From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_ZEN_BLOCKED_OPENDNS,URIBL_DBL_BLOCKED_OPENDNS, URIBL_ZEN_BLOCKED_OPENDNS autolearn=ham autolearn_force=no version=3.4.4 Received: from txout-a3-smtp.messagingengine.com (txout-a3-smtp.messagingengine.com [103.168.172.226]) by inbox.vuxu.org (Postfix) with ESMTP id B50B82B9F4 for ; Mon, 29 Dec 2025 16:39:38 +0100 (CET) Received: from localhost.localdomain (phl-topicbox-02.internal [10.202.2.220]) by mailtxout.phl.internal (Postfix) with ESMTP id 12E2D1C0153 for ; Mon, 29 Dec 2025 10:39:38 -0500 (EST) ARC-Authentication-Results: i=3; topicbox.com; arc=pass (as.1.mailchannels.net=pass, ams.1.mailchannels.net=pass) smtp.remote-ip=23.83.218.249; dkim=pass (2048-bit rsa key sha256) header.d=ecloud.org header.i=@ecloud.org header.b=O6sgLsRt header.a=rsa-sha256 header.s=dreamhost x-bits=2048; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=ecloud.org; spf=pass smtp.mailfrom=lists@ecloud.org smtp.helo=poodle.tulip.relay.mailchannels.net; x-internal-arc=fail (as.2.topicbox.com=pass, ams.2.topicbox.com=fail (message has been altered), as.1.mailchannels.net=pass, ams.1.mailchannels.net=fail (message has been altered)) (Message modified while forwarding at Topicbox) ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=from:content-type:content-transfer-encoding :mime-version:subject:date:references:to:in-reply-to:message-id :list-help:list-id:list-post:list-subscribe:reply-to :list-unsubscribe; s=sysmsg-1; t=1767022778; bh=i9w3w4VzrSmwxO2F hoJFd6ZTmIy+7myhC3BUJyWZ7eo=; b=dDTO0F5w5VFv51MxmrrlunvvZ5f1pM8Q v8F30HVpPYS9YlLvFpV5NxH+SRRc7NhHC9Cf+kKNuLyRW8ZefXCy0ZlCQe+FM0jW R9DlEFWNigtBlDjffaEAhcoD0WLNnhWG65lIdlL9JUqqkEyrRBHpPeLM1Cuj5aaF B+XH9AlnlVI= ARC-Seal: i=3; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t= 1767022778; b=qNWA9mlyaYIcSyHXHmRkU4Zhj5kgMx0OQ1t8Wn4ZqoppbNtvhc chU8JCwEpbfZgt+kLtTXEWR83JwnyqpKcy1tjn1a+zEtEifhcAe+Qxv0jO9LtQC/ iVGEPIfhl6q6sfWWX5f/+O3YD7dEok4QY4JmA+N6+rcGSwQkQBu8iPtc0= Authentication-Results: topicbox.com; arc=pass (as.1.mailchannels.net=pass, ams.1.mailchannels.net=pass) smtp.remote-ip=23.83.218.249; dkim=pass (2048-bit rsa key sha256) header.d=ecloud.org header.i=@ecloud.org header.b=O6sgLsRt header.a=rsa-sha256 header.s=dreamhost x-bits=2048; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=ecloud.org; spf=pass smtp.mailfrom=lists@ecloud.org smtp.helo=poodle.tulip.relay.mailchannels.net; x-internal-arc=fail (as.2.topicbox.com=pass, ams.2.topicbox.com=fail (message has been altered), as.1.mailchannels.net=pass, ams.1.mailchannels.net=fail (message has been altered)) (Message modified while forwarding at Topicbox) X-Received-Authentication-Results: authmilter.topicbox.com; arc=pass (as.1.mailchannels.net=pass, ams.1.mailchannels.net=pass) smtp.remote-ip=23.83.218.249; bimi=skipped (DMARC did not pass); dkim=pass (2048-bit rsa key sha256) header.d=ecloud.org header.i=@ecloud.org header.b=O6sgLsRt header.a=rsa-sha256 header.s=dreamhost x-bits=2048; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=ecloud.org; iprev=pass smtp.remote-ip=23.83.218.249 (poodle.tulip.relay.mailchannels.net); spf=pass smtp.mailfrom=lists@ecloud.org smtp.helo=poodle.tulip.relay.mailchannels.net; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=poodle.tulip.relay.mailchannels.net policy.ptr=poodle.tulip.relay.mailchannels.net; x-return-mx=pass header.domain=ecloud.org policy.is_org=yes (MX Records found: mx1.mailchannels.net,mx2.mailchannels.net); x-return-mx=pass smtp.domain=ecloud.org policy.is_org=yes (MX Records found: mx1.mailchannels.net,mx2.mailchannels.net); x-tls=pass smtp.version=TLSv1.3 smtp.cipher=TLS_AES_256_GCM_SHA384 smtp.bits=256/256; x-vs=scam score=300 state=102 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=from :content-type:content-transfer-encoding:mime-version:subject :date:references:to:in-reply-to:message-id:list-help:list-id :list-post:list-subscribe:reply-to:list-unsubscribe; s=dkim-1; t=1767022778; x=1767109178; bh=mtKMwpgVDToo2nRZk0DwwzrygV8EUA/E mBPATYdBgXk=; b=QUc/dTb0mvKBM61DHt/EarLwxY9egkkRxCYQH9nEmTT7sBTK o8si9MPzl5pqvLILcWgjYWvnYTAxTdfIlaKpX5hjLxZnu7Oi/utsMO5vuTIGehv7 PugaWMjybLRizkEx28w7mrQ+bdOr05Axc/vP3MT3Z3YicZ1dOwa9IHDRXdw= Received: from authmilter.topicbox.com (unknown [172.17.0.1]) by mx.topicbox.com (Postfix) with ESMTP id 65FEC4D86406 for <9fans@9fans.net>; Mon, 29 Dec 2025 10:33:07 -0500 (EST) Received: from mx.topicbox.com (172.17.0.1 [172.17.0.1]) by authmilter.topicbox.com (Authentication Milter) with ESMTP id C7A0599EC14; Mon, 29 Dec 2025 10:33:07 -0500 ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=arcseal; t= 1767022387; b=LjjStnqH9vXTDKydqWY4wLzyKjK/0hFVoLPHlCj4B5XTfIL9BI EXNkvtgQpK0NHbcfXbPJ5QUp5Of1Isca+qUDZOJdoPK9TAJyYVnZIsMlJo9zQXjl /Fzw1VAWaw4LQ/I8CLXI28J12hZJfIh2Zm/PnfoJzrJOfREdlaYLy705VlYhHEYy wrKNqLeCILLK+egV/r24V5w9PVX8/TNP2ExCex2efqX09XRYYA1NlW0yU/dck+e2 KdJQxIiWqxjJ42zsovjR0rBs2d6YdOsXX8qcaLoJDnYauPQ9AS9Zd0JWh2U0DI/d Hjz6laGEK+RFM0UnqF+bjU5+mUBdGsw+lHpw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=from:content-type:content-transfer-encoding :mime-version:subject:date:references:to:in-reply-to:message-id; s=arcseal; t=1767022387; bh=W9Cx/BDeFHf9v2kmJ1hf6KP0JkKg7I4ugh0 ocEiH+n4=; b=sIlR0xwt+axW2oKhL5DJ8i7DWiSw+gxyNiGk/s9XC1xSAVIBTOl 2Czo0axDa3gU9CK6Z5w7kCFaF520aTP7ieWl5ofCrkMupgoi3hWGY7q/jyNDtvsO 6FGxdr3BlmjvP+9BqN67wmvc0ZxfsHKtY3yXx35uAnvcuSv72l+WEJPIJo7QFans O00AdJUUsOE8vPFDyzBvolM6Wh75RgehRwFOhtfg3dRtroCt1KZRGlo5fjGoj8M/ 0RRRScrFLG8O1QAnLhkA4HG10j2Bl2oBOdhgC//kWSf87KJcRTgbnC+KpG9mX5eC 2vDea1f2C95vjPLWIheASBB3s9BDifQdwAQ== ARC-Authentication-Results: i=2; authmilter.topicbox.com; arc=pass (as.1.mailchannels.net=pass, ams.1.mailchannels.net=pass) smtp.remote-ip=23.83.218.249; bimi=skipped (DMARC did not pass); dkim=pass (2048-bit rsa key sha256) header.d=ecloud.org header.i=@ecloud.org header.b=O6sgLsRt header.a=rsa-sha256 header.s=dreamhost x-bits=2048; dmarc=none policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=ecloud.org; iprev=pass smtp.remote-ip=23.83.218.249 (poodle.tulip.relay.mailchannels.net); spf=pass smtp.mailfrom=lists@ecloud.org smtp.helo=poodle.tulip.relay.mailchannels.net; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=poodle.tulip.relay.mailchannels.net policy.ptr=poodle.tulip.relay.mailchannels.net; x-return-mx=pass header.domain=ecloud.org policy.is_org=yes (MX Records found: mx1.mailchannels.net,mx2.mailchannels.net); x-return-mx=pass smtp.domain=ecloud.org policy.is_org=yes (MX Records found: mx1.mailchannels.net,mx2.mailchannels.net); x-tls=pass smtp.version=TLSv1.3 smtp.cipher=TLS_AES_256_GCM_SHA384 smtp.bits=256/256; x-vs=scam score=300 state=102 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgdejjeehudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecuogfutggrmhdqueegtd ekqddtkedquefvveculdeftddtmdenucfjughrpefhtgfgggfuffhfvfgjkffosehtqhhm tdhhtdejnecuhfhrohhmpefuhhgrfihnucftuhhtlhgvughgvgcuoehlihhsthhssegvtg hlohhuugdrohhrgheqnecuggftrfgrthhtvghrnheptdelfeeljedvueetveevleduhefh keffleeffeefvdekgefghfefvdetfefgffeunecukfhppedvfedrkeefrddvudekrddvge elpdekhedrudeigedrkeekrdduvddtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr rghmpehinhgvthepvdefrdekfedrvddukedrvdegledphhgvlhhopehpohhoughlvgdrth hulhhiphdrrhgvlhgrhidrmhgrihhltghhrghnnhgvlhhsrdhnvghtpdhmrghilhhfrhho mhepoehlihhsthhssegvtghlohhuugdrohhrgheqpdhnsggprhgtphhtthhopedupdhrtg hpthhtohepoeelfhgrnhhsseelfhgrnhhsrdhnvghtqe X-ME-VSScore: 300 X-ME-VSCategory: scam Received-SPF: pass (ecloud.org: Sender is authorized to use 'lists@ecloud.org' in 'mfrom' identity (mechanism 'include:relay.mailchannels.net' matched)) receiver=authmilter.topicbox.com; identity=mailfrom; envelope-from="lists@ecloud.org"; helo=poodle.tulip.relay.mailchannels.net; client-ip=23.83.218.249 Received: from poodle.tulip.relay.mailchannels.net (poodle.tulip.relay.mailchannels.net [23.83.218.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Mon, 29 Dec 2025 10:33:06 -0500 (EST) X-Sender-Id: dreamhost|x-authsender|lists@ecloud.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 873C0221A23 for <9fans@9fans.net>; Mon, 29 Dec 2025 15:33:04 +0000 (UTC) Received: from pdx1-sub0-mail-a211.dreamhost.com (100-112-117-23.trex-nlb.outbound.svc.cluster.local [100.112.117.23]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id C1190220D54 for <9fans@9fans.net>; Mon, 29 Dec 2025 15:33:03 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; d=mailchannels.net; s=arc-2022; cv=none; t=1767022383; b=zRJ3hHJnV5O2wL+BuRn/SpTDKAs+U4UgYmimOg3TCAp9S7YMKXYS9Fr9fyMVrOagIILISP 1bfv7/5+i2beqxPdGaGNnKOjl18y3ZANycMXlOwGqFeNgEhgqo4XU0J2Zj9LVKMKurl2EX m6eOyQ5uPTdM0oagqzIFbaN4JzwnpMOyLm+hV5t99hqBPIo1crmPwz9bg980v63D7/yJ9h bxy0Ip6aaHPvx5wIbovv3SpKejzLaemOtBsoxoT1Yt61SjMnKfq8QtgOToxrPKNQNoNh3E TP2e/fSVHMiWV8oGhySLy+MjgiQCWr8/7j7wzMp/Lkv1vDKIluYG5Q+/csEGxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1767022383; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=W9Cx/BDeFHf9v2kmJ1hf6KP0JkKg7I4ugh0ocEiH+n4=; b=LqocrXL1CXqNsBA9wV4DQRhGJVKaR+CpEtojK56NGXit1BZk0FFp9a2JBnXVJ0CNEc6Wb5 Ydi3vyWsGs95zrlxNvXBdgEbCvszEfBDUe8IFzTC8i66X4QX7oHih/szX0249FcovF2ltE x76gBti84yl3WcRtnrlNUigf1bq6o3l/yqw9KIIMu0D64dWBVVRmWWn8Se5HfNXEfcScId Z3x+ZVk4qQ0Ymjp4yHWnMEOUJgxMPVMwcUdivQaZOk1s1szMYf6TG6WlnEVfnLvX2tfqvs 8R8QG2U81W+CrEXJNOP6vDvsmnK9ntXZ4UVoIyjzSxDVJLZSibuiAs0J3ZEIvw== ARC-Authentication-Results: i=1; rspamd-55cdcc6c54-r5v72; auth=pass smtp.auth=dreamhost smtp.mailfrom=lists@ecloud.org X-Sender-Id: dreamhost|x-authsender|lists@ecloud.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|lists@ecloud.org X-MailChannels-Auth-Id: dreamhost X-Attack-Slimy: 4a15e77f0cced700_1767022384326_2302856107 X-MC-Loop-Signature: 1767022384326:1731434444 X-MC-Ingress-Time: 1767022384326 Received: from pdx1-sub0-mail-a211.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.112.117.23 (trex/7.1.3); Mon, 29 Dec 2025 15:33:04 +0000 Received: from smtpclient.apple (ti0007a400-2414.bb.online.no [85.164.88.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: lists@ecloud.org) by pdx1-sub0-mail-a211.dreamhost.com (Postfix) with ESMTPSA id 4dg0bg2D0Bz3G for <9fans@9fans.net>; Mon, 29 Dec 2025 07:33:03 -0800 (PST) From: Shawn Rutledge Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.200.81.1.6\)) Subject: Re: [9fans] Solo factotum (was: Enterable namespaces: /proc/pid/$ns/srv) Date: Mon, 29 Dec 2025 16:32:50 +0100 References: <760adea1-7ed3-4c91-a320-8e54267cb01c@app.fastmail.com> To: 9fans <9fans@9fans.net> In-Reply-To: <760adea1-7ed3-4c91-a320-8e54267cb01c@app.fastmail.com> Message-Id: X-Mailer: Apple Mail (2.3864.200.81.1.6) Topicbox-Policy-Reasoning: moderate: identified as scam by VadeSecure Topicbox-Message-UUID: ad2b47ce-e4cb-11f0-a464-ade96bc11ef0 Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?= =?UTF-8?B?ZmFucy9UOTY5YzM4MWRjZDljNzYwZC1NYzgzODYxZWIxNjFhNGU5OGMzZmJi?= =?UTF-8?B?NTE1Pg==?= List-Help: List-Id: "9fans" <9fans.9fans.net> List-Post: List-Software: Topicbox v0 List-Subscribe: Precedence: list Reply-To: 9fans <9fans@9fans.net> List-Unsubscribe: , Topicbox-Delivery-ID: 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mc83861eb161a4e98c3fbb515:1:qKDWbEkVLGve8sg48rxVJBiSPdr06y1q-xzREJWtJQg > On Dec 29, 2025, at 11:57, David Arroyo wrote: >=20 > On Sun, Dec 14, 2025, at 07:43, sirjofri wrote: >> More ideally, but also offtopic, I's like to have a factotum usb drive,= =20 >> where the secrets never leave the usb device. It would talk 9p directly >> over the serial bus. >=20 > I think this is a great idea; an HSM-like device with an interface that > doesn't suck. After some discussion about this idea on IRC, I want to > try and implement it. I purchased the "security" variant of this family > of microcontrollers: This sounds like a great idea. But personally I would like to have a porta= ble solution: something that works on all OSes. I currently use a yubikey = to store an ED25519 private key that I can use for ssh (thus also git) and = gpg (thus also =E2=80=9Cpass=E2=80=9D, which uses gpg to store passwords) o= n every OS except 9. And it does the FIDO stuff too. So I wish yubikeys c= ould be supported with factotum somehow too. I=E2=80=99m not quite sure wh= at that would entail in practice; but it is a device that stores secrets th= at they promise can't be extracted from it. Bitcoin wallet devices can be used this way too, but they tend to be bulkie= r and less robust. ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/T969c381dcd9c760d-Mc8386= 1eb161a4e98c3fbb515 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription