Blog

From Wikipedia: The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, and authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance.

From Wikipedia: The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, and authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance.

To get up and running on a new machine with minimal fuss.

.bashrc

When you are not logged in via SSH, start the gpg-agent. Copy and paste into your terminal to append the configuration to your current .bashrc.

Why should you encrypt your disc in the first place? It’s for your own privacy. It’s to ensure that personal data doesn’t go astray.

Notes on bootstrapping Raspberry Pi OS. This blog post is written in the heavy influence of a cold. Take care with your copy and pasting. No more information at the point.

Bootstrap Raspberry Pi Zero 2 W with Ubuntu using cloud-init. OTG configured as network card, WiFi, ssh-keys from GitHub and zram swap enabled. All examples are made to be run on a Fedora Desktop. Adjust scripts if you use another distro.

From Wikipedia: WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs), and was designed with the goals of ease of use, high speed performance, and low attack surface.

Earlier we looked at how we could use Ubuntu cloud images with KVM. Now we will use the libvirt cli virsh and virt-install to do the same process. virt-install is a part of the virt-manager supporting tools.

Fetch the Ubuntu Cloud image

This only need to be done once, or when you want to update the cloud image.

1. Download a Ubuntu Focal image from Ubuntu Cloud Images.

   wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
   

2. Create an empty image in the default storage pool. This is a storage space where we upload the cloud image. Note that we use the correct postfix on the name here.

   virsh vol-create-as default focal-server-cloudimg-amd64.qcow2 20G
   

3. Upload the downloaded cloud image to the storage pool in the reserved spaced.

   virsh vol-upload focal-server-cloudimg-amd64.qcow2 focal-server-cloudimg-amd64.img --sparse --pool default
   

Create the VM

Now we use the cloud image as a template for all our new VMs. Change the size and virt-install parameters to make it your own.

mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

Ubuntu are using cloud-init for their cloud images. This can be used in combination with libvirtd and kvm to pre-configure your virtual machine at boot.

How to convert a root file system on a Raspberry Pi 4 b running Ubuntu 20.04 64 bit to Btrfs in a few simple steps.

Excerpt from man: Snapper is a command-line program for filesystem snapshot management. It can create, delete and compare snapshots and undo changes done between snapshots.

Snapper never modifies the content of snapshots. Thus snapper creates read-only snapshots if supported by the kernel. Supported filesystems are btrfs as well as snapshots of LVM logical volumes with thin-provisioning.

From Wikipedia: Origami (折り紙, Japanese pronunciation: [oɾiɡami] or [oɾiꜜɡami], from ori meaning “folding”, and kami meaning “paper” (kami changes to gami due to rendaku)) is the art of paper folding, which is often associated with Japanese culture. In modern usage, the word “origami” is used as an inclusive term for all folding practices, regardless of their culture of origin.

Excerpt from man intel, option “TearFree”: Disable or enable TearFree updates. This option forces X to perform all rendering to a backbuffer prior to updating the actual display. It requires an extra memory allocation the same size as a framebuffer, the occasional extra copy, and requires Damage tracking. Thus enabling TearFree requires more memory and is slower (reduced throughput) and introduces a small amount of output latency, but it should not impact input latency. However, the update to the screen is then performed synchronously with the vertical refresh of the display so that the entire update is completed before the display starts its refresh. That is only one frame is ever visible, preventing an unsightly tear between two visible and differing frames. Note that this replicates what the compositing manager should be doing, however TearFree will redirect the compositor updates (and those of fullscreen games) directly on to the scanout thus incurring no additional overhead in the composited case. Also note that not all compositing managers prevent tearing, and if the outputs are rotated, there will still be tearing without TearFree enabled.

This is a copy from the ZXing repo wiki pages at commit hash 3110236. ZXing is an open-source, multi-format 1D/2D barcode image processing library implemented in Java, with ports to other languages.

Much has been said about 2D barcodes, and the discussion has focused on the format of the 2D barcode itself – QR Code, Data Matrix, and so on. But equally important is the format of what the barcode itself encodes.

2D barcodes encode text, generally, but that text can represent many things. Commonly, 2D barcodes encode text that represents a URL, like https://google.com/m. This is a special string of text since it is recognizable as a URL by readers, and therefore can be acted upon: the reader can open the URL in a browser.

bmon is a monitoring and debugging tool to capture networking related statistics and prepare them visually in a human friendly way.

ncdu (NCurses Disk Usage) is a curses-based version of the well-known du, and provides a fast way to see what directories are using your disk space.

Excerpt from tldr.sh: The tldr pages are a community effort to simplify the beloved man pages with practical examples.

Get more information at tldr-pages at GitHub.

Are you, as I, suffering from Detected Hardware Unit Hang in the kernel log from an e1000e network card? How do you notice it. A transfer goes to zero bytes for around 10 seconds, then restarts, then goes to zero, then restarts and so on…

Oneliner to list your CPU vulnerabilities and mitigations. Read more about the different vulnerabilities and mitigations at Hardware vulnerabilities.

Installing a small Debian VM from scratch with only one partition. Makes later resizing easier. This was done on Fedora 32.

Preparations

Install software

libvirt is already installed on Fedora 32. It’s used in Gnome Boxes. We will not use that for this. We’ll do it the old fashioned way with virt-install.

sudo dnf install -y virt-manager virt-install

User access to libvirt

Add your user to the group libvirt.

sudo usermod -aG libvirtd $USER

Installation

1. Create a default preseed.cfg file. It contain a random root password for this installation. We change the installation to be atomic layout, just one big partition. This file can be reused to your hearts desire.

   [Read More]