IoT, Code, Security, Server Stuff etc

Views are my own and not my employer's.

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

View all of my posts.

OSX

Yubico YubiKey 5Ci with USB-C and Lightning connector for mobile devices

by

I am a big fan of the Yubico YubiKeys. I have a couple of YubiKey 4 NEO NFC devices. This post will show the Yubico YubiKey 5Ci 

Here are my older posts on the YubiKey 4 NEO’s

Yubico YubiKeys

My YubiKey NEO’s have been set up on sites with ether “Insert and Press” (FIDO U2F) or Insert and copy 6 digit OTP code’s (that is valid for 30 seconds).

When a site requires an OTP code I can insert the key and run the YubiKey Authenticator software on iOS, Android, Mac or Windows (and enter an optional password) where I can see all my defined website OTP’s

YubiKey Authentication image

I have enabled YubiKey “Insert and Pressand or time-based OAUTH-HOTP protections to as many logins as I can (PayPal, GMail, Google GSuite, DropBox, My Servers (SSH), WordPress, Forums etc).

I use the NFC on the YubiKey NEO to login to my NFC printer at work.

YubiKey 4 NEO NFC

OTP or TOTP and FIDO U2F or Insert and Press

I am not going to not bore you to death with technical details here and I will refer to TOTP as OTP and FIDO U2F (FIDO Universal 2nd Factor) as “Insert and Press”.

Insert and Press is easier to explain than FIDO Universal 2nd Factor.

You can read about each here:

Find sites that use 2FA

https://twofactorauth.org/ allows you to find sites that use (or do not use) 2FA.

https://twofactorauth.org/ main page

You can search for a site (e.g “play”) and see if the matching sites have 2FA enabled to protect logins.

My Google Play, PlayStation and Ubisoft UPlay accounts are protected with 2FA.

I searched for "Play"

You can also view categories and see what websites and services are up to date. This can be handy if you are looking for a product or service (choose the most secure IMHO).

https://twofactorauth.org/#backup

I would recommend you contact website’s that use that does not support 2FA and tell them. If they drag their feet supporting 2FA, I’d leave them.

My NFC Issue

I recently purchased a Flip Wallet/Phone Case with a magnetic back (so I can remove the phone from the wallet), but the magnets cause issue reading NFC on various devices including the YubiKey.

My phone has a poor NFC range at best and my YubiKey NEO cannot be read with my new phone case on.  I’ll admit I don’t use NFC anymore on my phone.

Huawei Mate 20 Pro phone c ase

Enter the YubiKey 5Ci (with USB-C and Lightning adapter)

Yubico has a YubiKey 5Ci that has a USB-C and Lightning connector for phones and tablets. My phone has a USB C connector and this would work well instead of NFC.  

You can buy a YubiKey 5Ci direct here for $70 USD. 

YubiKey also make 5CI with transparent plastic

If you are Down Under like me you can order from here https://shop.mi-token.com/#!/public-catalogue  and pay in AUD.

YubiKey 5Ci Specifications

USB Type
USB-C, Lightning

NFC-enabled
No

Authentication Methods
Passwordless, Strong Two Factor, Strong Multi-Factor

Productivity & Communication
Google Account, Microsoft account, Salesforce.com | Emerging support for Lightning connector

Password Managers
1Password, Dashlane Premium, Keeper®, LastPass Premium | Emerging support for Lightning connector

Cloud Storage
Dropbox, Google Drive, OneDrive | Emerging support for Lightning connector

Social
Facebook, Twitter, YouTube | Emerging support for Lightning connector

Design & Durability
No Batteries Required, No Moving Parts

Function
WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F), Smart card (PIV-compatible), Yubico OTP, OATH – HOTP (Event), OATH – TOTP (Time), Open PGP, Secure Static Password

Certifications
FIDO 2 Certified, FIDO Universal 2nd Factor (U2F) Certified

Cryptographic Specifications
RSA 2048, RSA 4096 (PGP), ECC p256, ECC p384

Device Type
FIDO HID Device, CCID Smart Card, HID Keyboard

Manufacturing
Made in USA and Sweden

My YubiKey 5Ci

My YubiKey 5Ci arrived in a small but strong package. Wow this is small.

YubiKey 5Ci Package

The back of the 5Ci packaging has clear instructions.

YubiKey Rear Packaging

I removed the YubiKey 5Ci from the packaging.

A lightning plug is on the left and a USB-C plug on the right. In the middle is a contact to allow activation.

YubiKey 5Ci, Lightning plug on one end and a USB-C plug on the other end

The YubiKey 5Ci is tiny. It is about 4c long with a hole in the middle to allow me to place it on a key chain.

It is about as wide as 2.5 keyboard keys

I do not use iPhone’s or iPad’s but my wife and child do so the lightning plug may come in handy.

Lightning plug close up

The USB plug however will be using on my Android phone and will replace my NFC on My YubiKey 4 NEO when I transfer connected websites over.

USB-C plug up close

I can see two metal contact points on each side of the YubiKey 5Ci that I can press and activate when in Insert and Press mode

Metal contacts on each side of the 5Ci

Insert and Press or Enter OTP Code

What is the difference between 5Ci and Insert and Press when logging into sites?

Google will prompt me to insert my YubiKey and press the bottom to log in.

Googole Insert and Press

My Nextcloud install will prompt for a OTP code (to obtain this I need to Insert my YubiKey and obtain the OTP code)

WordPress requires my YubiKey’s to be presented at login

Wordpress Enter Security Key

I set up my cloud serves to prompt me for a OTP when I log in via SSH. I use MobaXTerm to connect to my servers.

Enter a OTP for the shell

I need to enter an OTP twice as two connections to the server are created (one for the shell and one for the directory listing)

Enter OTP for file the shell

YubiKey 4 NEO v YubiKey 5Ci

Here is a picture comparing my YubiKey NEO and the 5Ci

The 5Ci is thinner and shorter than the NEO

YubiKey Neo 4 NFC and a YubiKey 5Ci

YubiKey Size compared

My YubiKey 4 NEO has been used a few thousand times, but it wont plug into my Mobile Phone.

USB Plug

YubiKey 5Ci (USB C) plugged into an Android Phone

I can easily plug the YubiKey 5Ci can plug into my Android Phone (USB C Plug)

My YubiKey Authenticator automatically opens after I insert my YubiKey.

I can access OTP codes in seconds.

USB C Plus and YubiCo Authenticator

Android 10 asked me if the app Yubico Authenticator can access the USB device.

The Yubico Authenticator can be downloaded for Android here

Open YubiKey Authenticator on YubiKey Insert

YubiKey 5Ci (Thunderbolt) plugged into an Apple iPhone

When I insert the YubiKey 5Ci into my wife’s iPhone I can use the key on the iOS version of the authenticator app (download here)

5Ci inserted into an iPhone

I am prompted to enter the password I have set on the key (nice)

Enter password

YubiKey 5Ci (USB C) plugged into a PC

I have a USB C port on the back of my PC

Some PC’s have USB C on the front of the PC.

Front USB C port

USB to USB Adapter

I purchased an inexpensive USB C to USB adapter to allow me to insert the USB C plug of the YubiKey to the front of my PC

USB C to USB adapter
USB C to USB adapter

Now I can use the YubiKey 5Ci anywhere.

YubiKey 5Ci Conclusion

I love YubiKeys and 2FA of any kind and I have a key chain with my YubiKey 4 NEO (the backup key stay’s somewhere else) and my 5Ci.

I also carry 2x USB backups (encrypted) and a Tile tracking token.

My Keychain

Pros

  • Works flawlessly with OTP (HOTP)
  • Works flawlessly with Insert and Touch (FIDO U2F)
  • Works well on iOS, Android, Windows, Mac and Linux.

Cons

  • Black shows dust very well, It would be nice to have them in more colours?

Adding hardware-based 2FA is a long journey but a journey that I don’t regret taking one big.  Have a look at https://haveibeenpwned.com/ if you are unsure if this should be your journey.  Also, check out the weekly Security Now Podcast for all the news on weekly hacks and security vulnerabilities.

Use the Yubico Quiz to find out what YubiKey us best for you.

https://www.yubico.com/quiz/

Troubleshooting

N/A

v1.0 Initial Version

Is OSX Mojave on a 2014 MacBook Pro slower or faster than High Sierra

by

This is a quick post to see if OSX Mojave runs slower on a Mid 2014 Mac Book Pro than High Sierra

Aside

If you have not read my previous posts I have now moved my blog to the awesome UpCloud host (signup using this link to get $25 free UpCloud VM credit). I compared Digital Ocean, Vultr and UpCloud Disk IO here and UpCloud came out on top by a long way (read the blog post here). Here is my blog post on moving from Vultr to UpCloud.

Buy a domain name here

Domain names for just 88 cents!

Now on with the post.

New Mac Operating System (Mojave)

I have always been hesitant before upgrading to a new Apple operating system (or performance-impacting patch).

My Mid-2012 Macbook will not be able to install the next 2019 operating system (as it is now considered too old).

MacBook Thermal Cooling

My MacBook is already running at the limit of the stock thermal cooler (read more here). I replaced the thermal paste on my Mid-2012 Mac Book to help lower thermal temps. I often run fans at 100% with TG Pro.

Stock MacBook thermal paste (needs replacing).

Stock Paste

OSX Mojave

What’s new in OSX Mojave: https://help.apple.com/macOS/mojave/whats-new/

  • Dark Mode
  • Folder Stacks
  • Finder Enhancements
  • Quick Look Enhancements
  • New Screen gran
  • iOS to Mac camera.
  • New News App
  • Stocks App
  • Voice Memos
  • Home Control
  • Better Safari Privacy and Security
  • New Mac App Store
  • Take the tour

I currently have High Sierra Installed.

High Sierra About Screen

High Sierra – Black Magic Disk Speed Test 3.1 Speed Test Results

Write:  340.5 MB/s

Read:  348.1 MB/s

Hig Sierra Disk Benchmark

High Sierra – Novabench 4.01 Benchmark Scores

GPU: 0 (known issue)

RAM: 136

GPU: 243

DISK: 57

High Sierra Nova Bench

Downloading Mojave

Mojave is available for download in the App Store.

Download Mojave

Instaling Mojave

A quick wizard and Mojave in ready to install.

Download Mojave

Installation took about 2 hours to install over High Sierra.

OSX Mojave About Screen

Mojave Dark Mode

Dark mode is certainly very pretty, all stock apps on OSX are not optionally available in dark colour themes.

OSX Mojave dark mode

Mojave – Black Magic Disk Speed Test 3.1 Speed Test Results

Write:  348.5 MB/s (8MB/s faster than High Sierra)

Read:  348.1 MB/s (27.1MB/s faster than High Sierra)

Nice

FYI, The first 2 days of Mojave did seem a bit sower but this may because of background indexing.

My home MacBook has a 512GB Apple SSD hard drive. I recently upgraded to Mojave on a 2014 27 iMac that had a Hybrid SSD (128GB SSD + 1TB drive) and it runs really slowly.

High Sierra – Novabench 4.01 Benchmark Scores

GPU: 0 (known issue)

RAM: 136 (same as High Sierra)

GPU:251 (8 higher than High Sierra)

DISK: 57 (same as High Sierra)

Nova Bench on Mojave

Reboot Time in seconds (time taken to reboot and log back into an interactive desktop)

WOW: Reboot average times were 212 seconds in High Sierra but only 124 seconds in Mojave, that’s an 88-second improvement.

Mojave faster reboots

That totally made upgrading to Mojave worth it.

Screen Capture and save speed

Often I screenshot the desktop (or apps), Below is a time in seconds to capture the desktop and open the file in Photoshop on High Sierra and Mojave.

Capture Desktop Speed

Mojave is a lot faster (even with a wait for the file to be saved to the desktop)

IntelliJ

Does Mojave make IntelliJ slower?

Note: Sorry, the scale in the chart zoomed in by default, I am not sure how to reset the scale on the left to starts at 0.

Time to open IntelliJ

4-second improvement. Nice.

Time to opening Adobe CS Premiere Pro in Mojave v High Sierra

How does Adobe Premiere Pro handle Mojave?

Note: Sorry, the scale in the chart zoomed in by default, I am not sure how to reset the scale on the left to starts at 0.

Mojave Opening Premiere Pro

2 seconds slower (I expect updated from Adobe soon)

More to come soon.

I hope this guide helps someone.

Please consider using my referral code and get $25 UpCloud VM credit if you need to create a server online.

https://www.upcloud.com/register/?promo=D84793

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.0 Initial Post

Open a Windows 10 Boot Camp Installation on OSX in Parallels (like a VM)

by

This guide will show you how you can open a Windows 10 Boot Camp Installation on OSX in Parallels (like a VM).

Installing Parallels on a Mac allows you to install Windows in A VM, this is handy but you may want to install Windows on a Mac drive with Boot camp (guide here)  for better performance.

Can you load this VM-less Windows install in OSX rather than reboot it, the answer is YES (with Parallels v13).

Setup your Windows Bootcamps (see my guide here).

Create a new VM image in Parallels (Select Boot Camp)

New Image

Click Continue

Use Windows Bootcamp

Confirm the reaction warning.

Before You Proceed

Name the VM and choose a location

Location

Set desired memory etc.

Choose your desired clipboard and disk access settings.

Options

Done, now Parallels will prepare your VM (Really Boot Camp)

Created

Preparing

Creating VM

Parallel tools will be automatically installed.

Configuring

Done, you will now be able to load your Apple Bootcamp partition as it is was a VM inside OSX (or boot it)

Windows

yes, the VM file is pointing to the Boot Camp partition.

VM File

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.0 Initial post

How to free up disk space in OSX

by

It will happen to everyone, you will run out of space (on your computer or device) and you will need to free some space. Apple OSX computers that only have Solid State storage need at least 1/5 free space to remain free all times to prevent the drive from wearing out (by using free sectors repeatedly)

I have a number of guides on moving away from CPanel, Setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line.

I have blogged before about my backup plan but of late I have ignored my own advice. I have let my free space dwindle to a mere few GBs of free space.

I would not recommend you use Apple iCloud to extend your storage and move unused files to the cloud. I would always recommend you backup files and clear up space (and deal with the problem).

I use Space Gremlin on OSX to find large files (this is not a paid endorsement). After you scan your drive you I could see large and common files, for me, it looks like some old Virtual Machines (Windows and Kali Linux) and over 100GB of photos.

Start with the largest files and work your way down.

Space Gremlin

Moving small files (to say an external drive is as easy as drag and drop)

Move Small Filea

I moved my two Parallel Desktop Virtual machines to an external 3TB drive (until I need them again).

Large Files

Another awesome program is Clean My Mac 3 (also not a paid endorsement), I paid for Clean My Mac 3 and if can easily find obscure hidden files to delete.

Clean

Clean My Mac has a find Large and old files tool.

Large Files

Remove unwanted developer files

I don’t need Developer related simulator files

Developer Files

or XCode (I‘ll uninstall in Clean My Mac 3)

Uninstall XCode

Search for Duplicate Files

I use a program called Twins (now called The Duplicate Finder from https://rockysandstudio.com/) to find duplicate files (not a paid endorsement). Simply point it to a drive and it will find duplicate files.

Twins

Remove (Backup) Old Photos

Open your Photos app.

Export Photos

Highlight All Photos and click File, Export then Export Unmodified…

Export

Choose export options.

Export Settings

Choose a destination (I chose a location on an external 3TB drive)

Export Location

Export in progress.

Exporting

FYI: Somes files will report that they will not export.

Exported

TIP: Confirm your photos have exported.

Confirm Copy

After I confirmed that my photos were exported I deleted the Photos.

Delete

TIP: I had to move my master images from Photos as the delete from the GRI left behind the masters.

Masters

Space Gremlin Restricted Files

If you have large chunks of restricted files (files you don’t have access too) in Space Gremlin you can run Space Gremlin with elevated permissions (the manual says).

Hmm, this does not work.

I have 200GB of restricted files that need scanning 🙁

200GB

Conclusion

Do repeat detection of files to delete with Space Gremlin, Twins and Clean My Mac. Ensure you have multiple backups and don’t leave all of your eggs in one basket.

I hope this guide helps someone.

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.2 200GB Restricted Files

v1.1 iCloud Info

v1.0 Initial post

Useful OSX Terminal Commands

by

Following on my from Useful Linux Terminal Commands here is my Useful OSX Terminal Commands. This guide is handy for setting up a development OSX installation (e.g Apache, PHP, MySQL etc). I will update this post when I find new commands.

First, read my Useful Linux Terminal Commands post.

Normally I set up Ubuntu servers in the cloud on Vultr (read my guide here) or Ubuntu Servers on Digital Ocean (read my guide here) but this is how I can quickly set up a development environment locally on OSX.

Useful OSX Commands

Prevent your Mac from falling asleep

Prevent your Mac from falling asleep (for 1 minute)

Check Path

$PATH
/Library/Frameworks/Python.framework/Versions/3.4/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands

Compare files

Show hidden files in Finder

Find file on OSX

Find all listening ports

Find process listening on port 80

Find a Process

Find A File (e.g httpd.conf)

Note: OSX Apache Index file location is…

To edit the default HTML file

Built-In Apache

Disable built-in OSX apache daemon

Restart built-in Apache daemon

View other startup daemons

View All Startup Daemons

Force network drives to automatically connect after each login (instead of manually connecting)

More: https://www.tekrevue.com/tip/automatically-connect-network-drive/

Set PHP as default Web Server delivered file in local Apache

Set…

Install PHP 7.0 on to OSX

FYI: 7.1 and 7.2 are out but I find 7.0 is more stable with WordPress (read more here).

More: https://php-osx.liip.ch/

Create a diag file in your OSX Default Apache root

Edit your default index file

Contents

Now load the file

Debug Info

Install MySQL on OSX

Download: https://dev.mysql.com/downloads/mysql/

Download MySQL

Help: https://dev.mysql.com/doc/refman/5.7/en/osx-installation-pkg.html

Uninstall MySQL OSX
Read: https://community.jaspersoft.com/wiki/uninstall-mysql-mac-os-x

Add MySQL to PATH

Reboot and Check the MySQL Service

Service Status

Check MySQL Version

Login to MySQL from the Command Line

Set a new root password (after logging in as root)

fyi: You can obtain a good password here.

Bonus: Install MySQL (PHP) management tool  (in Apache)

Download: https://www.adminer.org/#download Save the file to /Library/WebServer/Documents/adminer.php

Load Adminer in your browser and log in with your root password

Login to Adminer (via Apache/PHP)

Adminer

Creating MySQL Tables in Adminer (via Apache/PHP)

Create Table

Adminer allows you to fully manage your MySQL (create databases, users, run queries, alter objects etc)

Adding Records to MySQL with Adminer

Adding Records

Remove MySQL:

Read more here: https://community.jaspersoft.com/wiki/uninstall-mysql-mac-os-x

Get your Mac Processor Name

Show All OSX System Settings

Command:

Show Live File System Usage

Show last 10 lines of the system log

Get Your Local WAN IP Address

Get your Public IPV4 Address

More to come.

Hope this helps someone.

Donate and make this blog better

Ask a question or recommend an article

[contact-form-7 id=”30″ title=”Ask a Question”]

Revision History

v1.2 Find file (current version)

v1.1 Removed system info chunk (too big to format)