Skip to content

Instantly share code, notes, and snippets.

View elliot's full-sized avatar

Elliot Anderson elliot

93 followers · 54 following
View GitHub Profile
@arianvp
arianvp / SSH_MACOS_SECURE_ENCLAVES.md
Last active December 9, 2025 01:32
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@dillionverma
dillionverma / lucide-react.d.ts
Last active November 8, 2025 10:24
How to stop @radix-ui, next/router and lucide-react auto-imports
declare module 'lucide-react' {
export * from 'lucide-react/dist/lucide-react.suffixed'
}
@tallclair
tallclair / restricted-psp.yaml
Last active March 27, 2025 02:22
Restricted PodSecurityPolicy
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
metadata:
name: restricted
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
spec:
@wecc
wecc / route.js
Last active March 28, 2016 10:32
import Ember from 'ember';
import { all, task, timeout } from 'ember-concurrency';
export default Ember.Route.extend({
serverStatusLoopTask: task(function *() {
let { servers } = this.modelFor('servers');
while (true) {
yield timeout(5 * 1000);
yield all(servers.map(::(this.get('fetchServerStatusTask')).perform));
@jwreagor
jwreagor / aws-sdk-example.go
Created November 20, 2015 00:53
Example of the AWS SDK v1.0 release...
// Create a session
s := session.New(aws.NewConfig().WithRegion("us-west-2"))
// Add a handler to print every API request for the session
s.Handlers.Send.PushFront(func(r *request.Request) {
fmt.Printf("Request: %s/%s\n", r.ClientInfo.ServiceName, r.Operation)
})
// We want to start all instances in a VPC, so let's get their IDs first.
ec2client := ec2.New(s)
var instanceIDsToStart []*string
describeInstancesInput := &ec2.DescribeInstancesInput{
@kost
kost / harden.sh
Created November 16, 2015 04:47 — forked from jumanjiman/harden.sh
hardening script for an alpine docker container
#!/bin/sh
set -x
set -e
#
# Docker build calls this script to harden the image during build.
#
# NOTE: To build on CircleCI, you must take care to keep the `find`
# command out of the /proc filesystem to avoid errors like:
#
# find: /proc/tty/driver: Permission denied
@epcim
epcim / brew_install_coreutils.sh
Created November 13, 2015 10:47
OSX brew install GNU coreutils, bin utils etc...
# From https://www.topbug.net/blog/2013/04/14/install-and-use-gnu-command-line-tools-in-mac-os-x/
export PATH="$(brew --prefix coreutils)/libexec/gnubin:/usr/local/bin:$PATH"
brew install coreutils
brew install gnu-tar --with-default-names
# alternatively
brew install binutils
brew install diffutils
@laracasts
laracasts / gist:f4a304232c1be6dbb4f8
Last active August 3, 2024 16:45
Laracasts PHPStorm theme.
@SchumacherFM
SchumacherFM / db.go
Created February 15, 2015 00:13
GoLang Database SQL: Selecting an unknown amount of columns from a query. Benchmark results in db_test.go
package main
import (
"database/sql"
"fmt"
_ "github.com/go-sql-driver/mysql"
"log"
)
const (
@andreas
andreas / envelope_encryption.go
Created February 3, 2015 19:25
Envelope Encryption with Amazon KMS and Go
package main
import (
"bytes"
"crypto/rand"
"encoding/gob"
"fmt"
"io/ioutil"
"os"
"time"