diff --git a/firefox/user.js b/firefox/user.js index ce6d0dc..bcff1e2 100644 --- a/firefox/user.js +++ b/firefox/user.js @@ -269,8 +269,8 @@ user_pref("privacy.cpd.passwords", true); // user_pref("privacy.cpd.siteSettings", true); user_pref("privacy.cpd.sessions", true); user_pref("privacy.donottrackheader.enabled", true); -// user_pref("privacy.firstparty.isolate", true); // breaks CAPTCHAs, way too annoying -// user_pref("privacy.resistFingerprinting", true); // less breakage by using https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ +// user_pref("privacy.firstparty.isolate", true); // breaks CAPTCHAs, way too annoying +// user_pref("privacy.resistFingerprinting", true); // less breakage by using https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ user_pref("privacy.trackingprotection.cryptomining.enabled", true); user_pref("privacy.trackingprotection.enabled", true); // https://wiki.mozilla.org/Security/Tracking_protection user_pref("privacy.trackingprotection.fingerprinting.enabled", true); @@ -292,10 +292,10 @@ user_pref("security.insecure_connection_icon.enabled", true); user_pref("security.insecure_connection_text.enabled", true); user_pref("security.insecure_field_warning.contextual.enabled", true); user_pref("security.insecure_password.ui.enabled", true); // warn on non-secure forms -// user_pref("security.mixed_content.block_display_content", true); // breaks xfinity on demand -// user_pref("security.mixed_content.block_object_subrequest", true); // breaks xfinity on demand +// user_pref("security.mixed_content.block_display_content", true); // breaks xfinity on demand +// user_pref("security.mixed_content.block_object_subrequest", true); // breaks xfinity on demand user_pref("security.OCSP.enabled", 1); -user_pref("security.OCSP.require", false); // TODO: turn back on +user_pref("security.OCSP.require", false); // TODO: turn back on user_pref("security.pki.sha1_enforcement_level", 1); user_pref("security.sri.enable", true); user_pref("security.ssl.disable_session_identifiers", true); @@ -304,7 +304,7 @@ user_pref("security.ssl.enable_ocsp_must_staple", true); user_pref("security.ssl.errorReporting.enabled", false); user_pref("security.ssl.errorReporting.url", ""); user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); -// user_pref("security.ssl.require_safe_negotiation", true); // still breaks lots of stuff: https://github.com/pyllyukko/user.js/issues/237 +// user_pref("security.ssl.require_safe_negotiation", true); // still breaks lots of stuff: https://github.com/pyllyukko/user.js/issues/237 user_pref("security.ssl3.dhe_dss_aes_128_sha", false); user_pref("security.ssl3.dhe_dss_aes_256_sha", false); user_pref("security.ssl3.dhe_dss_camellia_128_sha", false); diff --git a/install.sh b/install.sh index cbba569..b776a46 100755 --- a/install.sh +++ b/install.sh @@ -8,6 +8,7 @@ echo "👋 Deep breaths, everything will (probably) be fine!" ln -sf "$HOME"/.dotfiles/zsh/.zshrc "$HOME"/.zshrc ln -sf "$HOME"/.dotfiles/git/.gitconfig "$HOME"/.gitconfig ln -sf "$HOME"/.dotfiles/git/.gitignore_global "$HOME"/.gitignore_global +ln -sf "$HOME"/.dotfiles/ssh/.ssh/config "$HOME"/.ssh/config # Get Oh My ZSH up and running if [ ! -e ~/.oh-my-zsh ]; then diff --git a/macos/defaults.sh b/macos/defaults.sh index ff5ddd2..db4f6fa 100755 --- a/macos/defaults.sh +++ b/macos/defaults.sh @@ -6,10 +6,10 @@ # https://github.com/paulirish/dotfiles/blob/master/.osx # https://github.com/kevinSuttle/macOS-Defaults/blob/master/.macos -set -e - +# Change new hostname here if necessary COMPUTER_NAME="JJ-MBP15" +# Quit System Preferences.app if open osascript -e 'tell application "System Preferences" to quit' # Ask for the administrator password upfront @@ -79,9 +79,9 @@ defaults write NSGlobalDomain AppleKeyboardUIMode -int 3 # Disable press-and-hold for keys in favor of key repeat defaults write NSGlobalDomain ApplePressAndHoldEnabled -bool false -# Set a blazingly fast keyboard repeat rate -defaults write NSGlobalDomain KeyRepeat -int 1 -defaults write NSGlobalDomain InitialKeyRepeat -int 15 +# Set a faster keyboard repeat rate (but not too fast, thanks butterfly keyboard) +defaults write NSGlobalDomain KeyRepeat -int 5 +defaults write NSGlobalDomain InitialKeyRepeat -int 25 # Automatically illuminate built-in MacBook keyboard in low light defaults write com.apple.BezelServices kDim -bool true diff --git a/macos/macos.sh b/macos/macos.sh index c95fb2b..0f5c184 100755 --- a/macos/macos.sh +++ b/macos/macos.sh @@ -1,7 +1,6 @@ #!/usr/bin/env bash -set -e - +# This shouldn't be run if not on macOS, but make double sure if test ! "$(uname)" = "Darwin"; then exit 0 fi diff --git a/ssh/.ssh/config b/ssh/.ssh/config new file mode 100644 index 0000000..516a100 --- /dev/null +++ b/ssh/.ssh/config @@ -0,0 +1,66 @@ +Include conf.d/* + +CanonicalizeHostname yes +CanonicalizeMaxDots 0 + +Host * + # https://stribika.github.io/2015/01/04/secure-secure-shell.html + ChallengeResponseAuthentication no + Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr + ControlMaster auto + ControlPath /tmp/ssh-%r@%h:%p + ControlPersist 5m + ForwardAgent yes + ForwardX11 no + GSSAPIAuthentication yes + GSSAPIDelegateCredentials yes + HashKnownHosts yes + HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com + PasswordAuthentication no + PubkeyAuthentication yes + SendEnv LANG + ServerAliveCountMax 3 + ServerAliveInterval 120 + VisualHostKey yes + VerifyHostKeyDNS ask + # macOS specific + IgnoreUnknown AddKeysToAgent,UseKeychain + AddKeysToAgent yes + UseKeychain yes + IdentityFile ~/.ssh/id_ed25519 + IdentityFile ~/.ssh/id_rsa + +Host tufts + HostName linux.eecs.tufts.edu + User jjarvi01 + IdentityFile ~/.ssh/id_ed25519 + IdentitiesOnly yes + +Host code + HostName code.jarv.is + User jake + IdentityFile ~/.ssh/id_ed25519 + IdentitiesOnly yes + +Host github.com + HostName github.com + User git + IdentityFile ~/.ssh/id_ed25519 + IdentitiesOnly yes + +Host kali + HostName 50.116.62.61 + User root + IdentityFile ~/.ssh/id_rsa + IdentitiesOnly yes + +Host hashbang + HostName de1.hashbang.sh + User jakej + IdentityFile ~/.ssh/id_rsa + IdentitiesOnly yes + +Host *.ssh.wpengine.net + IdentityFile ~/.ssh/wpe_devkit diff --git a/ssh/.ssh/id_ed25519.pub b/ssh/.ssh/id_ed25519.pub new file mode 100644 index 0000000..74279a0 --- /dev/null +++ b/ssh/.ssh/id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHeuNlSZmqygM4XN7++pmfrNUsFzAjlxaYHoO/JXVdT5 jake@jarv.is \ No newline at end of file diff --git a/ssh/.ssh/id_rsa.pub b/ssh/.ssh/id_rsa.pub new file mode 100644 index 0000000..b5a8717 --- /dev/null +++ b/ssh/.ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYZ5gJTqUnJkkcZ2UQFRpQ8bAjhf//MN+wjT177ByUHz1wcvw3mRrI3PDE9HCpbBlrqSZ46Y2lKktnTJ2Gl8f1XHbBYN2UbeLscprxeFZ/0M508LoJSjTs2Ao8B0x0VH9KxnKKDWzz2BrrkJ670ZWeV5D4WHaIrk/zvbnUeUnkQIJ303FQlHFXwk2/IgkscSM80W/qssW3nQAf+FgHhBc1nbFIP6y/Xz21pKQ3+Uh6eZcUGs4a9Rw/EfB3z41qB83BZKU2BxSTdet4xlEO0xfHRe5q7LLc3VsGcIwhHTZTtAW24UJvgNp5fqCQeJPlkhDy6F/WOag+EXsQq7R7MOEp jakejarvis@gmail.com \ No newline at end of file diff --git a/zsh/.zshrc b/zsh/.zshrc index 12b37e8..0fe1849 100644 --- a/zsh/.zshrc +++ b/zsh/.zshrc @@ -5,8 +5,9 @@ export DOTFILES=$HOME/.dotfiles export ZSH=$HOME/.oh-my-zsh # Default to nano 'cause I'm a wimp -export VISUAL="nano" export EDITOR="nano" +export VISUAL="code" +export BROWSER="firefox" # Adjust history for speed HISTFILE=~/.zsh_history