data1701d

In my case, no; it’s all a single machine - it is in the initramfs and uses the system’s TPM to (relatively) securely store the keys.

It can be set up with an attestation server, but you certainly don’t have to do it. The Arch wiki has a really good article on getting it set up.

I use Clevis to auto-unlock my encrypted root partition with my TPM; this means when my boot partition is updated (E.G a kernel update), I have to update the PCR register values in my TPM. I do it with my little script /usr/bin/update_pcr:

#!/bin/bash
clevis luks regen -d /dev/nvme1n1p3 -s 1 tpm2

I run it with sudo and this handles it for me. The only issue is I can't regenerate the binding immediately after the update; I have to reboot, manually enter my password to decrypt the drive, and then do it.

Now, if I were really fancy and could get it to correctly update the TPM binding immediately after the update, I would have something like an apt package shim with a hook that does it seamlessly. Honestly, I'm surprised that distributions haven't developed robust support for this; the technology is clearly available (I'm using it), but no one seems to have made a user-friendly way for the common user to have TPM encryption in the installer.

Haven't purchased it yet. I need to read it, but I've had a difficult time tracking down issue 30 in comic book stores - I got behind and have everything else in the other spin off series.

No! Why did you make me aware of this one?! Now I have to acquire it!

Honestly, this might be the best one they’ve ever made; before, I was quite partial to the Janeway one, which I gifted to my mother.

Depends. SNW retconned it and said the Temporal Cold War pushed it up.

I’m pretty sure by default, virtual networks are not enabled automatically if you’re not using virt-manager GUI.

To make it run automatically, run the following: virsh net-autostart default

If it’s not that, just to make it easier to find information, what’s your host distro? I’m guessing by mention of Kickstart files that it’s something Red Hat related, possibly Rocky 9 based on your choice of guest.

The bridge crew of the Dauntless/Voyager A would like a word.

(Just pretend Ascensia’s not there)

Weird. It must be that my taste is very indie/alternative. You can always also check if the artist has their own shop.

That’s how Jonathan Coulton does it. They Might Be Giants does it as well (in addition to a Bandcamp), but most of their stuff from 1990-1996 is stuck on their former label, so they can’t sell DRM-free audio, only vinyl and/or cassette.

I got midway through season 4 of Disco, though I plan on finishing eventually. I think season 3 had its ups and downs, but the setting it introduced could have been really interesting. I was just underwhelmed by what they were doing in season 4 instead of the natural plot threads the 32nd century opened.

I agree on SNW, and LD and PRO have earned a special place in my heart.

Let’s transporter clone, Genesis planet, Black Mountain etcetera George Samuel so he can live past 2267.

Though typically partially bleeped, but yes.

Do you have FluidSynth installed? I had similar issues recently - I just have a script that restarts pipewire automatically on login.