Connect to everything but block all incoming traffic
pyrrha# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $
# See pf.conf(5) and /etc/examples/pf.conf
# This was default
#set skip on lo
#block return # block stateless traffic
#pass # establish keep-state
# This is my pf.conf
pass from self to any
#a. Rule 1 blocks all traffic.
#b. Rule 2 passes all traffic originating on the laptop, going anywhere.
# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010
First, make sure you belong to the class (not group) staff:
# user mod -L staff pau
Then give a bit more of RAM to programs
# Staff have fewer restrictions and can login even when nologins are set.
Secure screen after suspending
Use xdm: Since you do not want to leave a terminal open, do not start X with startx. This would leave open that terminal and launch X on another one. Since you are using xdm, you need a .xsession file instead of a .xinitrc. My .xsession file looks like
xmodmap -e "keycode 22 = BackSpace BackSpace BackSpace BackSpace BackSpace BackSpace"
xidle -delay 5 -sw -program "/usr/X11R6/bin/xlock -mode blank" -timeout 90 &
The first line cancels the function Zap of X, which means that nobody can interrupt your X session by pressing CTRL+Alt+Backspace. xidle is necessary to launch the screensaver via xlock
Create /etc/apm/suspend and make it executable:
$ cat /etc/apm/suspend
pkill -USR1 xidle
Make sure apm is running everytime after boot. If it is not, while your laptop will suspend, the script suspend will not be executed, and the screen will not be locked. To test if apmd is running, type zzz from the terminal. A message like zzz: cannot connect to apmd: No such file or directory Will tell you that your apmd is NOT running.
To have apmd run after boot, add a flag to rc.conf.local:
$ cat /etc/rc.conf.local
matplotlib and seaborn
For this, I resort to
pip to have the last release,
# pip install matplotlib
# pip install seaborn
Get to use skype messenger on your browser: Override user agend ID
I dislike skype very much. Unfortunately many of my collaborators are using it and I cannot stop talking to them and quite collaborations because I do not like a piece of software.
My fix for this, since fortunately OpenBSD is not accepting blobs, is to use the web interface with firefox to chat with my collaborators and friends and then use my smartphone to make calls.
For this, we have to make web.skype.com think that we are using an evil OS:
Point your browser to about:config, right click, New -> String
general.useragent.override and then add e.g.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1
An alternative is to install an addon for chrome or firefox, such as User-Agent-Switcher. I have found that picking up “Opera for windows” gives the best results.
You can for instance change the background by adding an image and using qiv. For this, make a directory to store background images, e.g.
/usr/local/share/backgrounds/pau and add images there. Then
# vim /etc/X11/xdm/Xsetup_0
And change the console line to
#xconsole -geometry 480x130-0-0 -daemon -notify -verbose -fn fixed -exitOnFail
/usr/local/bin/qiv -zr /usr/local/share/backgrounds/pau/*