artizirk

OpenPGP SSH access with Yubikey and GnuPG

Yubikey, Smart Cards, OpenSC and GnuPG are pain in the ass to get working. Those snippets here sould help alleviate pain.

Notes written here should work on

• Ubuntu 20.04 with Gnome
• Debian 11 with Gnome
• Linux Mint with Cinnamon (needs different environment setup, check comments)
• Arch Linux with Gnome (pacman instead of apt)

This is not a step by step guide

artizirk

Arch Linux btrfs install

0. Prerequisites

1. Latest Arch Linux install iso because those have newer kernels and more bugfixes in btrfs.
2. Have previous experience with installing Arch (like you can install arch with a blind fold).

1. Parititions

We will ne two of them, one for /boot and the other one will be a btrfs partition with subvolumes.

1. /dev/sda1 - this will be /boot with vfat filesystem because UEFI or syslinux for legacy BIOS boot

artizirk

#!/bin/sh
#
# Copyright (c) 2006 Eric Wong
#

PERL='/usr/bin/perl'
OPTIONS_KEEPDASHDASH=
OPTIONS_STUCKLONG=
OPTIONS_SPEC="\
git instaweb [options] (--start | --stop | --restart)

artizirk

Converting openssh private key format to pem

man page says that you can use -e option to convert private and public keys to other formats, that seems to be wrong. Instead you can use -p option to request changing the password but not actually setting the password.

ssh-keygen -p -f id_rsa -m pem

Converting pem to OpenPGP

Monkeysphere project includes a pem2openpgp command that can be used to import ssh private keys to gnupg keyring.

artizirk

List COM ports in windows with names

HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\SERIALCOMM
    \Device\Serial0    REG_SZ    COM1
    \Device\Silabser0    REG_SZ    COM6
    \Device\VCP0    REG_SZ    COM3

Press any key to continue . . .

artizirk

#!/bin/bash
set -euo pipefail
BASE="/var/lib/machines"
ZDATA="rpool/machines"

if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

artizirk

# Matrix Synapse workers example config 

# backends
upstream synapse_master {
	server 192.19.18.12:38008;
}

upstream synapse_federation {
	server 192.19.18.12:8083;
}

artizirk

ISC dhclient IPv6 prefix delegation hook script

Based on this https://gist.github.com/jayeye/689cb1de2275798659c58c62ab92cfaa

#!/usr/bin/env python3

import ipaddress
import os
import sys

artizirk

#!/usr/bin/env python3
# This script is useful for setting fallback mtime for isync/mbsync CopyArrivalDate option
# If you use notmuch then you could do something like this to fix mtime on new mail
# notmuch search --output=files tag:new | xargs -P0 -i ~/code/mailutils/fix_maildir_mtime.py {}

import email
import sys
import os
from email.utils import parsedate_tz, mktime_tz

artizirk

This uses Linux kernel dyamic debug features

https://www.kernel.org/doc/html/latest/admin-guide/dynamic-debug-howto.html

This asumes that debugfs is mounted under /sys/kernel/debug

Enable WireGuard debug

echo 'module wireguard +p' | sudo tee /sys/kernel/debug/dynamic_debug/control