From a80e037fce6943baa811628eeb1b271770f28350 Mon Sep 17 00:00:00 2001 From: coelner Date: Sun, 5 Jun 2022 11:49:31 +0200 Subject: [PATCH] fix merge conflicts artefacts --- README.md | 28 ++--- dietpi-wifi.txt | 95 ---------------- dietpi.txt | 287 ------------------------------------------------ gpg-howto.md | 18 +-- usercfg.txt | 5 - 5 files changed, 17 insertions(+), 416 deletions(-) delete mode 100644 dietpi-wifi.txt delete mode 100644 dietpi.txt diff --git a/README.md b/README.md index f18c7b9..c74c693 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,6 @@ chown user:user /mnt/private_file/user/.gnupg edit /etc/mdev.conf for usb tokens [ToDo] killall gpg-agent -<<<<<<< HEAD #mount encrypted container cryptsetup -v luksOpen /media/mmcblk0p2/PRIVATE private_file mount /dev/mapper/private_file /mnt/private_file @@ -114,9 +113,8 @@ umount /mnt/private_file cryptsetup luksClose private_file ##kernel update [inProgress] -======= + ##kernel [inProgress] ->>>>>>> b623977dd032cc56e6b6b14f85358a3723669001 related: https://gitlab.alpinelinux.org/alpine/aports/-/issues/11980 gnupg-root:/media/mmcblk0p2# mkdir modloopfs @@ -144,7 +142,7 @@ mksquashfs squashfs-root/ livefs.squashfs -noappend -always-use-fragments apk add linux-rpi ## generic image upgrade -<<<<<<< HEAD + [offline] extract original image to first partion restore cmdline and usercfg.txt @@ -170,31 +168,21 @@ cp apk to /media/mmcblk0p1/apk/armhf -lsblk -mkinitfs reboot without lbu commit -======= + +## fast major release update 1. delete content of first partition 2. extract original image to first partion 3. restore cmdline and usercfg.txt - `modules=loop,overlay,squashfs,sd-mod,usb-storage quiet dwc_otg.lpm_enable=0 console=tty1 console=ttyAMA0,115200` - usercfg.txt - ``` - gpu_mem=16 -dtparam=audio=off -dtoverlay=pi3-disable-bt -dtparam=i2c=on -dtoverlay=i2c-rtc,ds3231 -enable_uart=1 -dtparam=spi=on -dtoverlay=spi0-1cs -``` - 3. delete from overlay the cache folder - 4. boot RPI zero - 5. change `/etc/apk/repositoties` - 6. 7. lbu commit + 4. delete from overlay the cache folder + 5. boot RPI zero + 6. change `/etc/apk/repositoties` + 7. lbu commit 8. reboot 9. apk update 10. apk upgrade 11. reboot ->>>>>>> b623977dd032cc56e6b6b14f85358a3723669001 ##generic minor (to install it into ram) 1. apk diff --git a/dietpi-wifi.txt b/dietpi-wifi.txt deleted file mode 100644 index 82fa96c..0000000 --- a/dietpi-wifi.txt +++ /dev/null @@ -1,95 +0,0 @@ -#--------------------------------------------------------------- -# Entry 0 -# - WiFi SSID: required, case sensitive -aWIFI_SSID[0]='WLAN-GG3HL4 2.4GHz' -# - WiFi key: If no key/open, leave this blank -aWIFI_KEY[0]='08487085501687788364' -# - Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) -aWIFI_KEYMGR[0]='WPA-PSK' -# - WPA-EAP options: Only fill if WPA-EAP is set above -aWIFI_PROTO[0]='' -aWIFI_PAIRWISE[0]='' -aWIFI_AUTH_ALG[0]='' -aWIFI_EAP[0]='' -aWIFI_IDENTITY[0]='' -aWIFI_PASSWORD[0]='' -aWIFI_PHASE1[0]='' -aWIFI_PHASE2[0]='' -# - Path to the certificate file, e.g.: /boot/mycert.cer -aWIFI_CERT[0]='' -#--------------------------------------------------------------- -# Entry 1 -# - WiFi SSID: required, case sensitive -aWIFI_SSID[1]='' -# - WiFi key: If no key/open, leave this blank -aWIFI_KEY[1]='' -# - Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) -aWIFI_KEYMGR[1]='WPA-PSK' -# - WPA-EAP options: Only fill if WPA-EAP is set above -aWIFI_PROTO[1]='' -aWIFI_PAIRWISE[1]='' -aWIFI_AUTH_ALG[1]='' -aWIFI_EAP[1]='' -aWIFI_IDENTITY[1]='' -aWIFI_PASSWORD[1]='' -aWIFI_PHASE1[1]='' -aWIFI_PHASE2[1]='' -# - Path to the certificate file, e.g.: /boot/mycert.cer -aWIFI_CERT[1]='' -#--------------------------------------------------------------- -# Entry 2 -# - WiFi SSID: required, case sensitive -aWIFI_SSID[2]='' -# - WiFi key: If no key/open, leave this blank -aWIFI_KEY[2]='' -# - Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) -aWIFI_KEYMGR[2]='WPA-PSK' -# - WPA-EAP options: Only fill if WPA-EAP is set above -aWIFI_PROTO[2]='' -aWIFI_PAIRWISE[2]='' -aWIFI_AUTH_ALG[2]='' -aWIFI_EAP[2]='' -aWIFI_IDENTITY[2]='' -aWIFI_PASSWORD[2]='' -aWIFI_PHASE1[2]='' -aWIFI_PHASE2[2]='' -# - Path to the certificate file, e.g.: /boot/mycert.cer -aWIFI_CERT[2]='' -#--------------------------------------------------------------- -# Entry 3 -# - WiFi SSID: required, case sensitive -aWIFI_SSID[3]='' -# - WiFi key: If no key/open, leave this blank -aWIFI_KEY[3]='' -# - Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) -aWIFI_KEYMGR[3]='WPA-PSK' -# - WPA-EAP options: Only fill if WPA-EAP is set above -aWIFI_PROTO[3]='' -aWIFI_PAIRWISE[3]='' -aWIFI_AUTH_ALG[3]='' -aWIFI_EAP[3]='' -aWIFI_IDENTITY[3]='' -aWIFI_PASSWORD[3]='' -aWIFI_PHASE1[3]='' -aWIFI_PHASE2[3]='' -# - Path to the certificate file, e.g.: /boot/mycert.cer -aWIFI_CERT[3]='' -#--------------------------------------------------------------- -# Entry 4 -# - WiFi SSID: required, case sensitive -aWIFI_SSID[4]='' -# - WiFi key: If no key/open, leave this blank -aWIFI_KEY[4]='' -# - Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) -aWIFI_KEYMGR[4]='WPA-PSK' -# - WPA-EAP options: Only fill if WPA-EAP is set above -aWIFI_PROTO[4]='' -aWIFI_PAIRWISE[4]='' -aWIFI_AUTH_ALG[4]='' -aWIFI_EAP[4]='' -aWIFI_IDENTITY[4]='' -aWIFI_PASSWORD[4]='' -aWIFI_PHASE1[4]='' -aWIFI_PHASE2[4]='' -# - Path to the certificate file, e.g.: /boot/mycert.cer -aWIFI_CERT[4]='' diff --git a/dietpi.txt b/dietpi.txt deleted file mode 100644 index ea8d654..0000000 --- a/dietpi.txt +++ /dev/null @@ -1,287 +0,0 @@ -# IMPORTANT: -# - This is intended for advanced users, unless you know what you are doing, do not edit this file. Please use the DietPi programs instead. -# - Do not remove uncommented lines, as the items are scraped by DietPi programs, on demand. - -#------------------------------------------------------------------------------------------------------ -##### DietPi-Automation settings, applied on first boot of DietPi only, ONCE! ##### -#------------------------------------------------------------------------------------------------------ -# By setting this to "1" you accept the DietPi GPLv2 license and skip the related interactive dialog. -# - Full license text: /boot/dietpi-LICENSE.txt -# - This setting is ignored (and assumed to be affirmative) if AUTO_SETUP_AUTOMATED=1 -AUTO_SETUP_ACCEPT_LICENSE=1 - -##### Language/Regional Options ##### -# Locale: eg: "en_GB.UTF-8" / "de_DE.UTF-8" | One entry and UTF-8 ONLY! -AUTO_SETUP_LOCALE=C.UTF-8 - -# Keyboard Layout eg: "gb" / "us" / "de" / "fr" -AUTO_SETUP_KEYBOARD_LAYOUT=de - -# Timezone eg: "Europe/London" / "America/New_York" | Full list (TZ*): https://en.wikipedia.org/wiki/List_of_tz_database_time_zones -AUTO_SETUP_TIMEZONE=Europe/Berlin - -##### Network Options ##### -# Enable Ethernet or WiFi adapter: 1=enable | 0=disable -# - If both Ethernet and WiFi are enabled, WiFi will take priority and Ethernet will be disabled. -# - If using WiFi, please edit dietpi-wifi.txt to pre-enter credentials. -AUTO_SETUP_NET_ETHERNET_ENABLED=0 -AUTO_SETUP_NET_WIFI_ENABLED=1 - -# Force ethernet speeds: 0=automatic speed | 10 = 10Mbit | 100 = 100Mbit etc -# - This is mainly aimed at PINE A64 which may have an HW issue that causes unstable 1Gbit link. -AUTO_SETUP_NET_ETH_FORCE_SPEED=0 - -# WiFi country code: 2 uppercase character value (e.g. GB US DE JP): https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -AUTO_SETUP_NET_WIFI_COUNTRY_CODE=DE - -# Enter your static network details below, if applicable. -AUTO_SETUP_NET_USESTATIC=0 -AUTO_SETUP_NET_STATIC_IP=192.168.0.100 -AUTO_SETUP_NET_STATIC_MASK=255.255.255.0 -AUTO_SETUP_NET_STATIC_GATEWAY=192.168.0.1 -AUTO_SETUP_NET_STATIC_DNS=9.9.9.9 149.112.112.112 - -# Set to "1" to convert DHCP leased network settings into static settings automatically on first boot. -AUTO_SETUP_DHCP_TO_STATIC=0 - -# Hostname -AUTO_SETUP_NET_HOSTNAME=DietPi-gnupg-root - -##### Misc Options ##### -# Swap space size to generate: 0 => disable | 1 => auto | 2 and up => size in MiB -AUTO_SETUP_SWAPFILE_SIZE=1571 -# Swap space location: "zram" => swap space on /dev/zram0 (auto-size = 50% of RAM size) | /path/to/file => swap file at location (auto-size = 2 GiB minus RAM size) -AUTO_SETUP_SWAPFILE_LOCATION=/var/swap - -# Set to "1" to disable HDMI output (and GPU/VPU where supported) for supported devices: RPi, Odroid C1, Odroid C2 -AUTO_SETUP_HEADLESS=1 - -# Unmask (enable) systemd-logind service (including dbus), which is masked by default on DietPi -AUTO_UNMASK_LOGIND=0 - -# Custom Script (pre-networking and pre-DietPi install) -# - Allows you to automatically execute a custom script before network is up on first boot. -# - Copy your script to /boot/Automation_Custom_PreScript.sh and it will be executed automatically. -# - Executed script log: /var/tmp/dietpi/logs/dietpi-automation_custom_prescript.log - -# Custom Script (post-networking and post-DietPi install) -# - Allows you to automatically execute a custom script at the end of DietPi install. -# - Option 0 = Copy your script to /boot/Automation_Custom_Script.sh and it will be executed automatically. -# - Option 1 = Host your script online, then use e.g. AUTO_SETUP_CUSTOM_SCRIPT_EXEC=https://myweb.com/myscript.sh and it will be downloaded and executed automatically. -# - Executed script log: /var/tmp/dietpi/logs/dietpi-automation_custom_script.log -AUTO_SETUP_CUSTOM_SCRIPT_EXEC=0 - -# Restore a DietPi-Backup on first boot: 0 => disable | 1 => interactive restore (show list of found backups) | 2 => non-interactive restore (restore first found backup) -# - Simply attach the drive/disk/stick with contains the backup. All attached drives will be mounted temporarily and searched automatically. -AUTO_SETUP_BACKUP_RESTORE=0 - -##### Software Options ##### -# SSH server choice: 0=none/custom | -1=Dropbear | -2=OpenSSH -AUTO_SETUP_SSH_SERVER_INDEX=-1 - -# File server choice: 0=none/custom | -1=ProFTP | -2=Samba -AUTO_SETUP_FILE_SERVER_INDEX=0 - -# Logging mode choice: 0=none/custom | -1=RAMlog 1h clear | -2=RAMlog 1h save clear | -3=rsyslog + logrotate -AUTO_SETUP_LOGGING_INDEX=-1 -# RAMlog max tmpfs size (MB). 50MB should be fine for single use. 200MB+ for heavy webserver and access log etc. -AUTO_SETUP_RAMLOG_MAXSIZE=50 - -# Webserver preference: 0=Apache2 | -1=Nginx | -2=Lighttpd -# - This defines the webserver to install (only) when another selected software requires one. -# - It won't be installed if no other software requires a webserver and a manual webserver stack selection will override it. -AUTO_SETUP_WEB_SERVER_INDEX=-2 - -# Desktop preference: 0=LXDE | -1=Xfce | -2=MATE | -3=LXQt | -4=GNUstep -# - This defines the desktop to install (only) when another selected software requires one. -# - It won't be installed if no other software requires a desktop and a manual desktop selection will override it. -AUTO_SETUP_DESKTOP_INDEX=0 - -# Browser preference: 0=None | -1=Firefox | -2=Chromium -# - This defines the browser to install (only) when a desktop is installed. -# - It won't be installed if no desktop is installed and a manual browser selection will override it. -AUTO_SETUP_BROWSER_INDEX=-1 - -# DietPi-Autostart: 0=Console | 7=Console autologin | 1=Kodi | 2=Desktop autologin | 16=Desktop | 4=OpenTyrian | 5=DietPi-Cloudshell | 6=Amiberry fast boot | 8=Amiberry standard boot | 9=DDX-Rebirth | 10=CAVA Spectrum | 11=Chromium kiosk | 14=Custom autostart service -# - This will be effective on 2nd boot, after firstrun update and installs have been done. -# - Related software titles must be installed either on firstrun installs or via AUTO_SETUP_AUTOMATED=1 + AUTO_SETUP_INSTALL_SOFTWARE_ID (see below). -AUTO_SETUP_AUTOSTART_TARGET_INDEX=0 -# Autologin user name -# - This user must exist before firstrun installs, otherwise it will be reverted to root. -# - Applies to all autostart options but: 0, 6, 14 and 16 -AUTO_SETUP_AUTOSTART_LOGIN_USER=root - -##### Non-interactive Firstrun Setup ##### -# On first login, run update, initial setup and software installs without any user input -# - Setting this to "1" is required for below settings to take effect -# - It is HIGHLY recommended to also set CONFIG_BOOT_WAIT_FOR_NETWORK=2, to force infinite wait for network connection during boot and prevent connection timeout errors. -# - Setting this to "1" indicates that you accept the DietPi GPLv2 license, available at /boot/dietpi-LICENSE.txt, superseding any setting of AUTO_SETUP_ACCEPT_LICENSE. -AUTO_SETUP_AUTOMATED=1 - -# Global Password to be applied for the system -# - Affects "root" and "dietpi" users login passwords and is used by dietpi-software as default for software installs which require a password. -# - On first dietpi-software execution, the password is removed from this file and instead encrypted and saved to rootfs. -# - WARN: We cannot guarantee that all software options can handle special characters like \"$. -AUTO_SETUP_GLOBAL_PASSWORD=dietpi - -# Software to automatically install -# - List of available software IDs: https://github.com/MichaIng/DietPi/wiki/DietPi-Software-list -# - Add as many entries as you wish, one each line. -# - DietPi will automatically install all pre-reqs (e.g. ALSA/X11 for desktops etc) -# - E.g. the following (without the leading "#") will install the LXDE desktop automatically on first boot: -#AUTO_SETUP_INSTALL_SOFTWARE_ID=23 - -#------------------------------------------------------------------------------------------------------ -##### Misc DietPi program settings ##### -#------------------------------------------------------------------------------------------------------ -# DietPi-Survey: 1=opt in | 0=opt out | -1=ask on first call -# - https://dietpi.com/docs/dietpi_tools/#miscellaneous (see tab 'DietPi Survey') -SURVEY_OPTED_IN=0 - -#------------------------------------------------------------------------------------------------------ -##### DietPi-Config settings ##### -#------------------------------------------------------------------------------------------------------ -# CPU Governor: schedutil | ondemand | interactive | conservative | powersave | performance -CONFIG_CPU_GOVERNOR=ondemand -# Ondemand Sampling Rate | Min value: 10000 microseconds (10ms) -CONFIG_CPU_ONDEMAND_SAMPLE_RATE=25000 -# Ondemand Sampling Down Factor: Samling Rate * Down Factor / 1000 = ms (40 = 1000ms when sampling rate is 25000) -CONFIG_CPU_ONDEMAND_SAMPLE_DOWNFACTOR=40 -# Throttle Up Percentage: Percentage of average CPU usage during samling rate at which CPU will be throttled up/down -CONFIG_CPU_USAGE_THROTTLE_UP=50 - -# CPU Frequency Limits: Disabled=disabled -# - Intel CPUs use a percentage value (%) from 0-100, eg: 55 -# - All other devices must use a specific MHz value, eg: 1600 -# - Has no effect on RPi, please set "arm_freq" and "arm_freq_min" in config.txt instead. -CONFIG_CPU_MAX_FREQ=Disabled -CONFIG_CPU_MIN_FREQ=Disabled - -# Disable Intel-based turbo/boost stepping. This flag should not be required, setting <100% MAX frequency should disable Turbo on Intel CPUs. -CONFIG_CPU_DISABLE_TURBO=0 - -# System-wide proxy settings -# - Do not modify, you must use dietpi-config > "Network Options: Adapters" to apply -CONFIG_PROXY_ADDRESS=MyProxyServer.com -CONFIG_PROXY_PORT=8080 -CONFIG_PROXY_USERNAME= -CONFIG_PROXY_PASSWORD= - -# Delay boot until network is established: 0=disabled | 1=10 second wait max (default) | 2=infinite wait -CONFIG_BOOT_WAIT_FOR_NETWORK=1 - -# Connection timeout in seconds, before G_CHECK_URL assumes the URL is dead. Increase if you have a "flaky" connection or slow DNS resolver. -# - Set this to "0" to allow unlimited time, however this is not recommended to avoid unlimited hanging background scripts, e.g. daily DietPi update check. -# - A negative or non-integer value will result in the default of 10 seconds. -CONFIG_G_CHECK_URL_TIMEOUT=10 -# Connection attempts with above timeout each, before G_CHECK_URL is giving up and prompts an error. -# - Any value below "1" or a non-integer value will result in the default of 2 attempts. -CONFIG_G_CHECK_URL_ATTEMPTS=2 -# General connection and DNS testing -# - IP to ping when checking network connectivity. Default: 9.9.9.9 (Quad9 DNS IP) -CONFIG_CHECK_CONNECTION_IP=9.9.9.9 -# - Domain to ping when checking DNS resolver. Default: dns9.quad9.net (Quad9 DNS domain) -CONFIG_CHECK_DNS_DOMAIN=dns9.quad9.net - -# Daily check for DietPi updates: 0=disable | 1=enable -# - Checks are done by downloading a file of only 7 bytes. -CONFIG_CHECK_DIETPI_UPDATES=1 - -# Daily check for APT package updates: 0=disable | 1=check only | 2=check and upgrade automatically -# - Upgrade logs can be found at: /var/tmp/dietpi/logs/dietpi-update_apt.log -CONFIG_CHECK_APT_UPDATES=1 - -# Network time sync: 0=disabled | 1=boot only | 2=boot + daily | 3=boot + hourly | 4=Daemon + Drift -CONFIG_NTP_MODE=2 - -# Serial Console: Set to 0 if you do not require serial console. -CONFIG_SERIAL_CONSOLE_ENABLE=1 - -# Sound card -CONFIG_SOUNDCARD=none - -# LCD Panel addon -# - Do not modify, you must use dietpi-config to configure/set options -CONFIG_LCDPANEL=none - -# IPv6 -CONFIG_ENABLE_IPV6=1 - -# Prefer IPv4 with APT and wget, NB: This has no effect if IPv6 is disabled anyway! -CONFIG_PREFER_IPV4=1 - -# APT mirrors which are applied to /etc/apt/sources.list | Values here will also be applied during 1st run setup -# - Raspbian: https://www.raspbian.org/RaspbianMirrors -CONFIG_APT_RASPBIAN_MIRROR=http://raspbian.raspberrypi.org/raspbian/ -# - Debian: https://www.debian.org/mirror/official#list -CONFIG_APT_DEBIAN_MIRROR=https://deb.debian.org/debian/ - -# NTP mirror, applied to /etc/ntp.conf -# - For a full list, please see: https://www.ntppool.org/zone/@ -# - Please remove the initial integer and full stop from the value (removing "0."), eg: debian.pool.ntp.org -CONFIG_NTP_MIRROR=debian.pool.ntp.org - -#------------------------------------------------------------------------------------------------------ -##### DietPi-Software settings ##### -#------------------------------------------------------------------------------------------------------ -# Enter your EmonCMS.org write API key here. It will be applied automatically during EmonPi/Hub install. -# - E.g.: SOFTWARE_EMONHUB_APIKEY=b4dfmk2o203mmxx93a -SOFTWARE_EMONHUB_APIKEY= - -# VNC Server -SOFTWARE_VNCSERVER_WIDTH=1280 -SOFTWARE_VNCSERVER_HEIGHT=720 -SOFTWARE_VNCSERVER_DEPTH=16 -SOFTWARE_VNCSERVER_DISPLAY_INDEX=1 -SOFTWARE_VNCSERVER_SHARE_DESKTOP=0 - -# ownCloud/Nextcloud -# - Optional username for admin account, the default is 'admin', applied during install -SOFTWARE_OWNCLOUD_NEXTCLOUD_USERNAME=admin -# - Optional data directory, default is "/mnt/dietpi_userdata/owncloud_data" respectively "/mnt/dietpi_userdata/nextcloud_data", applied during install -# NB: This option is for advanced users. For full compatibility, please keep this options defaults, and, use dietpi-drive_manager to move the DietPi user data location. -SOFTWARE_OWNCLOUD_DATADIR=/mnt/dietpi_userdata/owncloud_data -SOFTWARE_NEXTCLOUD_DATADIR=/mnt/dietpi_userdata/nextcloud_data - -# WiFi Hotspot -SOFTWARE_WIFI_HOTSPOT_SSID=DietPi-HotSpot -# - Key requires a minimum of 8 characters -SOFTWARE_WIFI_HOTSPOT_KEY=dietpihotspot -SOFTWARE_WIFI_HOTSPOT_CHANNEL=3 - -# X.org -# - DPI 96(default) 120(+25%) 144(+50%) 168(+75%) 192(+100%) -SOFTWARE_XORG_DPI=96 - -# Chromium -SOFTWARE_CHROMIUM_RES_X=1280 -SOFTWARE_CHROMIUM_RES_Y=720 -SOFTWARE_CHROMIUM_AUTOSTART_URL=https://dietpi.com/ - -# Home Assistant -# - Optional Python build dependencies and modules, possibly required for certain HA components -# Space separated list (no quotation!), will be installed together with Home Assistant automatically, if present -SOFTWARE_HOMEASSISTANT_APT_DEPS= -# Add Python modules with version string at best, e.g.: firstModule==1.2.3 secondModule==4.5.6 -SOFTWARE_HOMEASSISTANT_PIP_DEPS= - -# K3s -# Command with flags to use for launching K3s in the service -# The value of this variable is copied directly into the INSTALL_K3S_EXEC environment variable before -# running the K3s installer. -# https://rancher.com/docs/k3s/latest/en/installation/install-options/#options-for-installation-with-script -# -# Optionally, you can add a configuration file named /boot/dietpi-k3s.yaml, -# which will copied into place during installation -# https://rancher.com/docs/k3s/latest/en/installation/install-options/#configuration-file -SOFTWARE_K3S_EXEC= - -#------------------------------------------------------------------------------------------------------ -##### Dev settings ##### -#------------------------------------------------------------------------------------------------------ -DEV_GITBRANCH=master -DEV_GITOWNER=MichaIng - -#------------------------------------------------------------------------------------------------------ -##### Settings, automatically added by dietpi-update ##### -#------------------------------------------------------------------------------------------------------ diff --git a/gpg-howto.md b/gpg-howto.md index 1485490..26956ee 100644 --- a/gpg-howto.md +++ b/gpg-howto.md @@ -1,8 +1,8 @@ -<<<<<<< HEAD +# gnupg cheatsheet + Best practices with gpg Use a separate key for each identity, this means a own key for each email account, which should not be cross referenced. -======= -# gnupg cheatsheet + ## generale notes - the additional uids are bundled to the public key - @@ -14,6 +14,7 @@ gpg -k gpg -K #export things with ascii armor ``` + ## best practice with PIN/passphrase 1. activate KDF 2. change the admin PIN (12345678) PW3 @@ -47,15 +48,15 @@ gpg --card-edit ``` ## generate master key ```bash ->>>>>>> b623977dd032cc56e6b6b14f85358a3723669001 gpg2 --expert --full-gen-key (9) ECC and ECC (1) Curve 25519 //because of this: http://safecurves.cr.yp.to/index.html 3y //because it is hard enough in real life with humans -<<<<<<< HEAD -//add the name/synonym and the first email +//or keep it unlimited, because it should be safe or a real world problem. + +//optional: add the name/synonym and the first email gpg --edit-key name/synonym adduid @@ -63,8 +64,8 @@ list [the trust is not yet 'ultimate' but after a save it will be] uid [n] //adjust primary uid primary save -======= ``` + after creating all needed master keys, generate the revocation certificate and store it hardcopy in reallife. ```bash for mail in $(gpg --list-keys | grep uid | sed 's/.*<\(.*\)>/\1/g') @@ -72,7 +73,6 @@ do gpg --armor --export --output "$mail".pub "$mail" gpg --armor --output revoc_"$mail".asc --gen-revoke done - ``` ## renew date on smartcard aka gnuk @@ -105,4 +105,4 @@ do done ``` after import those keys atleast GPA needs a restart. Otherwise those keys get not reread. ->>>>>>> b623977dd032cc56e6b6b14f85358a3723669001 + diff --git a/usercfg.txt b/usercfg.txt index af1433e..38bb81e 100644 --- a/usercfg.txt +++ b/usercfg.txt @@ -4,8 +4,3 @@ dtoverlay=pi3-disable-bt dtparam=i2c=on dtoverlay=i2c-rtc,ds3231 enable_uart=1 -<<<<<<< HEAD -======= -dtparam=spi=on -dtoverlay=spi0-1cs ->>>>>>> b623977dd032cc56e6b6b14f85358a3723669001