Back in 2017, my Linode box stopped getting the correct IPv6 address from SLAAC. I opened a support ticket, but nothing ever came of it. I’ve been simply re-adding the correct IP after each reboot. That’s a hassle, but I don’t reboot often enough to work up ...
Here we are again in a new year, so it’s time for a new blog tuneup. In the past, I’ve always kept comments disabled on my blog because I don’t want to wade through the cesspool of spam and trolls that inevitably result from allowing open comments ...
gpg-agent has support for the ssh-agent protocol, but first we need to enable it:
echo enable-ssh-support >> $HOME/.gnupg/gpg-agent.conf gpg-connect-agent reloadagent /bye
This lets you use the authentication keys saved on your Yubikey for ssh authentication. To point at gpg-agent instead of ssh-agent, we need to change the expected ...
In the previous steps, you should have ended up with one or more Yubikeys each containing a unique authentication key and shared encryption and signing keys. However, since all the setup was done with GNUPGHOME set to an alternate location, your normal gnupg keyring doesn’t know anything about the ...
Now that we have all our cards set up with keys, we need to change some settings for better security:
- Admin PIN (PUK in Yubikey terms)
- Force PIN for signatures
And a few other settings just for convenience:
- Login name
$ gpg2 --edit-card Reader ...........: Yubico ...
What’s that, you say? Aren’t chile and chili the same thing? No! But this vegetarian chili bean recipe uses green chile, so people on both sides get to be right when cooking this one. It comes out similar to Texas-style chili, but with tempeh instead of beef.
I doubt this is the first time anybody has thought of putting sriracha into their lo mein, but it turned out well enough to write it down. We’ll be making this one again!
This salad started off as a tabbouleh recipe, but we kept tweaking and substituting until it deserves its own recipe now. Instead of grain with some greens, this is mostly greens with some grain.
Now that the Yubikeys are set up to work with OpenPGP, we need to generate a master key. The master key is used to create and revoke subkeys, but doesn’t need to be used for day-to-day operations. If you’re interested in more details about keys vs subkeys, Debian ...
The first thing we need to do is make sure each Yubkikey has CCID mode enabled. This can be quickly checked with lsusb:
$ lsusb -d 1050: Bus 003 Device 010: ID 1050:0116 Yubico.com Yubikey NEO(-N) OTP+U2F+CCID
This key already has CCID enabled. In fact, most ...