gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
lassulus_ has joined #nixos-chat
lassulus has quit [Ping timeout: 240 seconds]
lassulus_ is now known as lassulus
matthewbauer has quit [Ping timeout: 245 seconds]
LnL has quit [Read error: Connection reset by peer]
LnL has joined #nixos-chat
MichaelRaskin has quit [Quit: MichaelRaskin]
atu has joined #nixos-chat
jtojnar has quit [Remote host closed the connection]
jtojnar has joined #nixos-chat
atu has quit [Ping timeout: 245 seconds]
<tazjin> mildly surprised at the low price of the NixCon tickets
<tazjin> what's the catch? :P
atu has joined #nixos-chat
<manveru> lots of advertising :)
<manveru> seems like we got a lot of sponsors this time
<sphalerite> tazjin: they were free last year
atu has quit [Changing host]
atu has joined #nixos-chat
atu is now known as adamt
adamt has quit [Ping timeout: 256 seconds]
__monty__ has joined #nixos-chat
jD91mZM2 has joined #nixos-chat
matthewbauer has joined #nixos-chat
__monty__ has quit [Quit: leaving]
<infinisil> Hmm... To go or not to go is the question..
<gchristensen> probably should
<infinisil> Probably gonna go if nothing is in the way
<infinisil> There is nothing in the way \o/
<infinisil> Really liked it last year
<infinisil> (I'm just always a bit socially anxious)
<elvishjerricco> How many talks were there last year?
<infinisil> Oh and the program is still here: http://nixcon2017.org/
<gchristensen> cgfypUITNS-
<gchristensen> erm
<samueldr> all I see is hunter2
<gchristensen> lol
<gchristensen> that was me wiping pollen off my keyboard :)
MichaelRaskin has joined #nixos-chat
<makefu> typical qwerty!
<MichaelRaskin> Now I am a bit intrigued
<gchristensen> dvorak :$
<makefu> never knew dvorak has upper and lower characters mixed ;)
<samueldr> hitting caps lock?
<manveru> i forgot caps lock exists
<makefu> it actually looks awfully like dvorak layout, lets hope it is not also gchristensen's password :D
matthewbauer has quit [Read error: Connection reset by peer]
<infinisil> I once had the genius idea to make a key on my keyboard output my master password and return. Doesn't fully work because of some characters, but it's still in there, I occasionally get surprised when I hit that button
matthewbauer has joined #nixos-chat
MichaelRaskin has quit [Ping timeout: 256 seconds]
MichaelRaskin has joined #nixos-chat
jD91mZM2 has quit [Ping timeout: 248 seconds]
matthewbauer has quit [Read error: Connection reset by peer]
jD91mZM2 has joined #nixos-chat
matthewbauer has joined #nixos-chat
matthewbauer has quit [Read error: Connection reset by peer]
matthewbauer has joined #nixos-chat
matthewbauer has quit [Ping timeout: 248 seconds]
Sonarpulse has joined #nixos-chat
nckx has quit [Quit: Updating my GNU GuixSD server — gnu.org/s/guix]
nckx has joined #nixos-chat
matthewbauer has joined #nixos-chat
<ldlework> infinisil: at least put that on your yubikey
<infinisil> I don't have one :(
* manveru still has a yubikey from mtgox
<manveru> only thing i got out of it :(
<ldlework> heh
<tazjin> I've a box full of yubikeys next to my desk, waiting for the day on which we find a use for them
<ldlework> how about 2FA security
<tazjin> yeah but we have that covered in a different way already
<tazjin> maybe 3FA though, can never be secure enough
<ldlework> tazjin: yubikey is nicer than basically anything else, since it is down to a touch
<ldlework> well not yubikey in specific
<ldlework> but capacative-dongle-things
<tazjin> some years ago I wrote a thing for using yubikeys with luks key slots
<tazjin> I don't think that works anymore, but there's a modern version of it that I've scrolled past in the configuration.nix man page recently
<ldlework> what's a "luks key slot" ?
<tazjin> luks is the high-level key management system for disk encryption on linux
<tazjin> "linux unified key setup"
<ldlework> Yeah but what's a "key slot" wrt luks?
<ldlework> I see.
<tazjin> so the way it works is you have one actual master key that decrypts your disk
<tazjin> and a bunch of slots which are all individually encrypted versions of that key
<ldlework> and you're saying you were using the yubikey for that
<tazjin> so you can have a slot with a symmetric password that you can type in, and another slot with a challenge-response thing for yubikeys
<tazjin> which can both decrypt the same disk
<tazjin> yep
<ldlework> neato
<tazjin> https://github.com/tazjin/yubikey-fde <- this was the thing, but it stopped working at some point due to changes in the yubikey C libs
<ldlework> I've always had an irrational distaste for disk-encryption
<ldlework> I dunno why
<ldlework> it is irrational
<ldlework> something about performance?
<tazjin> well I work at a bank so it's a legal requirement
<tazjin> and performance isn't really an issue if you have a modern CPU with hardware support for the appropriate algorithms
<tazjin> oh yeah here it is, check `man configuration.nix` for `boot.initrd.luks.devices.<name?>.yubikey`
<ldlework> you use man to surf options?!
<tazjin> well I use emacs
<tazjin> I have a binding for `M-x nixos-man` which gives me the options man page in an easily filterable buffer
jD91mZM2 has quit [Quit: WeeChat 2.0]
<infinisil> ldlework: One of the most useful man pages!
obadz has quit [Quit: WeeChat 2.1]
matthewbauer has quit [Ping timeout: 260 seconds]
obadz has joined #nixos-chat
<tazjin> I actually don't really know how to browse the options otherwise
matthewbauer has joined #nixos-chat
obadz has quit [Ping timeout: 260 seconds]
<srk> I'm using git grep
<srk> alias gg='git grep -i'
<srk> cause manual doesn't contain all the options
obadz has joined #nixos-chat
<tazjin> infinisil: ah right, websites are more difficult to integrate into workflows though ime
<MichaelRaskin> Well, you need some tooling for that…
MichaelRaskin has quit [Ping timeout: 248 seconds]
matthewbauer has quit [Remote host closed the connection]
lassulus has quit [Ping timeout: 256 seconds]
lassulus has joined #nixos-chat