Andreas Niedermair dittodhole
| # Stretchoid are now at Azure. You could block all of Azure and very | |
| # little of value would be lost. However, if you fancy being just a | |
| # touch more circumspect, here is a list of some of the stretchoid IP | |
| # addresses at time of posting | |
| 4.150.191.6 | |
| 4.227.178.194 | |
| 4.227.178.199 | |
| 4.227.178.208 | |
| 4.227.180.232 | |
| 4.227.184.154 |
inspired from https://habet.dev/blog/raspberry-pi-encrypted-boot-with-ssh/ (archived at https://web.archive.org/web/20220821171435/https://habet.dev/blog/raspberry-pi-encrypted-boot-with-ssh/)
Download Debian for Orange Pi 5 with custom kernel
http://www.orangepi.org/html/hardWare/computerAndMicrocontrollers/service-and-support/Orange-pi-5.html which currently points to https://drive.google.com/drive/folders/1F2uc8v_EQnvsNrevDihwoymOJlFgM-dZ
Use 2 sdcards: one for boot & make the final image and the other to write the image to.
Fix from tutorial (discard option was not added):
This guide covers using both PIV smartcard and FIDO2 features of your Yubikey, SoloKey(v2), and Windows Hello for SSH authentication in a secure and portable manner. FIDO2 support works with YubiKey, SoloKey(v2), and Windows Hello(biometric:face, biometric:fingerprint, secure-element/pin) with OpenSSH as a relatively new feature which requires updated client and server versions. PIV support has been around with PKCS#11 for many years in the OpenSSH codebase, and is considered a more stable and ubiquitous solution when an applicable PKCS#11 library is available for your platform.
Example below assumes that you have a piv key already generated in a yubikey slot the way you want. If you need to generate a new one, read the excellent documentation here: https://developers.yubico.com/PIV/Guides/SSH_with_PIV_and_PKCS11.html and https://support.yubico.com/hc/en-us/articles/360021606180-Using-YubiKey-PIV-with-Windows-native-SSH-client
- This explains basic con
| sudo apt-get update | |
| sudo apt-get install -y python3 python3-dev python3-pip gcc | |
| sudo apt-get install -y python3-opencv | |
| sudo apt-get install -y python3-numpy | |
| sudo apt-get install git | |
| sudo apt-get install wget | |
| sudo apt-get install python3-setuptools | |
| wget https://github.com/rockchip-linux/rknpu2/raw/master/runtime/RK356X/Linux/librknn_api/aarch64/librknnrt.so | |
| sudo mv librknnrt.so /usr/lib/librknnrt.so | |
| git clone https://github.com/rockchip-linux/rknn-toolkit2.git |
Answer is simple – Security! Alternatives include storing private keys directly on a workstation – which makes them poorly protected in multitude of attacks. A better option is to use encrypted usb key but leaving inserted and unsealed usb key for a long time is insecure, while inserting it and removing it back and forth all the time is tedious.
YubiKey suits much better for this purpose by making your SSH keys much more secure while maintaining a great user experience.
YubiKey is a hardware security key which provides Universal 2nd Factor (U2F) cryptographic tokens through a USB and/or NFC interface. This means you have to explicitly authorize a new SSH session by tapping the YubiKey. The private SSH key should be useless to a malicious user who does not have access to the physical YubiKey on which the second private key is stored.
- Boot Into DevMode using the most recent (green) app in Xbox Microsoft Store.
- Access URL from Dev Home, https, will have to trust certificate.
- First upload App, later will be asked for Libraries/Dependencies (Take a look at RetroArch Download Page, look for Xbox.
- In Dev Home go over RetroArch, press select/view, info, change from App to Game. This will enable reading from memory stick.
- You need to setup a input hotkey for accessing RetroArch menu, other than it you'll have to close RetroArch to quit game.
- By default just D-Pad works, there is an option to enable analogue.
Had to do this for some advanced networking with KVM, and couldn't figure out how to do it using the Nework Manager gui. Did find an article later that showed how to do it with nmtui, but it's so much easier to record what you did when using the cli.
In the examples below "eth0" is the name of my physical interface. By default on Ubuntu and most distributions that will almost certainly be different, for example: "eno1", "ens1", or "enp2s0".
To see what everything looks like before starting:
You can scale a SQLite database to multiple GByte in size and many concurrent readers by applying the below optimizations.
(some are applied permanently, but others are reset on new connection)
pragma journal_mode = WAL;
Instead of writing directly to the db file, write to a write-ahead-log instead and regularily commit the changes. Allows multiple concurrent readers, and can significantly improve performance.