Ronald Ip iphoting

## SSH_MACOS_SECURE_ENCLAVES.md

      
              1 file
            
          
              33 forks
            
          
                17 comments
              
            
              398 stars
            
          
                arianvp
                / SSH_MACOS_SECURE_ENCLAVES.md
            
            
              Last active
              December 11, 2025 16:27
            
              
                Native Secure Enclaved backed ssh keys on MacOS 
              
          
    Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive
There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support
to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder
which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

  
## sensor-light-add-on.yaml
blueprint:
  name: Sensor Light Add On
  description: >
    # ♾️ Sensor Light Add On - Media & Movie - House Alarm - Smoke Alarm + More

    **Version: 2.3**


    Lights, Camera, Action! Get ready to grab the popcorn because it's movie time with a touch of cinematic magic! 🎬✨

## smart-light.yaml
blueprint:
  name: Smart Light
  description: >
    # 🔆 Smart Light

    **Version: 3.3**


    Smart Lighting: Your Lights, Your Way - Take Control and Customize it to Perfection!💡✨

## sensor-light.yaml
blueprint:
  name: Sensor Light
  description: >
    # 💡 Sensor Light

    **Version: 8.5**


    Your lighting experience, your way - take control and customize it to perfection! 💡✨

## fontawesome.rb
##
# The MIT License (MIT)
#
# Copyright (c) 2014 Ryan Morrissey
# Copyright (c) 2018 atom0s
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

## chefdk_rvm_setup.sh
# create $HOME/.chefdk
chef gem update json
CHEF_RUBY_VERS=$(ls /opt/chefdk/embedded/lib/ruby/ | grep '[0-9]')

CHEFDK="/opt/chefdk/embedded"
CHEFDK_USER="$HOME/.chefdk/gem/ruby/$CHEF_RUBY_VERS"
RVM_GEMS="$HOME/.rvm/gems"
RVM_RUBIES="$HOME/.rvm/rubies"
RUBY_NAME="ext-chefdk-ruby"

## brew-go-get.bash
#!/bin/bash
# https://blog.filippo.io/cleaning-up-my-gopath-with-homebrew/

set -euo pipefail

if [[ $# -lt 1 ]] || [[ "$1" =~ -h|--help ]] ; then
  echo "Usage: brew-go-get github.com/foo/bar ..."
  exit 1
fi

## Netflix WPAD bypass rules.md

      
              1 file
            
          
              1 fork
            
          
                0 comments
              
            
              6 stars
            
          
                jamesmacwhite
                / Netflix WPAD bypass rules.md
            
            
              Last active
              August 9, 2023 13:24
            
              
                Bypass rules for Netflix when using a WPAD based proxy deployment
              
          
    Netflix and direct bypass rules using WPAD

If your like me you might already use a VPN to route your traffic through. The problem is some sites just don't like VPN services and will actively block you from using them without disabling or bypassing it.
Netflix is a prime example of a website that does not like VPN services, because they are seen as a way to circumvent the geo-restrictions imposed on the content library offered.
Below are WPAD rules I use to essentially send Netflix traffic directly and avoid any VPN errors/dreaded unknown error network messages. Error messages that Netflix throws back at you related to VPN usage when streaming might include:

"You seem to be using an unblocker or proxy"
VPN/proxy error M7111-1331-5059


## Workarounds for Netflix and the blocking of IPv6 tunnels.md

      
              1 file
            
          
              17 forks
            
          
                70 comments
              
            
              135 stars
            
          
                jamesmacwhite
                / Workarounds for Netflix and the blocking of IPv6 tunnels.md
            
            
              Last active
              September 6, 2025 10:17
            
              
                Prevent proxy/VPN streaming error messages from Netflix when using a Hurricane Electric IPv6 tunnel.
              
          
    Workarounds for Netflix and the blocking of Hurricane Electric IPv6 tunnels

The dreaded "You seem to be using an unblocker or proxy." error message. Cool story bro.

This gist was essentially created out of my own rant about Netflix being hostile to IPv6 tunnel services since June 2016. You are welcome to read my opinion on the matter, this is the more technical side to the issue and how to combat it within your own network.
Since I wrote this, various GitHub users have contributed their thoughts and ideas which has been incorporated into this gist. Thank you to everyone who have contributed their own methods and implementations.
The problem

Netflix now treats IPv6 tunnel brokers (such as Hurricane Electric) as proxy servers. A while ago it became apparent to users and Netflix that somewhat by accident, IPv6 tunnel users were being served content outside of their geolocation because of the way Netflix was identifyi

  
## make-mega-adblock-hostsfile.sh
#!/bin/bash
# Modified Pi-hole script to generate a generic hosts file
# for use with dnsmasq's addn-hosts configuration
# original : https://github.com/jacobsalmela/pi-hole/blob/master/gravity-adv.sh

# The Pi-hole now blocks over 120,000 ad domains
# Address to send ads to (the RPi)
piholeIP="192.168.1.1"

outlist='./final_blocklist.txt'
	blueprint:
	name: Sensor Light Add On
	description: >
	# ♾️ Sensor Light Add On - Media & Movie - House Alarm - Smoke Alarm + More

	Version: 2.3


	Lights, Camera, Action! Get ready to grab the popcorn because it's movie time with a touch of cinematic magic! 🎬✨
	blueprint:
	name: Smart Light
	description: >
	# 🔆 Smart Light

	Version: 3.3


	Smart Lighting: Your Lights, Your Way - Take Control and Customize it to Perfection!💡✨
	blueprint:
	name: Sensor Light
	description: >
	# 💡 Sensor Light

	Version: 8.5


	Your lighting experience, your way - take control and customize it to perfection! 💡✨
	##
	# The MIT License (MIT)
	#
	# Copyright (c) 2014 Ryan Morrissey
	# Copyright (c) 2018 atom0s
	#
	# Permission is hereby granted, free of charge, to any person obtaining a copy
	# of this software and associated documentation files (the "Software"), to deal
	# in the Software without restriction, including without limitation the rights
	# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	# create $HOME/.chefdk
	chef gem update json
	CHEF_RUBY_VERS=$(ls /opt/chefdk/embedded/lib/ruby/ \| grep '[0-9]')

	CHEFDK="/opt/chefdk/embedded"
	CHEFDK_USER="$HOME/.chefdk/gem/ruby/$CHEF_RUBY_VERS"
	RVM_GEMS="$HOME/.rvm/gems"
	RVM_RUBIES="$HOME/.rvm/rubies"
	RUBY_NAME="ext-chefdk-ruby"
	#!/bin/bash
	# https://blog.filippo.io/cleaning-up-my-gopath-with-homebrew/

	set -euo pipefail

	if [[ $# -lt 1 ]] \|\| [[ "$1" =~ -h\|--help ]] ; then
	echo "Usage: brew-go-get github.com/foo/bar ..."
	exit 1
	fi
	#!/bin/bash
	# Modified Pi-hole script to generate a generic hosts file
	# for use with dnsmasq's addn-hosts configuration
	# original : https://github.com/jacobsalmela/pi-hole/blob/master/gravity-adv.sh

	# The Pi-hole now blocks over 120,000 ad domains
	# Address to send ads to (the RPi)
	piholeIP="192.168.1.1"

	outlist='./final_blocklist.txt'