Skip to content

Instantly share code, notes, and snippets.

@daemonhorn
daemonhorn / freebsd_yubikey_authentication.md
Last active November 8, 2024 02:40
Setting up yubikey/solo2 for piv, fido, and gpg on FreeBSD (Firefox, Chromium, PAM, SSH, and GnuPG)

Overview

How to configure FreeBSD and applicable applications to work with Yubikey for authentication. This serves as my work-in-progress documentation of the configuration knobs needed to make this work properly.

  • FreeBSD ssh with piv smartcard slot on Yubikey (pkcs11 via libykcs11.so)
  • FreeBSD ssh with fido support on Yubikey
  • FreeBSD Firefox/Chromium with fido + webauthn support on Yubikey
  • FreeBSD local console and gdm authentication using pam on Yubikey
  • FreeBSD official YubiKey tools

Latest Tested FreeBSD versions

  • FreeBSD 13.2 Testing (Aug 2023)
  • FreeBSD stable/13 Testing (Aug 2023) with OpenSSH_9.3p2
:xdg-support: https://wiki.archlinux.org/index.php/XDG_Base_Directory
:xdg-spec: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
:fhs: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
:madness: http://pub.gajendra.net/2012/09/dotfiles
:litter: https://www.reddit.com/r/linux/comments/971m0z/im_tired_of_folders_littering_my_home_directory/
:systemd: https://www.freedesktop.org/wiki/Software/systemd/
:systemd-fhs: https://www.freedesktop.org/software/systemd/man/file-hierarchy.html
:systemd-fhs-bin: https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#~/.local/bin/
:toc: macro
@MatthewVance
MatthewVance / unbound.conf
Last active May 6, 2024 21:18
Config for running Unbound as a caching DNS forwarder (performance settings optimized for Raspberry Pi 2).
server:
###########################################################################
# BASIC SETTINGS
###########################################################################
# Time to live maximum for RRsets and messages in the cache. If the maximum
# kicks in, responses to clients still get decrementing TTLs based on the
# original (larger) values. When the internal TTL expires, the cache item
# has expired. Can be set lower to force the resolver to query for data
# often, and not trust (very large) TTL values.
cache-max-ttl: 86400
@vivkin
vivkin / 16-color-table.sh
Created May 26, 2017 07:11
Terminal color test scripts
#!/bin/bash
#
# This file echoes a bunch of color codes to the terminal to demonstrate
# what's available. Each line is the color code of one forground color,
# out of 17 (default + 16 escapes), followed by a test use of that color
# on all nine background colors (default + 8 escapes).
#
T='gYw' # The test text
echo -e "\n 40m 41m 42m 43m 44m 45m 46m 47m";
for FGs in ' m' ' 1m' ' 30m' '1;30m' ' 31m' '1;31m' ' 32m' '1;32m' ' 33m' '1;33m' ' 34m' '1;34m' ' 35m' '1;35m' ' 36m' '1;36m' ' 37m' '1;37m';
@XVilka
XVilka / TrueColour.md
Last active October 29, 2024 09:43
True Colour (16 million colours) support in various terminal applications and terminals

THIS GIST WAS MOVED TO TERMSTANDARD/COLORS REPOSITORY.

PLEASE ASK YOUR QUESTIONS OR ADD ANY SUGGESTIONS AS A REPOSITORY ISSUES OR PULL REQUESTS INSTEAD!

@nikcub
nikcub / README.md
Created October 4, 2012 13:06
Facebook PHP Source Code from August 2007