A lot of new hardware security keys (Yubikey, Nitrokey, Titan, etc.) now support FIDO2 (aka U2F aka Webauthn aka Passkey; yes it’s a mess). So does OpenSSH. This spells good news for us, because it is far easier to use than previous hardware security types (eg, PKCS#11 and OpenPGP) with ssh. A key benefit of all this, if done correctly, is that it is actually impossible to access the raw SSH private key, and impossible to use it without the presence of the SK and a human touching it.| www.complete.org
LoRa radios are very long-range (multiple miles/km) using small antennas and very low power. In exchange for this, they give up speed; the longest-range LoRa modes operate at only around 300bps. My lorapipe program aims to provide some nice Unixy interfaces to LoRa. See also XBee SX; those radios are similar, but offer hardware meshing and some additional nice properties. I have written quite a bit about LoRa; see my blog series about LoRa.| www.complete.org
Like the process described in Encrypting Filespooler Jobs with GPG, Filespooler can handle packets Encrypted with Age (Encryption). Age may be easier than GnuPG in a number of cases, particularly because it can use a person’s existing SSH keypairs for encryption. This process is fundamentally quite similar to handling encryption with GnuPG: we’ll be adding an encryption command in the pipe after prepare, and adding a decoder to the queue processing commands.| www.complete.org
This page describes the basic installation and configuration of NNCP. If you aren’t already familiar with how NNCP works, I highly recommend you start with NNCP Concepts. This is a companion to, and often a parallel of, the Workflow section of the NNCP manual. Installation Main documentation: NNCP Manual: Installation Section. On that page, you can find links to packages for various operating systems. Building from source Alternatively, if you need to build it yourself, you can download a s...| www.complete.org
This page is intended to describe how to run Debian’s backports on a Raspberry Pi running Raspberry Pi OS (Raspbian). This page is not relevant if you are directly running Debian on a Raspberry Pi. It is only for those running the default Raspberry Pi OS. Backports is Debian’s way of building newer packages for its stable releases. I intend this page specifically to help people run the Debian packages for NNCP and Yggdrasil, both of which are maintained by me, John Goerzen.| www.complete.org
Age is a public-key encryption system, similar in certain concepts to GnuPG (GPG), but simpler because it isn’t focused on building a web of trust. Homepage: https://github.com/FiloSottile/age Conveniently, Age can use not just its own keypairs, but also a person’s SSH keypairs for encryption and decryption. This is nice because many systems already have authenticated SSH keypairs for each other. Links to this note Encrypting Filespooler Jobs With Age Like the process described in Encrypt...| www.complete.org
In my writing about dar, I recently made that point that dar is a filesystem differ and patcher. We can exploit this property to do something really cool: build an Asynchronous rsync. What does that mean? rsync is a tool that has been in may *nix admins’ toolboxes for years. Typically used over ssh, rsync will compare the state of a local directory tree (or file) to the state of a remote tree, and efficiently make the remote match the local (or vice-versa).| www.complete.org
I loaded up this title with buzzwords. The basic idea is that IM systems shouldn’t have to only use the Internet. Why not let them be carried across LoRa radios, USB sticks, local Wifi networks, and yes, the Internet? I’ll first discuss how, and then why. How do set it up I’ve talked about most of the pieces here already: Delta Chat, which is an IM app that uses mail servers (SMTP and IMAP) as transport, and OpenPGP encryption for security.| www.complete.org
Keeping your (digital) bits secure. See also Airgap, Encrypted. My page Consider Security First discusses the importance of security in an operating system. (this page is a stub and will be improved) Links to this note Airgap “Airgap” refers to a computer (or network) that is physically disconnected from a larger network and the Internet. Ideas for NNCP Projects I sometimes see people read about NNCP and wonder “This sounds great!| www.complete.org
dar is a Backup and archiving tool. You can think of it as as more modern tar. It supports both streaming and random-access modes, supports correct incrementals (unlike GNU tar’s incremental mode), Encryption, various forms of compression, even integrated rdiff deltas. It is an ideal tool for backups over Asynchronous Communication for systems that don’t or can’t run ZFS. Homepage: http://dar.linux.free.fr/ I have written a lot about Dar: I first wrote about Dar in my 2008 roundup of ba...| www.complete.org
Probably everyone is familiar with a regular VPN. The traditional use case is to connect to a corporate or home network from a remote location, and access services as if you were there. But these days, the notion of “corporate network” and “home network” are less based around physical location. For instance, a company may have no particular office at all, may have a number of offices plus a number of people working remotely, and so forth.| www.complete.org
Gemini is a modernization of Gopher. It is an example of Small Technology. It uses its own protocol and a document format based on Markdown. Homepage: https://gemini.circumlunar.space/ Links to this note Encrypted Anything that uses encryption to keep content away from spying eyes. Gopher Gopher is an interactive Internet browser. It is something of a successor to FTP and predecessor to the Web. Gopher had a brief moment of popularity in the early 1990s, but was eclipsed within a few years by...| www.complete.org
GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption and cryptographic authentication. Homepage: https://www.gnupg.org There is a lot of material about GnuPG out there, so I won’t be duplicating it all here. But, I do have some more unique contributions for those familiar with GnuPG: There are alternatives to gpg/gpgv that may be useful in some cases: Age (Encryption) for encryption and signify for authentication.| www.complete.org
Here are some (potentially) interesting topics you can find here: Old and Small Technology and benefits to us today NNCP, which is an Asynchronous, Encrypted, onion-routed, offline-capable way to send data and execute remote commands. Yggdrasil, a network using IPv6 space where IPs are linked to public keys How this site is built (hint: it’s exported from Emacs!) Amateur Radio ZFS on Linux Long-Distance Train Travel in the USA The Grumpy Cricket - an interactive fiction game for children So...| www.complete.org
Keeping your data safe in the event of a disaster or compromise is important. That’s why we back up. Here is some information on backups: Backing up every few minutes with simplesnap on ZFS For hosting backups offsite, my 2021 Roundup of Unique Data/Storage Hosting Options can be useful. How and Why to use Airgapped Backups (see also Airgap) Links to this note Dar dar is a Backup and archiving tool.| www.complete.org