KEYID A6C19D1C082670FD will be retired soon. I haven’t been using any public key servers, so this seems like the most appropriate place to post a rotation notification.

Old key hasn’t been leaked or misused. I’m still using it temporarily personally until I’m sure everything is completely settled.

I finally retired my last Yubikey 4, and have moved everything to ed25519 / cv25519 keys. Everything is supporting KDF now too, so that’s a nice bonus.

I’ve started using a ZFS root filesystem on all of my computers now. Various wants on different systems have led to me using ZFS native encryption on some systems, and ZFS on LVM on LUKS on some others. I’ve had a chance to feel out both options, and I’ve learned a bunch in the meantime, so I decided to try something else now.

This post gets into a scheme that allows a single self contained zpool to offer LUKS key managent and unlocking options on NixOS.

I wrote a tab I’m pretty proud of. The song is 林泉吟/Melodies of forest and springs by Raflum | 雨鎖悲秋: