jjmcdn

### Keybase proof

I hereby claim:

  * I am jjmcdn on github.
  * I am jjm (https://keybase.io/jjm) on keybase.
  * I have a public key whose fingerprint is 63A9 1849 9271 300A AAD6  557C C05B DC96 5A20 D17C

To claim this, I am signing this object:

jjmcdn

/build/jjm...tor/target master$ JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-x64/ /usr/lib/jvm/jdk-8-oracle-x64/bin/java -jar ./hawkbit-device-simulator-0.2.0-SNAPSHOT.jar

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v1.4.5.RELEASE)

jjmcdn

Script started on Fri 17 Mar 2017 01:24:44 PM EDT
joe@jjm-w110er:~$ pushd Development/
~/Development ~
joe@jjm-w110er:~/Development$ git clone https://github.com/eclipse/kapua
Cloning into 'kapua'...
remote: Counting objects: 26727, done.
remote: Compressing objects: 100% (131/131), done.
remote: Total 26727 (delta 37), reused 0 (delta 0), pack-reused 26570
Receiving objects: 100% (26727/26727), 7.21 MiB | 6.01 MiB/s, done.
Resolving deltas: 100% (11737/11737), done.

jjmcdn

4df63dffff63a10d39faeb7452ba7052921f4c7d	wireshark: update to 2.2.3
953e84f1f141b538452ff0f4d487003261038137	strongswan: delete obsolete patches
ec6069bc2ce8ca05f08712fd11cd545754cf54cc	strongswan: update to 5.5.1
fa5a1df704851fe2fd6a5969e658fb81367034dd	tcpreplay: upgrade to 4.1.2
d44da0dade8e16a2e6506fc314ba0d23f87b2d2e	quagga: update to 1.1.0
7e3e145e0d6d3763ec2145cb4a808288343285d4	samba: conditionalize sed call for onnode
0f5be89d1ed4e2b32f7317295774512f7811a9e0	waf-samba.bbclass: fix build error with PARALLEL_MAKE="-j X -l Y"
cc6e0452c04bf41a095b38f944441bd26191723a	pimd: update SRC_URI
dfccfce09f6e8b834ea52a6cc4d20435db0bbe90	ctdb: update SRC_URI
f327429c70fc6a3fb72901293776be50a6c63c3b	openl2tp: update SRC_URI

jjmcdn

Copied from www.lorier.net/docs/sshfp, all credit there.

SSH Fingerprint in DNS

If you have DNSSEC setup (and are validating using it!) you might consider using SSHFP to avoid the "The authenticity of host 'blah blah blah' can't be established." This is an alternative solution to signing the SSH host public key with a certificate.

Personally, I'd recommend the ssh ca approach as being more sensible, and foolproof, but there are situations where it's not appropriate.

sudo ssh-keygen -r $(hostname) >>/etc/bind/db.$(hostname --domain)

jjmcdn

copied from http://www.lorier.net/docs/tpm, all credit there:

Using a TPM

A TPM is designed to hold private keys and do operations on them. This means that you can avoid the private key ever being unencrypted in memory on your machine which makes stealing the private key, even with access to the machine hopefully impossible. Hopefully, even with physical access to the machine the worst the attacker can do is destroy the key material, unless they go to rather extreme lengths.

The downside of this is that it's complicated (hence the long list of things to do below), and the TPM is also quite slow. NOTES

Before we begin:

jjmcdn

copied from http://www.lorier.net/docs/ssh-ca - all credit there.

Using a CA with SSH

Using a CA with ssh means you can sign a key for a user, and everywhere that the user trusts the CA you can login, without having to copy your SSH key everywhere again. This allows for things like fast rollover of keys (eg: daily), or trusting the fingerprint of a machine that you're logging into, which can be very useful when you're managing large numbers of machines, or machines that get new host keys (eg by reinstalling) regularly.

You'll probably want at least openssh 5.6, although some of the functionality is available in 5.3. Creating the CA key

ssh-keygen -f /etc/ssh/ca

jjmcdn

Objective

I have two objectives with this project.

• Reproduce the setup (I think I see) here with a single BeagleBone Black using a CC2531EMK and able to ping a CC2650 SensorTag using 6lowPAN over 802.15.4.

• Connect two devices (eg. two BeagleBone Blacks), both running Linux, via

jjmcdn

From 82d809e2b6bd087a7d0e0691aa40566fab44d8ac Mon Sep 17 00:00:00 2001
From: Joe MacDonald <joe@deserted.net>
Date: Mon, 22 Dec 2014 11:50:24 -0500
Subject: [PATCH] ACPI: replace DEVICE_ACPI_HANDLE with ACPI_HANDLE

Mainline commit 3a83f992490f8235661b768e53bd5f14915420ac eliminated
DEVICE_ACPI_HANDLE.  Since the NV dkms code protects calls with an #ifdef,
it won't fail to compile, however all of the other ACPI infrastructure is
in place to use it, so the driver also fails to load with a message
similar to:

jjmcdn

[    0.000000] CPU0 microcode updated early to revision 0x1c, date = 2014-07-03
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.16.0-0.bpo.4-amd64 (debian-kernel@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.16.7-ckt2-1~bpo70+1 (2014-12-08)
[    0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.16.0-0.bpo.4-amd64 root=/dev/mapper/sdb3_crypt ro rcutree.rcu_idle_gp_delay=1
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009d7ff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009d800-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved