Planet Debian
For the last week I have been stuck in England. For the vast majority of that time, I’ve had nothing to do except work on Debian and this blog post documents some of the things I worked on.
Obviously spending a whole week on Debian, there’s going to be some packaging involved. The following packages got new versions in unstable this last week:
cowdancer debian-installer-launcher chirp python-flask-rdf Packaging updates were one of the simpler tasks tackled this week though.
In my previous post, I talked about the udev hack I had used with the YubiKey and how it was not the correct way to do things. I recieved a lot of feedback on this post, and here I’m hoping to summarise what the correct way to do it is.
The rule I was originally using was:
SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050",ATTRS{idProduct}=="0111", OWNER="irl" The problem with this rule was that it always made my own username the owner of the YubiKey.
I was first interested in the idea of using a smartcard to store OpenPGP subkeys when I joined the Free Software Foundation Europe as a Fellow and recieved my FSFE Fellowship Card. By performing all cryptographic operations on the smartcard it would remove almost all the routes by which the secret key material could be compromised as the host operating system never has access to that secret material.
I decided that this was something I wanted to try out and I purchased two Cherry G83-6644 keyboards.