Move cryptography to linux

homepage/knowledge/cryptography.html

@@ -1,65 +0,0 @@
-<!DOCTYPE html>
-<HTML LANG="en">
-<HEAD>
-<LINK HREF="http://www.trinity.moe/knowledge/cryptography" REL="canonical" />
-<LINK HREF="https://raw.githubusercontent.com/devenblake/homepage/main/favicon.ico" REL="shortcut icon" TYPE="image/x-icon" />
-<LINK HREF="/css/blank.css" ID="styling" REL="stylesheet" />
-<META CHARSET="UTF-8" />
-<META CONTENT="noindex" NAME="googlebot" /> <!-- FUCK GOOGLE -->
-<META CONTENT="interest-cohort=()" HTTP-EQUIV="Permissions-Policy" /> <!-- FUCK GOOGLE -->
-<META NAME="viewport" CONTENT="width=device-width, initial-scale=1" />
-<TITLE>knowledge/cryptography</TITLE>
-</HEAD>
-<BODY>
-<P><A HREF="/">~ Return to the rest of the site</A></P>
-<SCRIPT SRC="/js/cookies.js" TYPE="application/javascript"></SCRIPT>
-<SCRIPT SRC="/js/sheets.js"  TYPE="application/javascript"></SCRIPT>
-<SCRIPT TYPE="application/javascript">window.onload = window.initializesheets;</SCRIPT>
-<H1>cryptography</H1>
-<H3>updated 2021-11-09</H3>
-<HR ALIGN="left" SIZE="1" WIDTH="25%" />
-<P><B>
-This information is not authoritative, nor from a place of deep knowledge.
-</B></P>
-<H2 ID="luks_partitioning">LUKS partitioning</H2>
-<H3>Sources</H3>
-<UL>
-	<LI><A HREF="https://www.cyberciti.biz/security/how-to-backup-and-restore-luks-header-on-linux/">How to backup and restore LUKS header on Linux</A></LI>
-	<LI><A HREF="https://devconnected.com/how-to-encrypt-partition-on-linux/">How To Encrypt Partition on Linux</A></LI>
-	<LI><A HREF="https://unixfuntime.wordpress.com/2012/08/20/luks-passphrases-changing-adding-removing/">LUKS passphrases: Changing, adding, removing</A></LI>
-</UL>
-<P>
-To format a partition for LUKS, use <CODE>lsblk</CODE> to determine the physical block device location for that partition and run <CODE>cryptsetup luksFormat [<I>partition</I>]</CODE>.
-The passphrase used can be changed or removed after creation.
-</P>
-<P>
-To open a LUKS partition, use <CODE>cryptsetup luksOpen [<I>partition</I>] [<I>name</I>]</CODE>.
-This <I>name</I> is the name the <I>decrypted block device</I> location will take in <CODE>/dev/mapper/</CODE>.
-Before the decrypted block device has a filesystem it'll just be cleared space - use <CODE>mkfs.[<I>filesystem</I>] /dev/mapper/[<I>name</I>]</CODE>.
-</P>
-<P>
-To mount an opened LUKS partition, use <CODE>mount(8)</CODE> as normal, just with the decrypted block device location.
-</P>
-<P>
-To close an open LUKS partition, <CODE>umount(8)</CODE> it if it's open and <CODE>cryptsetup luksClose [<I>name</I>]</CODE>.
-</P>
-<P>
-To make the LUKS partition openable via keyfile, first make a keyfile (<CODE>dd if=/dev/urandom of=/root/keyfile bs=1024 count=4</CODE> seems to work), and optionally make it readable by root only (<CODE>chmod 0400 [<I>keyfile</I>]</CODE>).
-Then add the keyfile to the partition's LUKS header with <CODE>cryptsetup luksAddKey [<I>physical partition block device</I>] [<I>keyfile</I>]</CODE>.
-</P>
-<H2>SSH keys</H2>
-<H3>Sources</H3>
-<UL>
-<LI><A HREF="https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account">Adding a new SSH key to your GitHub account</A> (GitHub Docs)</LI>
-<LI><A HREF="https://docs.github.com/en/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys">Checking for existing SSH keys</A> (GitHub Docs)</LI>
-<LI><A HREF="Generating a new SSH key and adding it to the ssh-agent">Generating a new SSH key and adding it to the ssh-agent</A> (GitHub Docs)</LI>
-</UL>
-<P>SSH keys are typically stored in <CODE>$HOME/.ssh</CODE>.</P>
-<P>Typically, the public key's filename will be suffixed with <CODE>.pub</CODE>, while the private key will not.</P>
-<P>You can generate an SSH key with <CODE>ssh-keygen(1)</CODE>. Currently the preferred implementation is <CODE>openssh-keygen</CODE>, part of the OpenSSH suite.</P>
-<P>
-Microsoft GitHub documentation suggests a user create a key with <CODE>ssh-keygen -t ed25519 -C "[<I>e-mail address</I>]"</CODE>.
-This generates an <A HREF="https://en.wikipedia.org/wiki/EdDSA#Ed25519">Ed25519</A> SSH key with an e-mail address in the key comment.
-</P>
-</BODY>
-</HTML>

homepage/knowledge/linux.html

@@ -76,6 +76,8 @@ Debian is a Linux software distribution known for its stability and longevity.
 Debian uses SystemD as its initialization system, the GNU core utilities, and dpkg and apt for package management.
 </P>
 
+<H2 ID="fonts">Fonts</H2>
+
 <H2 ID="fstab">fstab</H2>
 <P>See <CODE>fstab(5).</CODE></P>
 <P>postmarketOS requires that the <CODE>localmount</CODE> OpenRC service be enabled for the system to read <CODE>fstab(5)</CODE>.
@@ -91,25 +93,6 @@ Complex Makefiles may not be useable in both.
 It's custom for Linux systems to have <CODE>make(1)</CODE> as GNU Make and <CODE>bmake(1)</CODE> as BSD Make, and BSD-based systems to have <CODE>make(1)</CODE> as BSD Make and <CODE>gmake(1)</CODE> as GNU Make.
 </P>
 
-<H2>Mount LUKS encrypted partitions at boot</H2>
-<UL>
-	<LI><A HREF="https://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile/">Automatically Unlock LUKS Encrypted Drives With A Keyfile</A></LI>
-	<LI><A HREF="https://wiki.gentoo.org/wiki/Dm-crypt">Dm-crypt</A> (Gentoo Wiki)</LI>
-	<LI><A HREF="https://wiki.alpinelinux.org/wiki/LVM_on_LUKS">LVM on LUKS</A> (Alpine Wiki)</LI>
-</UL>
-<P>See <A HREF="/knowledge/cryptography#luks_partitioning">cryptography#LUKS partitioning</A> for how to make a LUKS partition.</P>
-<P>
-<CODE>e2fsprogs</CODE> is needed for the <CODE>dm_mod</CODE> kernel module used for LUKS partition decryption.
-</P>
-<P>
-On most OpenRC-initialized distributions, the <CODE>cryptsetup-openrc</CODE> package provides a <CODE>dmcrypt</CODE> service for OpenRC.
-Make sure that service is added to runlevel boot.
-</P>
-<P>
-Configure <CODE>/etc/conf.d/dmcrypt</CODE>, and accordingly fstab.
-<CODE>dmcrypt</CODE> will need the UUID of the <I>physical</I> block device while fstab (if being configured with UUIDs will need the UUID of the decrypted block device in the device mapper.
-</P>
-
 <H2>On-line manual</H2>
 <P>
 In the context of POSIX and UNIX-like systems, an "on-line" manual is a manual that is accessible via the computer system it documents.
@@ -124,7 +107,7 @@ Alpine by default uses <CODE>mandoc</CODE>.
 <CODE>less(1)</CODE> is <CODE>more(1)</CODE>; more or less.
 </P>
 
-<H2>Partitions and filesystems</H2>
+<H2 ID="partitioning">Partitions and filesystems</H2>
 <UL>
 	<LI><A HREF="https://wiki.archlinux.org/title/EFI_system_partition">EFI system partition (Arch Wiki)</A></LI>
 	<LI><A HREF="https://wiki.artixlinux.org/Main/Installation#Partition_your_disk_.28BIOS.29">Installation#Partition your disk - Artix wiki</A></LI>
@@ -148,6 +131,50 @@ Check out the linked pages in the "See also" section.
 <P>
 Use <CODE>mkfs(8)</CODE> for creating filesystems and <CODE>mount(8)</CODE> for mounting partitions' filesystems.
 </P>
+<H3 ID="luks_partitioning">LUKS partitioning</H3>
+<UL>
+	<LI><A HREF="https://www.cyberciti.biz/security/how-to-backup-and-restore-luks-header-on-linux/">How to backup and restore LUKS header on Linux</A></LI>
+	<LI><A HREF="https://devconnected.com/how-to-encrypt-partition-on-linux/">How To Encrypt Partition on Linux</A></LI>
+	<LI><A HREF="https://unixfuntime.wordpress.com/2012/08/20/luks-passphrases-changing-adding-removing/">LUKS passphrases: Changing, adding, removing</A></LI>
+</UL>
+<P>
+To format a partition for LUKS, use <CODE>lsblk</CODE> to determine the physical block device location for that partition and run <CODE>cryptsetup luksFormat [<I>partition</I>]</CODE>.
+The passphrase used can be changed or removed after creation.
+</P>
+<P>
+To open a LUKS partition, use <CODE>cryptsetup luksOpen [<I>partition</I>] [<I>name</I>]</CODE>.
+This <I>name</I> is the name the <I>decrypted block device</I> location will take in <CODE>/dev/mapper/</CODE>.
+Before the decrypted block device has a filesystem it'll just be cleared space - use <CODE>mkfs.[<I>filesystem</I>] /dev/mapper/[<I>name</I>]</CODE>.
+</P>
+<P>
+To mount an opened LUKS partition, use <CODE>mount(8)</CODE> as normal, just with the decrypted block device location.
+</P>
+<P>
+To close an open LUKS partition, <CODE>umount(8)</CODE> it if it's open and <CODE>cryptsetup luksClose [<I>name</I>]</CODE>.
+</P>
+<P>
+To make the LUKS partition openable via keyfile, first make a keyfile (<CODE>dd if=/dev/urandom of=/root/keyfile bs=1024 count=4</CODE> seems to work), and optionally make it readable by root only (<CODE>chmod 0400 [<I>keyfile</I>]</CODE>).
+Then add the keyfile to the partition's LUKS header with <CODE>cryptsetup luksAddKey [<I>physical partition block device</I>] [<I>keyfile</I>]</CODE>.
+</P>
+<H3>Mount LUKS encrypted partitions at boot</H3>
+<UL>
+	<LI><A HREF="https://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile/">Automatically Unlock LUKS Encrypted Drives With A Keyfile</A></LI>
+	<LI><A HREF="https://wiki.gentoo.org/wiki/Dm-crypt">Dm-crypt</A> (Gentoo Wiki)</LI>
+	<LI><A HREF="https://wiki.alpinelinux.org/wiki/LVM_on_LUKS">LVM on LUKS</A> (Alpine Wiki)</LI>
+</UL>
+<P>See <A HREF="/knowledge/cryptography#luks_partitioning">cryptography#LUKS partitioning</A> for how to make a LUKS partition.</P>
+<P>
+<CODE>e2fsprogs</CODE> is needed for the <CODE>dm_mod</CODE> kernel module used for LUKS partition decryption.
+</P>
+<P>
+On most OpenRC-initialized distributions, the <CODE>cryptsetup-openrc</CODE> package provides a <CODE>dmcrypt</CODE> service for OpenRC.
+Make sure that service is added to runlevel boot.
+</P>
+<P>
+Configure <CODE>/etc/conf.d/dmcrypt</CODE>, and accordingly fstab.
+<CODE>dmcrypt</CODE> will need the UUID of the <I>physical</I> block device while fstab (if being configured with UUIDs will need the UUID of the decrypted block device in the device mapper.
+</P>
+
 
 <H2>postmarketOS</H2>
 <P>
@@ -172,6 +199,20 @@ On a live system you can then <CODE>rc-service networkmanager restart</CODE> to
 <P>Much of this can be configured in the ACPI settings in your <A HREF="#login_manager">login manager</A>, provided you have one running that can do this.</P>
 <P>Check out <CODE>tlp</CODE> for Thinkpads and some other Lenovo devices.</P>
 
+<H2>SSH keys</H2>
+<UL>
+<LI><A HREF="https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account">Adding a new SSH key to your GitHub account</A> (GitHub Docs)</LI>
+<LI><A HREF="https://docs.github.com/en/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys">Checking for existing SSH keys</A> (GitHub Docs)</LI>
+<LI><A HREF="Generating a new SSH key and adding it to the ssh-agent">Generating a new SSH key and adding it to the ssh-agent</A> (GitHub Docs)</LI>
+</UL>
+<P>SSH keys are typically stored in <CODE>$HOME/.ssh</CODE>.</P>
+<P>Typically, the public key's filename will be suffixed with <CODE>.pub</CODE>, while the private key will not.</P>
+<P>You can generate an SSH key with <CODE>ssh-keygen(1)</CODE>. Currently the preferred implementation is <CODE>openssh-keygen</CODE>, part of the OpenSSH suite.</P>
+<P>
+Microsoft GitHub documentation suggests a user create a key with <CODE>ssh-keygen -t ed25519 -C "[<I>e-mail address</I>]"</CODE>.
+This generates an <A HREF="https://en.wikipedia.org/wiki/EdDSA#Ed25519">Ed25519</A> SSH key with an e-mail address in the key comment.
+</P>
+
 <H2>Task management</H2>
 <P><CODE>top(1)</CODE> comes with busybox, otherwise use <CODE>htop</CODE>.</P>
 
@@ -288,3 +329,5 @@ This means you need <CODE>rtkit</CODE> installed and running through your initia
 
 </BODY>
 </HTML>
+</BODY>
+</HTML>