Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Revive your RSS feed with Newsboat in the Linux terminal

Psst. Word on the web is that RSS died in 2013. That's when Google pulled the plug on Google Reader. Don't believe everything that you hear. RSS is alive. It's well. It's still a great way to choose the information you want to read without algorithms making the decision for you. All you need is the right feed reader. Back in January, Opensource.com Correspondent Kevin Sonney introduced a nifty terminal RSS reader called Newsboat. In his article, Kevin scratched Newsboat's surface. I figured it was time to take a deeper dive into what Newsboat can do. Read more

KaOS 2020.02 Released with KDE Plasma 5.18 LTS and Linux 5.5, New Features

The development team behind KaOS, a KDE-focused, desktop-oriented independent GNU/Linux distribution, released today KaOS 2020.02 as February 2020’s live ISO snapshot with all the latest software updates and technologies, as well as new features. KaOS 2020.02 is here almost two months after January 2020’s snapshot and brings many of the recently released GNU/Linux technologies and Open Source software, starting with the KDE Plasma 5.18 LTS desktop environment. In fact, KaOS 2020.02 includes all the latest KDE software, such as the Plasma 5.18.1 update, February 2020’s Applications update, and Frameworks 5.67.0, all compiled against the Qt 5.14.1 open-source and cross-platform application framework. Read more

Introducing Jcat

Jcat is a gzipped JSON file of detached signatures. Because it’s gzipped it’s easy to compress and decompress in basically any language, and because it’s JSON it’s dead simple to parse and generate in any framework. There is a little overhead of some metadata (e.g. signing ID, creation time, etc) and but it’s all the kind of thing you can just edit in vim if you needed to. There’s also support for storing binary stuff like DER certificates (base64 to the rescue…), but if possible I’d like it to be all readable in a text editor. The jcat command line tool can import existing detached signatures into the Jcat file, and can also verify the existing .jcat file against all the files in a directory or archive. You can include multiple signatures for the same file (using the AppStream ID as the key) and of course sign multiple files using all the cryptographic engines you need. There’s also rudimentary support for actually creating signatures in the jcat command line client too, although it’s WIP for the GNUTLS engine and completely missing for GPGME at the moment. This new thing also lets us fix another glaring issue in fwupd. Some companies can’t use PKCS-7, and some can’t use GPG for equally bad and nonsensical reasons – at the moment you need to specify the remote keyring when enabling a remote as we need to know if we need to download the metadata.xml.gz.asc or the .p7b version. Using a .jcat file allows to to not care, and just download one detached thing that can be used no matter how you’ve compiled your system. By adding SHA-256 as an additional not-to-be-used-for-trust engine, Jcat also lets you verify the download of your metadata and cabinet files even when you don’t have GPG or PKCS-7 available, which I know at least one company does on an IOT project. Jcat allows us to move the scary cryptographic verification code out of fwupd and makes the update-your-firmware codebase easier to maintain without worrying about potential landmines. Read more Also: Jcat: A New Alternative To Microsoft Catalog Files

today's howtos