Skip to content

Instantly share code, notes, and snippets.

View EugenMayer's full-sized avatar
🏠
Working from home

Eugen Mayer EugenMayer

🏠
Working from home
198 followers · 13 following
View GitHub Profile
@EugenMayer
EugenMayer / guide.md
Created January 20, 2025 12:08 — forked from Kranzes/guide.md
SSH Resident Key Guide

Initial checks

Start by checking that there aren't any previous ssh keys inside the FIDO2 authenticator of your YubiKey. You can check if they exist by running the command below:

nix shell nixpkgs#yubikey-manager -c ykman fido credentials list

If the command above outputs a string mentioning "ssh" or "openssh", then you have already got a key generated and store on your YubiKey.

Evaluating additional authentication factors

Before generating a new ssh key to store on your YubiKey you must consider which additional required authentication factors you want to use. Below you can see a table with the available factors and their corresponding command:

@EugenMayer
EugenMayer / 00-docker-shorewall.md
Created February 24, 2019 21:46 — forked from lukasnellen/00-docker-shorewall.md
setup shorewall for docker networking beyond the default bridge network, e.g., for docker-compose

Docker(-compose) with shorewall

The shorewall documentation explains in http://shorewall.org/Docker.html how to configure shorewall for use with docker. The problem with the configuration is that it only allows connections from the host to the main bridge docker0. Connections to other networks on dynamically created bridges, with names starting by default with br-, is blocked. Instead of the recommended contents of /etc/shorewall/interfaces, use wild-card interface names as follows:

#ZONE	INTERFACE	OPTIONS
#dock	docker0		bridge     # disabled default recommendation
dock 	docker0		physical=docker+,routeback=1
dock 	br		physical=br-+,routeback=1
@EugenMayer
EugenMayer / msys_hetzner-etc_network_interfaces
Created May 20, 2017 21:57 — forked from jpawlowski/msys_hetzner-etc_network_interfaces
Debian network configuration for Proxmox VE server running on a Hetzner host
# /etc/network/interfaces
#
auto lo
iface lo inet loopback
# device: eth0
iface eth0 inet manual
# IPv4 bridge
# (connect ONLY your firewall/router KVM instance here, this is the WAN device!)
@EugenMayer
EugenMayer / msys_hetzner-etc_network_interfaces
Created May 20, 2017 21:57 — forked from jpawlowski/msys_hetzner-etc_network_interfaces
Debian network configuration for Proxmox VE server running on a Hetzner host
# /etc/network/interfaces
#
auto lo
iface lo inet loopback
# device: eth0
iface eth0 inet manual
# IPv4 bridge
# (connect ONLY your firewall/router KVM instance here, this is the WAN device!)