codesections

Actually, can any one tell me what "average reported frame damage" means? This is in the context of #wayvnc, and my "frame damage" starts out low, but pretty quickly climes to 95.9% and holds there -- and my screen starts flickering. I'm _assuming_ that those two are related, but I don't really know what "frame damage" means.
all the Internet results seem to assume that I'm concerned about damage to the frame of my car and I'm _pretty_ sure my car isn't involved in getting pixies to my monitor

@skunksarebetter

> #cloc is a source code line counter.

I'm partial to tokei, personally https://github.com/XAMPPRocky/tokei

But cloc is good too :)

@jordan31

> Any suggestions for Discord terminal clients? I'm in need of a decent one.

My understanding is that they block essentially all third-party clients, and the result is that there aren't any decent terminal ones. But I'd love to be wrong about that.

(I use #ripcord, which isn't officially supported either and isn't even a terminal client. But it's at least *some* improvement)

@dwytemartin

> What's a good :fosstodon: alternative for discordapp?

Are you asking for an alternative to *discord* as a whole or for an alternative *client*/desktop app to use with discord?

If the former, you have lots of options (I personally like #matrix, but I've also heard good things about #zulip)

If the latter, you're pretty much out of luck—the discord ToS forbid third-party clients and I don't know of any good open-source clients (I use #ripcord, but it's not FOSS, sadly )

Do any of y'all use #isync/#mbsync to pull down emails via IMAP?

I have it *mostly* working. But I'd like it to pull down my emails automatically, in the background.

That's easy enough to set up…*except* that I have the password to my inbox secured with a yubikey. So, right now, there's no way to pull new emails without pressing the yubikey.

Is there a good way to keep that password in memory without sacrificing *too* much security? (I.e., I don't want it in plaintext)

@YesIKnowIT

> http://www.ostechnix.com/4-easy-ways-to-generate-a-strong-password-in-linux/​
My preferred :
openssl rand 14 -base64
gpg --gen-random --armor 1 14
... but the passwords are not easy to remember. A good argument to use a password manager.

I ended up writing #passgen (https://github.com/codesections/pass-gen/) to solve that problem. It's another xkcd-style solution, though with a bigger dictionary and more customization options than many takes on that solution

@SciencePhysicist

> I bodged together a little script that gets my ip with wget ipecho.net - I then hooked into api.dreamhost.com (my domain and dns provider), compares that ip to the one in the dns record and if its changed, it pushes an update.

Yeah, that's not that different from the approach I've taken with #d5. The main difference is that d5 offers a self-hosted version of ipecho (and that it doesn't automatically push an update to the dns record, though that would be easy to add)

@grainloom

Thus, with #d5, you *don't* get a pretty, human readable URL for your PC, just a way to access the current IP address. If you *want* a human-readable URL, you can combine d5 with DNS Lexicon and automatically update DNS records yourself. https://github.com/AnalogJ/lexicon

> is it such a good idea to send the username and password instead of a randomized string

The username & password are unique to d5; they're just a way to identify which IP address you want (more of a token, really)

@grainloom

#d5 starts basically the same—with a cron job (or whatever) to ping your d5 server; the difference is that you send a username–password pair too.  (with the d5 server being d5.codesections.com or your selfhosted server).  d5 keeps that IP & username–password in memory.

 To connect to your PC, you run `ssh $(curl -u $USER:$PASSWORD)`.  The curl command returns the current IP for your PC, and lets SSH use it as normal.

No DNS records are updated, and no external server has your IP

@grainloom asked how my #d5 project compares to #duckDNS, and I thought others might be curious

tl;dr: d5 connects you to your home PC without updating DNS records (or involve a 3rd party)

With DuckDNS, you set a cron job (or whatever) to ping DuckDNS's server. It stores your IP address in their DB and updates DNS records.

To connect to your PC, you run `ssh $NAME_YOU_PICKED.duckdns.org` (or something else if you're not using SSH). DuckDNS redirects this to the current IP of your PC

(1/n)

Just listened to today's #coderRadio—very shocked to hear that it's the final one.

Seven years is a long time for anything, especially a podcast—so I understand the decision.

Still, it feels like the end of an era and I'll be sad to see it go. Their recent series on 7 languages in (more than) 7 weeks has been a real highlight!

https://coder.show/375

@alexbuzzbee

> It gave the answer in seconds.
I can't find any way to change units.

Have you tried… division?

#deadpan

@[email protected] @codesections

> Perl has the advantage of being installed *everywhere*.

That's an interesting perspective. One of the reasons I wrote #passgen (which is a #bash rewrite of xkpasswd with some added features) was that I was tired of installing #perl for just that one program.

@bash

> If you’re just looking for something to run VNC/RDP/Whatever to another box, I recommend TinyCoreLinux. Provides a minimal GUI and can run in as little as 10MB.

That *is* what I'm looking for. Why do you recommend #TinyCoreLinux over #PuppyLinx? I know it's smaller, but the difference of a few MB will *probably* not be the deciding factor for this setup.

Svelte 3 is out, and it looks really great—they've done a great job building a much lighter weight alternative to #react!
https://svelte.dev/blog/svelte-3-rethinking-reactivity

Between #svelte 3, #preact 10, and #Dodrio (the #rust/WASM alternative to Preact), it's starting to look like a golden age for lightweight front-end web apps.

…now if only everyone still building bloated apps with Facebook's framework will get the memo :D

@nolan
Do you have any thoughts on Svelte 3? I know Pinafore is built with Svelte

@cancel @[email protected] @rnickson

> I just made a significant new portion/feature of it open source a few hours ago :)

Two responses: first *thanks very much*!

It's awesome that you're freeing this library under the GPL. I'll definitely pay for #ripcord without hesitation when you're ready to ask for money!

2nd: my concern with ripcord not being #foss has more to do with not loving the idea of communicating using code that I/we can't audit. This library—while super nice!—doesn't address that issue.

Based on recommendations from several of you fine folks, I just tried out #ripcord, the unofficial #discord/#slack client by @cancel

I've got to say, from a first impression, I'm *really* impressed! It makes slack and discord way more manageable, while also using far fewer resources than either one alone.

Shame it's not #foss, though; I'd be much more likely to pay for it if it were. (It is free-as-in-beer though, at least right now)

cc @[email protected] @rnickson thanks for the tip!

@stsquad

> those that have not already discovered the delights of #orgmode are destined to recreate it

Except that inserting orgmode time stamps with the current time requires an arcane series of keypresses (two prefix arguments (not sure what that means?) plus `<C-c>` followed by `.`

https://orgmode.org/manual/Creating-Timestamps.html#Creating-Timestamps

In contrast, my vim version involves turning on a specific mode, and then pressing enter

Really captures the #vim–#emacs difference! #editorWar :D

@mwlucas @alexbuzzbee @balrogboogie

(also, when writing that last toot, I noticed that the hashtag #ed prompts me to autocomplete to #editorWar. That seems appropriate, somehow.)

@gentoorebel

Also, on the subject of "why yes I rewrote that in bash, why?", you might be interested in one of my side projects: #passgen, a full passphrase generator based off similar principles to diceware or other word-list based passphrase generators. It's pure bash and plays well with standard input/output.

https://passgen.codesections.com

@brennen Agreed! #passgen has a man page—and, yeah, it took about as long to write as the program itself, but it was worth it!

@peanutbutter144

I'm also a happy user of pass—so happy that I built a bit of a companion app called #passgen (https://passgen.codesections.com).

It's a passphrase generator that uses the same style as pass. (Because a passphrase will be both more secure and easier to type than a password) It pipes it output to standard out, so it works well with pass: you can generate a new password and store it with pass with `pass-gen -e | pass -e USERNAME`

End of self promotion, but yeah, pass is really great!

@mike @Qwxlea

Interesting. I wouldn't say that I live in the shell—rather, I live in the *terminal*. I use zsh commands a lot, of course, but I also write bash, python, or javascript scripts frequently; I don't feel the need to link everything together.

I wonder if some of this comes from a developer vs. sysadmin use cases. I write a fair bit of bash—including #passgen, my most developed #foss project so far—but I don't think I've every written an *inline* script.

Interesting perspective!

@brainblasted There are also several #html2text programs that could be helpful. Here's one I've used before (written in Python): https://github.com/aaronsw/html2text

@kev Another language I'd put in the mix for those goals is #bash. It's not quite as versatile as others, but it's still very powerful. It's what #pass and my own #passgen are written in, for example. And for simple automation in #linux environment, it really can't be beat.

Plus, anyone who is comfortable with the command line is halfway to knowing #bash.

The second half of The Linux Command Line has a great introduction to bash. Plus, it's free under a CC license: http://linuxcommand.org/tlcl.php

@manulfk

I'm a big fan of #pass, which is a CLI tool that stores passwords in a #GPG-encrypted #git repo (there are non-CLI clients for it) https://www.passwordstore.org/

I like pass so much that I wrote a passphrase generator in the same spirit, called #passgen (https://passgen.codesections.com). It's a #FOSS tool that generates passphrases that are secure and easier to type in (for those occasions when you can't paste from a password manager).

@redandgreen14 @unicornfarts

And has #cricket been pretty good? I'm thinking about switching to them or #consumerCellular for lower prices, but I'm not sure if it's worth it.

@puffinux Oh, this is fun—I'll try to stick to your format:
Programs I use with #linux (#arch) as my OS:

#dwm + dmenu (display manager)
#qutebrowser (browser)
#neovim (text editor)
#vim + qutebrowser (mastodon)
#weechat + #znc (IRX)
#keybase + vim (encrypted chat)
#mutt (email)
#feh (image viewer)
#scrot (screenshots)
#simpleTerminal (terminal emulator)
#tmux (terminal multiplexer)
#mupdf (PDF viewer)
#pass + #passgen (password manager)

#FOSS #FLOSS #openSource #freeSoftware

@andrewebdev @mike

That is really cool. Thanks for building this, @[email protected]!

On my home computer, I'm not concerned with someone looking at my screen when it's locked. So I use something similar but without the pixelation: #xtrlock (https://launchpad.net/ubuntu/trusty/+package/xtrlock).

(If I were more concerned with visual security, I'd probably go with #slock, but then I like that sort of thing).

It recently came to my attention that #trunk has a thriving #emacs list but no #vim list at all. This is an outrage that cannot be allowed to stand! #editorWar #cultOfVi

(Seriously though @[email protected] could you create a vim trunk list and add me to it?)

(If you're not familiar with Trunk, it's a group of interest-based lists to help new Mastodon users find interesting people to follow: https://communitywiki.org/trunk)

@d4klutz I'm a huge fan of #pass https://www.passwordstore.org/ — so much so that I built a passhrase generator in the same spirit (though it works with other managers too)

#passgen https://passgen codesections.com

Turns out that the top #hashtags I've used or favorited on Mastodon are:

#rust(65)
#introductions(60)
#introduction(51)
#gutenberg(41)
#linux(39)
#foss(32)
#mastodon(30)
#fosstodon(27)
#passgen(18)
#arch(17)

I'm pretty happy with that as a summary of my conversations on here.

(Thanks to @[email protected] 's useful mastodon-archive tool for generating this info. https://github.com/kensanata/mastodon-backup)

@crodges

If you're a big user of #pass, you might also like my current #FOSS project, #passgen. https://passgen.codesections.com

It's CLI app that generates passphrases that can be piped on to pass. For example, `pass-gen -e | pass add <username>` generates a new passphrase and pipes the adds it to a pass store.

passgen creates passphrases that are much easier to type in if a site ever blocks you from pasting or if you need to use a different computer—and they're even more secure.

@coffee

@coffee

Definitely going to be trying this out when I get some time later this afternoon—it sounds very cool!

(Welcome to the club of #fosstodon members who've worked on companion software to #pass. I didn't expect #passgen to have company in that particular club!)

Ok, definitely geeking out here, but I just learned that one of my favorite bloggers (Scott Alexander of http://slatestarcodex.com/) just linked to my Mastodon Is Better than Twitter blog post (https://www.codesections.com/blog/mastodon-elevator-pitch/).

I know that probably didn't bring as many people to the fediverse as when that post was on the #hackerNews front page, but it's personally *way* more exciting—it's very cool to get a link from someone I admire!

Any other #rationalists come because of that post (or here at all)?

Just how concerned should I be by a message from Gmail saying that someone attempted to reset my password from Texas (no where near where I live)? I've already changed my password (#passgen made it easy to come up with a new one), and I have two-factor authentication enabled. And gmail isn't my primary email, but it's still one I don't want to have compromised.

I figure it's probably someone with a similar email address miss-typing their address, but wanted to ask how worried I should be.

@alatiera
I disagree, at least for nouns. Imagine I want to toot about a new version of an open-source project. Which sounds better:

> I just released v0.5 of #passgen, the passphrase generator that follows the #unix philosophy.

Or:

> I just released v0.5 of passgen, the passphrase generator that follows the unix philosophy.
#passgen #unix

The first clearly and correctly signals that the hashtag is a link to related content; by my lights, it's much better. You disagree?

@bryangruneberg

I might have mentioned this already, but I wrote a companion-app of sorts to pass. My app, #passgen, generates secure random passphrases (instead of passwords), since they're much easier to type whenever you can't paste. It's designed to work well with #pass (well, with anything that accepts standard input, but pass is what I use). To generate a new passphrase for pass, you'd just run `pass-gen -e | pass add <username>`.

More info at https://passgen.codesections.com
j

@ObjFW
I think that depends some on your #git workflow. I'm of the "commit early, commit often" school of thought—it makes `git bisect` so useful! So, for example, my #passgen project already has over 50 commits. https://github.com/codesections/pass-gen If I'd tooted about each one, I'm sure it would have annoyed people.

What I've done instead is to toot about each of the four versions I've released, which (hopefully!) isn't annoying.

@fleischie28

One question, though:

For the #linux version, did you consider using `dev/urandom` to generate your random numbers? That would give you much stronger random numbers, suitable for more secure use. For example, you could use `$(( $MIN + $(od -An -N2 -i /dev/urandom) % ($MAX - $MIN + 1) ))` to generate an integer between MAX and MIN (and then divide to get it within your 0–1) range).

That's the basic approach to randomness I take in #passgen (https://passgen.codesections.com/)

@besserwisser
<mostly_joking_self_promotion>
Well, in that case, I've written a #minimalist password generator you should try!

#passgen is a CLI app to generate secure passphrases that are easy to type (for when you can't paste). And it follows the #unixPhilosophy, and lets you pipe it's output to standard-out (or, optionally, have it in your clipboard). https://passgen.codesections.com/

</mostly_joking_self_promotion>

@danyspin97 But also agreed on the to-each-their own point. I feel like I've moved *somewhat* far up the power/simplicity curve, but would still be interested in going further. Maybe #void, maybe #obarun, maybe even #gentoo if I'm feeling bold.

Something to look forward to, anyway

@tek @_cr0_tab

(And, if people aren't as comfortable with computers but still take #infosec seriously, they might also be interested in the #EFF project that inspired #passgen, which provides instructions for generating random passphrases by rolling dice. https://www.eff.org/dice)

@tek @_cr0_tab

I'm a huge fan of #pass (https://www.passwordstore.org/). It's primarily a CLI app, but it also has several GUI clients, which might be better for a 101 space.

<self_promotion>Also, if they'd be interested in a password *generator*, I wrote #passgen, which generates secure, memorable/pronounceable passwords using a user-configurable set of wordlists (by default, the wordlists from the EFF) Fully open source, of course

https://passgen.codesections.com/

</self_promotion>

@unicornfarts @Artek I don't really know apg, but from a quick look, I think #passgen passwords would be *more* memorable. It's configurable to use any of a bunch of different wordlists, but by default it uses a combined list taken from several #EFF lists, so you'd get a password like skirt?UNSTEADY?legend?SUPERJET?livable?DINGBAT?507?

@Artek @unicornfarts

<self_promotion> Even if you don't use a password manager, could I interest you in a password *generator*? I wrote #passgen, a password generator that creates secure passphrases that are easy to type (for those times when you can't just copy and paste). And, if you ever do use #pass or another password manager, #passgen plays nicely and pipes it's output to standard-out (or lets you copy it)

https://passgen.codesections.com/

Fully #foss, of course.

</self_promotion>

@thor

I recently moved from KeePassXC to #pass (https://www.passwordstore.org/), and have been incredibly happy with it.

(Its simplicity was actually what inspired me to write #passgen, (https://passgen.codesections.com/) which plays nicely with pass—you can generate a passphrase with passgen and pipe it right into pass.
Of course, pass can generate its own passwords, but I wanted more flexibility)

@Jamest @greyone @ThatTupperKid

<blatant_FOSS_self_promotion> If you're changing to a better FOSS password manager, you might also be interested in the FOSS password generator that I wrote, #passgen. The hook with it is that it generates passphrases that are super secure & also easy to type when, for whatever reason, you can't paste from your password manager. https://passgen.codesections.com/</self_promotion>

Glad you're staying!

@gwmngilfen @timapple @mooshoe @nextcloud plug for #passgen, the command line tool I wrote that generates secure, easy-to-type passhrases. I wrote it for those times when you can't copy/paste from your password manager—with pen and paper, that's *every* time. So passgen seems like an especially good fit for your use case.

https://passgen.codesections.com

@[email protected] @[email protected]

Are you looking specifically for blogging *service* alternatives? Because blogs themselves are very easy to self-host, and there are a lot of good options. Off the top of my head:
* Netlify
* GitHub pages
* GitLab pages
* Neocities
* Wordpress.org

And the first few can all be combined with open-source static site generators (#gutenberg, #hugo, #jeckyll, #gatsby, etc.).

My own blog (https://www.codesections.com/blog) is an example of this stack (Gutenberg + Netlify)