What if your SSH agent could encrypt secrets, not just authenticate connections? ssh-tresor does exactly that—it uses your SSH keys to encrypt files with no key material stored on disk. Works seamlessly over forwarded agents, supports multiple keys like LUKS slots, and turns your existing SSH setup into a portable secret management solution.

Although restic is a really nice backup solution, it lacks the possibility to pull the files to backup from a remote server, like rsync does over ssh, preventing any attacker to gain access to a secret. This blog post shows some workarounds and does the backup to a QNAP NAS S3 store over an encrypted TLS connection.

After over twenty years of using Red Hat and Fedora, it’s time to move on to explore other possibilities. Although my secure boot laptop still uses VerityBook, which is based on Fedora, my other machines are now running NixOS.

I am using my Sony A7 RII as a webcam with shallow depth of field with gphoto2 under Linux. The normal auto focus does not follow very well, therefore I assigned the “Eye AF” to the lens button and activate it permanently with some rubber straps and a small button like object underneath.

Want to search your local offline rust std documentation, with a quick command from your terminal?