Windows SSH client with TPM

2016-10-17, Categories: tpm, hsm, security, windows

I managed to get an SSH client working using an SSH pubkey protected by a TPM.

Read the rest of this entry »

HSBC is not a real bank

2016-04-07, Categories: rant

From a customer’s perspective it’s hard to tell if HSBC UK is some sort of performance art as opposed to a real bank.

I will add more things to this blog post as they occur to me, since this is the first time I’m writing these down in one place some of the many many absurdities are bound to slip my mind.

Read the rest of this entry »

Ubiquity gear replacing BT HomeHub router

2016-03-16, Categories: network

These are my notes from setting up Ubiquity wifi access point and router to replace the horrible BT HomeHub 5.

Read the rest of this entry »

Yubikey 4 for SSH with physical presence proof

2016-01-28, Categories: security

This is another post in the series of how to protect SSH keys with hardware, making them impossible to steal.

This means that you know that your piece of hardware (e.g. Yubikey or TPM inside your laptop) was actively involved in the transaction, and not, say, turned off and disconnected from the Internet at the time (like in a safe or on an airplane).

What’s new this time is that we can now have a physical presence test on every use of the key. That means that even if someone hacks your workstation completely and installs a keylogger to get your PIN, unless they also break into your home they can’t use the key even while the machine is on and connected. Evil hackers in another country are out of luck.

Read the rest of this entry »

How I made my custom keyboard layout on Linux and Windows

2015-11-29, Categories: unix, keyboards

This post explains how to set up a keyboard layout the way I like it. It may not fit you at all, but it may give you ideas that would work for you.

In short: I remap Caps Lock to add some extra keys.

Read the rest of this entry »

Building pov-ray on raspberry pi

2015-11-28, Categories: unix

This is just notes in case I need to do this again. It’s for my QPov project.

sudo apt-get install autoconf libboost-all-dev libjpeg-dev libtiff-dev libpng-dev
git clone
cd povray
git checkout --track -b 3.7-stable origin/3.7-stable
cd unix
cd ..
./configure --prefix=$HOME/opt/povray COMPILED_BY="My_Name on RPi"
make install

Read the rest of this entry »

Scraping data from a BT home hub 5

2015-03-28, Categories: network

If you have BT broadband and want to graph the synced speed and actual use of your broadband connection, and you use the BT provided router (Home Hub), then you can’t use SNMP to get these counters. But you can get the data over HTTP without too much trouble. Here’s some ugly one-liners for doing that.

Read the rest of this entry »

How to boot an encrypted system safely

2015-03-27, Categories: security, tpm

These are my notes on how to set up a system securely, in a way that would prevent attackers from being capable of performing an “evil maid attack”.

Read the rest of this entry »

Raytracing Quake demos

2015-03-22, Categories: coding

I decided to combine these two problems into one solution:

My solution is to convert Quake .dem files to .pov files and render them with POV-Ray.

Update: New better screenshot:

Quake scene rendered in POV-Ray

Read the rest of this entry »

My mechanical keyboard

2015-03-21, Categories: hardware, keyboards

You spend all your waking time at a keyboard. This blog post is about keyboards, and can be summarized as: Buy quality, cry once.

Read the rest of this entry »
Older posts