Here we are again in a new year, so it’s time for a new blog tuneup. In the past, I’ve always kept comments disabled on my blog because I don’t want to wade through the cesspool of spam and trolls that inevitably result from allowing open comments …
gpg-agent has support for the ssh-agent protocol, but first we need to enable it:
echo enable-ssh-support >> $HOME/.gnupg/gpg-agent.conf gpg-connect-agent reloadagent /bye
This lets you use the authentication keys saved on your Yubikey for ssh authentication. To point at gpg-agent instead of ssh-agent, we need to change the expected …
In the previous steps, you should have ended up with one or more Yubikeys each containing a unique authentication key and shared encryption and signing keys. However, since all the setup was done with GNUPGHOME set to an alternate location, your normal gnupg keyring doesn’t know anything about the …
Now that we have all our cards set up with keys, we need to change some settings for better security:
- Admin PIN (PUK in Yubikey terms)
- Force PIN for signatures
And a few other settings just for convenience:
- Login name
$ gpg2 --edit-card Reader ...........: Yubico …
What’s that, you say? Aren’t chile and chili the same thing? No! But this vegetarian chili bean recipe uses green chile, so people on both sides get to be right when cooking this one. It comes out similar to Texas-style chili, but with tempeh instead of beef.
I doubt this is the first time anybody has thought of putting sriracha into their lo mein, but it turned out well enough to write it down. We’ll be making this one again!
This salad started off as a tabbouleh recipe, but we kept tweaking and substituting until it deserves its own recipe now. Instead of grain with some greens, this is mostly greens with some grain.
Now that the Yubikeys are set up to work with OpenPGP, we need to generate a master key. The master key is used to create and revoke subkeys, but doesn’t need to be used for day-to-day operations. If you’re interested in more details about keys vs subkeys, Debian …
The first thing we need to do is make sure each Yubkikey has CCID mode enabled. This can be quickly checked with lsusb:
$ lsusb -d 1050: Bus 003 Device 010: ID 1050:0116 Yubico.com Yubikey NEO(-N) OTP+U2F+CCID
This key already has CCID enabled. In fact, most …
Given all the recent noise about Intel ME vulnerabilities, I decided it was time to finally update my BIOS on my Dell Optiplex 9020. I thought the process would be similar to updating the BIOS on my previous HP desktop, so off I went to the Dell website. I found …