Version 2 of cryptsetup got a few new fancy options, one of them is the ability to use Argon2 as key derivation function. Creating a LUKS2 volume with Argon2 as hash function is very easy: sudo cryptsetup luksFormat -M luks2 --pbkdf argon2id -i 5000 /dev/sdb Please note that grub still does not support it, so it can’t be used for boot drives. Once the volume is created, to mount it run: …

In Fedora, CentOS and probably many other Linux distros ssh-keygen; still defaults to RSA 2048. People have not yet realized that the newer, and also faster, elliptic curve cryptography is available; even between my peers I still see that many of them are using old and insecure RSA based keys. Since SSH clients support multiple keys transitioning to newer keys can be painless: create a new elliptic curve key; do not delete the old RSA key; once you login into a server swap the old key with the new one. Generating a new secure SSH key is pretty simple, just open a terminal and run: ssh-keygen -o -a 256 -t ed25519

I normally move /home/user/Downloads off /home/user to a secondary mechanical drive and then symlink it back to /home/user. Firejail for security reasons does not allow whitelisting directories residing outside of the home directory, the simplest solution I found is mount Download directory using mount --bind. sudo mount --bind /mnt/data/Downloads/ /home/user/Downloads To make the change permanent edit fstab: cat /etc/fstab --- /mnt/data/Downloads /home/user/Downloads none bind

Suunto makes some solid sport-watches, problem is that the management software is comprised of a closed source synchronization program (compatible with Windows and OSX only) and some cancerous cloud web interface accessible directly from their website. Even putting aside my personal aversion for closed source software, it is clear that this approach is retarded because an internet connection is required to be able to download any kind of data from the watch. What if I don’t have any signal? What if I don’t want to upload my data to Suunto’s servers? Luckily some good lads reverse engineered the communication protocol used by the watch to speak with the PC synchronization client, and even more, they also wrote an open source Linux compatible tool that can be used to download data from the watch. This tool is called: Openambit The version included in Fedora 27 repositories is not up to date and does not support the Ambit3 Run I own, luckily the github version does. …

NFS allows to share files and folders over network and is much much faster than samba while using way less resources. To setup a NFS server on Fedora 26 install: $ dnf install nfs-utils Shared directories are listed in the following configuration file: --- # Syntax # <path> <ipaddr>(<option>) /home/user/Public 192.168.0.0/255.255.255.0(ro,sync) More information can be found here: Fedora NFS administration guide. In the above example, the the directory ‘/home/user/Public’ can be accessed by every client in the same LAN with read-only permissions. In case SELinux is active and enforcing rules some further configuration might be required: …

Handbrake cannot be installed from default repos nor rpmfusion, to get it on Fedora 25 there are two other options: use negativo17 third party repository; compile from source. The first option is, but that is my opinion, subpar because I don’t trust third party repositories; option two is what is left. Download the source code from git and install some dependencies: $ git clone https://github.com/HandBrake/HandBrake.git $ sudo dnf install dbus-glib-devel gstreamer1-devel gstreamer1-plugins-base-devel intltool libgudev1-devel libnotify-devel webkitgtk3-devel libgudev-devel dbus-glib-devel webkitgtk3-devel gstream-devel libnotify-devel gstreamer1-devel gstreamer1-plugins-base-devel lame-devel opus-devel fribidi-devel libass-devel libtheora-devel x264-devel nasm Like I do with every other program I like to keep as much up to date as possible, I have a small script to take care of compilation, installation and upgrade processes for me. …

This does not really works, read this: https://uwot.eu/monitor-hard-disk-smart-status-in-python/ First of all install smartmontools, it has the same name on pretty much every distro: $ emerge -a1 smartmontools Proceed to edit its configuration file, at the bottom of the file there is a quick explaination of all the available parameters: cat/etc/smartd.conf --- DEVICESCAN -H -R 1 -R 5 -R 7 -R 10 -R 11 -R 196 -R 197 -R 199 -R 200 -m user@domain.tld -n standby,10,q Parameter -H tells smartd to check the result of overall-health self-assesment test which is pretty much useless, -R is used to specify a single SMART attribute, if its value changes a mail is sent to user@domain.tld. To send emails a MTA must be installed, in centos that is sendmail, in gentoo it is not strictly necessary to have a full fledget MTA installed, nullmailer will suffice. If it is not already installed: …

RawTherapee from my experience is by far the best program to manipulate RAF files, it’s demosaic algorithm for Fujifilm X-Trans sensors is astonishingly good. Too bad that, like for Darktable, the version included in Fedora’s repos is outdated to say the least. To install from source first install some dependecies: $ sudo dnf install bzip2-devel cmake exiv2-devel expat-devel fftw-devel gcc-c++ glib2-devel glibmm24-devel gtk3-devel gtkmm30-devel lcms2-devel libcanberra-devel libiptcdata-devel libjpeg-turbo-devel libpng-devel libsigc++20-devel libtiff-devel zlib-devel gtkmm24-devel lensfun-devel Git clone and install …