The Hermit Project - Part 5

I couldn’t believe I could write a script that ran on the first attempt. note has been almost perfect since the beginning. I’ve just enriched it with some error handling. And I’m so proud that I finally have an end-to-end journal encryption.

However, there’s something that upsets me. I said that I didn’t want notification on Hermit, but not knowing the battery status was quite inconvenient. Did you remember that the note script decrypts the file in /tmp? The issue is that if I don’t take extra care and run out of juice while writing my journal, that journal is lost. It happened a couple of times, with a decent degree of frustration. Yeah, I am a lady, but I am a sysadmin first, so swearing like a sailor is part of the package. Unless I modify nano (which I won’t!), there is no way that you can save the encrypted content of a file while editing it.

I wanted to have at least the notion of the status of the battery in the bottom of the screen. I initially thought about creating my own status bar with GO and something like Bubble Tea, so that I would learn a new language. But … honestly? I’m too lazy for this sh*t! :) I remember a friend (the same as FreeBSD) heavily relying on tmux. So I investigated a bit, and I found out there is a battery plugin!! And tmux’s status bar can be customised with anything I wanted! So, I managed to have battery information and local time on the right, while on the left, I have the encrypted file name while editing the file. Plus, I added a retro feeling by keeping the default black on green. So much vt100 or 3270 :)

tmux battery information tmux filename information

It’s almost the perfect setup for me. But something was missing. Remember when Nina’s words resonated with me in part 2? Well, I decided to install a couple of additional programs on Hermit. The first is DBU, which I’ve introduced in part 3, along with some mini-utilities written in Clipper/Harbour. But the real deal is Spreadsheet Calculator Improvised, aka sc-im, a ncurse based spreadsheet that can open Excel and CSV files too!! I was surprised it was packaged in FreeBSD. It’s like having back Lotus 1-2-3!!! I can even open my flight log that, for the record, I keep in a spreadsheet. And, icing on the cake, also the command line browser elinks … just in case I want to browse some internal website or a text-only friendly website … like mine for example (yes, renders on elinks!)

I have most of my basic productivity suite on Hermit, without needing extras, and I can save everything on git too! I’m an (almost) happy girl now. I can do everything I need with sporadic connectivity. I know it sounds like the ’90s or early y2k, where we used modems to sync data once in a while. But not being online all the time gives me a bit of the peace of mind I so much needed. And honestly, I feel I’m more productive. I always hated chats. And multiple monitors. My brain is an old CPU: I need to do just one thing. I can’t understand how a friend of mine can handle 4 monitors at the same time. I could never do it. I may be ready for a few months in the mountain cabin I am dreaming of.

Just one more thing. Since I started the project, OpenSSH has released a native version that supports Fido/U2F authentication without additional agents or weird configurations. I successfully tried that on Linux first. However, I was surprised that the same version was also available on FreeBSD. So I tried it and … it worked on the first attempt!!!

yubikey working on freebsd

Why is it even important? Because I can keep my ssh key on my Yubi, in a separate physical location of my laptop, without the need to keep cryptographical material on it. That means accessing my git, but also (hopefully in future) having age supporting that. Laptop theft is a thing (unfortunately!), especially if you travel as much as I do. Or it could potentially be seized by the border authorities. I’ve seen that happen. And, even if I don’t have state secrets or super-valuable corporate espionage material, I do care about my privacy. ZFS encryption gives reasonable privacy for casual theft or hackers. But I don’t think it would be enough for seriously motivated actors. I’ve been around security too long to know about it. Probably, I would never be 100% protected, but I want to give them as much headache as possible ;-)

So, what’s next? Watch for the next episode of “Tara and her Hermit Project”.

[Part 4] | [Part 6]