Skip to content

Instantly share code, notes, and snippets.

View pertsevds's full-sized avatar

Dmitriy Pertsev pertsevds

12 followers · 4 following
View GitHub Profile
@pertsevds
pertsevds / SSH_MACOS_SECURE_ENCLAVES.md
Created November 25, 2025 20:41 — forked from arianvp/SSH_MACOS_SECURE_ENCLAVES.md
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@pertsevds
pertsevds / readme.md
Created August 9, 2024 09:26 — forked from unixfox/readme.md
How to get IPv4 connectivity on an IPv6 only VPS

Some hosting providers like scaleway allows to remove the IPv4 from the VPS in order to save 1€/month but doing this will result in losing connectivity to the "IPv4 world".
Or you may have ordered a VPS that only has IPv6 connectivity and you want to access to a resource only accessible from the "IPv4 world".
Here is how to gain your access back to the "IPv4 world".

Change your name servers(s) to DNS64 name servers(s)

Note: You may deploy your own DNS64 & NAT64 server on a separate server by following this tutorial (untested): https://packetpushers.net/nat64-setup-using-tayga/.
Note²: You may find a explanation of what is NAT64 and DNS64 on Wikipedia.

  1. Choose a/multiple DNS64 public server(s) that has/have its own NAT64 public service from this list:
@pertsevds
pertsevds / supervisor_lifecycle.livemd
Created July 11, 2024 11:30 — forked from hugobarauna/supervisor_lifecycle.livemd
Lifecycle of Supervisors and Processes - Livebook Notebook - free sample from Elixir Patterns book

Lifecycle of Supervisors and Processes

Mix.install([
  {:kino, "~> 0.6.2"}
])

This is a free sample from the Elixir Patterns book

@pertsevds
pertsevds / dets_to_ets_init.livemd
Created July 11, 2024 11:30 — forked from hugobarauna/dets_to_ets_init.livemd
Hydrate ETS from DETS using an init GenServer - Livebook Notebook - free sample from Elixir Patterns book

Hydrate ETS from DETS using an init GenServer

Mix.install([
  {:kino, "~> 0.6.2"},
  {:telemetry, "~> 1.2.1"}
])

This is a free sample from the Elixir Patterns book

@pertsevds
pertsevds / 99-usb-serial.rules
Created June 6, 2024 06:43 — forked from cbrake/99-usb-serial.rules
USB Serial udev rules
# /etc/udev/rules.d/99-usb-serial.rules
# udevadm info --attribute-walk -n /dev/ttyUSB0 |grep serial (can be used to get serial number)
# udevadm control --reload-rules (reload rules)
# udevadm trigger (re-add all devices)
# see https://wiki.archlinux.org/index.php/Bus_pirate
# for some reason, ATTRS{bInterfaceNumber}=="00" is not working, hence the use of ENV{}
# single USB/serial adapters
SUBSYSTEM=="tty", ATTRS{serial}=="A900TUKZ", SYMLINK+="ttyUSB_bub_1"
SUBSYSTEM=="tty", ATTRS{serial}=="A700fdWb", SYMLINK+="ttyUSB_bub_2"
@pertsevds
pertsevds / flake.nix
Created October 1, 2023 08:07 — forked from voidus/flake.nix
Build a cloudinit image in nixos
{
description = "A nixos cloudinit base image without nixos-infect";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs";
};
outputs = { self, nixpkgs }:
let
system = "x86_64-linux";
@pertsevds
pertsevds / find_fragmentation.erl
Created August 31, 2023 04:52 — forked from dominicletz/find_fragmentation.erl
Erlang script to show used vs. allocated carrier sizes to find impact of memory fragmentation
f().
Str = fun(X) -> io_lib:format("~p", [X]) end.
Percent = fun
(A, 0) -> "100%";
(A, B) -> [Str(round(100*A/B)), "%"]
end.
Get = fun
@pertsevds
pertsevds / wireguard_layer2.md
Created July 20, 2023 08:53 — forked from zOrg1331/wireguard_layer2.md
wireguard, wireguard layer 2, wireguard over TCP

Intro

This note describes how to connect two networks/devices/VMs over public network using Wireguard with Layer 2 support (ARP, IPv6 link-local, etc).

This can also be achieved using SSH and its "tap" tunnel, however, it does not provide the same level of latency and bandwidth as full-blown VPN such as Wireguard.

In addition, this note describes how to tunnel Wireguard over TCP connection. This may be of use if you encounter firewall in-between so, for instance, you can use TCP port 443 only.

Objective

@pertsevds
pertsevds / provision_ubuntu2004_qemu_macosx.sh
Created July 1, 2023 11:05 — forked from relyt0925/provision_ubuntu2004_qemu_macosx.sh
Provisions a Ubuntu 20.04 VM in QEMU on Mac OSX using Cloud-Init
#!/usr/bin/env bash
#Install brew and qemu + cloud init metadata dependencies
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
brew install qemu
brew install cdrtools
rm -rf /tmp/ubuntuqemuboot
#download Ubuntu 20.04 Cloud Image and resize to 30 Gigs
mkdir -p /tmp/ubuntuqemuboot/images
@pertsevds
pertsevds / compare_phoenix_versions.exs
Created May 29, 2023 09:49 — forked from aiwaiwa/compare_phoenix_versions.exs
Compare Phoenix Versions with extra custom steps like mix phx.gen.live Accounts User users name:string
#
# Usage:
# elixir <this_script_name.exs> 1.7.2
#
# The script grabs a Phoenix version and places it
# under `phoenix/<version>` subfolder. It attempts to call
# a diff GUI, if there's another version found in `phoenix`.
# It picks the closest older version, if more than one found.
#
# Feel free to modify PhoenixCompareConfig