This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
osx:start [2017/12/05 12:54] robm [VPN over SSH] |
osx:start [2018/05/01 18:23] robm + smcFanControl |
||
---|---|---|---|
Line 671: | Line 671: | ||
Configure IPv4 (ICMP+TCP+UDP) forwarding and Network Address Translation (NAT): | Configure IPv4 (ICMP+TCP+UDP) forwarding and Network Address Translation (NAT): | ||
- | - In the root shell on the **server**: < | + | - In the root shell on the **server** |
- | - echo 1 > / | + | # Prepare networking stack for use by forced commands in |
- | /sbin/iptables -t nat -F | + | # /root/.ssh/authorized_keys that creates a point-to-point network (via tun0) |
- | /sbin/iptables | + | # between 172.16.0.1 (this host) and 172.16.0.2 |
+ | |||
+ | # We then want to enabling forwarding of IPv4 traffic, i.e. we want to act as a | ||
+ | # router. We enable this in the kernel, and then ensure traffic originating | ||
+ | # from the remote side of the point-to-point link is accepted, and any | ||
+ | # responses are likewise accepted | ||
+ | echo 1 > / | ||
/ | / | ||
- | / | + | / |
+ | | ||
/ | / | ||
+ | |||
+ | # Any traffic originating from the remote side should go through Network | ||
+ | # Address Translation (NAT), so responses from (e.g.) DNS servers are sent to | ||
+ | # this host, so *we* can forward it to the remote end. This is the MASQUERADE | ||
+ | # rule. | ||
+ | / | ||
+ | / | ||
# Monitor packets | # Monitor packets | ||
Line 709: | Line 723: | ||
====== Global Keyboard Shortcut to toggle Skype microphone ====== | ====== Global Keyboard Shortcut to toggle Skype microphone ====== | ||
+ | |||
+ | <note tip> | ||
Use Automator to create a new Service which takes no input, this will appears in System Preferences > Keyboard Shortcuts > Services > General. Get this new service to run the following AppleScript which uses an *unsupported* Skype Desktop API: | Use Automator to create a new Service which takes no input, this will appears in System Preferences > Keyboard Shortcuts > Services > General. Get this new service to run the following AppleScript which uses an *unsupported* Skype Desktop API: | ||
Line 728: | Line 744: | ||
Credit to http:// | Credit to http:// | ||
+ | |||
+ | ====== Use TouchID for sudo ====== | ||
+ | |||
+ | Based on https:// | ||
+ | |||
+ | * Prompts for TouchID when working locally, asks for password otherwise (e.g. SSH) | ||
+ | |||
+ | Add '' | ||
+ | |||
+ | < | ||
+ | # sudo: auth account password session | ||
+ | auth | ||
+ | auth | ||
+ | auth | ||
+ | account | ||
+ | password | ||
+ | session | ||
+ | </ | ||
+ | |||
+ | These appear to be tried in the order listed, and if one aborts (e.g. press ESC for TouchID) the next is tried (i.e. the usual terminal password prompt) | ||
+ | |||
+ | ====== Automatic fan control when on AC power to avoid sweaty palms ====== | ||
+ | |||
+ | https:// | ||
+ | |||
+ | brew cask install smcfancontrol | ||
+ |