update README.org
This commit is contained in:
fschl
parent
a442149f79
commit
e75c2725a7
84
README.org
84
README.org
|
|
@ -1,8 +1,13 @@
|
|||
* fschl dotfiles
|
||||
|
||||
My personal computing environment.
|
||||
part of my personal computing environment. mainly contains
|
||||
configuration files for sway, some useful addons and system tools
|
||||
(git, terminal, ssh, backup). This repository also has some notes on
|
||||
security considerations when setting up a Linux system.
|
||||
|
||||
** Features
|
||||
The relevant things for my workflows can be found in [[https://git.fschl-co.de/fschl/emacs]].
|
||||
|
||||
** (future) Features
|
||||
|
||||
- reproducable machine setup (GNU Guix)
|
||||
- keyboard-based environment (Sway wm)
|
||||
|
|
@ -25,33 +30,38 @@ My personal computing environment.
|
|||
|
||||
*** SSH key generation
|
||||
|
||||
#+BEGIN_SRC bash
|
||||
# ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
|
||||
# This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
|
||||
$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
|
||||
ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
|
||||
This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
|
||||
|
||||
# Fallback for really old systems (why do you still have those??)
|
||||
# RSA keys are favored over ECDSA keys when backward compatibility ''is required'',
|
||||
# thus, newly generated keys are always either ED25519 or RSA (NOT ECDSA or DSA).
|
||||
$ ssh-keygen -t rsa -b 8192 -f ~/.ssh/id_rsa_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
|
||||
#+BEGIN_SRC bash
|
||||
$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
|
||||
#+END_SRC
|
||||
|
||||
$ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host
|
||||
#+END_SRC
|
||||
Fallback for really old systems (why do you still have those??) RSA
|
||||
keys are favored over ECDSA keys when backward compatibility ''is
|
||||
required'', thus, newly generated keys are always either ED25519 or
|
||||
RSA (NOT ECDSA or DSA).
|
||||
|
||||
#+BEGIN_SRC bash
|
||||
$ ssh-keygen -t rsa -b 8192 -f ~/.ssh/id_rsa_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
|
||||
|
||||
$ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host
|
||||
#+END_SRC
|
||||
|
||||
*** GnuPG
|
||||
|
||||
- https://wiki.mozilla.org/Security/Key_Management
|
||||
- https://keyring.debian.org/creating-key.html
|
||||
- https://wiki.debian.org/Subkeys
|
||||
- https://wiki.mozilla.org/Security/Key_Management
|
||||
- https://keyring.debian.org/creating-key.html
|
||||
- https://wiki.debian.org/Subkeys
|
||||
|
||||
~~/.gnupg/gpg.conf~:
|
||||
|
||||
#+BEGIN_SRC bash
|
||||
personal-digest-preferences SHA512 SHA384
|
||||
cert-digest-algo SHA256
|
||||
default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
|
||||
keyid-format 0xlong
|
||||
#+END_SRC
|
||||
~~/.gnupg/gpg.conf~:
|
||||
|
||||
#+BEGIN_SRC bash
|
||||
personal-digest-preferences SHA512 SHA384
|
||||
cert-digest-algo SHA256
|
||||
default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
|
||||
keyid-format 0xlong
|
||||
#+END_SRC
|
||||
|
||||
*** Backup Secure Keys
|
||||
|
||||
|
|
@ -86,19 +96,26 @@ My personal computing environment.
|
|||
- [ ] move to ansible for easier modularization of setup
|
||||
- [ ] OR: give GUIX a shot
|
||||
|
||||
** Moving to Arch
|
||||
** Notes on Arch
|
||||
|
||||
- official repository setup: https://wiki.archlinux.org/title/Official_repositories#multilib
|
||||
- ~multiplib~ is required for wine
|
||||
- Sound troubleshooting: https://wiki.archlinux.org/title/Advanced_Linux_Sound_Architecture/Troubleshooting#HDMI
|
||||
- Skype, VSCode: use ~yay~
|
||||
|
||||
** TODO Fedora
|
||||
|
||||
- fedora project
|
||||
- different Desktop/Workstation spins (Gnome, KDE, sway...)
|
||||
- =dnf= package manager, install updates on reboot
|
||||
- "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks
|
||||
|
||||
** NEXT Moving to Guix
|
||||
|
||||
- btrfs for snapshots, easier backups
|
||||
- encrypted =/boot= + =/home= partitions
|
||||
- separate subvolumes for =/gnu=, =var=, =swap=
|
||||
|
||||
- separate subvolumes for =/gnu=, =/var=, =swap=
|
||||
|
||||
- [ ] MOVE: https://www.draketo.de/software/package-guix.html
|
||||
|
||||
*** Disk partitioning
|
||||
|
|
@ -118,3 +135,18 @@ convert multiple .png files into multipage pdf with downscaling
|
|||
-extent 1240x1753 -gravity center \
|
||||
-units PixelsPerInch -density 150x150 multipage.pdf
|
||||
#+end_src
|
||||
|
||||
lower resolution:
|
||||
#+begin_src bash
|
||||
convert filePrefix*.png -resize 620x876 \
|
||||
-extent 629x876 -gravity center \
|
||||
-units PixelsPerInch -density 100x100 multipage.pdf
|
||||
#+end_src
|
||||
|
||||
combine multiple pdf file into one multipage file
|
||||
#+begin_src sh
|
||||
gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=result.pdf sourceFilePrefix-*.pdf
|
||||
#+end_src
|
||||
|
||||
I read the answer like ImageMagick uses ghostscript internally.
|
||||
source: https://stackoverflow.com/questions/14738911/imagemagick-combine-2-generated-pdfs-into-1-multi-page-file
|
||||
|
|
|
|||
Loading…
Reference in New Issue