as another option this KeePassXC(PC)+radicale+DAVx5 The same for KeepassDX
besides everything else, the end of support for syncthing-android, yes, that's a real blow to the gut.
Integration with Android
The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.
The pass implementation for Android is called android-password-store, or simply APS.
Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:
-
Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type -OpenKeychain. -
Git utils. In this section, specify the username and email from the gpg key. -
OpenPGP provider. SelectOpenKeychain. -
Autofill.
Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.
Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.
A small script for entering passwords into various windows via rofi, I take passwords from pass.
Example script:
#!/bin/bash
# Sample file rofi_pass.sh
passwords=$(find /home/fireshell/.password-store/ -type f -name *.gpg)
selected_pass=$(echo -e "$passwords" | awk -F "/" '{printf "%s > %s\n", $5, $6}' | rofi -dmenu -p Pass)
item=$(echo "$selected_pass" | awk '{printf "%s/%s", $1, $3}' | sed 's/\.gpg//g')
data=$(pass show $item)
pass=$(echo -e "$data" | head -n1)
login=$(echo -e "$data" | grep -e "^login: " | sed 's/^login: //g')
xdotool type "$login"
xdotool key Tab
xdotool type "$pass"
In awesome wm I bound a key that calls it like this:
awful.key({ modkey}, "p", function () awful.spawn.with_shell("/home/fireshell/Scripts/rofi_pass.sh") end ,
{description = "rofi pass", group = "launcher"}),
I turn on the computer, press the key combination and the script works, or I run this script from the terminal (~/Scripts/rofi_pass.sh), select the password - it works (if necessary, pinentry is called to enter the main password), after that I press the key combination, select the desired entry
passmenu: extremely useful and wonderful dmenu script.
Example of a Bash script that performs the following tasks
- Checks the availability of an important web server.
- Checks disk space usage.
- Makes a backup of the specified directories.
- Sends a report to the administrator's email.
Example script:
#!/bin/bash
# Settings
WEB_SERVER="https://example.com"
BACKUP_DIR="/backup"
TARGET_DIRS="/var/www /etc"
DISK_USAGE_THRESHOLD=90
ADMIN_EMAIL="admin@example.com"
DATE=$(date +"%Y-%m-%d")
BACKUP_FILE="$BACKUP_DIR/backup-$DATE.tar.gz"
# Checking web server availability
echo "Checking web server availability..."
if curl -s --head $WEB_SERVER | grep "200 OK" > /dev/null; then
echo "Web server is available."
else
echo "Warning: Web server is unavailable!" | mail -s "Problem with web server" $ADMIN_EMAIL
fi
# Checking disk space
echo "Checking disk space..."
DISK_USAGE=$(df / | grep / | awk '{ print $5 }' | sed 's/%//g')
if [ $DISK_USAGE -gt $DISK_USAGE_THRESHOLD ]; then
echo "Warning: Disk space usage exceeded $DISK_USAGE_THRESHOLD%!" | mail -s "Problem with disk space" $ADMIN_EMAIL
else
echo "There is enough disk space."
fi
# Creating backup
echo "Creating backup..."
tar -czf $BACKUP_FILE $TARGET_DIRS
if [ $? -eq 0 ]; then
echo "Backup created successfully: $BACKUP_FILE"
else
echo "Error creating backup!" | mail -s "Error creating backup" $ADMIN_EMAIL
fi
# Sending report
echo "Sending report to $ADMIN_EMAIL..."
REPORT="Report for $DATE\n\n"
REPORT+="Web server status: $(curl -s --head $WEB_SERVER | head -n 1)\n"
REPORT+="Disk space usage: $DISK_USAGE%\n"
REPORT+="Backup location: $BACKUP_FILE\n"
echo -e $REPORT | mail -s "Daily system report" $ADMIN_EMAIL
echo "Done."
Description:
- Check web server: Uses
curlcommand to check if the site is available. - Check disk space: Use
dfandawkto check disk usage. If the threshold (90%) is exceeded, a notification is sent. - Create a backup: The
tarcommand archives and compresses the directories specified in theTARGET_DIRSvariable. - Send a report: A report on all operations is sent to the administrator's email using
mail.
How to use:
- Set the desired parameters, such as the web server address, directories for backup, disk usage threshold and email.
- Make the script executable:
chmod +x /path/to/your/script.sh
- Add the script to
cronto run on a regular basis:
crontab -e
Example to run every day at 00:00:
0 0 * * * /path/to/your/script.sh
Miniflux has integrations for sending content to read-later tools like Wallabag and then reading it in KOReader.
I can already see a crowd of advertisers running to them for the remaining 3% of its users.
I stopped using Ubuntu after they started to impose snaps everywhere and everywhere without asking me. Well, I don't need 100500 loop devices, understand, eh. Of course, you can not use it: delete snaps and disable the daemon. But the trend, of course, is disgusting.
openSUSE is already a brand, now the main thing is not to get lost.
Verifying the Security Claim of 2FA Devices
The claim that using OTP tokens and Yubikeys compromises your security and privacy is completely false.
Let's look at this in more detail.
Arguments against concerns:
- Limited information:
- Device serial numbers and purchase details are stored by the retailer, but this does not provide access to your accounts. Serial numbers themselves cannot be used for hacking.
- Cryptographic protection:
- Yubikey and OTP tokens use strong cryptographic methods such as HMAC-SHA1, RSA and ECC, which make OTP generation extremely secure and tamper-resistant.
- Physical access:
- Authentication using these devices requires physical access to the device. This means that an attacker must physically possess your Yubikey or OTP token in order to be authenticated.
- No transfer of personal data:
- These devices do not transmit or store personal user information on third-party servers. They generate one-time codes locally and send them only to the target service.
- Phishing protection:
- Yubikey with FIDO U2F and FIDO2 support protects against phishing because the codes are domain specific and cannot be used on phishing sites.
Additional arguments:
- Reducing dependency on passwords:
- Using 2FA devices reduces the risk of accounts being compromised, even if the primary password is stolen.
- Integrated protection systems:
- When combined with other security measures, such as two-factor authentication with SMS or mobile apps, OTP tokens and Yubikeys create multi-layered protection that makes it harder to hack.
- Convenience and speed:
- These devices simplify the login process by providing instant and secure authentication without the need to remember complex passwords.
Conclusion:
While purchasing a 2FA device may leave traces in merchants' databases, the risks are minimal compared to the security they provide. Yubikey and OTP tokens significantly increase the level of security for your accounts, especially when combined with other security methods. Therefore, the claim that using these devices compromises your security and privacy is untrue.
fireshell
joined 5 months ago
https://github.com/bitwarden/clients/issues/11611#issuecomment-2436287977
https://github.com/bitwarden/sdk-internal/commit/db648d7ea85878e9cce03283694d01d878481f6b
Thank you to Bitwarden for relicensing a thing to GPLv3 License!