Skip to content

Instantly share code, notes, and snippets.

@PatrickLang

PatrickLang/Fedora_33_notes.md

Last active March 4, 2023 19:59
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Fedora 33 Notes
Raw
Fedora_33_notes.md

This is just a few things I'll probably forget later

Dual boot with encryption & hibernation

  1. Disable secure boot in BIOS if you want hibernation in Linux
  2. Shrink Windows partition using diskmgmt.msc
  3. Boot off Fedora live ISO
  4. Choose install, do manual partitioning with blivet
  • Mount existing EFI partition at /boot/efi
  • Create /boot partition
  • Create swap partition, enable encryption with LUKS2 now if you want it. 2x size of RAM is good
  • Create / partition, enable LUKS2

After those steps, the Fedora setup will automatically configure the right things.

  • /boot/efi/EFI/fedora/grub.cfg - will have resume=... in kernelopts
  • /etc/dracut.conf.d/resume.conf - will have the resume dracut module enabled

Yubikey setup

# Install PCSCD
sudo dnf install pcsc-tools opensc pcsc-lite

Update ~/.gnupg/scdaemon.conf - disable-ccid turns off the built-in smartcard support so pcscd works

reader-port "Yubico Yubikey"
disable-ccid

Make sure it works with gpg --card-status, and list keys gpg --list-key

Trust the RSA key on the smart card

gpg --edit-key <thumbprint>
# run "trust", "5", y, "quit"

Then, export the SSH public key:

gpg --export-ssh-key patrick.lang@hotmail.com > ~/.ssh/id_rsa.pub

And finally start gpg-agent

killall ssh-agent gpg-agent
eval $(gpg-agent --daemon --enable-ssh-support)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment