spoelstraethan

Why oh why

I want to develop some scripts for things like Chrx, Chromebrew, MrChromebox scripts etc and I don't want to register a new SSH key to my account every time I need to powerwash or use recovery on one of my Chromebooks because I messed it up. I already use my Yubikey for GPG/FIDO/U2F/SSH on all the other systems I develop on, and I only needed the SSH portion to work for this particular use case. I also didn't want to deal with using Crouton or Crostini since that requires additional downloads and more configuration and complexity.

Challenges

Since the Crosh userland doesn't have scdaemon or pcscd for talking to the smart card, I had to come up with another way to access the Yubikey and make the SSH key available. I ended up trying a few different things to make it work, but overall the solution ended up being brilliantly straightforward. Originally I tried using Chromebrew to install one of the smartcard access/manager packages, but the dependency chain ended up pulling in Gnome keyring and a

TODO: fillout with more details

https://wiki.archlinux.org/title/fprint

https://www.reddit.com/r/linuxquestions/comments/keyi6x/problem_with_configuring_fprintd_in_arch_linux/

https://1password.community/discussion/134901/keyring-not-implemented-error-crostini-under-chromeos

In an elevated Powershell

Get-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Lxss" -Name "NatNetwork"

This prints the current network in CIDR, the /20 is WAY too many hosts for what almost anybody might need.

Set-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Lxss" -Name "NatNetwork" -Value "172.17.128.0/24"

Compilation of notes from Reddit and repos involved

This started from a conversation in a thread and picking up a cheap single cable HMD to watch videos or play games rather than doing full VR.

https://www.reddit.com/r/openhmd/comments/tu5s8y/comment/imcl77s/?utm_source=share&utm_medium=web2x&context=3

echo -en "\x03\x0CVR App Start" | sudo tee -a /dev/hidraw4

i3 fixes

sudo apt install i3 rofi
sed -i -e 's/47/48/' -e 's/pango://' /etc/i3/config.keycodes /etc/i3/config
# even with the pango: removed from the config the wizard uses it and fails to show up properly on first login
i3-config-wizard -m alt

Battery device for i3status

I was having some trouble with libvirt on a Chromebook that supports /dev/kvm passthrough after installing virt-manager and the other packages and what finally fixed it was using sudo apt update && sudo apt upgrade -y and upgrading to Debian Buster 10.3 (I was on 10.2) and then sudo gpasswd -a $USER libvirt and sudo gpasswd -a $USER kvm and then quitting my shell and logging out and then when I logged back in I ensured that I was in the right groups by running id. It turns out that for some reason the kvm group doesn't stick, but running sudo gpasswd -a $USER kvm; newgrp kvm gives you a shell where you can run qemu-system-x86_64 and then I didn't have any further warnings or permissions issues from virt-host-validate. sudo apt install cpu-checker also let me run sudo kvm-ok to validate that the system was KVM ready.

	#!/bin/zsh
	# HoloISO Installer v2
	# This defines all of the current variables.
	CMD_PACMAN_INSTALL=(/usr/bin/pacman --noconfirm -S --needed --disable-download-timeout --overwrite="*")
	CMD_PACMAN_UPDATE=(/usr/bin/pacman -Sy)
	CPU_VENDOR=$(cat /proc/cpuinfo \| grep 'vendor' \| uniq \| cut -c 13-)
	SYSTEM_LOCALE="${SYSTEM_LOCALE:-en_US.UTF-8 UTF-8}"
	HOLO_INSTALL_DIR="${HOLO_INSTALL_DIR:-/mnt}"

	# Internet connectivity check

	# Download your recovery from https://cros-updates-serving.appspot.com
	# Ctrl+Shift+T or open a Crosh Window and type `shell`
	# Without arguments `cd` takes you to your $HOME directory
	cd
	#
	cd Downloads/
	ls
	# Create a temporary directory and capture the name to a variable so we can reuse
	MOUNTZIP=$(mktemp -d -p /tmp -t XXXXXX)
	fuse-zip chromeos_*.bin.zip $MOUNTZIP