Copied mostly from hs-airdrop/issues/2.
This assumes that the hs-airdrop code is not (necessarily) trustworthy, but also that it:
- is not capable of escaping the docker container; and
- does not leak your SSH private key material in its proof output.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=SSH agent | |
| [Service] | |
| Type=forking | |
| Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket | |
| ExecStart=/usr/bin/ssh-agent -a $SSH_AUTH_SOCK | |
| [Install] | |
| WantedBy=default.target |
fionn
/ cleanup_undo_dir.sh
Created
July 15, 2022 12:02
Remove Vim undo files when the target doesn't exist anymore
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| undodir=${XDG_CACHE_HOME:-$HOME/.cache}/vim/undo/ | |
| pushd "$undodir" >/dev/null | |
| for undo_file in *; do | |
| real_file=${undo_file//%/\/} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PermitRootLogin no | |
| PasswordAuthentication no | |
| KbdInteractiveAuthentication no | |
| AllowAgentForwarding no | |
| MaxAuthTries 1 | |
| MaxSessions 3 | |
| KexAlgorithms [email protected],curve25519-sha256,[email protected] |
fionn
/ fix_twitter.filters
Created
July 5, 2022 06:50
Blocklist to remove liked and recommended tweets from the Twitter timeline
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ! https://www.reddit.com/r/uBlockOrigin/wiki/solutions#wiki_twitter | |
| ! My Timeline - no inserted sections (Who to follow/Topics to follow, etc.) | |
| twitter.com##[aria-label="Timeline: Your Home Timeline"] div[style^="transform: translateY"][style*="position: absolute;"]:not(:first-child:has-text(/^Show \d\d? Tweets?$/)):not(:has(>div:only-child:empty, article, [href^="/i/status/"], [role="progressbar"])):style(opacity: 0.2 !important) | |
| ! Other Timelines - no inserted sections (Who to follow/Topics to follow, etc.) | |
| twitter.com##[aria-label$="’s Tweets"] div[style^="transform: translateY"][style*="position: absolute;"]:not(:has(>div:only-child:empty, article, [href^="/i/status/"], [role="progressbar"])):style(opacity: 0.2 !important) | |
| ! [User] liked | |
| twitter.com##:is([aria-label="Timeline: Your Home Timeline"], [aria-label$="’s Tweets"]) article :not([role="button"]>div>div>svg>g>path)[d$="13.157H12z"]:upward(article):style(opacity: 0.2 !important) | |
| ! [User] Retweeted | |
| !twitter.com##:is([aria-label="Timeline: Your Home |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Usage: k8shell namespace/pod. | |
| set -euo pipefail | |
| mapfile -d "/" -t ns_pod <<< "$1" | |
| if [ "${#ns_pod[@]}" == 2 ]; then | |
| ns="${ns_pod[0]}" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| echo | openssl s_client -servername "$1" -connect "$1":443 2>/dev/null | openssl x509 -noout -text | grep -A 1 "X509v3 Subject Alternative Name:" | grep "DNS:" | tr -d "DNS:" | tr -d " " | tr "," "\n" |
fionn
/ secure_object.py
Last active
October 7, 2021 18:22
Dumb idea for intrinsic timing-attack-resistant Python object comparison
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import hmac | |
| class SecureObject(bytes): | |
| """Bytes that can be compared safely""" | |
| def __eq__(self, other: object) -> bool: | |
| return hmac.compare_digest(self, other) # type: ignore |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Move the current workspace to the given name, along with all associated state. | |
| # Deals with the special case default workspace in the least surprising way. | |
| set -euo pipefail | |
| export TF_INPUT=0 | |
| export TF_IN_AUTOMATION=1 |
fionn
/ kill-zscaler.sh
Created
August 11, 2021 03:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must be root" | |
| exit 1 | |
| fi | |
| service="Wi-Fi" | |
| while true; do |