BTRFS has encryption now? Yay!! I have been wrapping it inside a LUKS partition for years at this point…
Hey 👋 I’m Lemann
I like tech, bicycles, and nature.
BTRFS has encryption now? Yay!! I have been wrapping it inside a LUKS partition for years at this point…
Holy moly that is an absolute sh*t ton of ads!
Second this. Zorin OS, and Mandriva Linux (before they went bankrupt, and the community picked up development) were my first exposure to Linux over a decade ago, and the ux familiarity really helps a ton.
A lot of the other distros had funny stuff going on with multiple docks, open apps showing in the top dock, others looked like a Stardock Special and it was just a little confusing for younger me lol
X.509 certs are commonly used in TLS/HTTPS.
Why is one needed in your boot process?
Don’t know why but I found this funny
I delete them from the ssh config folder after installation, along with the DSA and ECDSA keys. No ed25519? No auth.
Also prevents a handful of bots from attempting SSH login into your cloud infra, a lot of them don’t support ed25519 kex
Probably a good idea to look for a different client, call me tinfoil but I wouldn’t want to touch a very old mechanism that is supported/pushed by a very recognisable 3 letter agency
The sense of entitlement in some of the replies on that post are absolutely awful
As for me personally, I want to love Wayland. It has great performance on ALL my devices, (except one with a nvidia GPU) and is super smooth compared to X11!
However… the secure aspect of Wayland makes it very difficult, if not impossible to easily get a remote desktop going. Wayvnc doesn’t support the most popular desktop environments depending on how Wayland was compiled, and the built-in desktop sharing on distros that have switched over to Wayland often require very specific Linux-only VNC and RDP clients, otherwise you run into odd errors.
I really hope the desktop sharing situation improves because it’s a pretty big showstopper for me. On X11 you just install & run x11vnc from a remote SSH session and you have immediate session access with VNC from Linux, Android, and Windows. If you want lockscreen access too then you run as root and provide the greeter’s Xauth credentials. But Wayland’s not so simple sadly AFAICT…
Waypipe is something I’ve found out about recently though, so need to check that out and see how well it works at the moment. If anyone has any helpful info or pointers please share, I’m completely new to Wayland and would appreciate it!
Do you get any output from # virsh list --all
and # docker info
?
I have a feeling it’s an SELinux issue, and i’m not familiar with how that works at all (yet 😳). May be a good call to purge virt-manager, libvirtd, docker, containerd, and reinstall them…
VLC can pretty much play everything - avi, avi+mjpeg, mov, mpeg, 3gp, flv, you name it. In some cases it can reconstruct corrupted videos and try to play them (typically AVI files)
There’s another player called MPV if you want a second option just in-case though!
For opening Word documents, I’d highly recommend OnlyOffice. Has outstanding compatibility with documents originally created in Microsoft Word, and it’s free on Flathub
Another alternative if you have an existing 365 subscription would be the online version of Word in your web browser.
If you’re heavily into the 365 ecosystem though, do note that things like Onedrive compatibility aren’t all the way there on linux, so you’d miss luxuries like right-clicking a file and getting a shareable link, or sending a file to someone directly from the file manager. For these you’ll need to drag-n-drop the file into onedrive, or into your email app to send them.
Things like opening PDFs, viewing various video formats etc, are built-in and work flawlessly on pretty much all Linux distros. Support for opening encrypted PDF files should be flawless too, haven’t had issues with these myself.
Would recommend Linux Mint, or Zorin OS, as both have a pretty similar look and feel when coming from Windows
This kind of thing could work for a few apps, say a color picker utility or a QR code generator etc.
Looking at the docs, it isn’t clear if apps can write to their own namespace (instead of writing to user folders directly), but if they can, we could expand the scope to games like supertuxkart, 2048 etc, which would then be able to save user milestones and progress in their own area - a bit like how Android apps do it
https://docs.flatpak.org/en/latest/sandbox-permissions.html
It’s a great start IMO, although admittedly there is still work to do. Flatpak atm bridges the gap with allowing new apps, requiring new libs, to run on older stable/LTS distros
Is the hex file not saving with those editors, or is the game just not showing the new value once it’s loaded?
Saving this, thanks for sharing!
Mid 2012 is my daily 😍 running a different keyboard kernel module though to swap some of the keys, and make the Eject button a Delete key
Check out Pine64, however they only develop Arm and RISC-V devices, not x86.
Yeppp this is what I currently do, and offers the best performance IMO compared to using something like gocryptfs in userspace on top of BTRFS. Pretty happy with it except a few small things…
It can be a bit of a faff to mount on a new machine if its file manager doesn’t support encrypted volumes natively ☹️. On your daily you can have it all sorted in your crypttab and fstab so it’s not an issue there
My main problem though is if it’s an external USB device you have encrypted with LUKS, the handles and devices stay there after an unexpected USB disconnect… so you can’t actually unmount or remount the dm-crypt device after that happens. Anytime you try, the kernel blocks you saying the device is busy - only fix i’m aware of is a reboot.
If the encryption is managed by the filesystem itself, one would probably assume this kind of mounting & unexpected disconnect scenario would be handled as gracefully as possible
Built-in encryption in bcachefs sounds great, that’s the only thing that BTRFS has been missing for me so far.
Bonus points if it can be decrypted on boot like LUKS, and double bonus points if its scriptable like cryptsetup (retrieve key from hardware device, or network, or flash stick etc)
https://bcachefs.org/Encryption/
Will likely give bcachefs a spin as soon as it drops in Debian Unstable 😁
I like this figure of speech a lot, stealing it 😁