Update: I went ahead and tried to boot with my Librem Key plugged into the hub, and that works too.
It takes a while for the keyboard and mouse to come alive again after the login screen loads, and if you do something like disable the onboard panel and then accidentally sleep the machine rather than locking the screen you’ll be power cycling to get back in.
Pleased to report that all USB-C features offered by the Librem 14 work even when using Qubes OS.
Got my spare Librem Key working with my NUC today, though I did run into some trouble with pcscd/polkit/Fedora along the way. My solution is here: https://ajmartinez.com/tech/posts/202123-001-fedora-pcsc
Now my old laptop, a T460s, has a kali-rolling Qubes OS template VM with the tools I fancy for testing/investigating. At 17GB it’s the largest template I’ve ever made, but I’ll base a DispVM off it and likely a few normal qubes as well with configurations suited for specific roles. A few posts about what I do, and how, will happen eventually.
org.Gtk.MountOperationHandler support coming to #phosh so you can open encrypted volumes with swipeable, modal dialogs
And now we’re at IAH waiting to board. Flights have many more passengers now than they did in any of the other months I’ve flown during the pandemic.
A Rust Site Engine v0.9.0 is out - adding a route for favicon.ico and redefining the roadmap. Cache is out, RSS feed is in. At this point I've been running my personal site on ARSE for a month and have been pleased with how it's working.
Snagged a BatPower P120B USB-C PD charger, and a VAVA VA-UC020 8-in-1 USB-C hub for my #Librem14 and so far so good. I have not even looked at what might be needed to use the HDMI port in Qubes, but the power pass through and data ports all work great.
Huge news out of Washington state. King County, which includes Seattle and is home to Amazon and Microsoft, has voted to ban government use of face surveillance. https://twitter.com/ACLU_WA/status/1399827349927985152
Updated to fix a mistake in my steps: I did not include the cipher used (chacha20) to encrypt/decrypt and while that won't error out in OpenSSL it will result in you not actually encrypting/decrypting data.
Guest Blogger @ajmartinez has written up a great technical guide on how to use Qubes's advanced isolation features on his Librem 14 to manage and store GPG keys securely on a pair of Librem Keys. https://puri.sm/posts/guest-post-librem-14-librem-keys-and-qubes-os/
My notes on extending the Qubes OS Split GPG feature to include SSH Agent support:
https://ajmartinez.com/tech/posts/202121-003-split-ssh
Now my network-attached qubes no longer have any private keys on disk, and since my subkeys are also loaded on both of my Librem Keys as mentioned in an earlier post, I can still access my remote systems as long as I have one of my physical tokens.
As promised yesterday, here's a walkthrough on using Qubes OS disposable VMs, opensc, hybrid encryption, and USB security tokens (Librem Key) on my Librem 14 to create redundant hardware tokens from the encrypted backup of my GPG keyring:
https://ajmartinez.com/tech/posts/202121-002-gpg
None of this is groundbreaking, but these steps do not seem to exist in any one document that I could find so I wrote one.
I like to work with my hands. That may mean hammering out solutions to complex problems in #Python or #Rust, building things in my shop, or spinning yarn to knit something warm. You’ll likely see some of all of that here. By day (and sometimes night) I keep >13k nodes and services alive in the Electric Vehicle sector.
PGP: FCBF 31FD B34C 8555 027A D1AF 0AD2 E852 9F5D 85E1