Back to Roots

A beginning

#site #account

As stated in the about page, I’ll use this site as my personal space to talk about a soft migration to a computer setup better matching my needs, as well as my de-centralized presence on the net.

The story began after I wander around suckless and related projects and users, and found nrk from an article about C. I’ve browsed more and more around and have chosen some of the tools and services he has.

Out of Gmail

The first step was to create an email account from an independent provider, not relying on adverts and data usage. Disroot looked like a perfect match. Their website looks like it’s a bunch of activists, what I am not, but I like the spirit after all.

I still have to make a gpg key, detach the master key from the subkeys and find a secure place, doing at least an encrypted usbkey and maybe another remote storage.

Out of github/gitlab

I have an account on both, more for contributions and some basic repositories. After some researches for a free and true open source git host, I chose Codeberg instead of Disroot’s one, to avoid having all my eggs in the same basket. I haven’t imported my repositories yet, going slowly but steady.

Authenticator app

Concerning account security, it’s hard to avoid MFA but known services are at best proprietary. After some researches, I found a neat open source and serverless one: 2FAS, working on smart phones and browsers with an extension (with syncing between them).

It’s serverless, so the tokens database is not stored anywhere but on your phone. So to avoid loosing them all in case the phone is stolen or lost, or broken, it’s necessary to copy this database to a secure location.

The only drawback with 2FAS is they only provide a Good Drive automatic backup (sic!) and, how to say… well that does not make sense to use Google servers when you want to avoid them. So for now, I do a manual backup by exporting and sending it to my online private vault (a limited size private vault is a free service from the french postal company La Poste that I already had). They plan to fix this with cloud snapshots, hopefully with nextcloud.