One Suggestion by ... Calhariz - Tag - PGP2024-01-08T23:12:49+00:00Jose M Calharizurn:md5:d12ac81d22d777c9db33469001313704DotclearA Selection of talks from DebConf 2018urn:md5:37622e750250644f757410d0d967313f2018-08-03T09:13:00+01:002018-08-03T08:42:30+01:00Jose M CalharizConferenceConferenceDebConfDebianOpen SourcePGPSys Admin <p>This is my selection of talks from DebConf18.</p>
<ul>
<li><a href="https://debconf18.debconf.org/talks/136-open-day-opening-ceremony/" hreflang="en">Open Day Opening Ceremony</a></li>
<li><a href="https://debconf18.debconf.org/talks/144-debian-meets-smart-city-applications/" hreflang="en">Debian Meets Smart City Applications</a></li>
<li><a href="https://debconf18.debconf.org/talks/143-panel-discussion-story-of-debian-contributors-around-the-world/" hreflang="en">Panel Discussion: Story of Debian contributors around the
world</a></li>
<li><a href="https://debconf18.debconf.org/talks/128-opening-ceremony/" hreflang="en">Opening Ceremony</a></li>
<li><a href="https://debconf18.debconf.org/talks/104-software-transparency-package-security-beyond-signatures-and-reproducible-builds/" hreflang="en">Software transparency: package security beyond signatures and
reproducible builds</a></li>
<li><a href="https://debconf18.debconf.org/talks/75-bits-from-the-dpl/" hreflang="en">Bits from the DPL</a></li>
<li><a href="https://debconf18.debconf.org/talks/108-in-1968-mom-built-a-computer/" hreflang="en">In 1968 Mom built a computer</a></li>
<li><a href="https://debconf18.debconf.org/talks/37-continuous-key-signing-party-introduction/" hreflang="en">Continuous Key-Signing Party introduction</a></li>
<li><a href="https://debconf18.debconf.org/talks/31-learn-how-to-triage-bugs/" hreflang="en">Continuous Key-Signing Party introduction</a></li>
<li><a href="https://debconf18.debconf.org/talks/15-making-games-work-better-on-debian/" hreflang="en">Making Games Work Better on Debian</a></li>
<li><a href="https://debconf18.debconf.org/talks/9-ignoring-negativity/" hreflang="en">Ignoring Negativity</a></li>
<li><a href="https://debconf18.debconf.org/talks/60-git-debrebase-new-tool-for-managing-debian-packaging-in-git/" hreflang="en">git-debrebase - new tool for managing Debian packaging in
git</a></li>
<li><a href="https://debconf18.debconf.org/talks/82-building-a-debian-derivative-lessons-learned-and-solutions-found/" hreflang="en">Building a Debian Derivative: Lessons Learned and Solutions
Found</a></li>
<li><a href="https://debconf18.debconf.org/talks/27-meet-the-technical-committee/" hreflang="en">Meet the Technical Committee</a></li>
<li><a href="https://debconf18.debconf.org/talks/71-autodeploy-from-salsa/" hreflang="en">Autodeploy from salsa</a></li>
<li><a href="https://debconf18.debconf.org/talks/118-server-freedom-why-choosing-the-cloud-openstack-and-debian/" hreflang="en">Server freedom: why choosing the cloud, OpenStack and
Debian</a></li>
<li><a href="https://debconf18.debconf.org/talks/70-news-from-the-apt-team/" hreflang="en">News from the APT team</a></li>
<li><a href="https://debconf18.debconf.org/talks/59-report-from-the-debian-efi-team-about-the-support-of-secure-boot-on-debian/" hreflang="en">Report from the Debian EFI team about the support of Secure Boot
on Debian</a></li>
<li><a href="https://debconf18.debconf.org/talks/91-whats-new-in-the-linux-kernel/" hreflang="en">What's new in the Linux kernel</a></li>
<li><a href="https://debconf18.debconf.org/talks/92-backporting-hardware-support-in-debian/" hreflang="en">Backporting hardware support in Debian</a></li>
<li><a href="https://debconf18.debconf.org/talks/30-rethinking-font-packagesfrom-the-document-level-down/" hreflang="en">Rethinking font packages—from the document level down</a></li>
<li><a href="https://debconf18.debconf.org/talks/53-faime-a-build-service-for-installation-and-cloud-images/" hreflang="en">FAI.me - A Build Service for Installation and Cloud
Images</a></li>
<li><a href="https://debconf18.debconf.org/talks/38-thats-a-free-software-issue/" hreflang="en">That's a free software issue!</a></li>
<li><a href="https://debconf18.debconf.org/talks/62-lightning-talks/" hreflang="en">Lightning Talks</a></li>
<li><a href="https://debconf18.debconf.org/talks/80-reproducible-buster-and-beyond/" hreflang="en">Reproducible Buster and beyond</a></li>
<li><a href="https://debconf18.debconf.org/talks/48-segregated-dynamic-linking-keeping-the-peace-between-incompatible-dependencies/" hreflang="en">Segregated Dynamic Linking (keeping the peace between
incompatible dependencies)</a></li>
<li><a href="https://debconf18.debconf.org/talks/1-debian-sandboxes-for-users-and-developers/" hreflang="en">Debian sandboxes for users and developers</a></li>
<li><a href="https://debconf18.debconf.org/talks/133-dsa-bof/" hreflang="en">DSA BoF</a></li>
<li><a href="https://debconf18.debconf.org/talks/79-multiple-people/" hreflang="en">Multiple people</a></li>
<li><a href="https://debconf18.debconf.org/talks/77-cryptsetup-in-debian-tips-tricks-and-future-plans/" hreflang="en">Cryptsetup in Debian: tips, tricks, and future plans</a></li>
<li><a href="https://debconf18.debconf.org/talks/126-debconf20-in-your-city/" hreflang="en">DebConf20: In... your city?</a></li>
<li><a href="https://debconf18.debconf.org/talks/174-ignoring-negativity-followup/" hreflang="en">"Ignoring Negativity" followup</a></li>
<li><a href="https://debconf18.debconf.org/talks/127-debconf19-curitiba/" hreflang="en">DebConf19: Curitiba</a></li>
<li><a href="https://debconf18.debconf.org/talks/131-closing-ceremony/" hreflang="en">Closing ceremony</a></li>
</ul>at daemon 3.1.23, with some fixes and now a signatureurn:md5:e7aee9d4ecc11bf938f968e0e505314f2018-07-26T13:28:00+01:002018-07-26T13:37:14+01:00Jose M CalharizSoftwareatDebConfOpen SourcePGP <p>This is the public announcement of release 3.1.23.</p>
<p>I have made some non public releases of at daemon for internal development
of the Debian package, since 3.1.20. This fixes some reported bugs and the
development was made using http://salsa.debian.org. You can download the tar
from <a href="http://blog.calhariz.com/public/sft/at/at_3.1.23.orig.tar.gz">here</a> and the signature
from <a href="http://blog.calhariz.com/public/sft/at/at_3.1.23.orig.tar.gz.asc">here</a>.</p>
<p>The Changelog:</p>
<pre>
at 3.1.21 (2018-07-23):
Jose M Calhariz:
832368-Using_of_the_meaningless_fcntl
Fix call of fcntl by replacing (long) 1 with FD_CLOEXEC
892819-at__improvements_to_atd.service
Improve atd.service, see bug report 892819
885891-at__stale_batchjobs_after_reboot
Remove stale at jobs after a boot.
897669-897670-Some_fixes_in_the_manuals
Fix some warnings in manpages at.1 and atd.8
883730-Remove_invalid_email_from_man_page
Remove invalid email from man pages.
at 3.1.22 (2018-07-24):
Jose M Calhariz:
Draft of a release script
at 3.1.23 (2018-07-24):
Jose M Calhariz
Finalised script to release software.
</pre>Add a PGP subkey to Yubikey 4urn:md5:450fed594cc9fafb82e06e3d6a9c41232018-07-26T09:03:00+01:002018-07-31T07:51:04+01:00Jose M CalharizHardwareDebConfOpen SourcePGP <p>I have a Yubikey from the job and wanted to start signing <q>git commit</q>
without copying my Debian PGP key to the work computer. No, I did not want to
create a second class PGP key just for the work. Here are the instructions for
someone else do the same.</p>
<p><strong>On the master computer</strong></p>
<ul>
<li>Create a second home dir for gpg</li>
</ul>
<p>Because of bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904596" hreflang="en">#904596</a> I recommend to move your GPG home directory out of the way.
Copy it into the original directory before starting.</p>
<pre>
mv ~/.gnupg ~/.gnupg.ref
cp -r ~/.gnupg.ref ~/.gnupg
</pre>
<ul>
<li>Create a subkey just for signing.</li>
</ul>
<p>Create a subkey and take noticy of is id.</p>
<pre>
gpg --edit-key <KEY ID>
addkey
list
save
</pre>
<ul>
<li>Move into the Yubikey.</li>
</ul>
<p>Select the new subkey and move it into the Yubikey.</p>
<pre>
gpg --edit-key <KEY ID>
key <SUB KEY ID>
keytocard
save
</pre>
<ul>
<li>Publish the updated PGP Key</li>
</ul>
<pre>
gpg --keyserver http://keyserver.ubuntu.com --send-keys <KEY ID>
</pre>
<ul>
<li>Store the public URL of the key on Yubikey</li>
</ul>
<pre>
gpg --edit-card
url http://https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=...
quit
</pre>
<ul>
<li>Backup both GPG home dir</li>
</ul>
<p>On your master computer you need to use the old GPG home dir. But need to
store both for the future.</p>
<pre>
mv ~/.gnupg ~/.gnupg.yubikey4
mv ~/.gnupg.ref ~/.gnupg
cd ~
tar cf gnupg-homedir.backup.tar .gnupg .gnupg.yubikey4
</pre>
<ul>
<li>Test</li>
</ul>
<pre>
gpg --armor --sign
</pre>
<p>Should work without asking for the Yubikey.</p>
<ul>
<li>Wait for the Key server to update your public key with the new subkey.</li>
</ul>
<p><strong>On a new computer</strong></p>
<ul>
<li>Plug the Yubikey</li>
</ul>
<ul>
<li>Through Yubikey fetch the public PGP Key</li>
</ul>
<pre>
gpg --edit-card
fetch
quit
</pre>
<ul>
<li>Test</li>
</ul>
<pre>
gpg -armor --sign
</pre>
<p>Should ask for the Yubikey.</p>