Void Linux on Oracle Cloud Free Tier
I’ve recently noticed that Oracle (yes, oracle) offers a pretty nice ‘Always Free Tier’ cloud offering.
Unfortunately, only Oracle Linux and Ubuntu are available, which is not really what i want.
So i went ahead and wrote a small script which ’takes over’ an existing ubuntu installation: takeover.sh.
Using the script is rather simple:
First, create a new ubuntu minimal instance SCP the script to /tmp Login to the ubuntu host and (as root) execute sh /tmp/takeover.…
Read more ⟶
Wayland in 2023
I’ve been using Linux on the Desktop since probably around 1998. While i did try a few desktop environments (KDE, Gnome, GNUStep), i always came back to just using fvwm2 with a terminal (and netscape/mozilla/firefox).
However, Xorg is dying and so i’ve moved on to Wayland about 2 years ago, settling on swaywm with foot or/and Alacritty.
I never really liked the setup: While SwayWM felt quite okay on may laptop, i never liked it on my workstation and somehow ended up using wayfire which also always felt - ieks (just getting focus-follows-mouse working was a pain).…
Read more ⟶
Yubikey 5 on Void linux
I recently (finally) got myself a yubikey which i plan to use with pass - and hence gpg.
In this article, we take a look into the basic setup required to make the yubikey work on void linux.
Install required packages First, we need to install a couple of packets such as a pcsc daemon and the yubikey manager:
$ xbps-install -Su u2f-hidraw-policy gnupg2-scdaemon yubikey-manager pcsc-ccid pcsclite Also make sure that your user is a member of the plugdev group to use the key via gnupg2 (more on that later).…
Read more ⟶
Aliexpress LTE / 4G Stick hacking - Part 2
In my previous post, we started to play a little bit with a cheap LTE stick from Aliexpress.
We identified the APK responsible for serving the limited Web-UI and keen eyes might have spotted something unusual:
So this APK claims to be signed by Google (well, ‘Android’) which seems odd. Well, not really:
$ adb shell getprop ro.build.description msm8916_32_512-user 4.4.4 KTU84P eng.qwang.20220611 test-keys Did you notice something? Yes: test-keys.
What are test-keys?…
Read more ⟶
Aliexpress LTE / 4G Stick hacking
I recently decided that i “need” an LTE USB stick to tinker around with, so i visited Aliexpress and bought one of the many available cheap devices.
Weeks later, i was the proud owner of this thing: First impressions After plugging the device in, it appears as an ‘Android’ device, which is - interesting.
$ lsusb |grep Android Bus 001 Device 017: ID 05c6:9024 Qualcomm, Inc. Android $ dmesg | grep usb [20388.…
Read more ⟶
nsjail with netns
Nsjail and netns I’ve been a long time user of nsjail which is a pretty handy tool to create linux namespaces. My common usecase for nsjail is to put services into their own, well, jail - by only giving them access to specific folders in the filesystem.
As an example: The webserver which served you this page runs with the following configuration:
mode: ONCE hostname: "nsjail-hostname" clone_newnet: false time_limit: 0 rlimit_cpu_type: INF rlimit_nofile: 4096 rlimit_fsize: 320960 uidmap { inside_id: "1099" outside_id: "psa-www" } gidmap { inside_id: "1099" outside_id: "psa-www" } mount { src: "/tank/websites" dst: "/web" is_bind: true } mount { src: "/usr/local/bin/psa-www" dst: "/psa-www" is_bind: true } # standard paths.…
Read more ⟶
Source based routing with wireguard
What this article is about? This article describes how to configure a linux router to send traffic from specific IPs to a non-default (wireguard) route. With such a setup, you will be able to use a VPN with ‘smart’ devices (A TV, Nintendo Switch, etc…) which do not have native wireguard support.
Configure wireguard interface First, we configure a new wireguard interface which we will call sbr0. Note that we are not using wg-quick to bring the device up since we want to have full control over its configuration (and not use it as a default route anyway).…
Read more ⟶
Fiber7 an einem IPv6 Linux router
Konfiguration unter Linux Dieser Artikel befasst sich mit der Konfiguration von IPv6 + Fiber7. Warum IPv6? Weil es zu IPv4 eigentlich nicht viel zu sagen gibt :-)
IPv6 auf dem Router einrichten Wir gehen von einem Router mit 2 physikalischen interfaces aus: wan0 und lan0.
Sysctl und router interface einrichten Zuerst stellen wir sicher, dass der Router sich nicht via SLAAC automatisch konfiguriert, da Init7 dies nicht (mehr) wirklich supported.…
Read more ⟶