OpenSSH Login with GnuPG (OpenPGP) Keys

songdongsheng · Jul 28, 2024 · 6d5199b · 6d5199b
1 parent b685a40
commit 6d5199b
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 50 deletions.
diff --git a/source/_posts/2022/Q4/2022-11-06-compiling-kernel-for-wsl2.md b/source/_posts/2022/Q4/2022-11-06-compiling-kernel-for-wsl2.md
@@ -25,8 +25,9 @@ WSL 2 not only loads a native Linux Kernel, the image of the Linux Kernel is in
 
 ```bash
 sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
-sudo podman run --rm -it --pull always -h debian-testing \
-    -w /root -v $(pwd):/xyz \
+
+sudo podman run --rm -it --pull always -h debian-stable \
+    -w /root -v $(pwd):/xyz --network=host \
     -e "PATH=/usr/sbin:/usr/bin:/sbin:/bin" \
     -e NO_PROXY="localhost,::1/128,f000::/4,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" \
     public.ecr.aws/docker/library/debian:stable
@@ -43,37 +44,37 @@ apt-get install -y bc bison build-essential curl dwarves file flex \
 ### Use WSL2 Linux Kernel
 
 ```bash
-# time git clone --depth 100 -b linux-msft-wsl-6.1.y https://github.com/microsoft/WSL2-Linux-Kernel.git
+# time git clone --depth 100 -b linux-msft-wsl-6.6.y https://github.com/microsoft/WSL2-Linux-Kernel.git
 ...
-real    6m37.565s
-user    2m27.991s
-sys     0m24.168s
+real    2m55.718s
+user    1m36.683s
+sys     0m16.305s
 
 # du -ms WSL2-Linux-Kernel/
-2033    WSL2-Linux-Kernel/
+2041    WSL2-Linux-Kernel/
 
 # cd WSL2-Linux-Kernel/ && git describe --tags
-linux-msft-wsl-6.1.21.1
+linux-msft-wsl-6.6.36.3
 ```
 
 
 ### Use Stable Linux Kernel
 
 ```bash
-rm -fr ~/Linux-6.6/Microsoft && mkdir -p $_ && cd $_/..
-curl -sSL https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.16.tar.xz | tar --strip-components=1 -xJ -f -
-curl -sSL -o Microsoft/config-wsl https://raw.githubusercontent.com/microsoft/WSL2-Linux-Kernel/linux-msft-wsl-6.1.y/arch/x86/configs/config-wsl
+rm -fr ~/Linux-6.x/Microsoft && mkdir -p $_ && cd $_/..
+curl -sSL https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.9.10.tar.xz | tar --strip-components=1 -xJ -f -
+curl -sSL -o arch/x86/configs/config-wsl https://raw.githubusercontent.com/microsoft/WSL2-Linux-Kernel/linux-msft-wsl-6.6.y/arch/x86/configs/config-wsl
 
 # du -ms
-1453    .
+1570    .
 ```
 
 ## Make Configure
 
 We can turn on certain Linux kernel features as needed, which is also the value of compiling the kernel ourselves.
 
 ```bash
-cat << EOF >> Microsoft/config-wsl
+cat << EOF >> arch/x86/configs/config-wsl
 
 # Processor type and features/vsyscall table for legacy applications/Emulate execution only
 CONFIG_LEGACY_VSYSCALL_XONLY=y
@@ -82,12 +83,19 @@ CONFIG_LEGACY_VSYSCALL_XONLY=y
 # BTF: .tmp_vmlinux.btf: pahole (pahole) is not available
 # BTF = BPF Type Format, Use BTF in BPF rograms
 # http://vger.kernel.org/~acme/perf/btf-perf-pahole-lsfmm-san-juan-2019/
-# CONFIG_DEBUG_INFO_BTF is not set
-# CONFIG_DEBUG_INFO_NONE=y
+# CONFIG_DEBUG_INFO_BTF=y
+# CONFIG_DEBUG_INFO_BTF_MODULES=y
 
 CONFIG_PREEMPT_DYNAMIC=y
 CONFIG_PREEMPT_RCU=y
 
+CONFIG_KVM=y
+CONFIG_KVM_INTEL=y
+CONFIG_KVM_AMD=y
+
+CONFIG_TLS=y
+CONFIG_IP_SCTP=y
+
 CONFIG_CRYPTO_ZSTD=y
 CONFIG_KERNEL_ZSTD=y
 CONFIG_MODULE_COMPRESS_ZSTD=y
@@ -96,65 +104,72 @@ CONFIG_SQUASHFS_ZSTD=y
 # Enable the block layer/ Partition Types/Advanced partition selection
 CONFIG_BSD_DISKLABEL=y
 
+# Device Drivers/Block devices
+CONFIG_ATA_OVER_ETH=y
+CONFIG_BLK_DEV_NBD=y
+CONFIG_BLK_DEV_RBD=y
+CONFIG_BLK_DEV_UBLK=y
+CONFIG_ZRAM=y
+
 # File systems/Miscellaneous filesystems
+CONFIG_BTRFS_FS=y
 CONFIG_ECRYPT_FS=y
-CONFIG_HFSPLUS_FS=y
+CONFIG_FUSE_FS=y
 CONFIG_HFS_FS=y
+CONFIG_HFSPLUS_FS=y
 CONFIG_UFS_FS=y
 CONFIG_UFS_FS_WRITE=y
 
-# Device Drivers/Block devices
-CONFIG_ZRAM=y
-CONFIG_BLK_DEV_NBD=y
-CONFIG_ATA_OVER_ETH=y
-CONFIG_BLK_DEV_RBD=y
-CONFIG_BLK_DEV_UBLK=y
-
 # File systems/Network File Systems
+CONFIG_CIFS=y
+CONFIG_NFS_DISABLE_UDP_SUPPORT=y
 CONFIG_NFS_V4_2=y
 CONFIG_NFS_V4_2_READ_PLUS=y
-CONFIG_NFS_DISABLE_UDP_SUPPORT=y
+
+CONFIG_SUNRPC=y
+CONFIG_SUNRPC_BACKCHANNEL=y
+CONFIG_SUNRPC_GSS=y
+CONFIG_RPCSEC_GSS_KRB5=y
+CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2=y
 EOF
 ```
 
 ```bash
-scripts/config --file Microsoft/config-wsl --disable SYSTEM_REVOCATION_KEYS
-scripts/config --file Microsoft/config-wsl --disable SYSTEM_TRUSTED_KEYRING
+scripts/config --file arch/x86/configs/config-wsl --disable SYSTEM_REVOCATION_KEYS; \
+scripts/config --file arch/x86/configs/config-wsl --disable SYSTEM_TRUSTED_KEYRING
 
-make KCONFIG_CONFIG=Microsoft/config-wsl menuconfig
+make KCONFIG_CONFIG=arch/x86/configs/config-wsl menuconfig
 ```
 
 ## Make Kernel
 
 ### WSL2 Linux Kernel
 
 ```bash
-# time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 bzImage
+# time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 bzImage
 ...
-real    14m56.307s
-user    109m13.656s
-sys     10m57.302s
+real    19m6.172s
+user    135m7.511s
+sys     17m11.616s
 
 # du -ks arch/x86/boot/bzImage
-11344   arch/x86/boot/bzImage
-
-# cp arch/x86/boot/bzImage ~/vmlinuz-6.1.21.1-WSL2-msft
-# cp vmlinuz-6.1.21.1-WSL2-msft /mnt/c/Users/<seuUser>/
+15620   arch/x86/boot/bzImage
 
 # du -ms .
-5675    .
+6024    .
 
-# cp arch/x86/boot/bzImage /mnt/c/Users/<seuUser>/vmlinuz-6.1.21.1-WSL2
-# cp Microsoft/config-wsl /mnt/c/Users/<seuUser>/vmlinuz-6.1.21.1-WSL2.config
+# cp arch/x86/boot/bzImage /mnt/c/Users/<seuUser>/vmlinuz-6.6.36.3-WSL2
+# cp arch/x86/configs/config-wsl /mnt/c/Users/<seuUser>/vmlinuz-6.6.36.3-WSL2.config
+# vi /mnt/c/Users/<seuUser>/.wslconfig
 
-time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 modules
-time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 tarxz-pkg
+time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 modules
+time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 tarxz-pkg
 ```
 
 ### Stable Linux Kernel
 
 ```bash
-# time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 bzImage
+# time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 bzImage
 ...
 Kernel: arch/x86/boot/bzImage is ready  (#1)
 
@@ -166,14 +181,14 @@ sys     12m48.108s
 4467    .
 
 # du -ks arch/x86/boot/bzImage
-13128   arch/x86/boot/bzImage
+13992   arch/x86/boot/bzImage
 
-# cp arch/x86/boot/bzImage /mnt/c/Users/<seuUser>/vmlinuz-6.6.16-WSL2
-# cp Microsoft/config-wsl  /mnt/c/Users/<seuUser>/vmlinuz-6.6.16-WSL2.config
+# cp arch/x86/boot/bzImage /mnt/c/Users/<seuUser>/vmlinuz-6.9.10-WSL2
+# cp arch/x86/configs/config-wsl  /mnt/c/Users/<seuUser>/vmlinuz-6.9.10-WSL2.config
 # vi /mnt/c/Users/<seuUser>/.wslconfig
 
-time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 modules
-time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 tarxz-pkg
+time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 modules
+time make KCONFIG_CONFIG=arch/x86/configs/config-wsl -j8 tarxz-pkg
 ```
 
 ## Update %UserProfile%\.wslconfig
@@ -183,8 +198,8 @@ time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 tarxz-pkg
 ```bash
 [wsl2]
 # An absolute Windows path to a custom Linux kernel
-# kernel=C:\\Users\\<seuUser>\\vmlinuz-6.1.21.1-WSL2-msft
-# kernel=C:\\Users\\<seuUser>\\vmlinuz-6.6.16-WSL2
+# kernel=C:\\Users\\<seuUser>\\vmlinuz-6.6.36.3-WSL2
+# kernel=C:\\Users\\<seuUser>\\vmlinuz-6.9.10-WSL2
 # 50% of total memory on Windows or 8GB, whichever is less
 # memory=8GB
 # Sets additional kernel parameters, in this case enabling older Linux base images such as Centos 6
@@ -198,6 +213,11 @@ time make KCONFIG_CONFIG=Microsoft/config-wsl -j8 tarxz-pkg
 wsl --version
 wsl --list --verbose
 wsl --shutdown
+
+# taskkill /F /T /IM wslservice.exe
+```
+
+```bash
 wsl
 ```
 
@@ -207,12 +227,12 @@ wsl
 
 ```bash
 # cat /proc/version
-Linux version 6.1.21.1-microsoft-standard-WSL2+ (root@debian-testing) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP Fri Apr 14 16:30:28 UTC 2023
+Linux version 6.6.36.3-microsoft-standard-WSL2+ (root@debian-stable) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Fri Jul 19 07:04:59 UTC 2024
 ```
 
 ### Stable Linux Kernel
 
 ```bash
 # cat /proc/version
-Linux version 6.6.16-microsoft-standard-WSL2 (root@wsl2-debian) (gcc (Debian 13.2.0-13) 13.2.0, GNU ld (GNU Binutils for Debian) 2.42) #1 SMP PREEMPT_DYNAMIC Tue Feb  6 23:22:24 CST 2024
+Linux version 6.9.10-microsoft-standard-WSL2 (root@debian-stable) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Fri Jul 19 02:25:29 UTC 2024
 ```
diff --git a/source/_posts/2024/Q3/2024-07-13-post-quantum-cryptography-in-openpgp.md b/source/_posts/2024/Q3/2024-07-13-post-quantum-cryptography-in-openpgp.md
@@ -201,6 +201,7 @@ The current state of OpenPGP's PGC implementation is quite exciting, considering
 - https://csrc.nist.gov/pubs/fips/203/ipd
 - https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.ipd.pdf
 - https://github.com/nccgroup/fips203
+- https://dev.gnupg.org/source/gnupg/browse/master/NEWS
 - https://dev.gnupg.org/T6815
 - https://dev.gnupg.org/T7189
 - https://lists.gnupg.org/pipermail/gnupg-announce/2024q3/000484.html