PGP signatures with trust and verification level
Classified in : Homepage, Debian, To remember
Identity checks and trust
The OpenPGP web of trust is composed of keys linked to each other by two things:
- identity checks: signing a key means that you verified the link between a key with user IDs, an official identity document with a photograph, and a person with a face;
- trust: on your public key ring, you manually decide who you trust to correctly check other people's identity.
With these two pieces of information, GnuPG is able to determine whether or not the key of someone you never met can trusted to belong to its alleged owner.
Signatures
Signing a key is usually a binary action: either you sign it or you do not sign it. Thus your signature on a key will give other people a rough identity check information and no trust information at all.
In fact, the OpenPGP standard does allow to publish precise identity check and trust information on signatures, but unfortunately this is now enabled with GnuPG by default. These features are called certification level and trust signatures.
Uninstalling a single component of a meta-package
Classified in : Homepage, Debian, Command line, To remember
Or how to get rid of Evolution without removing your whole system
There is a complain I have heard several times from people after they installed Debian: “I use Icedove/Thunderbird so I do not need Evolution: I tried to remove it but this would remove my whole system, that sucks!”
Sonar, un écran de veille qui pingue
Sonar
Parmi les nombreux écrans de veille fournis avec XScreenSaver, sonar(6) affiche en 3D une simulation d'écran de sonar au phosphore. Par défaut, il affiche les positions de quatre MIG et quatre F18. Comme tous les écrans de veille XScreenSaver, il peut être lancé :
- en tant qu'écran de veille ;
- à la main dans une fenêtre :
/usr/lib/xscreensaver/sonar; - à la main sur le bureau, pour impressionner la galerie :
/usr/lib/xscreensaver/sonar -root.
cpio > tar
Classified in : Homepage, Debian, Miscellaneous
tar and cpio
tar(5) and cpio(5) are two competing archive formats, that provide almost identical features. Both are streamed formats, originally designed to be used on tapes. Their major practical difference is the style of their standard command line utilities:
cpio(1)takes the list of files to archive on its standard input, allowing a very high control but requiring to use another utility such asfind(1)to archive an entire tree;tar(1)usually takes the list of file to archive on its command line, and browses directories recursively be default.
About system host names
Classified in : Homepage, Debian, Miscellaneous, To remember
The host name
On Unix systems, the host name is kept in memory by the kernel: it is set
and get by the sethostname() and gethostname()
functions and their command-line wrapper hostname(1). It can be
used by several programs, for instance by the mail server to determine what it
should use as its HELO name.
In fact, the host name has two forms: the short one and the fully qualified one. For instance, a host can have muscadet as its short name muscadet and muscadet.example.com as its fully qualified one. From these two forms, a third information can be deduced: the domain name, which is the full name without its first component.
The system host name can be set as either the short name or the fully qualified name. When the full name is used, the short one can be easily deduced, by keeping only its first component. When the short name is used, the full name must be determined by using a more complex heuristic that takes more time and can fail for several reasons.