diff --git a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md similarity index 94% rename from how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md rename to how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md index 70c3f08..d18a925 100644 --- a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md +++ b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md @@ -1,6 +1,6 @@ -# How to backup and encrypt data using rsync and VeraCrypt on macOS +# How to back up and encrypt data using rsync and VeraCrypt on macOS -[![How to backup and encrypt data using rsync and VeraCrypt on macOS (see change log)](how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png)](https://www.youtube.com/watch?v=1cz_ViFB6eE "How to backup and encrypt data using rsync and VeraCrypt on macOS (see change log)") +[![How to back up and encrypt data using rsync and VeraCrypt on macOS (see change log)](how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png)](https://www.youtube.com/watch?v=1cz_ViFB6eE "How to back up and encrypt data using rsync and VeraCrypt on macOS (see change log)") > Heads-up: when using storage devices with wear-leveling (most flash storage devices), it is not possible to securely change password once it has been set (see [Wear-Leveling](https://www.veracrypt.fr/en/Wear-Leveling.html)). @@ -94,7 +94,7 @@ VeraCrypt 1.24-Update7 👍 -### Step 9: set temporary environment variable +### Step 9: set backup volume path environment variable ```shell BACKUP_VOLUME_PATH="/Volumes/Samsung BAR/backup" diff --git a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-1.png b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-1.png similarity index 100% rename from how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-1.png rename to how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-1.png diff --git a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-2.png b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-2.png similarity index 100% rename from how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-2.png rename to how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/allow-extension-2.png diff --git a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png b/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png similarity index 100% rename from how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png rename to how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos/how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos-see-change-log.png diff --git a/how-to-configure-borg-client-on-macos-using-command-line/README.md b/how-to-configure-borg-client-on-macos-using-command-line/README.md index 346aeb9..4008e9b 100644 --- a/how-to-configure-borg-client-on-macos-using-command-line/README.md +++ b/how-to-configure-borg-client-on-macos-using-command-line/README.md @@ -120,7 +120,7 @@ Go to [Repositories](https://www.borgbase.com/account) and add repository. ### Step 4: generate and upload `authorized_keys` file (if using rsync.net) -#### Set temporary environment variables +#### Set environment variables ```shell BORG_USERNAME="18434" @@ -201,11 +201,11 @@ Write down the passphrase. Store both at safe place(s). ``` -#### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](../how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) +#### Back up `~/.config/borg` and `~/Library/Keychains` folders (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) > Heads-up: both key (stored in `~/.config/borg`) and passphrase (stored in `~/Library/Keychains`) are required to decrypt backup. -### Step 9: set temporary environment variables +### Step 9: set environment variables Replace `borg@185.112.147.115:backup` with self-hosted or cloud-based repo and set backup name. diff --git a/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md b/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md index 78d82a0..aa72965 100644 --- a/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md +++ b/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md @@ -49,7 +49,7 @@ Status: Enabled 👍 -### Step 3: backup and overwrite `/etc/pf.conf` +### Step 3: back up and overwrite `/etc/pf.conf` > Heads-up: software updates will likely restore `/etc/pf.conf` to default. Remember to check `/etc/pf.conf` using `cat /etc/pf.conf` after updates and test kill switch. @@ -151,7 +151,7 @@ For example, if subnet mask is `255.255.255.0`, bitmask is `/24` and subnet pref | 255.255.255.254 | /31 | | 255.255.255.255 | /32 | -### Step 5: set temporary environment variables +### Step 5: set environment variables `KILLSWITCH_HARDWARE_INTERFACES` should include all used hardware network interfaces. @@ -261,7 +261,7 @@ sudo chown ${USER}:admin /usr/local/sbin ### Step 11: source `/usr/local/sbin` directory -> Heads-up: find which shell is configured using `echo $SHELL`. +> Heads-up: run `echo $SHELL` to find default shell. #### Bash (`/bin/bash`) diff --git a/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md b/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md index 02bcec5..42181e5 100644 --- a/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md +++ b/how-to-configure-strongswan-client-on-headless-debian-based-linux-computer/README.md @@ -157,7 +157,7 @@ STRONGSWAN_CLIENT_NAME=bob STRONGSWAN_SERVER_IP=185.193.126.203 ``` -#### Backup and overwrite `/etc/ipsec.conf` +#### Back up and overwrite `/etc/ipsec.conf` ```shell cp /etc/ipsec.conf /etc/ipsec.conf.backup @@ -180,7 +180,7 @@ conn ikev2 EOF ``` -#### Backup and overwrite `/etc/ipsec.secrets` +#### Back up and overwrite `/etc/ipsec.secrets` ```shell cp /etc/ipsec.secrets /etc/ipsec.secrets.backup diff --git a/how-to-create-encrypted-paper-backup/README.md b/how-to-create-encrypted-paper-backup/README.md index 9747527..de1871f 100644 --- a/how-to-create-encrypted-paper-backup/README.md +++ b/how-to-create-encrypted-paper-backup/README.md @@ -216,7 +216,7 @@ imported: 1 ELECTRUM_RELEASE_SEMVER=4.1.2 ``` -#### Download Electrum release and PGP signature +#### Download Electrum release and associated PGP signature ```shell $ cd ~ diff --git a/how-to-create-encrypted-paper-backup/tests/default.exp b/how-to-create-encrypted-paper-backup/tests/default.exp index ee6ddbe..4766e42 100644 --- a/how-to-create-encrypted-paper-backup/tests/default.exp +++ b/how-to-create-encrypted-paper-backup/tests/default.exp @@ -5,7 +5,7 @@ source ./test.exp set secret "foo\nbar" set passphrase "asdasd" -test_label "Should fails to backup secret using secrets that do not match" +test_label "Should fails to back up secret using secrets that do not match" spawn qr-backup.sh @@ -44,7 +44,7 @@ expect { } } -test_label "Should fails to backup secret using passphrases that do not match" +test_label "Should fails to back up secret using passphrases that do not match" spawn qr-backup.sh @@ -95,7 +95,7 @@ expect { } } -test_label "Should backup secret showing passphrase" +test_label "Should back up secret showing passphrase" spawn qr-backup.sh diff --git a/how-to-create-encrypted-paper-backup/tests/shamir-2-of-3.exp b/how-to-create-encrypted-paper-backup/tests/shamir-2-of-3.exp index a58b4f8..c3112e6 100644 --- a/how-to-create-encrypted-paper-backup/tests/shamir-2-of-3.exp +++ b/how-to-create-encrypted-paper-backup/tests/shamir-2-of-3.exp @@ -5,7 +5,7 @@ source ./test.exp set passphrase "asdasd" set secret "foo\nbar" -test_label "Should backup secret using 2-of-3 Shamir Secret Sharing" +test_label "Should back up secret using 2-of-3 Shamir Secret Sharing" source ./tests/helpers/shamir-2-of-3-backup.exp diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md index 2895cc0..4c924c4 100644 --- a/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md +++ b/how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos/README.md @@ -12,7 +12,7 @@ Listed: true [![How to encrypt, sign and decrypt messages using GnuPG on macOS](how-to-encrypt-sign-and-decrypt-messages-using-gnupg-on-macos.png)](https://www.youtube.com/watch?v=mE8fL5Fu8x8 "How to encrypt, sign and decrypt messages using GnuPG on macOS") -> WARNING: this is a “getting started” guide. For hardened guide, see https://github.com/drduh/YubiKey-Guide +> Heads-up: this is a “getting started” guide which stores private keys on macOS. For sensitive use cases, one should store private keys on hardware devices such as [YubiKeys](https://www.yubico.com/) (learn how [here](../how-to-use-yubikey-to-store-pgp-private-keys)). ## Caveats @@ -97,9 +97,9 @@ uid John Doe sub rsa4096 2021-03-24 [E] ``` -### Step 5: back up `~/.gnupg` folder (learn how [here](../how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) +### Step 5: back up `~/.gnupg` folder (learn how [here](../how-to-back-up-and-encrypt-data-using-rsync-and-veracrypt-on-macos)) -> Heads-up: files stored in `~/.gnupg` include private keys which, if lost, results in loosing one’s cryptographic identity (safeguard backup carefully). +> Heads-up: files stored in `~/.gnupg` include private keys which, if lost, results in loosing one’s cryptographic identity (safeguard backup mindfully). 👍 @@ -110,7 +110,7 @@ sub rsa4096 2021-03-24 [E] ### Export John’s PGP public key ```shell -gpg --armor --export john@example.net > ~/Desktop/john.asc +gpg --armor --export john@example.net > ~/Desktop/johndoe.asc ``` ### Import Sun’s public key using key server… diff --git a/how-to-install-and-use-electrum-over-tor-on-macos/README.md b/how-to-install-and-use-electrum-over-tor-on-macos/README.md index f6bb53d..5551e33 100644 --- a/how-to-install-and-use-electrum-over-tor-on-macos/README.md +++ b/how-to-install-and-use-electrum-over-tor-on-macos/README.md @@ -55,7 +55,7 @@ imported: 1 👍 -#### Download Electrum +#### Download Electrum release Go to https://electrum.org/#download and download latest release and associated PGP signature to `~/Downloads` folder. @@ -98,7 +98,7 @@ imported: 1 👍 -#### Download “Tor Browser” +#### Download “Tor Browser” release Go to https://www.torproject.org/download/ and download latest release and associated PGP signature to `~/Downloads` folder. diff --git a/how-to-install-and-use-veracrypt-on-tails/README.md b/how-to-install-and-use-veracrypt-on-tails/README.md index 5127059..06a1cd4 100644 --- a/how-to-install-and-use-veracrypt-on-tails/README.md +++ b/how-to-install-and-use-veracrypt-on-tails/README.md @@ -44,9 +44,9 @@ Click “Applications”, then “Favorites”, then “Configure persistent vol Click “+” under ”Additional Settings”, then “Administration Password”, set password, click “Add” and finally “Start Tails”. -### Step 5: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready. +### Step 5: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready -Tor is ready +Connected to Tor successfully 👍 @@ -68,11 +68,7 @@ imported: 1 👍 -### Step 7: download latest release of [VeraCrypt](https://veracrypt.fr/en/Home.html) - -Click “Applications”, then “Tor Browser”, go to https://www.veracrypt.fr/en/Downloads.html and download latest release of “Linux Generic Installer” and associated PGP signature. - -### Step 8: set VeraCrypt release semver environment variable +### Step 7: set VeraCrypt release semver environment variable > Heads-up: replace `1.24-Update7` with [latest release](https://www.veracrypt.fr/en/Downloads.html) semver. @@ -80,6 +76,10 @@ Click “Applications”, then “Tor Browser”, go to https://www.veracrypt.fr VERACRYPT_RELEASE_SEMVER=1.24-Update7 ``` +### Step 8: download [VeraCrypt](https://veracrypt.fr/en/Home.html) release + +Click “Applications”, then “Tor Browser”, go to https://www.veracrypt.fr/en/Downloads.html and download latest release of “Linux Generic Installer” and associated PGP signature. + ### Step 9: verify VeraCrypt release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) ```console diff --git a/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md b/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md index b8b55e7..d839189 100644 --- a/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md +++ b/how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos/README.md @@ -63,9 +63,9 @@ imported: 1 👍 -### Step 5: download latest release of [Tails](https://tails.boum.org/) +### Step 5: download [Tails](https://tails.boum.org/) release -Go to https://tails.boum.org/install/download/index.en.html and download latest release and associated PGP signature (found under “Verify using OpenPGP (optional)”) to `~/Downloads` folder. +Go to https://tails.boum.org/install/download/index.en.html and download latest release and associated PGP signature (found under “or download the OpenPGP signature”) to `~/Downloads` folder. ### Step 6: verify Tails release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) diff --git a/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md b/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md index a94ec99..bfd6efc 100644 --- a/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md +++ b/how-to-manage-trezor-devices-using-trezorctl-on-macos-or-tails/README.md @@ -59,7 +59,7 @@ pip3 install --user attrs trezor ### Step 6: source Python 3 `bin` directory -> Heads-up: find which shell is configured using `echo $SHELL`. +> Heads-up: run `echo $SHELL` to find default shell. > Heads-up: replace `3.8` with semver of latest version of Python 3 found using `ls $HOME/Library/Python`. diff --git a/how-to-self-host-hardened-borg-server/README.md b/how-to-self-host-hardened-borg-server/README.md index 1021841..e262b2d 100644 --- a/how-to-self-host-hardened-borg-server/README.md +++ b/how-to-self-host-hardened-borg-server/README.md @@ -96,7 +96,7 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2cmGUEKwopEN0vpHl2yNoV/wvm21D1hOP/8V886iC ### Step 3: generate SSH authorized keys heredoc (on computer) -#### Set temporary environment variable +#### Set Borg storage quota environment variable ```shell BORG_STORAGE_QUOTA="10G" diff --git a/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md index 2a2782e..e2d66f8 100644 --- a/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md +++ b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md @@ -405,7 +405,7 @@ systemctl restart systemd-networkd #### Install dnsmasq -> Heads-up: please ignore systemd address already in use error (if present). +> Heads-up: ignore systemd address already in use error (if present). ```shell apt install -y dnsmasq @@ -473,7 +473,7 @@ Separate nameservers using commas with no leading spaces (example: `93.95.224.28 STRONGSWAN_DNS_NAMESERVERS=95.215.19.53 ``` -#### Backup and overwrite `/etc/ipsec.conf` +#### Back up and overwrite `/etc/ipsec.conf` ```shell cp /etc/ipsec.conf /etc/ipsec.conf.backup @@ -547,7 +547,7 @@ conn ikev2 EOF ``` -#### Backup and overwrite `/etc/ipsec.secrets` +#### Back up and overwrite `/etc/ipsec.secrets` ```shell cp /etc/ipsec.secrets /etc/ipsec.secrets.backup @@ -556,7 +556,7 @@ cat << "EOF" > /etc/ipsec.secrets EOF ``` -#### Backup and overwrite `/etc/strongswan.d/charon-logging.conf` +#### Back up and overwrite `/etc/strongswan.d/charon-logging.conf` ```shell cp /etc/strongswan.d/charon-logging.conf /etc/strongswan.d/charon-logging.conf.backup @@ -576,7 +576,7 @@ charon { EOF ``` -#### Backup and overwrite `/etc/strongswan.d/charon/dhcp.conf` +#### Back up and overwrite `/etc/strongswan.d/charon/dhcp.conf` ```shell cp /etc/strongswan.d/charon/dhcp.conf /etc/strongswan.d/charon/dhcp.conf.backup @@ -600,7 +600,7 @@ sed -i 's/load = no/load = yes/' ./eap-tls.conf ./aes.conf ./dhcp.conf ./farp.co cd - ``` -#### Backup and edit `/lib/systemd/system/strongswan.service` +#### Back up and edit `/lib/systemd/system/strongswan.service` ```shell cp /lib/systemd/system/strongswan.service /lib/systemd/system/strongswan.service.backup @@ -891,7 +891,7 @@ systemctl restart strongswan ### Step 32: configure sysctl -#### Backup and edit `/etc/sysctl.conf` +#### Back up and edit `/etc/sysctl.conf` ```shell cp /etc/sysctl.conf /etc/sysctl.conf.backup diff --git a/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md index 57b7958..8c225cd 100644 --- a/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md +++ b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md @@ -32,7 +32,7 @@ sudo chown ${USER}:admin /usr/local/sbin ### Step 2: add `/usr/local/sbin` directory to `PATH` environment variable -> Heads-up: find which shell is configured using `echo $SHELL`. +> Heads-up: run `echo $SHELL` to find default shell. #### Bash (`/bin/bash`) diff --git a/how-to-use-trezor-wallet-on-tails/README.md b/how-to-use-trezor-wallet-on-tails/README.md index 34ac100..ab11c79 100644 --- a/how-to-use-trezor-wallet-on-tails/README.md +++ b/how-to-use-trezor-wallet-on-tails/README.md @@ -10,7 +10,7 @@ Listed: true # How to use Trezor Wallet on Tails -> Heads-up: guide is not persistent meaning steps have to be completed each time one wishes to use Trezor Wallet on Tails. +> Heads-up: guide is not persistent meaning steps have to be completed each time one needs to use Trezor Wallet on Tails. ## Requirements @@ -28,9 +28,9 @@ Listed: true Click “+” under ”Additional Settings”, then “Administration Password”, set password, click “Add” and finally “Start Tails”. -### Step 2: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready. +### Step 2: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready -Tor is ready +Connected to Tor successfully 👍 @@ -68,7 +68,7 @@ imported: 1 TREZOR_BRIDGE_RELEASE_SEMVER=2.0.30 ``` -### Step 6: download Trezor Bridge +### Step 6: download Trezor Bridge release ```shell torsocks curl -O https://wallet.trezor.io/data/bridge/${TREZOR_BRIDGE_RELEASE_SEMVER}/trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb