Linux – Brabeum

Using a Yubikey for 2-factor authentication

For those of you who have not yet encountered a Yubikey, it is a physically small security key which empowers passwordless or 2-factor authentication in a number of different scenarios. They now support a huge number of protocols including One Time Passwords, NFC, FIDO2, U2F, Smart card, and OpenPGP.

Mine has been living on my keyring for several years now, and has proved invaluable for me accessing both my physical and electronic world.

Importing missing apt keys

This is another one where I get a mental blank. I know there is a way to import a new gpg key for apt, but I always have to look it up.

sudo apt-key adv --keyserver keys.gnupg.net --recv 886DDD89

And that is all there is to it. (Substitute your favourite keyserver and the correct key, obviously).

Using wireshark without root

Wireshark is a great and powerful tool, but for too long I’ve just been starting it as root, and ignoring the nag-screen that Debian keeps throwing at me. But it’s dead simple to do it the right way without root privileges.

Adding users to groups

It’s embarrassing. I just have a mental block when it comes to adding an existing user to an existing group.

sudo adduser user group

or to remove a user from a group

sudo deluser user group

Meh!

Ipsec on a small LAN

Most tutorials cover implementing IPsec as a VPN solution between two sites, but what if you want to secure communications on one site representing a not atypical home LAN with a couple of machines: some wireless, some Linux, some Android, some Windows, and a dual ipv6/ipv4 stack (courtesy of Hurricane Electric’s free TunnelBroker service)? And to make life more difficult, there are some devices that don’t support IPsec at all. Obviously, you need at least two IPsec capable machines for this to make much sense.

Does it work, and how well?

Tethered shooting with Entangle

I recently wrote about using gphoto2 to both set Owner and Copyright information on a DSLR, and using it for tethered shooting. For those of you who are adverse to command lines, the very promising Entangle is now in Debian unstable.

Tethered shooting with gphoto2

Tethered shooting with a DSLR (shooting directly to a connected computer via a USB cable) on Linux is very, very easy, assuming you have gphoto installed.

gphoto2 --capture-tethered

And start shooting away! However, I wanted to be a bit cleverer and improve my workflow slighty to overcome a few shortcomings. I wanted to:

Shoot raw
Display the last shot full-screen.
Not clobber existing files if I re-ran the tether.

it turns out that this is all easy to do with a small bash script and gphoto’s “hook” capabilities. I knocked up the following based upon the sample distributed with gphoto and called it hook.sh.

GIMP xcf file size reduction

If you are a GIMP user you can end up with plenty of .xcf files. I do all my editing with xcfs after importing from RAW with the excellent ufraw-gimp plugin. But they can get pretty big…

Step forward bzip2. If you are running linux, you will already have bzip installed, and the bonus is that GIMP can read and write natively its xcf files compressed with bzip. There is a small performance hit on opening and saving files, but you can save 10-40% of file-size; that can easily be 40 MiB for a simple file with a couple of layers.