Skip to content

Instantly share code, notes, and snippets.

View klaussilveira's full-sized avatar

Klaus klaussilveira

341 followers · 9 following
View GitHub Profile
@klaussilveira
klaussilveira / gnupg_scdaemon.md
Created July 31, 2024 00:23 — forked from artizirk/gnupg_scdaemon.md
OpenPGP SSH access with Yubikey and GnuPG

NB: This document describles a 'Old-School' way of using Yubikey with SSH

Modern OpenSSH has native support for FIDO Authentication. Its much simpler and should also be more stable with less moving parts. OpenSSH also now has support for signing arbitary files witch can be used as replacement of gnupg. Git also supports signing commits/tags with ssh keys.

Pros of FIDO

  • Simpler stack / less moving parts
  • Works directly with ssh, ssh-add and ssh-keygen on most computers
  • Simpler
  • Private key can never leave the FIDO device

Cons of FIDO

@klaussilveira
klaussilveira / gist:554ca0feb7ac42663ac386f738fe8154
Created August 2, 2024 14:42
PostgreSQL: Find Lagged Replication
SELECT slot_name,
pg_wal_lsn_diff(
pg_current_wal_lsn(),
restart_lsn
) AS bytes_behind,
active,
wal_status
FROM pg_replication_slots
WHERE wal_status <> 'lost'
ORDER BY restart_lsn;