My Blog

New Programs

1. sniffnet very nice realtime network sniffer graphical
2. ruffle- a rust flash player emulator need Java to install
3. crane- copies between container registries like cp
4. misp- open sourced threat sharing
5. zxcvbn- password strength indicator
6. scrcopy- an android screen copy ut...

I won't go through the whole process of getting a key onto your yubikey with ed25519 a yubikey, but once you are done, the directions for the PASS command aren't that good if you have lots of subkeys as in this setup. You need to find out your 'primary' key NOT your subkey for things to work. In m...

If you are using openssh 9.x or above and have a yubikey with firmware of > 5.3 then you can use ed25519 keys. Without writing a mitchner novel, ed25519 seems to be the algo of choice (in 2023 as of this time of writing) rather than the more complexy ecdsa keys as proposed by NIST. Honestly, though,...

I recently bought a new yubikey and found some nice resources that show you how. The upshot is that once you have setup your yubikey with pamu2f it can serve as the ONLY source of authentication (some might not like this) w/o a password being required. For my home machine this is a nice setup, becau...

Software

1. dibuja- Nice paint program like ms paint
2. chezmoi- keep your dotfiles synchronized
3. AGE modern encryptor alternative to gpg
4. TUC modern replacement for cut

Articles

1. YubiKey cheat Sheet
2. CertSpotter helps you make sure your tls certs are happy
3. Apicnic article on cert ...

I really like using xscreensaver with electric sheep (getting increasingly old alas) with my computer. But !@#%$!@#% cinnamon won't let me change the screensaver. I tried systemd blah blah blah.

Easiest fix: just move cinnamon-screensaver to cinnamon-screensaver.old and symlink xscreensaver to c...

I found this nice link which shows how to add all the man pages for all installed commands in alpine.

Here is the code for convenience:

  apk list -I |
  sed -rn '/-doc/! s/([a-z-]+[a-z]).*/\1/p' |
  awk '{ print system("apk info \""$1"-doc\" > /dev/null") == 0 ? $1 "-doc" : "" }' |
  xargs ap...

I was recently asked by a fried to document my backup routine. Basically I use restic, and b2 cloud storage from backblaze. With a little tinkering and the 'pass' command (which I havent' used yet!), I can backup my ENTIRE homedirectory with dedupe, compression, encryption, and snapshots. I can...

Added new article: cra european standard for secure coding

Added New Software:

1. Ansible role to manage qemu
2. BMAP tool rewritten in rust (for making small images)
3. RTX faster asdf manage multiple versions of python for example written in rust
4. HELIX cli editor with language server suppor...

I had a rather sad even happen. Garuda REALLY didnt' like my 3 monitor setup. So I tried to 'fix' it only to land with an unbootable system. Since I have EVERYTHING important backed up at backblaze (astonishningly my bill for 100GB is < 1usd!) I just blew it away.

I am still getting used to manjar...

With the relase of kde 5.27, they seem to have slain the unstable monitor setup. I was able to revert my changes wiht the xrandr thing, and it seems to work better now. KDE in general is more stable. I still recommend using thunar for the filemanager, however.

This blog will briefly describe the things I have added to the site today. Might be easier than just looking everywhere to see what I have added.

vfu- basically a cli filemanager that lets you do things like norton commander. I don't think I am giong to add it to my software section, but it is int...

I just took a peek at faraday today, which I had already bookmarked in my website. It looks to be a VERY nice way to take a peek at vulns and manage them. Accepts a variety of tools and helps you centrally manage with a db like interface. VERY promising.

Today I managed to figure out how to make GRAV extend its syntax highlighting for things like NIM, Perl, etc. which aren't in its default config. Alas the editor (the nice gui one) doesn't seem to report them correctly, but the display is nicely updated. I can just use appropriate code fences with t...

I just noticed I was 1 minor verison behind alpine today. I upgraded, also noting that I had missed an rc-update for my cache that allows the website to run. Fortunately I fixed it. Overall I am VERY happy with alpine these days:

1. Upgrades are VERY easy (vim /etc/apk/repositories)Then simply ch...

I was having some trouble today with getting my virsh console working with my new vm. I had forgotten that its necessary to uncomment

# Put a getty on the serial port
ttyS0::respawn:/sbin/getty -L ttyS0 115200 vt100

The above line in order to get things working on alpine linux. Once you do that...

I added a small search plugin. Just go to https://grav.munn.me/search to find things. Also LOTS of updates on software etc. added a lot of back finds for software.

I keep a site of all my recipes. Here is the link for all of my recipes so far. They are mostly for gluten/dairy free (a few aren't since they were written before I realized I was allergic to dairy!).

Today I fixed my grav site to include proper RSS pages with my atom feeds. I used this url to do it. I also bought the nice typhoon theme from the kind GRAV people. Its much nicer than quark theme. Properly does dark too. I also had a devil of a time upgrading php to version 8 again. I just decide...

As an ongoing saga of how to reduce the size of my qcow images smaller, I found a very nice solution. Basically you create a 'scsi' type disk, and then a virtio-scsi with discard turned on as 'zero'. This causes the fstrim utility to be able to reclaim used space due to the design of virsh. Its much...

I was having terrible troble alpine not running qemu guest agent. Most people suggest working with the openrc file. I just added the following to my /etc/local.d directory as a new file: qemu-ga.start

qemu-ga -m virtio-serial -p /dev/vport1p1 -l /var/log/qemu-ga.log -d

This seems to have fixe...

I was having terrible troble with sddm and kde not working nicely with my monitor. First, get the displays the way you want them. Then all you have to do is type in the below. After doing that you just need to cat the results inot Xsetup and save and reboot.

autorandr --save default
autorandr --de...

I use betterbird for its compatiability with outlook and MS exchange like services via a pay-for plugin. I was really annoyed with the inability to change the entire theme to 'dark'. I finally found the answer:

Go to 'preferences, general, languages and appearance, colors, and tick the override th...

I was talking with a co-worker yesterday who challenged me to find a nice tool to tell you if some device has newly come up in your network. I found this opnarp. Its very nice, except that I wanted to send notifications via signal-cli this program (which is written in java, alas) makes it easy t...

I just added ATOM feeds for those interested. You can use your favourite RSS aggregator to see updates on ANY page in this website with content items under it. I mostly use it for BLOGS.

I was looking at the QUIC protocol today (see previous blog) and ran into thsi guy youtube . His git site shows how he ran the classifiers and can be run on your own if you have some decent hardware. What was most interesting is that the classifiers with MIXED traffic worked BETTER than the quic...

I just got done installing caddy 2.6 and can verify that it is in fact using quic (udp 443), and that it seems to be working well. One thing that I noticed is that ALL the stuff is encrypted. Which is the way quic is supposed to be. So I found a nice writeup on f5 on how to save the keys with the b...

This post is mostly about the various ways I had thought about how to automatically backup remote servers. I had bought an hc4 dock from harkernel, and had two 4tb disks hanging around. I installed armbian on it, and got myself a appliance timer since I needed to not run the thing all the time...

I had a devil of a time getting SMTP to work like it used to. @#$@#$%#$^ at&t blocks outbound port 25 so we have to get really clever. The nice part of this is that this enables me receive daemon updates on my watch, all through the signal app. I managed to find an easier way (compiling java is a...

Just a quick update on my graphene OS experience: I had tried it for about 6 months but then they massively made all my apps break. So alas, I am back to using 'stock' android with the Microsoft launcher. Hopefully my next phone will let me experiment with this a bit more. Sad that it didn't work ou...