Conversation

@oleksandr @ljs can i get an autographed copy

1
0
0

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr πŸ” *shriek*

0
1
2

@ljs @lkundrak Sign the email with GPG.

1
0
1

@ljs @lkundrak Buy that token already.

1
0
0

@ljs @lkundrak Good, now use it.

1
0
1
@oleksandr @lkundrak I made a ton of mistakes that @vbabka helped me with because he passed (i.e. failed) the intelligence test
1
0
3
@ljs @oleksandr @lkundrak yes, despite @monsieuricon 's excellent guide nowhere saying "move your master key to the token", guess what Lorenzo did?
3
1
4

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr i own three!!!11

*🐟 dominance display*

1
0
1

@oleksandr @ljs mine are bigger! *shriek* *shriek* πŸ”

1
0
2

@lkundrak @ljs Do they feature MIL-DTL connector?

0
0
0
@vbabka @oleksandr @lkundrak @ljs @monsieuricon should be "copy your master key to *a* token and only then maybe move your master key to *the* token"
1
0
1
@liskin @oleksandr @lkundrak @monsieuricon @vbabka for the record I despise all of this and find it about the worst software experience in the known universe
1
0
2

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @liskin @monsieuricon @vbabka i thought it's a great experience that there's a unit file for a gpg ssh agent so that when i plug the token it just works but they removed it in last release

1
0
3
@lkundrak @oleksandr @liskin @monsieuricon @vbabka I have tried to make a gpg ssh A subkey but we'll see if that ever works
1
0
2
@vbabka @ljs @lkundrak @oleksandr I guess I didn't make it ... fool-proof? ;)
1
0
2
@monsieuricon @vbabka @lkundrak @oleksandr *automatically raises hand* here!

*realises and slowly lowers hand, looking around hoping nobody saw*
1
0
2

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @monsieuricon @vbabka fish lord saw but don't care

1
1
2

Jarkko Sakkinen

Edited 1 month ago

@oleksandr @ljs @lkundrak @monsieuricon @vbabka i cannot recall anymore why it is like it is but do not want to touch it because it seems to be a steady performer in all possible distributions ;-)

On a new system before running that I do

gpg --recv-keys 3AB05486C7752FE1
gpg --edit-key 3AB05486C7752FE1

And in interactive prompt trust and give β€œultimate trust” to my key (whatever fuck that means but seems to be essential). Then I run my bootstrap script.

1
0
0
@jarkko @lkundrak @monsieuricon @oleksandr @vbabka yeah but so does

1. drilling a hole in your head
2. replacing the mush with water turning it into a fish bowl
3. Installing a fish

🌊πŸͺ“πŸŸ

πŸ‘‡
🚫 🧠
πŸ₯° 🐟
πŸ‘
2
0
4
@ljs @lkundrak @monsieuricon @oleksandr @vbabka oh forgot https://codeberg.org/jarkko/skeleton/src/branch/main/.gnupg ;-) scdaemon.conf is something that i added based on random googling as gpg-agent suddenly stopped working last Spring.
2
0
2
@ljs @lkundrak @monsieuricon @oleksandr @vbabka No ChatGPT used on it just monkey on the keys (aka me) trying out random combinations of options until it started worked again (no idea what the options actually do) ;-)
0
0
1
@jarkko @lkundrak @monsieuricon @oleksandr @vbabka this really massively reassures me now I moved my gpg private keys onto my yubikey.

And LUCKILY was able to clinch backup to an encrypted usb key just in case...

I also encrypt stuff relating to sending emails via gpg so kinda key to everything lol
1
0
2

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @jarkko @monsieuricon @vbabka fuck yeeeah

πŸ‘πŸͺ“ πŸ” but no opposable thumbs

1
0
2
@ljs @lkundrak @monsieuricon @oleksandr @vbabka it's worth it and it's worth of trouble to start using pass too...
0
0
1
@lkundrak @oleksandr @jarkko @monsieuricon @vbabka REMOVE THEM IMMEDIATELY

(as the others in this thread wish they could)
1
0
2

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @jarkko @monsieuricon @vbabka the only good use of an opposable thumb is to remove an opposable thumb

1
1
4
@lkundrak @ljs @oleksandr @monsieuricon @vbabka I think GPG like a vacuum cleaner. You don't need to understand always the exact mechanism: just make sure that every key in .gnupg/private-keys.d starts with "Key: (shadowed-private-key", which means that it some kind of reference to the key inside smartcard. And if it stops working, take the attitude on fixing the config files as your were giving a proper kick to your vacuum cleaner 🀷
1
0
0

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@jarkko @oleksandr @ljs @monsieuricon @vbabka i think of gpg as a vacuum cleaner too:
it sucks.

1
3
3
@ljs @oleksandr @lkundrak @monsieuricon @vbabka ssh luckily supports token backed keys via u2f (so no gpg) and the experience is quite a bit better
1
0
2

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @liskin @monsieuricon @vbabka perfect! *flap* *flap* *flap* 🌊 πŸͺ“ 🐟

1
1
1
@lkundrak @oleksandr @liskin @monsieuricon @vbabka *flap flap flap*

struct fishbowl *fishbowl = (struct fishbowl *)install(FISH_BOWL)->into(SKULL);

fishbowl->add(WATER);
fishbowl->add(FISH);
1
0
0

HAMMER SMASHED FILESYSTEM πŸ‡ΊπŸ‡¦

@ljs @oleksandr @liskin @monsieuricon @vbabka ebpf verifier, fish edition:
enum bpf_arg_type { ARG_DONTCARE = 0 }

1
1
3