Yesterday my Windows 10 VM I run on my Macbook took forever to install updates.
Then at some point my macbook (yes the complete macbook) went blank / off without any warning. As the laptop usually warns of low battery charge, I suspect I hit some kinda bug.
This morning when trying to recover, the Macbook itself was fine, but my Windows 10 VM gave me screen I rarely get to see these days. Luckily I have a backup copy of the VM which I will try to update today.
FYI : I’m running High Sierra with VMWare Fusion Professional Version 8.5.8 (5824040)
Update: after restoring the VM and running the update again, it worked fine. Strange 😉
The install took 50 minutes and two reboots two days ago. All seems fine.
Also, did a clean install on another laptop and apparently enabling disk encryption during initial setup has been the default for some time. It was a new one for me. But then I rarely do clean MacOS installs. Mostly upgrades or Time Machine recoveries.
Looking for alternate or additional protection for my Keepass databases, I stumbled upon a fork of KeepassX that actually has some nice new features. One of those is the ability to use a yubikey as the key or as an additional key to the password database.
The fork KeepassXC released a version with yubikey support last june. Apparently the windows version Keepass2 has had time support for some time.
Trying a sample database with the default OTP configuration of my yubikey worked just fine, but it did raise the question what would happen if my yubikey would get lost or otherwise unusable. An unacceptable risk of locking yourself out of your password database. Thankfully this was already adressed, but it requires some extra work.
The yubikey has two configuration slots, where the second slot is unused by default. By getting a second yubikey and using the Yubikey Personalisation Tool, you can set up two yubikeys with the same secret for HMAC-SHA1 Challenge Response Mode in the second configuration slot. The yubico website has a pretty clear configuration guide in PDF to on ‘How to Configure Identical Credentials in Challenge – Response‘.
After that, it is just a matter of creating a new password database that requires the Yubikey challenge (maybe combined with a password you still type). That, or reconfigure existing databases to start using the yubikey by adding it in change main key option.
As the feature is still somewhat new, I’m considering keeping a password protected version of my database offline, while protecting the one I use on a daily basis with the additional yubikey protection.
Some time ago I bought a couple of Yubikeys, but actually start using them ended up on the todo list.
But now I can easily unlock and lock my apple laptop with my yubi key. Unlocking is just done using the standard pam module and the configuration described at the yubikey website.
But getting my screen locked when I unplug the device needed some extra deamon. There is an option to lock the laptop when you unplug the yubikey in the advanced security preferences, but it did not do anything for me
I found a small project at https://github.com/shtirlic/yubikeylockd.git dealing with just that. So now running this small daemon, my screen is locked as soon as I unplug the key.
Once every blue moon I try some sort of Linux as the native operating system on my laptop. As I tend to have a recent laptop, this usually ends as a short experiment where I find out one or two devices just will not work.
As my wife moved to my previous laptop when I bought my current laptop, we had her old laptop more or less as a spare / for the kids. After about half a year I noticed the laptop had rarely been touched by said kids and I figured it was too good a machine to waste. So it was either selling it off or re-purposing it.
Re-purposing as a small / lightweight spare for myself sounded great. At first I set it up using MacOS, but soon I found myself installing Windows 10 and Ubuntu 16.04 as multiboot to toy around with.
This is by far the Best Ubuntu experience I ever had on a macbook, or any other laptop. It worked so well in the first couple of days, that I wiped everything from the machine to install Ubuntu exclusively on it.
Sound, wifi, graphics, hot plugging monitors, VPN, all with zero or really minimal fuss. Nice, fast, reliably. Really, I am impressed.
And the machine is from late 2013 / early 2014. But the performance of this thing is still pretty amazing.
Apparently the camera does not work, but I did not check as I have a Bits of Freedom sticker covering it up. Also the media controls on my apple earbuds do not work in Ubuntu apparently blocked by some Apple patent.
Batterylife is supposed to be a lot worse compared to MacOS. But I haven’t been bothered by it yet.
Thank you Ubuntu devs 🙂 #donationtime
The experience with my MacBook Pro late 2016 have been mostly positive. There is an annoying thing going on with third party apps, including Firefox and KeepassX, crashing. The crashes always report themselves when I unlock my laptop. So I suspect it occurs during sleep or wake of the laptop.
It only happens to non-native third party applications it seems, so my hunch is that is somehow related with GUI libraries in combination with the new graphics chip/driver.
I sent off crash reports to both Apple and Mozilla. Will send a report the the KeepassX developers too today.
For now I will run these applications in an Ubuntu VM.
Small update : the list also includes VLC media player.
Update 24-jan-2017: The latest release of MacOS (10.12.3) seems to have fixed the issue. Make the Mac Great Again!