Skip to content

Instantly share code, notes, and snippets.

View artynet's full-sized avatar

Arturo Rinaldi artynet

45 followers · 12 following
View GitHub Profile
@artynet
artynet / better-ssh-authorized-keys-management.md
Created December 10, 2018 15:59 — forked from sivel/better-ssh-authorized-keys-management.md
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

@artynet
artynet / java-download.sh
Created January 16, 2019 10:34
#!/bin/bash -x
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3a%2F%2Fwww.oracle.com%2Ftechnetwork%2Fjava%2Fjavase%2Fdownloads%2Fjdk8-downloads-2133151.html; oraclelicense=accept-securebackup-cookie;" "$1"
@artynet
artynet / network-interfaces-proxy.newtork
Created January 21, 2019 11:00
# ifupdown has been replaced by netplan(5) on this system. See
# /etc/netplan for current configuration.
# To re-enable ifupdown on this system, you can run:
# sudo apt install ifupdown
#The loopback newtork interface
auto lo
iface lo inet loopback
# The primary network interface host-only adapter
@artynet
artynet / download-git-completion.sh
Last active August 27, 2019 14:57
quick git completion setup
#!/bin/bash -x
git_setup () {
cat << EOF
# git setup
GIT_PS1_SHOWDIRTYSTATE=true
GIT_PS1_SHOWCOLORHINTS=true
GIT_PS1_SHOWUNTRACKEDFILES=true
@artynet
artynet / build-curl-static.sh
Last active February 25, 2019 09:24
Build CUrl as a single static EXE
#!/bin/bash -x
### Build CURL as static binary ###
./configure --prefix=$HOME/.local \
--with-libmetalink \
--with-nghttp2 \
--disable-shared \
--enable-static \
--with-libssh2 \
@artynet
artynet / uninstall-all-pip-packages.sh
Created February 26, 2019 08:39
#!/bin/bash
pip freeze | grep -v "^-e" | xargs pip uninstall -y
@artynet
artynet / uninstall_office_2016.sh
Created March 6, 2019 21:00 — forked from pythoninthegrass/uninstall_mso.sh
Uninstall Office 2016 from OS X completely
#!/usr/bin/env bash
# TODO: case user conf; rm `sleep` shenaynays
# Logs
logTime=$(date +%Y-%m-%d:%H:%M:%S)
uninstallLog="/tmp/$(basename "$0" | cut -d. -f1)_$logTime.log"
exec &> >(tee -a "$uninstallLog")
# Current user
@artynet
artynet / buildnode-raspbpi2-v10-and-on-with-native-build.sh
Last active March 15, 2019 18:29
#!/bin/bash -x
## Node.js for Raspberry Pi armhf Packaging Script
## =========================================
## Use like this:
## ./buildnode.sh <node_tarball_version>
WORKDIR=$PWD
nodever=$(echo "${1}" | sed s/[.].*$//)
@artynet
artynet / buildnode-raspbpi2-v10-and-on.sh
Last active March 15, 2019 18:32
#!/bin/bash -x
## Node.js for Raspberry Pi 2 Packaging Script
## =========================================
## Use like this:
## ./buildnode.sh <node_tarball_version>
clean () {
rm -rvf node-v$1-armhf/
@artynet
artynet / ssh-copy-id-openwrt
Created March 16, 2019 18:18 — forked from Juul/ssh-copy-id-openwrt
ssh-copy-id but for openwrt / dropbear
#!/bin/sh
if [ "$#" -ne 1 ]; then
echo "Example: ${0} [email protected]"
exit 1
fi
cat ~/.ssh/id_rsa.pub | ssh ${1} "cat >> /etc/dropbear/authorized_keys && chmod 0600 /etc/dropbear/authorized_keys && chmod 0700 /etc/dropbear"