27 05 | 2011

PGP signatures with trust and verification level

Written by Tanguy

Classified in : Homepage, Debian, To remember

Identity checks and trust

Saint Peter's key, detail from a stone statue

The OpenPGP web of trust is composed of keys linked to each other by two things:

  • identity checks: signing a key means that you verified the link between a key with user IDs, an official identity document with a photograph, and a person with a face;
  • trust: on your public key ring, you manually decide who you trust to correctly check other people's identity.

With these two pieces of information, GnuPG is able to determine whether or not the key of someone you never met can trusted to belong to its alleged owner.


Signing a key is usually a binary action: either you sign it or you do not sign it. Thus your signature on a key will give other people a rough identity check information and no trust information at all.

In fact, the OpenPGP standard does allow to publish precise identity check and trust information on signatures, but unfortunately this is now enabled with GnuPG by default. These features are called certification level and trust signatures.

Read more PGP signatures with trust and verification level

23 05 | 2011

Uninstalling a single component of a meta-package

Written by Tanguy

Classified in : Homepage, Debian, Command line, To remember

Or how to get rid of Evolution without removing your whole system

Tree from a GNOME package to Evolution, GIMP and Brasero packages

There is a complain I have heard several times from people after they installed Debian: “I use Icedove/Thunderbird so I do not need Evolution: I tried to remove it but this would remove my whole system, that sucks!”

Read more Uninstalling a single component of a meta-package

22 05 | 2011

Sonar, un écran de veille qui pingue

Written by Tanguy

Classified in : Homepage, Divers, Auto-hébergement, Debian-FR, Libre, April


Parmi les nombreux écrans de veille fournis avec XScreenSaver, sonar(6) affiche en 3D une simulation d'écran de sonar au phosphore. Par défaut, il affiche les positions de quatre MIG et quatre F18. Comme tous les écrans de veille XScreenSaver, il peut être lancé :

  • en tant qu'écran de veille ;
  • à la main dans une fenêtre : /usr/lib/xscreensaver/sonar ;
  • à la main sur le bureau, pour impressionner la galerie : /usr/lib/xscreensaver/sonar -root.

Read more Sonar, un écran de veille qui pingue

20 05 | 2011

cpio > tar

Written by Tanguy

Classified in : Homepage, Debian, Miscellaneous

Large package icon

tar and cpio

tar(5) and cpio(5) are two competing archive formats, that provide almost identical features. Both are streamed formats, originally designed to be used on tapes. Their major practical difference is the style of their standard command line utilities:

  • cpio(1) takes the list of files to archive on its standard input, allowing a very high control but requiring to use another utility such as find(1) to archive an entire tree;
  • tar(1) usually takes the list of file to archive on its command line, and browses directories recursively be default.

Read more cpio > tar

19 05 | 2011

About system host names

Written by Tanguy

Classified in : Homepage, Debian, Miscellaneous, To remember

The host name

Large address book icon

On Unix systems, the host name is kept in memory by the kernel: it is set and get by the sethostname() and gethostname() functions and their command-line wrapper hostname(1). It can be used by several programs, for instance by the mail server to determine what it should use as its HELO name.

In fact, the host name has two forms: the short one and the fully qualified one. For instance, a host can have muscadet as its short name muscadet and muscadet.example.com as its fully qualified one. From these two forms, a third information can be deduced: the domain name, which is the full name without its first component.

The system host name can be set as either the short name or the fully qualified name. When the full name is used, the short one can be easily deduced, by keeping only its first component. When the short name is used, the full name must be determined by using a more complex heuristic that takes more time and can fail for several reasons.

Read more About system host names

«previous page 32 of 33 next