Keysie keysie

Initial checks

Start by checking that there aren't any previous ssh keys inside the FIDO2 authenticator of your YubiKey. You can check if they exist by running the command below:

nix shell nixpkgs#yubikey-manager -c ykman fido credentials list

If the command above outputs a string mentioning "ssh" or "openssh", then you have already got a key generated and store on your YubiKey.

Evaluating additional authentication factors

Before generating a new ssh key to store on your YubiKey you must consider which additional required authentication factors you want to use. Below you can see a table with the available factors and their corresponding command:

Goal

Set up a virgin Ubuntu 24.04 to be able to create keypairs for GPG, PIV and SSH, to create paper backups of those keys, and to get keys and certificates onto a Yubikey.

Sources

https://developers.yubico.com/yubico-piv-tool/

Packages you need to install

sudo apt install -y openssl gpg cmake libtool libssl-dev pkg-config check libpcsclite-dev gengetopt help2man zlib1g-dev build-essential pcscd qrencode

	1. Each PIV slot can store ONE key AND ONE certificate
	2. Use openssl to create the keys, not ssh-keygen (otherwise the output format is wrong)
	3. You can import key and cert seperately into each slot (yubico-authenticator, yubico-piv-tool or some such)
	4. Again: Only one key per slot. Importing a key to a slot will overwrite the key that was in that slot before. Same for certs.

	Using openssl 3.0.13 and yubico-piv-tool 2.7.0:
	1. generate private key:
	openssl genpkey -algorithm ed25519 -out .ssh/filename
	2. generate selfsigned cert (contains the public key): (store this one! can't be calculated from private key later on):
	openssl req -key .ssh/filename -new -x509 -days 365 -out .ssh/filename.crt

	import numpy as np
	import matplotlib.pyplot as plt

	x = np.array([6,8,10,12,15])
	y = np.array([2000, 1500, 1000])
	X, Y = np.meshgrid(x, y, copy=False)
	Z = np.array([[1945, 2980, 4085, 5317, 7360],
	[1525, 2300, 3215, 4145, 5744],
	[1127, 1700, 2330, 3037, 4235]])

	After Synology DSM Upgrade from 6.2 to 7 Active Directory Login/Logon on Windows machines was very slow.
	Domain joining was impossible.

	Solution:
	Open port 49152 (required by RPC as part of AD functionality)
	see https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements#active-directory-local-security-authority

	string Version = "1.00";


	#usage "\
	<b>Copy Attributes</b> \
	<p>\
	Copy attributes from one part to a group of selected part(s) in a schematic. \
	<p>\
	<author>Author: Dave Vandenbout / XESS Corp. - [email protected]</author>\
	<p>\

	Try taking the group writeable permissions from your home directory:

	chmod g-w ~/

	Make your .ssh folder readable/writeable/executable only by you:

	chmod 700 ~/.ssh

	Make your authorized keys file readable/writeable only by you:

	Something that has bothered me for the entire time I’ve used it is that when you show images using ‘imshow’ the resulting figure has the image surrounded in a sea of gray border. Well, I hate that gray border. It serves no purpose and today I have figured out how to remove it!

	Matlab runs a script called ‘startup.m’ when it starts. This is located in your ~/matlab/ directory. If you include this line into that file (or just type it before you make the figure) then you remove the gray border:

	>>iptsetpref('ImshowBorder','tight');

	1. Select all the components you want to change as a group
	2. run "CHANGE PACKAGE '<PACKAGE-NAME>'"
	3. right click somewhere and select "CHANGE GROUP"

	===============================================
	Dell Display Manager
	===============================================

	Command language
	-----------------------------------
	A rich and flexible command language is supported via the
	command-line, and command-line arguments can be combined.
	Where appropriate, a specific display can be targeted by
	prefacing the command with the display number, e.g.,