←back to thread

macOS command-line tools you might not know about

(saurabhs.org)
2039 points Gadiguibou | 8 comments | 27 Jun 23 12:08 UTC | HN request time: 0.454s | source | bottom
Show context
klausa ◴[27 Jun 23 12:42 UTC] No.36491947[source]
`pbcopy` and `pbpaste` are one of my most-loved in the list.

Dealing with some minified json, switching to iTerm, doing `pbpaste | json_pp | pbcopy` and having a clean output is _so_ nice.

replies(28): >>36492008 #>>36492015 #>>36492028 #>>36492101 #>>36492108 #>>36492229 #>>36492265 #>>36492890 #>>36492953 #>>36493037 #>>36493127 #>>36493336 #>>36493457 #>>36493802 #>>36494023 #>>36494242 #>>36494325 #>>36495379 #>>36495894 #>>36496866 #>>36497033 #>>36497293 #>>36497589 #>>36497973 #>>36498181 #>>36498558 #>>36498586 #>>36535798 #
agmm ◴[27 Jun 23 14:05 UTC] No.36492953[source]
I like to use `pbcopy` when exporting public keys to external services like GitHub.

`cat ~/.ssh/mykey.pub | pbcopy`

replies(2): >>36493226 #>>36493456 #
1. wincy ◴[27 Jun 23 14:35 UTC] No.36493456[source]
I love this tool too!

except one time I quickly typed

`cat ~/.ssh/mykey | pbcopy`

And sent it straight away to my coworker on Slack.

I then spent the rest of the day making a new private key and adding my new pubkey to all of the 1000+ servers I had root access to. I mean we had tools to help but it still wasn’t fun.

With great power/convenience comes the potential to do dumb things at lightning speeds!

replies(4): >>36493643 #>>36495123 #>>36496196 #>>36496552 #
2. oxygen_crisis ◴[27 Jun 23 14:46 UTC] No.36493643[source]
I might start naming my private key files ~/.ssh/keyname.PRIVATE after hearing that story...
replies(2): >>36494083 #>>36494368 #
3. plorkyeran ◴[27 Jun 23 15:16 UTC] No.36494083[source]
That's not a bad idea. I've never actually made the same mistake, but I have caught it at the last moment and having tab complete not pick the private one first would help.
4. wincy ◴[27 Jun 23 15:34 UTC] No.36494368[source]
It would have avoided it! I was using tab and forgot to select .pub as you correctly surmised. I was a junior dev at the time and all the seniors got a good laugh out of it, and I use it as a cautionary tale about trying to be TOO overeager and efficient.
5. gunapologist99 ◴[27 Jun 23 16:30 UTC] No.36495123[source]
Userify would have made that pretty painless (all it really seems to do is update the authorized_keys across all of your servers every minute or so)
replies(1): >>36498233 #
6. vinay_ys ◴[27 Jun 23 17:39 UTC] No.36496196[source]
If you literally have ssh root access to 1000+ servers, using certificates will be more secure and convenient than directly using public key.
7. xrisk ◴[27 Jun 23 18:08 UTC] No.36496552[source]
put your private key in something like Secretive: https://github.com/maxgoedjen/secretive
8. superq ◴[27 Jun 23 20:30 UTC] No.36498233[source]
also userify allows you to set up sudo access on some of the servers and not others, so that'd take care of the other root-access issue you have. (sudo also provides auditing/logging controls that are useful in a multi-user environment)