Hardware

Entries feed

Thursday, 26 July, 2018

Add a PGP subkey to Yubikey 4

By Jose M Calhariz on Thursday, 26 July, 2018, 09:03

I have a Yubikey from the job and wanted to start signing git commit without copying my Debian PGP key to the work computer. No, I did not want to create a second class PGP key just for the work. Here are the instructions for someone else do the same.

On the master computer

  • Create a second home dir for gpg

Because of bug #904596 I recommend to move your GPG home directory out of the way. Copy it into the original directory before starting.

mv ~/.gnupg ~/.gnupg.ref
cp -r ~/.gnupg.ref ~/.gnupg
  • Create a subkey just for signing.

Create a subkey and take noticy of is id.

gpg --edit-key <KEY ID>
addkey
list
save
  • Move into the Yubikey.

Select the new subkey and move it into the Yubikey.

gpg --edit-key <KEY ID>
key <SUB KEY ID>
keytocard 
save
  • Publish the updated PGP Key
gpg --keyserver http://keyserver.ubuntu.com --send-keys <KEY ID>
  • Store the public URL of the key on Yubikey
gpg --edit-card
url http://https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=...
quit
  • Backup both GPG home dir

On your master computer you need to use the old GPG home dir. But need to store both for the future.

mv ~/.gnupg ~/.gnupg.yubikey4
mv ~/.gnupg.ref ~/.gnupg
cd ~
tar cf gnupg-homedir.backup.tar .gnupg .gnupg.yubikey4
  • Test
gpg --armor --sign

Should work without asking for the Yubikey.

  • Wait for the Key server to update your public key with the new subkey.

On a new computer

  • Plug the Yubikey
  • Through Yubikey fetch the public PGP Key
gpg --edit-card
fetch
quit
  • Test
gpg -armor --sign

Should ask for the Yubikey.

Saturday, 30 July, 2016

Enabling Wifi QCA9377 on a Asus E200HA

By Jose M Calhariz on Saturday, 30 July, 2016, 17:30

I bought a new laptop E200HA, because my previous was a MacBook and It broke after a fall into the ground.

I let it boot first in Win10 to check if everything was OK and because I could not found the way to enter in the UEFI/BIOS. It is F2 and is edge triggered. It boots fast into Win10, but I got the feeling of being a little slow. No worries because I it bought for running Debian and because of the autonomy of the battery, 14hours playing music according to Asus. A little research if the new laptop could run Linux almost return no hits, but one very valuable link on how to setup the Wifi. So I got the feeling that I needed a Debian stretch CD for installation. So I download the first installation DVD from here. Run a trial of the DVD image using kvm

kvm -m 2047 -cdrom debian-stretch-DI-alpha7-amd64-DVD-1.iso

Found that the installer DVD now have the functionality of Live CD. This will be useful. Copy the image to a USB stick using dd command.

I turned on the E200HA, entered into the UEFI/BIOS by pressing and releasing the F2 key. Turned off the secure boot and select USB storage for boot. The E200HA happily boot the Linux and I select the rescue mode. Using another USB stick of 32GB that was formatted in xfs, because of the lower slack for storing the inodes than ext3/4. In this USB stick I put a raw image of the internal storage of the E200HA, preserving this way the Win10.

Another reboot, this time for installation of Debian stretch. It detected the lack of firmware files, for the WiFi adaptor. This link come very handy. The instructions are for an older Linux kernel. So I recommend doing something similar to the following commands:

git clone https://github.com/ajaybhatia/Qualcomm-Atheros-QCA9377-Wifi-Linux
cd Qualcomm-Atheros-QCA9377-Wifi-Linux/firmware-only
tar cvf QCA9377.tar QCA9377

Copy the tar file to a a second USB stick and connect it to the other USB port. This tar is not the files the Debian installer are expecting, so you need to change to the second console "Alt-F2", press enter to activate a shell, and do the following commands:

cd /lib/firmware
mkdir ath10k
mount /dev/sdb1 /mnt
cd ath10k
tar xf /mnt/QCA9377.tar

Return to the first console "Alt-F1" and continue with the installation. The list of missing firmware files is reduced and the WiFi can work. I had problems with the WiFI, but was because a neighbor router was on the same channel, since I changed the channel of my router the WiFi is working as a charm.

The following links maybe useful in the future or as a reference:

kvalo/ath10k-firmware

kernel/git/firmware/linux-firmware.git

Saturday, 5 September, 2015

Problems with UEFI?

By Jose M Calhariz on Saturday, 5 September, 2015, 16:49

Do you have problems with UEFI? Take a look into this page

Thursday, 21 March, 2013

Some benchmarks of RaspberryPI

By Jose M Calhariz on Thursday, 21 March, 2013, 22:50

I have made some quick benchmarks of my SD card on my Raspberry PI.

ionice -c 1 nice --20 hdparm -tT /dev/mmcblk0

/dev/mmcblk0:
 Timing cached reads:   280 MB in  2.00 seconds = 139.69 MB/sec
 Timing buffered disk reads:  32 MB in  3.13 seconds =  10.23 MB/sec

cat /sys/block/sda/queue/scheduler 
noop [deadline] cfq
./seeker /dev/mmcblk0
Seeker v2.0, 2007-01-15, http://www.linuxinsight.com/how_fast_is_your_disk.html
Benchmarking /dev/mmcblk0 [15193MB], wait 30 seconds
295223396
..............................
Results: 409 seeks/second, 2.443 ms random access time

for i in {1..32} ; do dd if=/dev/zero of=space.$i.4GiB.out bs=1M count=4096 ; done
4096+0 records in
4096+0 records out
4294967296 bytes (4.3 GB) copied, 802.682 s, 5.4 MB/s
^C902+0 records in
902+0 records out
945815552 bytes (946 MB) copied, 169.609 s, 5.6 MB/s

ionice -c 1 nice --20 bonnie++ -u root
Using uid:0, gid:0.
Writing a byte at a time...done
Writing intelligently...done
Rewriting...done
Reading a byte at a time...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Create files in sequential order...done.
Stat files in sequential order...done.
Delete files in sequential order...done.
Create files in random order...done.
Stat files in random order...done.
Delete files in random order...done.
Version  1.96       ------Sequential Output------ --Sequential Input- --Random-
Concurrency   1     -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
Machine        Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec %CP
raspberrypi      1G    47  98  5095   7  3618   7   349  99 12698  11 485.6  56
Latency               472ms   13531ms    8527ms   37039us   47144us   56047us
Version  1.96       ------Sequential Create------ --------Random Create--------
raspberrypi         -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete--
              files  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP  /sec %CP
                 16  2752  63 +++++ +++  4110  60  2599  58 +++++ +++  4003  60
Latency             14651us    8503us    5143us    6866us     394us    3927us
1.96,1.96,raspberrypi,1,1363919597,1G,,47,98,5095,7,3618,7,349,99,12698,11,485.6,56,16,,,,,2752,63,+++++,+++,4110,60,2599,58,+++++,+++,4003,60,472ms,13531ms,8527ms,37039us,47144us,56047us,14651us,8503us,5143us,6866us,394us,3927us