Anthony Martinez @ajmartinez@librem.one

@ademalsasa both of my personal laptops run Qubes OS and have for quite a while. I’ve got other systems on Fedora and Debian, but the bulk of my development and security work is done on qubes based on the same distros.

Now my old laptop, a T460s, has a kali-rolling Qubes OS template VM with the tools I fancy for testing/investigating. At 17GB it’s the largest template I’ve ever made, but I’ll base a DispVM off it and likely a few normal qubes as well with configurations suited for specific roles. A few posts about what I do, and how, will happen eventually.

T460s running Qubes OS compiles A Rust Site Engine v0.9.0 in 3m15s. Librem 14 configured the same way does it in 1m20s. This is a full release build with flags for crt-static. Not mad about that at all. Now to wipe the T460s and prepare it for other duties.

Sometime this week I’ll be tweaking some Qubes stuff so my UI adapts between my Librem 14 being used with its onboard 1080p panel or my external 2160p.

Back in NL.

And now we’re at IAH waiting to board. Flights have many more passengers now than they did in any of the other months I’ve flown during the pandemic.

Heading back to The Netherlands tomorrow. Enjoyed not working at all for a month and getting to see my family and friends. Slightly terrified by what my inbox may hold, but I won’t check until I’m on the clock again.

A Rust Site Engine v0.9.0 is out - adding a route for favicon.ico and redefining the roadmap. Cache is out, RSS feed is in. At this point I've been running my personal site on ARSE for a month and have been pleased with how it's working.

https://crates.io/crates/arse

#Rust #FOSS

Snagged a BatPower P120B USB-C PD charger, and a VAVA VA-UC020 8-in-1 USB-C hub for my #Librem14 and so far so good. I have not even looked at what might be needed to use the HDMI port in Qubes, but the power pass through and data ports all work great.

Updated to fix a mistake in my steps: I did not include the cipher used (chacha20) to encrypt/decrypt and while that won't error out in OpenSSL it will result in you not actually encrypting/decrypting data.

@kyle very nearly every piece of ubiquitous technology was either created or modified for increasing the efficiency with which war is waged.

@kyle nice. Love me some seafood.

@kyle what did you have? Eating inside!!! A distant memory.

My notes on extending the Qubes OS Split GPG feature to include SSH Agent support:

https://ajmartinez.com/tech/posts/202121-003-split-ssh

Now my network-attached qubes no longer have any private keys on disk, and since my subkeys are also loaded on both of my Librem Keys as mentioned in an earlier post, I can still access my remote systems as long as I have one of my physical tokens.

@randynose @kyle many likely are still waiting for the year of LoTD to arrive though some of us have been doing it for more than a decade. The set of things released and then killed by Google is impressive. Only time will tell if Fuschia makes it on that list.

As promised yesterday, here's a walkthrough on using Qubes OS disposable VMs, opensc, hybrid encryption, and USB security tokens (Librem Key) on my Librem 14 to create redundant hardware tokens from the encrypted backup of my GPG keyring:

https://ajmartinez.com/tech/posts/202121-002-gpg

None of this is groundbreaking, but these steps do not seem to exist in any one document that I could find so I wrote one.