shell script (called by Jenkins), run a command-line tool that accesses the MySQL database on another host.
  • That tool doesn't know that the database is on another host, plus the MySQL port on that host is firewalled and not accessible from other machines.

We didn't want to open the MySQL port to the network, but it's possible to SSH from the Jenkins machine to the MySQL machine. So, basically you would do something like

ssh -L 3306:localhost:3306 remotehost

@scy
scy / README.md
Last active July 7, 2023 09:27
My OSX PF config for #30C3.

My OS X “VPN only” Setup For #30C3

You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.

Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.

If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.

Target audience

@scy
scy / gw2-golang-poc.go
Last active September 20, 2022 15:08
Example on how to access the Guild Wars 2 Mumble Link API on Windows using Go. Not supposed to be good Go code, but it works.
package main
import (
"fmt"
"log"
"syscall"
"time"
"unsafe"
"unicode/utf16"
"unicode/utf8"
@scy
scy / SuperCollider on Termux.md
Last active December 13, 2021 10:45
My attempt to build SuperCollider on Termux/Android

This was supposed to be posted on the SC forums at scsynth.org, but I ran into the spam filter and thus saved it as a Gist first. It's on the forums now: My attempt to build SuperCollider on Termux/Android

I've been thinking about using SuperCollider on my phone. There's glastonbridge/SuperCollider-Android which hasn't been touched since 2014, so I thought I'll try to build a current version from source, based on the guide for Linux. Also, since Termux provides a great Linux CLI environment, including build toolchains, directly on the device, I wanted to try building SC under Termux.

Spoiler alert: I didn't manage to do it. The main problem is not having an audio driver, since the Linux build requires libjack, and neither Android nor Termux provide it. (Termux has

@scy
scy / delete-from-repo.md
Created September 20, 2013 11:54
How to delete a file from a Git repository, but not other users' working copies

How to delete a file from a Git repository, but not other users' working copies

Suppose you have, by mistake, added your IDE's project folder (you know, these .idea folders with all kinds of local paths and configuration data and settings in it) to the Git repository of your project. (We're talking about a whole folder here, but the same rules apply to individual files as well.)

Of course, you only realize that two days after the fact and have already pushed it, and your colleagues have already pulled it. They use the same IDE as you do, so whenever they change a setting or fix paths, they can either

  • commit that, causing nasty merge conflicts for you and others or
  • ignore the changes and carry around a modified file until the end of time without ever committing it.

Why .gitignore won't help

@scy
scy / login-notify
Created December 7, 2017 22:07
Only allow SSH logins after a push notification to your phone has been sent
#!/bin/sh
# Only allow SSH logins after a push notification to your phone has been sent.
# Also sends a notification after logging out.
# This uses the Pushover service (pushover.net).
# If Pushover cannot be reached, the login will be denied!
# Add something like this to /etc/pam.d/sshd:
# session required pam_exec.so /usr/local/bin/login-notify
# For Debian, a good place is after "@include common-account".
@scy
scy / borg-restic-dedup.md
Created March 16, 2021 15:57
Borg and restic and their deduplication with inserted bytes
@scy
scy / speedlog.sh
Last active March 19, 2020 00:22
Log Speedtest.net results to IoTPlotter
#!/bin/sh
# Requires the (official) Speedtest CLI app available at ./speedtest
# Get it at <https://www.speedtest.net/apps/cli>
# Usage: speedlog.sh feed_id api_key
# Get the two arguments from your IoTPlotter.com feed.
# Currently, a single server (ID 1746) is hardcoded.
# I'll make this configurable soon™.
@scy
scy / keybase.md
Last active February 8, 2020 12:51
keybase.md

Keybase proof

I hereby claim:

  • I am scy on github.
  • I am scy (https://keybase.io/scy) on keybase.
  • I have a public key ASAdsSlXz8yCDiWmbQDYVCO2FiNRysGf4rIxRieOYynBIgo

To claim this, I am signing this object:

@scy
scy / install-phantomjs.sh
Created May 21, 2014 14:10
Simple PhantomJS installer for Linux
#!/bin/sh
set -e
if [ "$(id -u)" -ne 0 ]; then
printf 'WARNING: You will most likely need to be root, but continuing anyway ...\n' >&2
fi
url="$1"
if [ -z "$url" ]; then
printf 'Please go to <http://phantomjs.org/download.html> and find the\n'