Nel caso a qualcuno potesse interessare, un bigino sul funzionamento dei vari tipi di alimentatori:

global.tdk.com/news_center/pub…

( from: righto.com/2012/10/a-dozen-usb… )

The default behaviour of ssh in debian testing has changed a bit: now it uses ECDSA and shows SHA256 fingerprints by default instead of using RSA and showing MD5 fingerprints.

Of course, most listings of host fingerprints still only show MD5 fingerprints for an RSA key.

This is a way to ask a server for its keys and print their fingerprints, allowing some crosscheck.

$ ssh-keyscan -t rsa,ecdsa $SERVER > keys.pub && ssh-keygen -lf keys.pub -E md5
$ # check the results against the published listing
$ ssh-keygen -lf keys.pub

I can think of an attack on this: somebody could intercept the communication, send you the right RSA pubkey and their own ECDSA, and then redirect the communication toward their own host.

Relevant links:

permalink.gmane.org/gmane.linu…
bridge.grumpy-troll.org/2011/0…
enricozini.org/2008/tips/ssh-h…

(Post title courtesy of @Enrico Zini )

I've decided I don't want to keep an ssh key on my traveling laptop, but I still need to be able to authenticate to a number of hosts (and expecially gpg repositories). I also have an OpenPGP smartcard (from the FSFE). A plan is starting to form.

There are a number of guides available, but many of those are obsolete; the following pages are from this decade:

• Using GnuPG (2.1) for SSH authentication
• Using GnuPG for SSH authentication (from the same author, using GnuPG 2.0, includess still current notes on using a smartcard)
• How to use authentication subkeys in gpg for SSH public key authentication
• SSH authentication with your PGP key

I've had some success from outside X, now I need to find out where I should disable ssh-agent from starting every time a start an X session, so that gpg-agent can take its place.

@Gruppo Linux Como @LIFO #gnupg

Quest'anno all'ESC c'è stato un lieve maltempo (eufemismo), ma questa ne è stata la conseguenza :)

Alla fine dell'arcobaleno c'era un pentolone, e credo che a quell'ora fosse già pieno di gnocchi.

twitter.com/martinkrafft/statu…

Tipo un @Fabio a caso....

To be sure not to waste time during a ksp to meet people with whom I have already exchanged fingerprints, I decided to do a quick check of the list.

I had already downloaded a recent wotsap db to ~/.wotsapdb;

$ wotsap $MY_KEY > signatures.txt

I've then edited the file, keeping just the signature sections:

This key is signed by, excluding cross-signatures:
[...]
This key is cross-signed with:
[...]
Keys signed by this key, excluding cross-signatures:
[...]

And then grepped the keys in the kps file in that list (maybe doing the reverse would have been better, whatever)

$ for K in `grep "^pub" ksp-dc15.txt | cut -c 15-22 ` ; do grep $K signatures.txt ; done

The first characters on each line tells you if it is a cross signature (X,X), if you have signed the key (-,X) or if they have signed your key (X,-), so that you can mark them on the ksp list as "ignore", "ask if there were problems with your fingerprint / ID", "ask whether they have received your signatures" as relevant.

I only had a few results, so the next step was done by hand.

Let us image I have a reason to print a text file that is 2965 lines long, is encoded in utf-8 (so a2ps and enscript don't work) and I don't want to destroy a whole forest for it.

I've started by using xelatex to get a nicely typeset A5 page with my file in a monospaced font: partecipants.tex

\documentclass[a5paper]{article}
\usepackage{fontspec}
\usepackage[left=1cm,right=1cm,top=0.8cm,bottom=1cm,foot=0.2cm]{geometry}
\usepackage{listings}

\lstset{ %
  basicstyle=\ttfamily\scriptsize,
  frame=none,
  keepspaces=true,
}

\begin{document}
\lstinputlisting{ksp-dc15.txt}
\end{document}

This gets compiled into partecipants.pdf with

$ xelatex partecipants.tex

And resulted in 44 pages, 4 less than the 48 needed by a2ps, and printable on just 11 A4 sheets.

I wanted it to be easily manageable while walking around, taking notes into it while standing, so I decided to arrange it in booklet form:

$ pdfbook partecipants.pdf

The result, partecipants-book.pdf was printed (two sided, of course) folded and stitched in the middle.

I could have arranged it into signatures, but this would have required an additional sheet to bring the number of pages to a multiple of 16.

I know that there are electronic alternatives around, and I've also considered just carrying around the file and adding notes (to a copy?) with vim, but I'd trust a paper copy more.

Yesterday, both the FSF and Conservancy announced that Canonical, Ltd. changed their Intellectual property rights policy in such a way that they no longer violate the GPL as it used to.

There are a number of personal comments on the matter by people involved in the case: Bradley M. Kuhn, Matthew Garrett and Jonathan Riddell; the TL;DR is that now the situation is fine from a legal point of view, and it has been solved in a shorter time than usual (just two years! speaking of lowered expectations...), but Canonical is still applying restrictions to non-GPL code that are out of place from a Free Software respecting entity.

This made me wonder about the hordes of tiny ubuntu derivatives out there, which are probably too small to attract attention and risk consequences, but are probably not in compliance with Canonical's policies. Should they rebase themselves on Debian, giving their trust to a community who believes in Free Software instead of a company with different priorities?

Should they start contributing upstream to Debian, and turn themselves into Debian Pure Blends? YES, but this is a different and wider matter :)

Not worn for obvious reasons, but my first pair of split drawers, with a pattern inspired by a number of start-of-century manuals found on archive.org, but adapted to a more modern method.

These were made from an old bedsheet (and they show it, including bleach stains on the side not seen on the pictures), and I have to enlarge them a bit, but they are already wearable.

Detailed instructions to draft the pattern will be available... when ready (probably before the next debian stable release, probably) :)

Lately I have been sewing a bit and since "daguerrotype or it didn't happen", this is a picture of me wearing mostly underwear :)

A couple of days ago this appeared in my system logs

Mar 31 23:59:59  kernel: Clock: inserting leap second 23:59:60 UTC

my first reaction of course was "great! they gave us one second more of sleep! MY PRECIOUSSSS", but then I realized that yes, this year there was supposed to be a leap second, but it should have been in June, not in March.

Other people I know noticed the message, but nobody knew anything else about it, and duckduckgoing didn't find anything, so I'm asking the lazyweb: does anybody know what happened?

Update: it seems that this has been traced to a single layer1 ntp server.

Anche quest'anno si terrà la DUCC-IT, Debian Ubuntu Community Conference Italia: quarta edizione che si terrà a Milano Lambrate sabato 23 e domenica 24 maggio presso il TIM WCAP Accelerator di via Rombon 52.

È aperta la call for paper e chi vuole aiutare nell'organizzazione è il benvenuto, ma soprattutto partecipate: è un'ottima occasione per incontrare un po' tutto il mondo del Software Libero in Italia.

Tutte le info sul sito ufficiale: ducc.it/

@Debian @LIFO @Gruppo Linux Como

Tonight I've dreamt I was in some kind of computer store and somebody told me that I should always save a copy of my work, as a backup.

I looked at him thinking "you really want to talk about this subject", by SO looked at me as if thinking "oh, no! she's starting!" and then I went into full vcs-home evangelist mode.

I may have just a bit of a problem :)

Shaun the sheep, the movie.

L'ho detto? L'ho detto.

youtube.com/watch?v=zQHsXT_fxb…

Andfrnd Uploader Beta

URI: file:///sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1409668908332.jpg
File name: /sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1409668908332.jpg

Yesterday I missed a query from a friend (with the answer to a question *I* had asked in the first place) because it ended up in window 30-something and my statusbar was full of dim numbers from channels where people had just joined/left.

This morning I've set
activity_hide_level = JOINS PARTS QUITS
and my world is a much neater place :)

(I may have to add NICKS and possibly MODES, but they are rare enough and I'm still not sure I don't care about them, especially the latter.)

I've eventually decided to donate to the current MediaGoblin crowdfunding campaign

I do hope that they will make it to the next unlock level (Aveyah), or at least that they get close enough (with the matching grant this looks feasible) that they decide to work on most of the features.