Fixing ssh-agent error

If you get the error: It is easy to fix. This happened to me when I installed the MacPorts version of OpenSSH on my Mac (because work blocks the native ssh app rather than the port; we won’t get in to the silliness of that). Rather than trying to disable the MacOS ssh-agent (which apparently … Read more

Devialet API Examples

I am fortunate enough to own Devialet Phantom speakers. These are crazy powerful speakers in a small size. I use a pair with my TV, which has an AppleTV and a gaming PC attached. The speakers support AirPlay 2, as well as an optical digital line in (it supports other platforms, but I don’t use … Read more

How to Backup Your 3D Blu-Rays

Firstly; this is information on how to extract your legally bought copy of 3D movies so you can play them on devices that do not use optical media (e.g. a VR headset). I do not condone piracy. Whether you want to make a backup, or to convert it to a more usable format, 3D movies … Read more

Getting DKIM working

I used these two sites to figure out how to get DKIM working: https://wiki.debian.org/opendkim https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf Install opendkim and opendkim-tools cd /etc/dkimkeys opendkim-genkey -t -s mail -d technomancer.com Edit /etc/opendkim.conf: Domain technomancer.com KeyFile /etc/dkimkeys/mail.private Selector mail Socket local:/var/spool/postfix/opendkim/opendkim.sock # Specify the list of keys KeyTable file:/etc/dkimkeys/keytable # Match keys and domains. To use regular expressions in … Read more

Setting up DNSSEC in bind9

Install the bind9 packages. Make sure it’s enabled in named.conf.options: dnssec-validation auto; dnssec-lookaside auto; # Need to look up what this one is Generate the keys (pick an appropriate algorithm; today (22 Mar 2021),ECDSAP384SHA384 seems to be the “ideal”): dnssec-keygen -a ECDSAP384SHA384 -b 4096 -n ZONE technomancer.comdnssec-keygen -f KSK -a ECDSAP384SHA384 -b 4096 -n ZONE … Read more

Setting up freeradius on Ubuntu

Add client to /etc/freeradius/3.0/clients.conf client someclient.tek { ipaddr=172.22.42.4 secret=xxxxxxxxxxxxxxxxx shortname=internal-network login       = !root } Set daemon to run with group shadow in /etc/freeradius/3.0/radiusd.conf Uncomment unix type in /etc/freeradius/3.0/sites-available/default to enable reading of passwd/shadow information.