For those of you who have not yet encountered a Yubikey, it is a physically small security key which empowers passwordless or 2-factor authentication in a number of different scenarios. They now support a huge number of protocols including One Time Passwords, NFC, FIDO2, U2F, Smart card, and OpenPGP.
Mine has been living on my keyring for several years now, and has proved invaluable for me accessing both my physical and electronic world.
Continue reading “Using a Yubikey for 2-factor authentication”
This is another one where I get a mental blank. I know there is a way to import a new gpg key for apt, but I always have to look it up.
sudo apt-key adv --keyserver keys.gnupg.net --recv 886DDD89
And that is all there is to it. (Substitute your favourite keyserver and the correct key, obviously).
Wireshark is a great and powerful tool, but for too long I’ve just been starting it as root, and ignoring the nag-screen that Debian keeps throwing at me. But it’s dead simple to do it the right way without root privileges.
Continue reading “Using wireshark without root”
It’s embarrassing. I just have a mental block when it comes to adding an existing user to an existing group.
sudo adduser user group
or to remove a user from a group
sudo deluser user group
Most tutorials cover implementing IPsec as a VPN solution between two sites, but what if you want to secure communications on one site representing a not atypical home LAN with a couple of machines: some wireless, some Linux, some Android, some Windows, and a dual ipv6/ipv4 stack (courtesy of Hurricane Electric’s free TunnelBroker service)? And to make life more difficult, there are some devices that don’t support IPsec at all. Obviously, you need at least two IPsec capable machines for this to make much sense.
Does it work, and how well?
Continue reading “Ipsec on a small LAN”
I recently wrote about using gphoto2 to both set Owner and Copyright information on a DSLR, and using it for tethered shooting. For those of you who are adverse to command lines, the very promising Entangle is now in Debian unstable.
Continue reading “Tethered shooting with Entangle”
Tethered shooting with a DSLR (shooting directly to a connected computer via a USB cable) on Linux is very, very easy, assuming you have gphoto installed.
And start shooting away! However, I wanted to be a bit cleverer and improve my workflow slighty to overcome a few shortcomings. I wanted to:
- Shoot raw
- Display the last shot full-screen.
- Not clobber existing files if I re-ran the tether.
it turns out that this is all easy to do with a small bash script and gphoto’s “hook” capabilities. I knocked up the following based upon the sample distributed with gphoto and called it hook.sh.
Continue reading “Tethered shooting with gphoto2”
If you are a GIMP user you can end up with plenty of .xcf files. I do all my editing with xcfs after importing from RAW with the excellent ufraw-gimp plugin. But they can get pretty big…
Step forward bzip2. If you are running linux, you will already have bzip installed, and the bonus is that GIMP can read and write natively its xcf files compressed with bzip. There is a small performance hit on opening and saving files, but you can save 10-40% of file-size; that can easily be 40 MiB for a simple file with a couple of layers.
Continue reading “GIMP xcf file size reduction”