secretive
TablePlus
secretive | TablePlus | |
---|---|---|
23 | 54 | |
6,864 | 3,186 | |
- | 0.0% | |
7.4 | 0.0 | |
29 days ago | over 1 year ago | |
Swift | ||
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
secretive
-
GitHub Passkeys are generally available
Secretive might be what you're looking for: https://github.com/maxgoedjen/secretive
-
Zero Effort Private Key Compromise: Abusing SSH-Agent for Lateral Movement
Good find! I was always curious how this worked.
I'm a big fan of tools like secretive[1] that can help solve this problem by using biometrics to shift the UX/security trade-off and thus make it feasible to always require some kind of authentication to sign a token with a key.
I'm not aware of any tools that do the same for Linux, and a quick Google search doesn't turn up much[2]. It does look like you can at least get a notification[3], though.
This could provide another layer of protection on the user's endpoint device in addition the network monitoring called out in the article. Defense in depth, and all that.
[1] https://github.com/maxgoedjen/secretive
[2] https://unix.stackexchange.com/questions/705144/unlock-an-ss...
[3] https://www.insecure.ws/2013/09/25/ssh-agent-notification.ht...
-
Tell HN: 1Password 8.10.8 update corrupted data
https://github.com/maxgoedjen/secretive
> Secretive is an app for storing and managing SSH keys in the Secure Enclave
-
Software Developer Mac Apps
Secretive, which replaces painfully managing SSH keys from the command line / editor. Getting a Touch ID prompt is so much better, though migrating computers will suck.
-
SSH keys setup, use, and proper OpSec
consider using a higher-security setup. Secretive is an SSH agent for MacOS that stores keys within the host's secure enclave, where they can't be copied off, and can optionally require touchid validation before the key is used. This way, if you forward it the key to an compromised host and an attacker tries to use them, it'll still require a fingerprint (but, balance it with the fact that Secretive doesn't have nearly as many eyeballs checking it, yet!). Likewise, yubikeys can be setup to store SSH keys inside them and require touch to use.
- Secretive: Store SSH Keys in the Secure Enclave
-
Russhian Roulette: 1/6 chance of posting your SSH private key on pastebin
You can store them in the Secure Enclave on OSX and require TouchID to use the key for signing.
See: https://github.com/maxgoedjen/secretive
-
Use TouchID to Authenticate Sudo on macOS
Not exactly connected but the same crowd interested in this topic may also be interested in this tool to store SSH private keys in the Secure Enclave, kind of like what can be done with a YubiKey:
https://github.com/maxgoedjen/secretive
I've been looking for something like this for 3-4 years but only found it six months ago (in an HN thread). I use separate keys for every use case, and now know every time a key is used for any purpose, whether it's connecting to source control or my text editor is connecting to a remote VM.
Only thing I haven't figured out is how to do git signatures with these sorts of keys, but I haven't debugged it at all.
-
A sane SSH(1) key management example
On Macs, Secretive [0] is great. It creates keys in the secret enclave, from where they can't be read, only used for signing requests. TouchID authorisation is optional but it's so quick and easy that I keep it on for all keys.
It can also use Smart Cards (Yubikeys are called out by name in the readme).
A forwarded agent will have the same level of security, meaning that if the forwarded agent needs to use a key in Secretive, it will have to be authorised locally - and even if TouchID is disabled, you are notified if a key is used.
[0] https://github.com/maxgoedjen/secretive/
TablePlus
-
Tell HN: TablePlus is a slick GUI db editor
https://tableplus.com/
It was oddly hard to find a DB editor, I needed something as slick as ArcType -- a feature packed DB editor that is recently shut down. Ideally, it would have been a vscode extension like Docker/Kubernets so I could stay in my IDE but failing to find a good looking one there, I opted to find an application.
Tried, Azure Data Studio and DBVis.com but finally happy with TablePlus. It is a freemium model but i'm okay with two windows and two tabs.
-
Under Pressure: Benchmarking Node.js on a Single-Core EC2
I'm using Table Plus to connect to the RDS Postgres database, you could use any Postgres Client.
- Modern, Native (Mac) Tool for Database Management
-
Show HN: Easily Visualize Your SQLAlchemy Data Models in a Nice SVG Diagram
This is great, especially to introduce new devs to models. I use (and love) TablePlus (https://tableplus.com/) which has a diagram generator plugin that does the same!
-
🌹 Awesome development tools for PHP 2023
Home page: https://tableplus.com/
-
From Good to Great: Scaling Applications with TypeORM Optimization
Tools like TablePlus, DBeaver, or HeidiSQL provide visual query building interfaces. While not performance analysis tools per se, they can help you build and understand complex queries more easily.
-
🐘Top Postgres GUI Clients to Master Postgres☄️🦖
TablePlus first greeted the world in 2017 and is the newest addition to the list. The UI is simple and sleek without any redundant modules, making it quick and easy to get started with.
-
Why people care about PostGIS and Postgres
TablePlus (https://tableplus.com/) is my current goto - even has a nice iOS app for on the run queries. I have fond memories of Sequel Pro and this app scratches that itch.
-
🐬Top 5 MySQL GUI Clients to Command MySQL⚡️
Starting in 2017, TablePlus is the newbie on the list, and its modern and simple UI reflects it. It supports most relational databases and some NoSQL ones. When they just started, they only supported macOS, but it is now available on Windows, Linux, and iOS (!). It is not open-source, but the roadmap is open and anyone can open an issue on their GitHub Issue Tracker. TablePlus has two plans: a free tier (has no limit on trial time) and a paid subscription model (license) with extended features.
-
Setup a Local Database
DBngin also happens to be made by the company behind my favorite database GUI tool, TablePlus. If you use TablePlus, you can click on the arrow next to the "Start/Stop" button and open the database right in TablePlus.
What are some alternatives?
sekey - Use Touch ID / Secure Enclave for SSH Authentication!
Sequel-Ace - MySQL/MariaDB database management for macOS
YubiKey-Guide - Guide to using YubiKey for GnuPG and SSH
ClickBench - ClickBench: a Benchmark For Analytical Databases
openssh-sk-winhello - A helper for OpenSSH to interact with FIDO2 and U2F security keys through native Windows Hello API
sqlitestudio - A free, open source, multi-platform SQLite database manager.
Vault - A tool for secrets management, encryption as a service, and privileged access management
starrocks - StarRocks, a Linux Foundation project, is a next-generation sub-second MPP OLAP database for full analytics scenarios, including multi-dimensional analytics, real-time analytics, and ad-hoc queries. InfoWorld’s 2023 BOSSIE Award for best open source software.
vault-plugin-secrets-onepasswor
CodeEdit - CodeEdit App for macOS – Elevate your code editing experience. Open source, free forever.
rust-u2f - U2F security token emulator written in Rust
beekeeper-studio - Modern and easy to use SQL client for MySQL, Postgres, SQLite, SQL Server, and more. Linux, MacOS, and Windows.