curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/autossh@host1 | \
sudo tee /etc/default/autossh@example
curl -sSL https://gist.githubusercontent.com/ttimasdf/ef739670ac5d627981c5695adf4c8f98/raw/[email protected] | \
sudo tee /etc/systemd/system/[email protected]
sudo useradd -g nogroup -s /bin/false -m tunnel
sudo -u tunnel mkdir -p ~tunnel/.ssh # and copy your private key here
Chris Danis cdanis
ttimasdf
/ 00-Systemd_service_for_autossh.md
Last active
February 17, 2025 13:20
— forked from thomasfr/autossh.service
Systemd service for autossh
mtigas
/ onion-svc-v3-client-auth.sh
Last active
March 1, 2025 03:50
experiments with using v3 onions with client auth (as of tor 0.3.5.X)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # needs openssl 1.1+ | |
| # needs `basez` https://manpages.debian.org/testing/basez/base32hex.1.en.html | |
| # (but something else that decodes the base64 and re-encodes the raw key bytes | |
| # to base32 is probably fine too) | |
| ##### generate a key | |
| openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam' | |
| default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes' | |
| default['sshd']['sshd_config']['PasswordAuthentication'] = 'no' |
