add ssh stuff

2025-04-26 03:45:21 -04:00 · 2020-05-16 10:13:10 -04:00 · 2020-05-16 10:13:10 -04:00 · d508c844b8
commit d508c844b8
parent c07b995d2c
8 changed files with 83 additions and 14 deletions
--- a/firefox/user.js
+++ b/firefox/user.js
@ -269,8 +269,8 @@ user_pref("privacy.cpd.passwords", true);
 // user_pref("privacy.cpd.siteSettings", true);
 user_pref("privacy.cpd.sessions", true);
 user_pref("privacy.donottrackheader.enabled", true);
-// user_pref("privacy.firstparty.isolate", true);       // breaks CAPTCHAs, way too annoying
-// user_pref("privacy.resistFingerprinting", true);     // less breakage by using https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
+// user_pref("privacy.firstparty.isolate", true);  // breaks CAPTCHAs, way too annoying
+// user_pref("privacy.resistFingerprinting", true);  // less breakage by using https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
 user_pref("privacy.trackingprotection.cryptomining.enabled", true);
 user_pref("privacy.trackingprotection.enabled", true);  // https://wiki.mozilla.org/Security/Tracking_protection
 user_pref("privacy.trackingprotection.fingerprinting.enabled", true);
@ -292,10 +292,10 @@ user_pref("security.insecure_connection_icon.enabled", true);
 user_pref("security.insecure_connection_text.enabled", true);
 user_pref("security.insecure_field_warning.contextual.enabled", true);
 user_pref("security.insecure_password.ui.enabled", true);  // warn on non-secure forms
-// user_pref("security.mixed_content.block_display_content", true);         // breaks xfinity on demand
-// user_pref("security.mixed_content.block_object_subrequest", true);       // breaks xfinity on demand
+// user_pref("security.mixed_content.block_display_content", true);  // breaks xfinity on demand
+// user_pref("security.mixed_content.block_object_subrequest", true);  // breaks xfinity on demand
 user_pref("security.OCSP.enabled", 1);
-user_pref("security.OCSP.require", false); // TODO: turn back on
+user_pref("security.OCSP.require", false);  // TODO: turn back on
 user_pref("security.pki.sha1_enforcement_level", 1);
 user_pref("security.sri.enable", true);
 user_pref("security.ssl.disable_session_identifiers", true);
@ -304,7 +304,7 @@ user_pref("security.ssl.enable_ocsp_must_staple", true);
 user_pref("security.ssl.errorReporting.enabled", false);
 user_pref("security.ssl.errorReporting.url", "");
 user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
-// user_pref("security.ssl.require_safe_negotiation", true);           // still breaks lots of stuff: https://github.com/pyllyukko/user.js/issues/237
+// user_pref("security.ssl.require_safe_negotiation", true);  // still breaks lots of stuff: https://github.com/pyllyukko/user.js/issues/237
 user_pref("security.ssl3.dhe_dss_aes_128_sha", false);
 user_pref("security.ssl3.dhe_dss_aes_256_sha", false);
 user_pref("security.ssl3.dhe_dss_camellia_128_sha", false);
--- a/install.sh
+++ b/install.sh
@ -8,6 +8,7 @@ echo "👋  Deep breaths, everything will (probably) be fine!"
 ln -sf "$HOME"/.dotfiles/zsh/.zshrc "$HOME"/.zshrc
 ln -sf "$HOME"/.dotfiles/git/.gitconfig "$HOME"/.gitconfig
 ln -sf "$HOME"/.dotfiles/git/.gitignore_global "$HOME"/.gitignore_global
+ln -sf "$HOME"/.dotfiles/ssh/.ssh/config "$HOME"/.ssh/config

 # Get Oh My ZSH up and running
 if [ ! -e ~/.oh-my-zsh ]; then
--- a/macos/defaults.sh
+++ b/macos/defaults.sh
@ -6,10 +6,10 @@
 #    https://github.com/paulirish/dotfiles/blob/master/.osx
 #    https://github.com/kevinSuttle/macOS-Defaults/blob/master/.macos

-set -e
-
+# Change new hostname here if necessary
 COMPUTER_NAME="JJ-MBP15"

+# Quit System Preferences.app if open
 osascript -e 'tell application "System Preferences" to quit'

 # Ask for the administrator password upfront
@ -79,9 +79,9 @@ defaults write NSGlobalDomain AppleKeyboardUIMode -int 3
 # Disable press-and-hold for keys in favor of key repeat
 defaults write NSGlobalDomain ApplePressAndHoldEnabled -bool false

-# Set a blazingly fast keyboard repeat rate
-defaults write NSGlobalDomain KeyRepeat -int 1
-defaults write NSGlobalDomain InitialKeyRepeat -int 15
+# Set a faster keyboard repeat rate (but not too fast, thanks butterfly keyboard)
+defaults write NSGlobalDomain KeyRepeat -int 5
+defaults write NSGlobalDomain InitialKeyRepeat -int 25

 # Automatically illuminate built-in MacBook keyboard in low light
 defaults write com.apple.BezelServices kDim -bool true
--- a/macos/macos.sh
+++ b/macos/macos.sh
@ -1,7 +1,6 @@
 #!/usr/bin/env bash

-set -e
-
+# This shouldn't be run if not on macOS, but make double sure
 if test ! "$(uname)" = "Darwin"; then
  exit 0
 fi
--- a/ssh/.ssh/config
+++ b/ssh/.ssh/config
@ -0,0 +1,66 @@
+Include conf.d/*
+
+CanonicalizeHostname yes
+CanonicalizeMaxDots 0
+
+Host *
+  # https://stribika.github.io/2015/01/04/secure-secure-shell.html
+  ChallengeResponseAuthentication no
+  Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
+  ControlMaster auto
+  ControlPath /tmp/ssh-%r@%h:%p
+  ControlPersist 5m
+  ForwardAgent yes
+  ForwardX11 no
+  GSSAPIAuthentication yes
+  GSSAPIDelegateCredentials yes
+  HashKnownHosts yes
+  HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
+  KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
+  MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
+  PasswordAuthentication no
+  PubkeyAuthentication yes
+  SendEnv LANG
+  ServerAliveCountMax 3
+  ServerAliveInterval 120
+  VisualHostKey yes
+  VerifyHostKeyDNS ask
+  # macOS specific
+  IgnoreUnknown AddKeysToAgent,UseKeychain
+  AddKeysToAgent yes
+  UseKeychain yes
+  IdentityFile ~/.ssh/id_ed25519
+  IdentityFile ~/.ssh/id_rsa
+
+Host tufts
+  HostName linux.eecs.tufts.edu
+  User jjarvi01
+  IdentityFile ~/.ssh/id_ed25519
+  IdentitiesOnly yes
+
+Host code
+  HostName code.jarv.is
+  User jake
+  IdentityFile ~/.ssh/id_ed25519
+  IdentitiesOnly yes
+
+Host github.com
+  HostName github.com
+  User git
+  IdentityFile ~/.ssh/id_ed25519
+  IdentitiesOnly yes
+
+Host kali
+  HostName 50.116.62.61
+  User root
+  IdentityFile ~/.ssh/id_rsa
+  IdentitiesOnly yes
+
+Host hashbang
+  HostName de1.hashbang.sh
+  User jakej
+  IdentityFile ~/.ssh/id_rsa
+  IdentitiesOnly yes
+
+Host *.ssh.wpengine.net
+  IdentityFile ~/.ssh/wpe_devkit
--- a/ssh/.ssh/id_ed25519.pub
+++ b/ssh/.ssh/id_ed25519.pub
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHeuNlSZmqygM4XN7++pmfrNUsFzAjlxaYHoO/JXVdT5 jake@jarv.is
--- a/ssh/.ssh/id_rsa.pub
+++ b/ssh/.ssh/id_rsa.pub
@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYZ5gJTqUnJkkcZ2UQFRpQ8bAjhf//MN+wjT177ByUHz1wcvw3mRrI3PDE9HCpbBlrqSZ46Y2lKktnTJ2Gl8f1XHbBYN2UbeLscprxeFZ/0M508LoJSjTs2Ao8B0x0VH9KxnKKDWzz2BrrkJ670ZWeV5D4WHaIrk/zvbnUeUnkQIJ303FQlHFXwk2/IgkscSM80W/qssW3nQAf+FgHhBc1nbFIP6y/Xz21pKQ3+Uh6eZcUGs4a9Rw/EfB3z41qB83BZKU2BxSTdet4xlEO0xfHRe5q7LLc3VsGcIwhHTZTtAW24UJvgNp5fqCQeJPlkhDy6F/WOag+EXsQq7R7MOEp jakejarvis@gmail.com
--- a/zsh/.zshrc
+++ b/zsh/.zshrc
@ -5,8 +5,9 @@ export DOTFILES=$HOME/.dotfiles
 export ZSH=$HOME/.oh-my-zsh

 # Default to nano 'cause I'm a wimp
-export VISUAL="nano"
 export EDITOR="nano"
+export VISUAL="code"
+export BROWSER="firefox"

 # Adjust history for speed
 HISTFILE=~/.zsh_history
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHeuNlSZmqygM4XN7++pmfrNUsFzAjlxaYHoO/JXVdT5 jake@jarv.is`
				`@ -0,0 +1 @@`
				`ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYZ5gJTqUnJkkcZ2UQFRpQ8bAjhf//MN+wjT177ByUHz1wcvw3mRrI3PDE9HCpbBlrqSZ46Y2lKktnTJ2Gl8f1XHbBYN2UbeLscprxeFZ/0M508LoJSjTs2Ao8B0x0VH9KxnKKDWzz2BrrkJ670ZWeV5D4WHaIrk/zvbnUeUnkQIJ303FQlHFXwk2/IgkscSM80W/qssW3nQAf+FgHhBc1nbFIP6y/Xz21pKQ3+Uh6eZcUGs4a9Rw/EfB3z41qB83BZKU2BxSTdet4xlEO0xfHRe5q7LLc3VsGcIwhHTZTtAW24UJvgNp5fqCQeJPlkhDy6F/WOag+EXsQq7R7MOEp jakejarvis@gmail.com`