If you have a lab like me, you will probably need to serve some of your services through Web. And speaking of web, we cannot ignore one critical aspect – Security. The easiest way to secure your websites is to use TLS. However, most easy-to-get certificates for websites are meant for public domains, not for IPs, not to mention internal IPs. Furthermore, you might not feel comfortable exposing your service to your CA.
So, many of you may know that I am a long-time Linux user. However, recently many of my friends tried REALLY HARD to convince me to try BSD-based systems. At first glance, my opinion was a solid NO. I mean, one of the most important thing for me is software ecosystem. Of course, Linux (GNU/Linux) absolutely crushed most operating systems in terms of ecosystems. Later, as I was looking for a way to configure my remote file server, I decided to give it a try.
So, as you start to jump down the rabbit hole of cryptography, you will start to face another question: How can I take care of my keys? Well, it’s a long story for everyone, and here’s mine. Asymmetric There are symmetric and asymmetric cryptography, and I will walk you through. OpenPGP Keys If you have followed my blog for a long time, you might know that I have had two YubiKeys and a couple of smartcards.
If you have caught up with my blog for a long time, you may know what OpenPGP is. And you probably know what a YubiKey is, which can act as a smartcard. Traditional OpenPGP stores your private key on your computer, generally in ~/.gnupg, which is nowhere near safe. Storing your private keys to a OpenPGP smartcard has following benefits. Safe, only people who physically has access to your smartcard and know your PIN can do operations i.

2023 Final Review

It’s been another year. The final review has been delayed on my calendar for like two months. But hey better late than never. It’s time to summarize the past year. Unlike last year, I wouldn’t explain which month happened which event, but in general. Study It’s been a year, and this year I have been admitted to the high school which I was looking forward to across all three years in junior high.
If you have ever seen my previous posts, you might know that I have two YubiKeys and a bunch of Linux servers. Passwords are far from secure when comparing them with a pair of keys. Technically not a pair of keys, just because I’m talking about asymmetric keys, so a pair of. But if you decide to switch to Keys instead of Passwords, it’s highly possible that you will run into a trouble when you don’t know how to take care of your keys.
What is Parchive? Parchive is redundant file format. If you lose part of your file in transmission or in storage, you can use a Parchive file to repair it. It’s like RAID for files instead of a whole file system. – parchive.github.io It uses a codec called Reed-Solomon Codes. Yes, the same codec that is used by RAID-5. Parchive is essentially parity files for files. Getting Started Parchive project has been there for nearly 20 years, thus there are a lot of compatible software that can create/use PAR2 files.

GnuPG for Everyone

Introduction In today’s digital age, safeguarding our personal information and communications is of utmost importance. One effective solution to ensure privacy and security is GnuPG (GNU Privacy Guard). In this blog post, we’ll explore what GnuPG is and how it can help you protect your sensitive data from prying eyes. What is GnuPG? GnuPG, also known as GNU Privacy Guard, is a software application that allows you to encrypt and sign your data.
Recently I have purchased an HK Mobi prepaid SIM card. The card is essentially a Prepaid HKCSL SIM. My plan includes 12 GB of local data, 12 GB of Greater China Roaming data, 2000 minutes of local call, as well as 38 HK$ of balance. This post focuses on the roaming experience in mainland China, my primary residence. Test environment The test machine is a OnePlus 8, the phone supports 5G, but the card only supports 4G/LTE roaming.
What is SHA & What is the problem SHA, also Secure Hashing Algorithm, is a widely used hash algorithm. It is used to validate the integrity of your files and messages. However, your hash may looks like this. e35386cfc8311b630a29da909dff48d3334caf2ee85c6318a86d1496afa5ed14 This is a SHA256sum, it is a 64-byte long string constructed with HEX. It is hard to remember and if you need to verify the integrity of the files with your recipient over, let’s say phone or IRC.