February 10 2025 tailscale, gocryptfs, ‘Le potato’, Orange Pi, U-Boot, x86-64 levels

BradLUG (Bradford GNU/Linux Users Group) A self-help group for GNU/Linux, Open Source and Free Software users in and around the Bradford District, West Yorkshire

Home About Meetings FOSS

February 10 2025 tailscale, gocryptfs, ‘Le potato’, Orange Pi, U-Boot, x86-64 levels

John R Hudson

Posted on February 12, 2025

( 4 minute read )

Steve gave a presentation on tailscale comprising a summary and a demonstration. Tailscale provides an overlay network for WireGuard which is tricky to configure and use. Tailscale creates Tailnet, a virtual/overlay network of hosts, with a coordination server through which to register clients. It provides NAT traversal and can set up a relay if that is not possible. Security is provided by asymmetric keys with public keys being shared by all clients.

Steve demonstrated his tailnet which has five clients, each with an IP4 address in the 100 range reserved for carrier grade NAT. He then demonstrated connecting to a server not on the tailnet via relay before adding it to the tailnet when it acquired an IP4 address in the 100 range.

Bernie presented an introduction to gocryptfs, a file-based encryption system written in Go that is implemented as a mountable FUSE filesystem. In order to encrypt files, you create a folder which will hold the encrypted files with:

gocryptfs -init <secretdirectory>

which prompts for a password from which the master key is created. You can then mount that directory with

gocryptfs <secretdirectory> <mountpoint>

You can then put any files you like into <secretdirectory>. When you unmount the directory, all the files in it are encrypted.

Reverse mode shows you an encrypted view of a plaintext directory.

The password is stored in the config file and can theoretically be broken by a brute force attack; it can be stored elsewhere but it is probably preferable to use a strong password in the first place.

It was noted that LUKS and Veracrypt encrypt devices rather than files.

David showed Klipper and the extension he had created for it. He has to run Klipper to enable it to calculate the x and y inertia when nothing is being printed before using it when 3D printing something.

Multicoloured connecting wires alongside Klipper unit — *Klipper and extension*

David displayed the Raspberry Pi 3, the Libre Computer Board AML-S905X-CC, otherwise known as ‘Le potato’, which Brian had recommended in December 2022, and the Orange Pi 4 LTS which he had bought in June 2023. At the time, neither ‘Le potato’ nor the Orange Pi worked; now they both do.

From top to bottom a Raspberry Pi, ‘Le potato’ and Orange Pi — *Raspberry Pi, ‘Le potato’ and Orange Pi*

David also reported that he had found that you cannot revert to an earlier version of U-Boot.

John mentioned the decision of some distributions and some programmers to cease support for the earliest x86-64 chips as defined by their Microarchitecture levels. Henrik Bengtsson has written a script which returns the level of the CPU in use. Level 1 chips, generally those more than 15 years old, will no longer be supported.

Past Meetings