Daniel Barnes dacbd

I've spent the day trying to get this setup working with GitHub and given the number of gotcha's I encountered, it seemed like a good idea to document how I finally got this working with as few hacks as possible. There's a lot of documentation out there (some of it old and misleading) and committing here for posterity will help me remember this when I inevitably need to do this again.

Rationale

Passwords are simply not enough these days. Regardless of the company, breaches (and the associated Personally Identifiable Information harvested) are a matter of not if, but when. There are a number of things you can do to protect yourself, but being on the tin-foil-hat side of paranoia, means there are a few Commandents that I adhere to (and recommend for other folks)[Insert link to Fight Club Rules for the Secure Internet].

That being said, if you use 2-factor authentication and have committed to using a hardware token such as the Yubikey, then you're already ahead of the curve. The problem is that wh

collapsible markdown?

CLICK ME

yes, even hidden code blocks!

print("hello world!")

YubiKey 4 series GPG and SSH setup guide

Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.

You'll probably be working with a single smartcard, so you'll want only one primary key (1. Sign & Certify) and two associated subkeys (2. Encrypt, 3. Authenticate). I've published a Bash function which automates this slightly special key generation process.

List of IAM Permissions

This is a list of controls that can be placed into an IAM policy document. All content comes from AWS documentation.

Something wrong? Try looking here.

Table of Contents generated with DocToc

List of IAM Permissions
- IAM Policy Variables

	#!/bin/bash

	if [ `id -u` -ne 0 ]; then
	echo "Rippling uninstall must be run by root"
	exit 1
	fi

	sudo launchctl unload /Library/LaunchDaemons/com.rippling.*
	sudo rm -rf /Library/LaunchDaemons/com.rippling.*
	sudo rm -rf /opt/rippling