Captain's Log
Captain's Log
Signing GnuPG keys with caff

Background These are my notes on getting caff configured and working in order to send signed keys after the OhioLinuxFest keysigning. All of this was done on a Fedora 24 Workstation using only the standard repositories. If you're looking for instructions here, your milage will surely vary. Installation, Configuration and …

Background

These are my notes on getting caff configured and working in order to send signed keys after the OhioLinuxFest keysigning. All of this was done on a Fedora 24 Workstation using only the standard repositories. If you're looking for instructions here, your milage will surely vary.

Installation, Configuration and Key Signing

Installation

The pgp-tools package provides caff. It can be easily installed with yum. I also install msmtp in order to send the keys by email once they were signed.

At this point, I also configured msmtp to work with my mail provider.

Configuration

Just running caff will create a default configuration at ~/.caffrc. Edit this file with your specific options. The important changes will be

# change the name
$CONFIG{'owner'} = 'Some User';
# change the email address
$CONFIG{'email'} = 'someone@example.com';
# your keyid
$CONFIG{'keyid'} = [ qw{1234567890ABCDEF} ];

For caff to use msmtp, also add the following configuration

$ENV{'PERL_MAILERS'} = 'sendmail:/usr/bin/msmtp';

Signing keys

At this point, I just ran caff. In the example command below keyid is the key id that will be used for signing and keys.asc is all of the public keys that will be signed.

caff --keys-from-gnupg -u <keyid> -R --key-file keys.asc

Now, caff will display each key (userid) and ask to sign. If signed caff will email an encrypted copy of each signed uid individually.


Configuring ipmi using ipmitool

Packages and Services On RHEL7Server the OpenIPMI and ipmitool are necessary to configure and use IPMI. $ yum install OpenIMPI ipmitool Networking $ sudo ipmitool lan set 1 ipsrc static $ sudo ipmitool lan set 1 ipaddr 203.0.113.45 $ sudo ipmitool lan set 1 netmask 255.255.255.0 $ sudo ipmitool …

Packages and Services On RHEL7Server the OpenIPMI and ipmitool are necessary to configure and use IPMI. $ yum install OpenIMPI ipmitool Networking $ sudo ipmitool lan set 1 ipsrc static $ sudo ipmitool lan set 1 ipaddr 203.0.113.45 $ sudo ipmitool lan set 1 netmask 255.255.255.0 $ sudo ipmitool lan set 1 defgw ipsrc 203.0.113.3 Other Topics Configuration authenication View and clear SEL View...

Read More
Reinstall the Kernel with yum

After failing to update the initrd after making changes to the plymouth boot I was unable to boot into the kernel. The yum reinstall fixed this $ yum reinstall kernel However, this doesn't always work. If yum feels the kernel is already installed and healthy this will return 'nothing to do' …

After failing to update the initrd after making changes to the plymouth boot I was unable to boot into the kernel. The yum reinstall fixed this $ yum reinstall kernel However, this doesn't always work. If yum feels the kernel is already installed and healthy this will return 'nothing to do' from yum. In that instance, it is necessary to remove the kernel first. $ rpm -qa | grep kernel |...

Read More
Have dovecot logins update lastlog

Two changes are needed to have dovecot update lastlog when a user logins with either imap or pop3. In /etc/dovecot/cond.d/auth-system.conf.ext enable PAM sessions passdb { driver = pam args = session=yes dovecot Then, enable the lastlog module in the dovecot PAM configuration at /etc/pam.d …

Two changes are needed to have dovecot update lastlog when a user logins with either imap or pop3. In /etc/dovecot/cond.d/auth-system.conf.ext enable PAM sessions passdb { driver = pam args = session=yes dovecot Then, enable the lastlog module in the dovecot PAM configuration at /etc/pam.d/dovecot by adding the following session optional pam_lastlog.so Restart dovecot and logins to imap/pop3 should now update lastlog....

Read More
ss for netstat people

Summary: ss is another utility to investigate sockets and is often seen as a replacement for netstat. This posts attempes to give a brief introduction to using ss in place of netstat Published: true Show all connections # ss | head -4 Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port …

Summary: ss is another utility to investigate sockets and is often seen as a replacement for netstat. This posts attempes to give a brief introduction to using ss in place of netstat Published: true Show all connections # ss | head -4 Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Read More


  • 1
  • 2

Receive Updates

ATOM