Skip to content

Instantly share code, notes, and snippets.

View psanford's full-sized avatar

Peter Sanford psanford

147 followers · 43 following
View GitHub Profile
@arianvp
arianvp / SSH_MACOS_SECURE_ENCLAVES.md
Last active December 18, 2025 16:21
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@hoshinolina
hoshinolina / asahi_linux_paypal_fix.user.js
Last active November 27, 2025 18:42
Asahi Linux PayPal Block Fix
// ==UserScript==
// @name PayPal Asahi Linux Fix
// @version v1.0
// @description Fix PayPal banning Asahi Linux
// @author Asahi Lina
// @match https://www.paypal.com/*
// @icon https://www.google.com/s2/favicons?sz=64&domain=paypal.com
// @grant unsafeWindow
// ==/UserScript==
@timothyham
timothyham / ipv6guide.md
Last active December 4, 2025 16:38
A Short IPv6 Guide for Home IPv4 Admins

A Short IPv6 Guide for Home IPv4 Admins

This guide is for homelab admins who understand IPv4s well but find setting up IPv6 hard or annoying because things work differently. In some ways, managing an IPv6 network can be simpler than IPv4, one just needs to learn some new concepts and discard some old ones.

Let’s begin.

First of all, there are some concepts that one must unlearn from ipv4:

Concept 1

@afilini
afilini / shell.nix
Created January 18, 2024 22:04
Repackaging of "widevine-installer" from AsahiLinux for NixOS
let
pkgs = import <nixpkgs> {};
lacrosVersion = "120.0.6098.0";
widevine-installer = pkgs.stdenv.mkDerivation rec {
name = "widevine-installer";
version = "7a3928fe1342fb07d96f61c2b094e3287588958b";
src = pkgs.fetchFromGitHub {
owner = "AsahiLinux";
repo = "${name}";
rev = "${version}";
@veekaybee
veekaybee / normcore-llm.md
Last active December 18, 2025 18:01
Normcore LLM Reads

Anti-hype LLM reading list

Goals: Add links that are reasonable and good explanations of how stuff works. No hype and no vendor content if possible. Practical first-hand accounts of models in prod eagerly sought.

Foundational Concepts

Screenshot 2023-12-18 at 10 40 27 PM

Pre-Transformer Models

@DavidBuchanan314
DavidBuchanan314 / widevine_fixup.py
Last active July 15, 2025 03:43
Patch aarch64 widevine blobs from ChromeOS to work on non-ChromeOS linux, including platforms with 16K page size like Apple Silicon / Asahi Linux
"""
MIT License
Copyright (c) 2023 David Buchanan
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
@DavidBuchanan314
DavidBuchanan314 / fake_widevine.js
Last active May 18, 2024 09:47
Context: https://github.com/AsahiLinux/docs/issues/63#issuecomment-1455373735 Tested with TamperMonkey in Firefox
// ==UserScript==
// @name Fake Widevine
// @namespace http://tampermonkey.net/
// @version 0.1
// @description Fake the presence of a functional Widevine CDM - enough to get the spotify UI to launch, so you can pick another playback device.
// @author David Buchanan
// @match https://open.spotify.com/*
// @icon https://www.google.com/s2/favicons?sz=64&domain=spotify.com
// @grant none
// ==/UserScript==
@securelyfitz
securelyfitz / ftscreen.sh
Created August 26, 2021 18:41
Use screen with custom baud rates on FTDI devices
#!/bin/bash
# since screen doesn't know how to set custom baud rates, this does it for FTDI devices.
# it works by using setserial to set the custom speed (spd_cust) mode for baud rate 38400
# it calculates the proper clock divider by dividing the device's base clock by the desired rate
# then, it starts screen at 38400 - which is not longer 38400 but your new clock rate.
# tested on FT232H, FT2232H, FT-X, and FT232RL
# does not work on CH341 or PL2303
# todo: confirm FTDI before running setserial and report error
# todo: validate uart range
@mgechev
mgechev / canvas-as-favicon.html
Created December 12, 2020 15:46
<link rel="shortcut icon" width=32px>
<canvas style="display: none" id="loader" width="16" height="16"></canvas>
<script>
class Loader {
constructor(link, canvas) {
this.link = link;
this.canvas = canvas;
this.context = canvas.getContext('2d');
this.context.lineWidth = 2;
@natecj
natecj / etrade-2fa-with-1password.md
Last active December 1, 2025 16:21

How to use 1Password and 2FA with eTrade

IMPORTANT!
As of May 17, 2020, python-vipaccess stopped working for provisioning new Symantec VIP Access tokens (which was its raison d'être).
As of May 27, 2020, it's working again.
It might stop working again. and we might not be able to get it to work again (see #39)

Note: Your password cannot be more than 26 characters for you to use 2FA in general. eTrade makes you enter your 2FA code appened to your password to login and limits the length of password input to 32 characters, thus further restricting the maximum length of your actual password.