Anthony Martinez @ajmartinez@librem.one

Update: I went ahead and tried to boot with my Librem Key plugged into the hub, and that works too.

It takes a while for the keyboard and mouse to come alive again after the login screen loads, and if you do something like disable the onboard panel and then accidentally sleep the machine rather than locking the screen you’ll be power cycling to get back in.

Pleased to report that all USB-C features offered by the Librem 14 work even when using Qubes OS.

https://ajmartinez.com/tech/posts/202123-002-librem14

#purism #librem14 #qubes-os

Got my spare Librem Key working with my NUC today, though I did run into some trouble with pcscd/polkit/Fedora along the way. My solution is here: https://ajmartinez.com/tech/posts/202123-001-fedora-pcsc

Now my old laptop, a T460s, has a kali-rolling Qubes OS template VM with the tools I fancy for testing/investigating. At 17GB it’s the largest template I’ve ever made, but I’ll base a DispVM off it and likely a few normal qubes as well with configurations suited for specific roles. A few posts about what I do, and how, will happen eventually.

T460s running Qubes OS compiles A Rust Site Engine v0.9.0 in 3m15s. Librem 14 configured the same way does it in 1m20s. This is a full release build with flags for crt-static. Not mad about that at all. Now to wipe the T460s and prepare it for other duties.

Sometime this week I’ll be tweaking some Qubes stuff so my UI adapts between my Librem 14 being used with its onboard 1080p panel or my external 2160p.

Back in NL.

And now we’re at IAH waiting to board. Flights have many more passengers now than they did in any of the other months I’ve flown during the pandemic.

Heading back to The Netherlands tomorrow. Enjoyed not working at all for a month and getting to see my family and friends. Slightly terrified by what my inbox may hold, but I won’t check until I’m on the clock again.

A Rust Site Engine v0.9.0 is out - adding a route for favicon.ico and redefining the roadmap. Cache is out, RSS feed is in. At this point I've been running my personal site on ARSE for a month and have been pleased with how it's working.

https://crates.io/crates/arse

#Rust #FOSS

Snagged a BatPower P120B USB-C PD charger, and a VAVA VA-UC020 8-in-1 USB-C hub for my #Librem14 and so far so good. I have not even looked at what might be needed to use the HDMI port in Qubes, but the power pass through and data ports all work great.

Updated to fix a mistake in my steps: I did not include the cipher used (chacha20) to encrypt/decrypt and while that won't error out in OpenSSL it will result in you not actually encrypting/decrypting data.

My notes on extending the Qubes OS Split GPG feature to include SSH Agent support:

https://ajmartinez.com/tech/posts/202121-003-split-ssh

Now my network-attached qubes no longer have any private keys on disk, and since my subkeys are also loaded on both of my Librem Keys as mentioned in an earlier post, I can still access my remote systems as long as I have one of my physical tokens.

As promised yesterday, here's a walkthrough on using Qubes OS disposable VMs, opensc, hybrid encryption, and USB security tokens (Librem Key) on my Librem 14 to create redundant hardware tokens from the encrypted backup of my GPG keyring:

https://ajmartinez.com/tech/posts/202121-002-gpg

None of this is groundbreaking, but these steps do not seem to exist in any one document that I could find so I wrote one.

My second (backup) Librem Key has arrived. Tomorrow, I’ll write up how I’m using network-isolated qubes for GnuPG related tasks and how that feeds into making a backup key so the loss of my primary isn’t a major show stopping event.

Building a 4TB RAID1 array over USB2 on slow spinning rust is *hilariously* slow.