minor push

2022-05-31 18:50:11 +02:00 · 2022-05-31 18:50:11 +02:00 · 207b3302dc
commit 207b3302dc
parent 8f6baaddef
4 changed files with 95 additions and 2 deletions
--- a/fairphone4.md
+++ b/fairphone4.md
@ -6,8 +6,9 @@ keywords:
 https://forum.fairphone.com/t/fp4-debloat-guide-for-better-privacy-security-and-battery-life/80003

 - VoLTE/Voice over WiFi maybe not working (https://forum.fairphone.com/t/how-to-enable-volte-and-wifi-calling/82049)
- 
+- call oponent sometimes can't hear my voice( https://forum.fairphone.com/t/call-microphone-issues/80888, )

+- internal test app: `* # * # 2 8 8 6 # * # *`
 ## Android 
 https://github.com/0x192/universal-android-debloater
   
--- a/fido2.md
+++ b/fido2.md
@ -5,6 +5,13 @@ keywords:
 ---
 # Fido2
 ### features
+- U2F
+Add the needed pam onfig entry. the `-n`is needed to ADD another key, otherwise the username will be added and destroys the login.
+```
+mkdir ~/.config/Yubico
+pamu2fcfg -o pam://hostname -i pam://hostname > ~/.config/Yubico/u2f_keys
+pamu2fcfg -o pam://$(hostname) -i pam://$(hostname) -n >> ~/.config/Yubico/u2f_keys
+```
 - WebAuth
    - main feature, login with username (known value by user), ChallengeResponse ( secret ) and button (interactive)/PIN
 - resident keys
@ -14,8 +21,89 @@ keywords:
 ## hardware
 #### OpenSK
 #### solo2
+```bash
+udo lpc55 ls
+bootloaders:
+Bootloader { vid: 1209, pid: B000, uuid: 114C99D86DB0D15B9FD0A6490962122E }
+
+sudo lpc55 info
+Properties {
+    current_version: Version {
+        mark: Some(
+            'K',
+        ),
+        major: 3,
+        minor: 0,
+        fixation: 0,
+    },
+    target_version: Version {
+        mark: Some(
+            'T',
+        ),
+        major: 1,
+        minor: 1,
+        fixation: 4,
+    },
+    available_commands: ERASE_FLASH_ALL | ERASE_FLASH | READ_MEMORY | FLASH_SECURITY_DISABLE | GET_PROPERTY | RECEIVE_SB_FILE | CALL | RESET | FLASH_READ_RESOURCE,
+    available_peripherals: USB_HID,
+    pfr_keystore_update_option: Keystore,
+    ram_start_address: 536870912,
+    ram_size: 262144,
+    flash_start_address: 0,
+    flash_size: 646656,
+    flash_page_size: 512,
+    flash_sector_size: 32768,
+    verify_writes: true,
+    flash_locked: true,
+    max_packet_size: 56,
+    device_uuid: 22994610845492304205348126649701503534,
+    system_uuid: 1168442901135557,
+    crc_check_status: CrcChecker(
+        Invalid,
+    ),
+    reserved_regions: [
+        (
+            335544320,
+            335568895,
+        ),
+        (
+            67108864,
+            67141631,
+        ),
+        (
+            805306368,
+            805330943,
+        ),
+        (
+            536870912,
+            536895487,
+        ),
+    ],
+    irq_notification_pin: IrqNotificationPin {
+        pin: 0,
+        port: 0,
+        enabled: false,
+    },
+}
+
+```
 #### nitrokey
 ### code snippets
+
+resident-key aka discoverable credentials (`fido2-token -S` to set the PIN, otherwise all other things fails, after using the PIN an additional touch is needed but not declared. Check this with
+```bash
+fido2-token -I -c /dev/hidrawX
+fido2-token -L -r /dev/hidrawX
+```
+You can then check this in detail: 
+```
+fido2-token -L -k ssh: /dev/hidrawX
+00: m4LrqX8qMtFisoixm0whdQ== openssh AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= eddsa uvopt+id
+```
+
+to get the "resident-key aka dc" call `ssh-keygen -K`. you get the two files, but the private key is a stub.(?, https://github.com/openssh/openssh-portable/raw/master/PROTOCOL.u2f) yubikey seems to support only ecdsa and not ed25519
+to add this "rk or dc thing" into the agent `ssh-add -K`. It seems that the `user@host` info gets lost while transfering this into the dongles space.
+
 ```[https://gist.github.com/alexgwolff/5d7f6802996cad2847c4a16995da410b]
 Using resident keys If your security key supports FIDO2 resident keys*, like the YubiKey 5 Series, YubiKey 5 FIPS Series, or the Security Key NFC by Yubico, you can enable this when creating your SSH key:

--- a/gnuk.md
+++ b/gnuk.md
@ -27,7 +27,10 @@ https://github.com/vletoux/OpenPGP-CSP/issues
 https://incenp.org/dvlpt/scdtools.html


+```
 echo scd random 32 | gpg-connect-agent | xxd
+
+```
 -----------------
 Nutzer PIN erst mit Zertifikat
 adminless Modus mit PIN über 8 Zeichen, User Pin min 6 Zeichen PIN
--- a/hardware-list.md
+++ b/hardware-list.md
@ -19,7 +19,8 @@ NAS
 ODroid HC-1
 - 1 x 2,5" HDD 1.5GB CMR [2014?]
 RPi2
- 1 x 2,5" HDD 1TB CMR [2014?]
+- 1 x 2,5" HDD 1TB CMR [2014?] WDC WD10SPZX-24Z10T0 S/N:WD-WX41A485FYC1 aka WD Blue 
+- 

 m.2 USB3 PCIe enclousure
 - 1x m.2SSD ???GB m.2 2280 ??? [2019?]