Posts
4828
Following
321
Followers
488
Linux kernel hacker and maintainer etc.

OpenPGP: 3AB05486C7752FE1
jarkko

Jarkko Sakkinen

Reply to @jarkko

I think what goes wrong is my static /etc/fstab from “Busybox ERA”.

1
0
0
jarkko

Jarkko Sakkinen

I was able to create #systemd image with #BuildRoot.

However, it boots into emergency mode. Any tips or ideas?

My end product is 2GB img file that can be booted either with real hardware or in QEMU (it has #UEFI layout).
1
0
0
jarkko

Jarkko Sakkinen

Reply to @ljs
@ljs @vbabka Well, I like it and it works without issues for most of the time.

In Fedora installation I did not have sockets correctly configured so I wrote a script, and also in Fedora I had to first time create scdaemon.conf.

So I expect this to work better than before :-)

Maybe I should make this a contribution to PGP maintainers guide with more verbose explanations?

Especially the part which sockets need to be on would be good to be there because it is not easy to know beforehand the correct configuration e.g. if you've never used gpg-agent.
1
0
2
jarkko

Jarkko Sakkinen

Reply to @jarkko

@vbabka For reference:

default-cache-ttl 3600
default-cache-ttl-ssh 3600
max-cache-ttl 7200
max-cache-ttl-ssh 7200
enable-ssh-support
0
0
1
jarkko

Jarkko Sakkinen

Reply to @vbabka
@vbabka So you can check from here: https://gitlab.com/jarkkojs/skeleton/-/tree/main/.gnupg?ref_type=heads

And also here: https://gitlab.com/jarkkojs/skeleton/-/blob/main/.local/bin/linux-reset-gpg-agent?ref_type=heads

Maybe noteworthy in the script is that there are two sockets that need to be enabled:

- ssh-agent.socket
- ssh-agent-ssh.socket

I've sometimes forgot to enable latter.
1
0
1
jarkko

Jarkko Sakkinen

Shortest cheat sheet possible for xxd:

xxd -r -p | xxd -p -c 0
0
0
0
jarkko

Jarkko Sakkinen

Reply to @vbabka
@vbabka I've tested these myself in OpenSUSE and Fedora. I'd try both #1 and #3 from previous. In Fedora after boot it was not otherwise working right off the bat.
1
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
... and I'm thinking of doing of my own command-line wallet.
0
0
1
jarkko

Jarkko Sakkinen

Edited 1 year ago

My lessons learned from #ethprague was these are the key algorithms:

  1. P256-K1 also known as the #bitcoin curve.
  2. Keccak-256, as it was before it became SHA-3. AFAIK, they have just some padding incompatibility. This is the hash used in #ethereum.

I don’t see really any problem make them a bit more “stack compatible”. So maybe something to look at after I get my TPM2 public key patch set into the mainline.

So like when running bunch of servers, how to seal your keys properly, pretty basic stuff.

1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
"It is a crime against humanity and human race overall if you leave your legacy to a machine."

That's it what I was trying to say.
1
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 1 year ago
Otherwise we might run into actual scenarios of pretty unpredictable consequences so now IMHO would be just best point in time to build some AI firewalls or something. This is also self-governance. What if one of your business partners turned into AI over night, after passing away night before? Entirely possible soon, like week before funeral, week after new AI me :-)

And someone might even want purposely want to leave the fortune after passing away through legit legal documents purposely. Legislation should really govern against this scenario proactively.
1
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
I'd hope to see #Google, #Microsoft and #Amazon put this forward. I.e. identify the biggest single risk with the AI correctly and just address the risk of inherited fortune. Not like "killing the whole industry of nonsense" ;-) #infosec
1
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
And without getting political or namesaying I can only say that whoever candidate is now they might consider also e.g. funder for their agenda. Money just talks, that never changes.
1
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
Governance for this loophole: put legistlation forward on inherited money and other fortune. That would be sort of reliable AI insurance for any society.
1
0
1
jarkko

Jarkko Sakkinen

When thinking about #AI #threat in general, like in a #dystopian type of situation, I'd be more concerned on whether AI can inherit in #legal terms large amounts of cash or other #fortune.

I mean... it is simple really. The current ones just turn ******g off. But, if just by pure accident the tables were turned. That is undefined society model that probably does not have even a name yet

I'm always looking for an adventure, but not the AI slavery dystopian one... Be forewarned, I mean this have at least theoretical chances of actually realizing in a form or another. More like due than potential risk IMHO.
1
0
1
jarkko

Jarkko Sakkinen

Reply to
@ikkeT I've ended up not using LSP.

I think it has a wrong design. Microsoft could just as well do a single portable library with plugin interface for language provider modules. Then it could have way more sleek user experience.

Instead they made shaky IPC. It has all the same issues as using different terminal programs and lrzsz,
0
0
1
jarkko

Jarkko Sakkinen

Reply to @monsieuricon
@monsieuricon This.

It is also hypocritical to criticize paywalls on platforms where you pay with personal data and by watching ads.
0
0
0
jarkko

Jarkko Sakkinen

I did not know about ~/.config/nvim/after/plugin before reading this: https://fedoramagazine.org/configuring-neovim-on-fedora-as-an-ide-and-using-lazyvim/
0
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko

At least in Fedora, also shared a access configuration needs to be defined in ~/.gnupg/scdaemon.conf:

# See for further information:
# https://github.com/OpenSC/OpenSC/wiki/GnuPG-and-OpenSC
card-timeout 5
disable-ccid
pcsc-shared

Otherwise, the earlier script needs to be run separately for each boot as a workaround. In OpenSUSE, I guess the defaults are different, given that everything just works without this extra configuration.

1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 1 year ago

For gpg-agent I have the following entries in ~/.gnupg:

gpg-agent.conf
gpg-agent.conf.darwin
gpg-agent.conf.linux-gnu

In a new installation the correct configuration can be deployed as follows:

cp ~/.gnupg/gpg-agent.conf.$OSTYPE ~/.gnupg/gpg-agent.conf
1
0
0
Show older
About social.kernel.org

Terms of service

  1. Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.

  2. "Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.

  3. You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).

  4. There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

  • You are listed in MAINTAINERS or CREDITS

  • OR: You have a kernel.org account or email address

  • OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account: