Skip to content

Instantly share code, notes, and snippets.

View evanstachowiak's full-sized avatar

Evan Stachowiak evanstachowiak

View GitHub Profile
@raymondbutcher
raymondbutcher / ssm-sshuttle.md
Last active March 17, 2024 20:33
How to use sshuttle with AWS SSM session agent
@foobarhl
foobarhl / cloudflare-ddns-update.sh
Last active January 2, 2024 14:37 — forked from Tras2/cloudflare-ddns-update.sh
A bash script to update a Cloudflare DNS A record with the external IP of the source machine
#!/bin/bash
# A bash script to update a Cloudflare DNS A record with the external IP of the source machine
# Used to provide DDNS service for my home
# Needs the DNS record pre-creating on Cloudflare
## Based on https://gist.github.com/Tras2/cba88201b17d765ec065ccbedfb16d9a with updates to use
## per-zone configurable access tokens available in the API sections of your Cloudflare profile
## - info@foo-games.com

Both things have been introduced recently, and let you access even private ec2 instances

  1. Without VPN
  2. No open SSH port
  3. Authentication / Authorization is fully delegated to IAM
# Assumes valid AWS Credentials in ENV
@lizthegrey
lizthegrey / attributes.rb
Last active April 29, 2026 20:02
Hardening SSH with 2fa
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
@TheWaWaR
TheWaWaR / gunicorn_config.py
Last active June 28, 2022 11:31
Gunicorn configuration sample
import os
app = '{YOUR-WSGI-APPLICATION}'
# Sample Gunicorn configuration file.
#
# Server socket
#
# bind - The socket to bind.