Show newer

TIL there is a ncurses interface for git named tig

I still have no idea how the index.html file got replaced with the stock nginx welcome with a date a from a month ago

there is an issue open about this from less than a year ago marked as resolved, strange

Show thread

Remember how I praised wormhole a few days ago? Sad, I just had a legitimate use case :(

TIL that Mac x (close) is not in the magic corner, making it hard to hit by accident. See also Fitt' law

The github page for the CLI tool doesn't have issues tracker enabled. Sigh.

Maybe a wrapper script could add interactivity

Show thread

The strange thing is that their CLI tool requires all the credentials stored in a plaintext on the disk in order to use it, meaning anyone with the access to that computer can do harm.

I cannot see any way inputting credentials interactively so far, which would be much better.

Show thread

Exploring a recetly aded Contabo API, it looks like it is possible to make snapshots with it. Before, snapshots could only be made via the web UI, which I almost never did. Looks exciting!

api.contabo.com/#operation/cre

Now not only my Yubikeys have KDF enabled, but my OpenPGP smartcard as well. What a ride!

peterbabic.dev/blog/openpgp-sm

Right now I feel that in order to finish this I would have to understand how to make gnupg 2.3 run on Bullseye, although quick searching shows no promising guides.

Show thread

Not sure if all this is worth it though, just for my beloved smartcard format.

I can carry the smartcard in my physical wallet and it does not stick out of the computer the same way the Yubikey does. Unless Yubikey is plugged in my docking station it occupies the only USB-A port on the left side of my T470 and I feel like something can be physically broken by accident.

I would not put anything to the right-hand side (where most of the ports are) as it interferes with the mouse movements.

Show thread

Looks like I found a solution. Install gnupg 2.3.1 and disable-ccid. Sadly Debian and even Arch are still at 2.2.x branch and while it is easy to build gnupg from source, replacing gpg-agent and scdaemon OS-wide is not the most straightforward thing to do. But finally, there is a hope.

Show thread

If I could at least found out what are the actual risks of not using KDF on GnuPG smartcard.

This thread news.ycombinator.com/item?id=2 confirms it is for MITM USB attack, but without a source.

Also, in the post I learned about sending files through Magic Wormhole

magic-wormhole.readthedocs.io/

Feels really easy, would probably work well for sending SSH public keys to obscure servers (provided the OS running has an easy way to install the wormhole in the first place)

Show thread

In the desperation found a really nice blog post latacora.micro.blog/2019/07/16

I barely understand half of the acronyms but overall, expanded my knowledge about PGP

Show thread

Trying to get the damn KDF working od GnuPG smartcard v3.4. I feel like it is impossible. Any time I turn on the KDF, bad PIN happens. No matter the order of commands (or scripts for that matter). Works fine on fairly recent Yubikey tho.

BSD guys question: how do you compare Signify to GPG in your workflow?

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.