Jerry Jacobs xor-gate

## better-ssh-authorized-keys-management.md

      
              4 files
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                xor-gate
                / better-ssh-authorized-keys-management.md
            
            
              Last active
              January 22, 2018 13:37
                — forked from sivel/better-ssh-authorized-keys-management.md
            
          
    Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.
People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys.  A centralized key management system could help provide all of this functionality with a little scripting.
One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.
Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

  
## shortener.go
package main

import (
	"fmt"
	"log"
	"math/rand"
	"net/http"
	"time"

	"github.com/garyburd/redigo/redis"

## mountpoint.c

#include <assert.h>
#include <sys/stat.h>
#include <stdint.h>
#include <libgen.h>
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char * argv[]) {

## url-shortner.c
/**
 * Author: Felipe Ferreri Tonello <eu@felipetonello.com>
 *
 * This url-shortner it only works with ASCII characters. It encodes and
 * decodes ids.
 * You can change base_x as you wish.
 *
 * It runs at least 20 times faster then a Python implementation.
 *
 * $ time python url-shortner.py -s I7

## client.go
package main

import (
    "crypto/tls"
    "crypto/x509"
    "fmt"
    "io"
    "log"
)

## orhttp_example.go
// To the extent possible under law, the Yawning Angel has waived all copyright
// and related or neighboring rights to orhttp_example, using the creative
// commons "cc0" public domain dedication. See LICENSE or
// <http://creativecommons.org/publicdomain/zero/1.0/> for full details.

package main

import (
	// Things needed by the actual interface.
	"golang.org/x/net/proxy"

## SSHCommander.go
package main

import (
	"fmt"
	"os"
	"os/exec"
)

type SSHCommander struct {
	User string

## gist:d5e5b3ed7557247b7a36

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                xor-gate
                / gist:d5e5b3ed7557247b7a36
            
            
              Created
              January 29, 2016 15:56
                — forked from andrewlkho/gist:e9a8c996c4bc1df23cd2
            
              
                How to secure debian with two factor authentication (TOTP/HOTP)
              
          
    First, install the necesssary packages:
% apt-get install libpam-oath oathtool

Generate a key and write it to /etc/users.oath (NB the key will be in hexadecimal; if you are using Authy you will want to convert it to BASE32):
% KEY=$( head -c 1024 /dev/urandom | openssl sha1 | awk '{ print $2 }' )
% echo "HOTP/T30/6 andrewlkho - ${KEY}" >> /etc/security/users.oath
% chmod 600 /etc/users.oath


## gofetch.go
package main

import (
    "errors"
    "flag"
    "fmt"
    "io/ioutil"
    "log"
    "math"
    "net/http"

## _readme.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                xor-gate
                / _readme.md
            
            
              Created
              May 11, 2016 18:51
                — forked from steeve/_readme.md
            
              
                How to cross compile Go with CGO programs for a different OS/Arch
              
          
    How to cross compile Go with CGO programs for a different OS/Arch

It is possible to compile Go programs for a different OS, even though go build says otherwise.
You'll need:

a valid toolchain for the platform/os you're targetting
Go Tip (works on 1.1 and 1.2rc1 but you might as well be on tip)
golang-crosscompile helper script https://github.com/davecheney/golang-crosscompile
the patch provided
	package main

	import (
	"fmt"
	"log"
	"math/rand"
	"net/http"
	"time"

	"github.com/garyburd/redigo/redis"

	#include <assert.h>
	#include <sys/stat.h>
	#include <stdint.h>
	#include <libgen.h>
	#include <stdio.h>
	#include <stdlib.h>

	int main(int argc, char * argv[]) {
	/**
	* Author: Felipe Ferreri Tonello <eu@felipetonello.com>
	*
	* This url-shortner it only works with ASCII characters. It encodes and
	* decodes ids.
	* You can change base_x as you wish.
	*
	* It runs at least 20 times faster then a Python implementation.
	*
	* $ time python url-shortner.py -s I7
	package main

	import (
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"io"
	"log"
	)
	// To the extent possible under law, the Yawning Angel has waived all copyright
	// and related or neighboring rights to orhttp_example, using the creative
	// commons "cc0" public domain dedication. See LICENSE or
	// <http://creativecommons.org/publicdomain/zero/1.0/> for full details.

	package main

	import (
	// Things needed by the actual interface.
	"golang.org/x/net/proxy"
	package main

	import (
	"errors"
	"flag"
	"fmt"
	"io/ioutil"
	"log"
	"math"
	"net/http"