The Doctor

They remember what happened when they migrated Hotmail to Microsoft Exchange.

That’s pretty well answered here: http://vger.kernel.org/lkml/#s15-3

Ew.

Huge pain in the ass to set up, but from the user’s end of things it was pretty easy to do.

Some years ago, I had a client with a really fucked up set of requirements:

• Must run Gentoo Linux. (No, I don’t know why. But it was written into the project specs and everybody who had to sign off did.)
• Must use LUKS for FDE.
• Login (loosely interpreted as “booting up”) must have MFA.

This was during the days when booting into a LUKS encrypted Gentoo install involved copy-and-pasting a shell script out of the Gentoo wiki and adding it to the initrd. I want to say late 2006 or early 2007.

I remember creating a /boot partition, a tiny little LUKS partition (512 megs, at most) after it, and the rest of the drive was the LUKS encrypted root partition. The encrypted root partition had a randomly generated keyfile as its unlocker; it was symmetrically encrypted using gnupg and a passphrase before being stored in the tiny partition. The tiny partition had a passphrase to unlock it. gnupg was in the initrd. I think the workflow went something like this:

• System boots up.
• Script in the initrd prompted the user for the passphrase for the tiny LUKS partition. (first authentication step)
• User entered passphrase.
• Script in the initrd unlocked the tiny partition and prompted the user for the passphrase to decrypt the root partition’s keyfile stored therein.
• User entered the symmetric passphrase for keyfile. (second authentication step_
• Script used the passphrase to decrypt the keyfile to stdout, piped into an evocation of cryptsetup to unlock the root partition.
• /dev/mapper/root mounted, /boot mounted, boot process continued.
• User logged into the box.

I don’t miss those days.

Syncthing could do it.

It would probably be more reliable to partition and format the new drive manually and use rsync to copy everything over. Updating /etc/fstab with the new UUIDs isn’t a big deal (though you can also manually specify the partition UUIDs at time of format - mkfs.btrfs --uuid ...) (you didn’t say what file system your /boot partition was using, so I don’t want to guess).

I was starting college (comp.sci, natch) and a hard req for the program was “Your own personal computer, with an Ethernet card and an OS that had a TCP/IP stack for remotely accessing classwork.” I didn’t have a great deal of money (most of it was tied up in tuition and housing) and ethernet cards were expensive (I think I paid $140us for it at the time). I couldn’t afford Windows and didn’t have a warez hookup for '95. A BBS I used to call had Slackware disk images for download.

The rest, as they say, is history.

Chromebooks? Built like tanks?

Maybe if you folded origami tanks and spritzed them with water. They’re cheap, they’re cheaply made, and they’re made to be e-waste.

Thank you for posting this, I’ll give it a try tonight.

I don’t ‘love’ to ‘hate’ Oracle. For much of my career it seems like they’ve gone out of their way to make things more difficult than they need to be. If I had to calculate how much time fighting with their projects cost me (compared to everything else), they’d be at the head of the list (with one more zero at the left of the decimal point than Microsoft).

I didn’t mean the license. I meant, it was a “fuck you” from Oracle.

The Steam Deck uses btrfs on its internal storage.

• https://www.svenknebel.de/posts/2022/5/2/
• https://blog.setale.me/2022/06/27/Steam-Deck-and-Overlay-FS/

…and that’s why Oracle fucked up the licensing on it. We are not allowed to have nice things.

So would I. I’m really curious about how well it works.

Servers - btrfs. Fewer layers of abstraction, easier to manipulate.

Laptops - ext4. I don’t do anything weird with the onboard storage, plus it supports fscrypt.

Flash drives - exFAT. I usually need to access them on multiple platforms and exFAT is about as cross-platform as VFAT (but supports bigger files).

You’d be surprised.

I’m not sure if that’ll be good or bad.

I had intended that the dates on the edits would have suggested otherwise (the last was 20230422), but I also get how easy it is to miss them if you’re looking for something specific. I can’t change the publication datestamp because that’s part of the slug, and it would break links both internal and any that are external.

That’s entirely fair.