BertanT / guide_macskeyinstaller.md

Last active March 31, 2025 01:09

macOS OpenSSH Client Patcher for Hardware Security Key Support (ED25519-SK With YubiKey Etc.)

🔐 macOS OpenSSH Patcher for Hardware Security Keys

Supports ED25519-SK with Yubikey and other FIDO2 hardware security keys!

🤔 Discussion

Despite being compiled to support hardware security keys that take advantage of the FIDO2 protocol, the built-in OpenSSH client on macOS Sonoma and above lacks the middleware/library to support these devices. To keep using the built-in client - which is often the most stable and secure method for SSH connections - we need to compile the Security Key Provider from OpenSSH source and tell the macOS client about it ourselves.

This script does all of that for you on both Apple Silicon and Intel Mac computers!

The script installs openssl and libfido2 along with the required build tools from Homebrew. It then clones the latest main branch of OpenSSH Portable and builds from it the Security Key Provider library: sk-libfido2.dylib. It finally moves the built library to /usr/local/lib/, modifies ~/.zshenv to expor

thesamesam / xz-backdoor.md

Last active March 19, 2025 15:17

xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

Drallas / Hyper-converged High Available Homelab with Proxmox.md

Last active March 30, 2025 08:42

Hyper-converged High Available Homelab with Proxmox

This is me documenting my journey moving my Homelab from a Qnap NAS and a Single host Proxmox server to a Hyper-converged multi-node Proxmox Cluster.

The reason to document it here is twofold:

Information often it scattered 'all over the place', but never 100% applicable to the setup I have.
To remember 'what the fuck' did I do some months ago.
Writing it for 'a public' forces me to think it all through again and make sure it's correct.

It's written 'first to scratch my own itch' but hopefully it benefits others too, or even better, that others improve upon my implementations. Feel free to comment or share improvements and insights!

thelastlin / libsk-libfido2_BUILD_FROM_OPENSSH.md

Last active March 22, 2025 14:07

Build libsk-libfido2.so from OpenSSH-portable

Tested on macOS Sonoma Developer beta 2 (23A5276g)

Build `libsk-libfido2.so`

Prerequisite

Download openssh-portable source code, install libcrypto, libfido2;
Configure openssh-portable build system by ./configure # [options].

Apply patch

JVital2013 / How-To-Hand-Track-Polar-Orbiting-Satellites.md

Last active April 2, 2025 11:42

How to Hand-Track Polar-orbiting satellites

How to Hand-Track Polar-Orbiting Weather Satellites

This is how I hand-track polar-orbiting weather satellites using an old equatorial mount telescope tripod and a 1.7 GHz grid dish. This may not be the best way to do it, and other ideas are welcome!

If you're unfamiliar with HRPT reception, this is not the right place to learn about it. Head over to https://sgcderek.github.io/blog/beginner-hrpt-guide.html for that. This write-up only focuses on hand-tracking to record a baseband.

Hardware Required

The crux of the "tracking" design is the equatorial mount. These are not cheap to buy new, it's destructive to mount a dish to it, and the mount is not used the way it's designed - but for my needs, it works! I had an old one from the early 1990s lying around, so it was convenient and essentially free. Of course, you can use another mount - but you'll need to ask for someone else's opinion on how that works since equatorial is all I know 😄.

Paraphraser / Checking your Raspberry Pi's view of its power supply.md

Last active April 5, 2025 08:25

Checking your Raspberry Pi's view of its power supply (sometimes it's not the wall-wart)

Checking your Raspberry Pi's view of its power supply

Sometimes it seems like the first (and sometimes only) advice you get offered for almost any problem with a Raspberry Pi is "check your power supply". You think something like:

"hey, I'm using an official power supply sold as being matched with my Pi so how can there be any problem?"

You look up the specs then stick a controlled load across your supply and confirm that it can deliver the required number of Watts.

Yet your problems persist…

HosseyNJF / README.md

Last active March 24, 2025 17:48

Delete data from exported time-series from Prometheus / VictoriaMetrics in a time range.

Usage

Export your data from Prometheus: https://github.com/VictoriaMetrics/VictoriaMetrics/blob/master/README.md#how-to-export-time-series
Run this script on the new data python3 delete_timeseries.py -i imported_file.json -o output_file.json --from [unix timestamp] --to [unix timestamp]
Delete original data from Prometheus: https://docs.victoriametrics.com/#how-to-delete-time-series
Import the converted data: https://github.com/VictoriaMetrics/VictoriaMetrics/blob/master/README.md#how-to-import-time-series-data

Note that the response cache must be deleted after these steps in order to remove previously cached results - see more details here.

darwin / readme.md

Last active April 9, 2024 22:30

APFS Container cloning/replicating under Catalina (with a bootable system)

Today I wanted to move existing APFS-resident macOS Catalina installation to a new disk. I upgraded my late 2014 Mac Mini with a shiny new 1TB SSD. This took way too many hours of my life I will never get back. Hope this saves some time to you.

Good news:

it is possible to create a DMG image from existing APFS container with macOS Catalina installation including metadata needed for complete restore (the DMG contains OS, OS Data, Preboot, Recovery and VM volumes)
it is possible to restore this DMG image into empty APFS container and get a bootable copy of the original system

This information is relevant for Catalina (I'm currently running macOS 10.15.1).

sleepyfox / 2019-07-25-users-hate-change.md

Last active September 13, 2024 08:39

'Users hate change'

This week NN Group released a video by Jakob Nielsen in which he attempts to help designers deal with the problem of customers being resistant to their new site/product redesign. The argument goes thusly:

Humans naturally resist change
Your change is for the better
Customers should just get used to it and stop complaining

There's slightly more to it than that, he caveats his argument with requiring you to have of course followed their best practices on product design, and allows for a period of customers being able to elect to continue to use the old site, although he says this is obviously only a temporary solution as you don't want to support both.

rjhansen / keyservers.md

Last active April 2, 2025 05:42

SKS Keyserver Network Under Attack

This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Terminological Note

"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.

Erich B ebirn