Been a while… again.
First major news is that I have set up my work as well as private email to use PGP for signing and encryption.
My preferred email client (eM Client) handles this like a dream compared to what i see for many other clients. The required plugin is official and built in, and provides a reasonable breakdown when scrutinizing signed or encrypted incoming mail.
Sadly, not much more to say about it besides that. It just works!
My public key, should you want it, is available here: http://key.corvo.se/
Might get over to keybase.io one of these days.
I’ve done some arranging of my SSH keys to keep them tidy and streamlined my settings to drastically simplify the syntax needed to start an SSH session. It selects the appropriate key based on the hostname and rejects the connection if it does not match any known host.
Sadly, I goofed. When trying to collect all my keys for a backup I made the error of using plain FTP for transferring one of the keys. We worked that out later by replacing that key everywhere, but I really should have known better than to try with an unencrypted protocol.
Now there is an encrypted vault-file on two separate flash drives, each hidden in a safe somewhere, just in case both my PCs happen to catch fire or something.
I’ve set up a DynDNS to my home lan. Nothing much to say besides that the client software on my NAS was dirt simple.
I also set up a VPN solution on that same LAN and NAS. Also too easy.
I use this on my phone to secure my connection when on public wifi.
I set up a Pi Hole (https://pi-hole.net/) on my home LAN, which unfortunately took down the LAN at first since it didn’t run properly. Note to self: Just use a supported OS next time.
Once that was sorted it worked like a dream. With comical side effects like blocking some of Google and all of Aftonbladet.
Unfortunately I had to disable the Pi Hole since one of my housemates habitually uses the sponsored links on Google, and as much as I would like to, I’m not the boss of the home network…
Fun fact #1: 19% of alla DNS lookups for the first hour was blocked as advertisement. No ill effects noticed.
Fun fact #2: wpad.lan is the most common lookup on my LAN.
Fun fact #3: Even on a slow evening, there are roughly 2000 lookups an hour for two PCs (with almost 75% being my doing).
I tried in vain to set up SSH on my phone, but of the one that I found that support keyfiles, none seemed able to detect and use mine. Will get back to this in the future. (se further down)
I pulled an upgrade on my hosting account to enable some neat features. The hope was to move my shortpad to the same server as this WP, with the intention of making the app more easily managed. I didn’t solve it on round one but I will try again.
This post is first written piecemeal on my Etherpad. Unfortunately it was messed up by my attempts to move the Pad and I needed to restore it! It turns out Etherpad has built in versioning and you kan restore old versions by use of a time-slider conveniently located at the usual adress plus/timeslider.
I have noticed increasing problems with this WP blog. Such that updating something is likely to breakt something else. Might have to rebuild it in a different theme.
Remember the new computer i mentioned? Well the keyboard that i bought with it was a mixed bag. It ie excellent in any technical way, but it is Scandinavian, not Swedish. That means that the buttons for åäö are messed up. Usually this is fine because Swedish ends up being the dominant lettering, and if it isnt then it’s typically Norwegian that have the equivalent letters in the same places. But this one used Danish as the primary placement and apparently this trips me up bad.
I hear that the German layout uses the same symbols and placement for åäö as the Swedish, so it could have been easily solved… but it wasn’t because Corsair wont sell it to me, not even when I offer to buy a full keyset just to make it easy.
So I ultimately comissioned new custom keycaps for åäö. While i was at it i fixed the confusing mess that was ´` and §½ keys, and got myself a nuke-sumbol for the Esc.
Now, thanks to the programmability of the keyboard, whenever i hit the Esc key a red-yellow pulse sweeps across the keys and dims the lights for a little while.
Epic.
I did some themeing for my NextCloud. What can I say? I figured Icebergs are poetic and apt for what the NextCloud login represents and i like graphical glitches.
I did the NerdTest and the GeekCode, will add them here at some point but now right now.
Got a new phone, since the old one was starting to feel sluggish and was running low on space. With anew dataplan I’m not so shy about using more apps. The phone is essentially my entertainment system when commuting and of course it has a suitable nerdy shell.
One of my more interesting projects, I set up a VPS where I use a YouTube Downloader to convert a video playlist into a folder of local mp3s. These are then hosted in the context of a podcast. What this lets me do is listen to youtube playlists without having to spend bandwidth on the video, indeed I can even download the episodes in advance on WiFi! My new dataplan is infinitely more than what I’m used to but it wouldn’t last long if I spent it on YouTube.
When using the new phone I have also found an app that does SSH sufficiently well! Termius. And I needed it, for the podcast server is not particularly stable. The web-server is a simple python script and it easily gets stuck and needs to be restarted.
I have started using Autohotkey at work, and it is fantastic. Something about typing the first word of a common sentence followed by semicolon and it gives you the entire paragraph is super neat.
And all the URLs you can make shorthands for so you don’t have to look them up and copy-paste!
Highly recommended!
Some of my housemates moved out recently, leaving me and one more to take over the place. So we have the luxury of choosing our new ISP. Sadly, the adress we are at is locked to one particular ISP so no-can-do. We renamed the LAN today however, since it would be confusing if we kept using the old name when the same namne is used at a new place.
A security risk that I became aware of is that I keep a lot of sensitive information in a notes app on my phone. This data is not encrypted, and it is mirrored to the developer’s server AND to Google. Can’t have that!
Now that I have NextCloud on the phone though I can move the read-only notes to there (Because the NextCloud app for Android does not support editing!), and with a password manager on the phone I no longer need to store such things on notes!
I’ve sold my old PC rig at last. I held off, hoping to sell it to a friend who needed an upgrade, but since opportunity didn’t materialize I put it up for sale online.
There were a quite a few who were interested. Two of them were dads who were looking for a first computer for their son and it was paramount that it could run Fortnite. Fortunately, while I did install Fortnite and was prepared to demo it, a guy who wanted it for his own use and was not picky about it got in touch and picked it up first without haggling or needing a demonstration.
Farewell Corvus. You have served me well and I hope you have many years ahead of you.
I have found out that updating my NextCloud resets the .htaccess file, removing the redirect from HTTP to HTTPS. This has tripped me up a few times when logging in since any attempt over HTTP automatically fails, but there is no message clarifying why. This seems like something that should be fixed no?
I got fed up with syncing my personal password database, so I have set up a “vault” server that hosts the file so that it can be synced between multiple devices using Dav commands. It is locked down tight but it is nevertheless online so there is the slight worry that someone will find a way to download it. But even then, it is encrypted and with a *very* long password so I should be fine. Nevertheless, additional security measures are incoming.
I got a new Rapsberry Pi, 3B+. So far we have installed Kodi on it, but we plan to add RetroPi and a slideshow app to it as well.
Password Auth has been disabled in favor of keys for SSH as well, don’t want to hand over a free host should someone find their way into our LAN.
So yeah. Quite a lot has happened in a year.
