To see posts by date, check out the archives

Hexadecimal Sucks
Tyler Cipriani Posted

Humans do no operate on hexadecimal symbols effectively […] there are exceptions.

– Dan Kaminsky

When SSH added ASCII art fingerprints (AKA, randomart), the author credited a talk by Dan Kaminsky.

As a refresher, randomart looks like this:

$ ssh-keygen -lv -f ~/.ssh/
256 SHA256:XrvNnhQuG1ObprgdtPiqIGXUAsHT71SKh9/WAcAKoS0 (ED25519)
+--[ED25519 256]--+
| .++ ...         |
| o+.... o        |
|E .oo=.o .       |
| . .+.=   .      |
|    o= .S.o.o    |
|   o  o.o+.= +   |
|  . .  .o B *    |
|   . .   + & .   |
|      ..+o*.=    |

Ben Cox describes the algorithm for generating random art on his blog. Here’s a slo-mo version of the algorithm in action:

ASCII art ssh fingerprints slo-mo algorithm
ASCII art ssh fingerprints slo-mo algorithm

But in Dan’s talk, he never mentions anything about ASCII art.

Instead, his talk was about exploiting our brain’s hardware acceleration to make it easier for us to recognize SSH fingerprints.

The talk is worth watching, but I’ll attempt a summary.

What’s the problem?

We’ll never memorize SHA256:XrvNnhQuG1ObprgdtPiqIGXUAsHT71SKh9/WAcAKoS0—hexadecimal and base64 were built to encode large amounts of information rather than be easy to remember.

But that’s ok for SSH keys because there are different kinds of memory:

  • Rejection: I’ve never seen that before!
  • Recognition: I know it’s that one—not the other one.
  • Recollection: rote recall, like a phone number or address.

For SSH you’ll use recognition—do you recognize this key? Of course, SSH keys are still a problem because our working memory is too small to recognize such long strings of letters and numbers.

Hacks abound to shore up our paltry working memory—what Dan called “brain hardware acceleration.”

Randomart attempts to tap into our hardware acceleration for pattern recognition—the visiuo-spacial sketchpad, where we store pictures.

Dan’s idea tapped into a different aspect of hardware acceleration, one often cited by memory competition champions: chunking.

Memory chunking and sha256

The web service what3words maps every three cubic meters (3m²) on Earth to three words.

The White House’s Oval Office is ///

Three words encode the same information as latitude and longitude—38.89, -77.03—chunking the information to be small enough to fit in our working memory.

The mapping of locations to words uses a list of 40 thousand common English words, so each word encodes 15.29 bits of information—45.9 bits of information, identifying 64 trillion unique places.

Meanwhile sha256 is 256 bits of information: ~116 quindecillion unique combinations.

                                                                64000000000000 # 64 trillion (what3words)
115792089237316195423570985008687907853269984665640564039457584007913129639936 # 116 (ish) quindecillion (sha256)

For SHA256, we need more than three words or a dictionary larger than 40,000 words.

Dan’s insight was we can identify SSH fingerprints using pairs of human names—couples.

The math works like this1:

  • 131,072 first names: 17 bits per name (×2)
  • 524,288 last names: 19 bits per name
  • 2,048 cities: 11 bits per city
  • 17+17+19+11 = 64 bits

With 64 bits per couple, you could uniquely identify 116 quindecillion items with four couples.

Turning this:

$ ssh
The authenticity of host '' can't be established.
ED25519 key fingerprint is SHA256:XrvNnhQuG1ObprgdtPiqIGXUAsHT71SKh9/WAcAKoS0.
Are you sure you want to continue connecting

Into this2:

$ ssh
The authenticity of host '' can't be established.
Key Data:
    Svasse and Tainen Jesudasson from Fort Wayne, Indiana, United States
    Illma and Sibeth Primack from Itārsi, Madhya Pradesh, India
    Maarja and Nisim Balyeat from Mukilteo, Washington, United States
    Hsu-Heng and Rasim Haozi from Manali, Tamil Nadu, India
Are you sure you want to continue connecting

With enough exposure, building recognition for these names and places should be possible—at least more possible than memorizing host keys.

  1. I’ve modified this from the original talk, in 2006 we were using md5 fingerprints of 160-bits. Now we’re using 256-bit fingerprints, so we needed to encode even more information, but the idea still works.↩︎

  2. A (very) rough code implementation is on my github.↩︎

My Remote Desk, 2024
Tyler Cipriani Posted
My desk as of 2024-04-30

Remote companies have to work harder at everything.

The effort goes beyond “remote-friendly”—you need remote culture.

But once you have a remote culture, it’s hard to imagine going back. After nine years of working remotely, the only thing I miss about working in person is seeing people’s messy desks.

Why desks matter

Loneliness is a problem for remote workers—video chats are a terrible substitute for happy hour.

Plus, in person, you get to see people’s desks—it’s fun—it’s how you get to know people.

And I know other people think it’s fun, too: we remoties share our pictures of our workspaces all the time. Everyone should share their workspaces (here’s mine circa 2016).

My desk

This is my messy office as of today. (No cleaning and no judgments 🥹 allowed when sharing your workspace.)

My office as of 2024-04-30

Some things of note in this picture in no particular order:

None of these are affiliate links since no one would want to be affiliated with this mess.

My eclipse photography plan
Tyler Cipriani Posted
2017 solar eclipse—obscuration 93.8%

In 2017, I opted to skip the crowds and the drive and settle for a 94% solar eclipse. I fully regret that decision.

Weather permitting, I’ll be photographing the full solar eclipse from the path of totality next Monday. While I’ve amassed a ton of gear, the main resource I’ve dumped into this project is time—time planning, practicing, and hacking.

After investing all that time, here’s my plan.


I’m never going to produce an eclipse photo comparable to the work of Miloslav Druckmüller—so why bother with photography at all?

Photography is my hobby, and what’s a hobby without a challenge? Sure, the siren song of cool gear is part of it—I do love gear—but it also takes planning, hacking, and editing skills to create a great picture.

I got to spend time rooting around inside libgphoto2, breaking out the soldering iron to jury-rig a custom ESP32-based release cable, and practicing every move I’ll make on eclipse day. For me, this is fun.

Your mileage may vary.


My 2024 eclipse setup

Here is my gear checklist for this year:


  1. Sony A7rIII
  2. Sony 100–400mm f4.5–5.6 GM telephoto lens
  3. Sony FE1.4× teleconverter

The lens and teleconverter give me an effective focal length of 560mm. The 1.4µm pixel pitch of the A7rIII means I’ll cover 1.7 arc-seconds per pixel at my focal length—right in the sweet spot (below two, above one).

Here’s what a cropped image of the solar disk looks like on this setup:

Solar disk (cropped)

You can compare this photo to an image taken yesterday by the Solar & Heliospheric Observatory (SOHO) spacecraft—both show sunspots AR3617 and AR3619. I’m gratified that a picture from my backyard shows the same details as one from outer space.

Other essentials

  1. M5StickC ESP32-PICO – I’m using this as an intervalometer. I’ve programmed it with the Alpha Fairy firmware and will control it using pyserial. I soldered together a release cable that I’ll use to control the shutter.
  2. iOptron SkyGuider Pro – This is an tracking mount. It cancels out the motion of the Earth so the sun appears in the same spot in the frame (if I polar align right).
  3. Thousand Oaks 77mm threaded RF-film solar filter – for use pre-totality. I bought this for the 2017 eclipse. This prevents the sun from destroying my lens and camera.
  4. Manfrotto XUME 77mm lens adapter – secures the solar filter to my lens via a magnet, letting me pull it off instantly rather than fiddling with unscrewing a filter.


  • PlanningPhotoPills helped me plan where to be and where to look.
  • Polar alignment – I’ll use SkEye for daytime polar alignment, pointing my tracking mount downwards towards σ-Octantis, which will align my tracker with the motion of the Earth.
  • Weather/CloudsVentuSky shows real-time GOES satellite imagery and lets you browse weather prediction models. SkippySky shows real-time total cloud cover, seeing, and transparency (and also shows the eclipse path). Clear Dark Sky is the classic astronomer’s forecast tool.

My plan

I’m pegging all my images to f/8, ISO 100, and only adjusting shutter speed.

I’ll be bracketing five photos, each three stops of light away from each other (±3EV). I’ll adjust my base shutter speed twice.

Pre-totality, I’ll do 1/100 second shutter speed. This should cover me for full-disk images, right up through Baily’s beads:

  • 1/100”
  • 1/800”
  • 1/13”
  • 1/6400”
  • 0.6”

After totality, I’ll move the shutter speed to 1/15 of a second. Fast enough to ensure I get at least one clear shot and slow enough to get earthshine if all goes to plan with my polar alignment:

  • 1/15”
  • 1/125”
  • 1/2”
  • 1/1000”
  • 4”

If it all falls apart? Well. I’ll be in Austin—a great place to while away the time longing for clear skies.

Eternal shell history 🐢
Tyler Cipriani Posted
Tar, XKCD 1168 by Randall Monroe Licensed: CC-by-NC 2.5

I’ve never been able to trust ~/.bash_history. Regardless of my configuration, I was forever searching for that one gnarly jq filter that had somehow disappeared. Then, I found a better way.

Over the past eight years, I’ve hoarded ¾ million lines of bash history:

$ wc -l < ~/.muh_history

This accounts for every shell command I’ve run since 2016—all saved to a 102MB file: ~/.muh_history.

$ ls -lh ~/.muh_history
-rw------- 1 thcipriani thcipriani 102M Feb 27 21:23 /home/thcipriani/.muh_history

It’s a perfect, searchable archive of my work.

hist a command to search ~/.muh_history

I’ve come to rely on ~/.muh_history to take notes for me while I focus on solving problems. I trust this system, because it’s so simple.

🛟 Simple history via prompt command

To save my history, I exploit the bash PROMPT_COMMAND variable.

Bash will execute anything you assign to PROMPT_COMMAND before showing your prompt:

$ export PROMPT_COMMAND='fortune && echo 🥳'
Q:  Do you know what the death rate around here is?
A:  One per person.

You can use this variable to write the output of history 1 to a file:

$ export PROMPT_COMMAND='history 1 >> ~/.muh-history.test'
$ fortune
Caution: breathing may be hazardous to your health.
$ cat ~/.muh-history.test
6851  2024-02-25 18:44:30-0700 export PROMPT_COMMAND='history 1 >> ~/.test-history'
6852  2024-02-25 18:44:35-0700 fortune

I started doing this in 20151, but the more metadata I added—bash process ID, current directory, user—the more powerful my history became.

Today, my history file looks like this:

$ tail -1 ~/.muh-history
847008 /home/thcipriani thcipriani 2024-02-27T15:52:16-0700 echo 'Weeee!' | figlet | lolcat

Now, I can crawl these bits of metadata to look at my history in interesting ways. For example:

  • Trace the history of a single shell session.
  • Show commands within a time range.
  • Search for commands run in the current directory.

🧐 Problems and tradeoffs of ~/.muh_history

My eternal shell history has been working well for eight years. But every solution has tradeoffs and problems:

  • One machine – This works on one machine. If you need history saved across more than one machine, Atuin seems like what you want (though I’ve never tried it).
  • Local security – This stores any command you run, including those with woopsied passwords. The HISTCONTROL=ignorespace setting helps—it makes history ignore commands that start with a space.
  • Bash only – I use the default Linux shell for most operating systems: bash. Nicer shells can do the same things as PROMPT_COMMAND and history (e.g., zsh’s preexec, fish’s fish_preexec).
  • Too simplisticMcFly and Atuin seem like robust, active alternatives. And both use PROMPT_COMMAND under the hood. Maybe I’d start there if I were starting today, but ~/.muh_history pre-dates both projects.
  • Remote security – It would be Bad™ to install this on a remote machine unless you’re the admin of that machine. Never cross a sysadmin.

⚠️ Flailing at bash’s built-in history, Wed, 02 Sep 2015

Goals of ~/.muh_history:

  1. Eternal – I want the option of keeping history forever.
  2. History builtin commands – “↑” and ctrl-r should work in the default way.
  3. History builtin depth – I want a few weeks of history available to ctrl-r.
  4. Instant startup – Minimize lag when starting new bash sessions.
  5. No logrotate – Avoid logrotate, systemd timers, and cronjobs to manage history—nothing to troubleshoot or maintain.

And the hacks I’ve seen to juice bash’s built-in ~/.bash_history fail at least one of these:

  • HIST(FILE)SIZE=<huge number>2 – On startup, bash loads a HISTSIZE amount of HISTFILE into memory—this could cause lag during bash startup unless you logrotate regularly. And there’s a risk of losing commands if/when your sessions crash.
  • unset HIST(FILE)SIZE/HIS(FILE)SIZE=-1 – This should make HIST(FILE)SIZE infinite, so the same caveats apply as using a huge number. Plus, this has a history of failing in some instances.
  • HISTFILE=~/.history/$(date -I) – For the first bash session you start in the morning ctrl-r will give you nothing.
  • PROMPT_COMMAND='history -a && history -r' – Before showing your prompt, write your in-memory history to HISTFILE and re-read it into memory. This mixes up the history of different sessions, so hitting “↑” may show history from a different session.

Other pitfalls:

  1. Write on exit – when you exit a session, bash dumps HISTSIZE lines of your command history into ~/.bash_history. If your session crashes: all gone. This makes HIST(FILE)SIZE unappealing to me.
  2. Append vs. overwrite – if your shell initialization files skip setting histappend, bash will overwrite ~/.bash_history rather than append your session history on exit.
  3. Small defaults – bash stores your 500 most recent commands in your session history and 500 commands from old sessions in ~/.bash_history.

I’ve set some sensible defaults and ignored clever ideas. Here are my settings:

# append to history vs. overwrite
shopt -s histappend
# ignore commands starting with space; ignore duplicates
# Up the history in memory: 500 → 10,000
# Up the history on disk: 500 → 20,000
# RFC 3339 format; e.g., 2024-02-27T15:52:16-0700

  1. When I read the wonderful, shorter version of this article: Andy Teijelo Pérez’s Bash eternal history↩︎

  2. I scraped of GitHub for HISTSIZE=. It’s all over the place. Max: 10,000,000,000,000,000; 25 percentile: 1,000; 75th percentile: 100,000; median: 10,000. I set mine at the median. Works fine.↩︎

Framework DIY 13 AMD review ⚙️
Tyler Cipriani Posted
Framework Laptop DIY 13 AMD with ethernet dongle and screwdriver

The laptop industry is a tragedy.

Meanwhile, Framework built something different—repairable, Linux-ready laptops that respect users. Framework is a rare company worth your support.1

So, this month, I bought their 13.5″, AMD-powered laptop—the Framework 13 AMD.

But I’ve seen mixed reviews from other Linux users. I like the Framework ethos—I hope I like their laptops, too.

🛠️ DIY Hardware and assembly

Framework offers two editions of its laptops:

  1. Pre-built – Fully assembled, complete with a useless (to me) Windows™ install.
  2. DIY – Do it yourself (DIY). Some assembly required—BYO-OS.

I opted for the DIY edition—a misnomer, given assembly took five minutes.

Framework DIY—little assembly required (NVMe, RAM, keyboard, bezel: that’s it)
  • CPU 8-core/16-thread 5.1Gz AMD (AMD Ryzen™ 7 7840U)
    • AMD Radeon 780M integrated GPU (works fine with amdgpu driver)
    • Ryzen AI Neural Processing Unit (NPU) (AMD released an xdna driver last week. I have yet to try it.)
  • 64 GB RAM – DDR5-5600
  • 2TB NVMe
  • 13.5” (diagonal) matte (🥳) screen

This is a powerful machine.

🏋️ Weight

Framework 13 weighing in at 1,323Kg, about the same as the 2011 Macbook Air

A notebook that weighs more than a kilo is simply not a good thing

Linus Torvalds

The Framework weighs more than a kilo.

Fully assembled (stickers and all), my new laptop tips the scales at 1,323g.

It’s 100g lighter than my x220 but 100g heavier than my partner’s M2 Macbook Air.

The Framework weighs as much as the 2011 Macbook Air—a sure sign innovation has stopped in this space.

🔌 Ports/dongles

Ports on the ThinkPad vs Framework—sadly absent: PCMCIA card slot

I’m torn.

I can arrange my laptop’s USB, power, and ethernet ports however I want them.

And folks in the Framework community are cooking up new ideas.

But these are dongles. Brilliant dongles, but dongles nonetheless—I have to tote them on my travels and keep track of them all.

A dongle by any other name…

Now, I need a little pouch for my adorable dongles.

🪫 Battery life

Folks flagged short battery life as a problem for these machines—especially the Intel version. Is that true for the AMD version?

To test this, I simulated some strenuous web surfing—clicking Wikipedia links faster than is humanly possible.2


Time to battery empty Brightness Delay between page clicks Avg CPU Percentage Avg Watts
02:20:21 100% 0s 13.8% 23.4
02:55:07 0% 0s 13.8% 19.8
12:57:57 😅 0% 10s 1.1% 4.1

As long as I’m not slamming through every page of Wikipedia, the battery would get me through most work days.

During the workday, I use between 5 and 10 watts.3 While that might not give me 13 hours, it beats my ThinkPad X220’s 1.5-hour battery life.

Linux setup

Linux veterans relayed painful experiences running their OS on older Framework models.

But my experience was (mostly) jank-free.

Ubuntu 22.04

I installed Ubuntu first, since it’s the sole Linux distribution Framework’s website listed as “Stable.”

And Ubuntu 22.04 ran flawlessly.

Chalk this up to the detailed Framework Ubuntu setup guide, with its giant gob of copy-pasta commands—much laudable, painstaking effort has gone into making this experience perfect.

Debian Bookworm

I perused the Debian Wiki’s Framework pages and the Debian Install Guide as references to install Debian Bookworm.

Audio, wifi, bluetooth, touchpad, webcam, and every button worked out of the box.

Then I closed the lid, but nothing happened. Sleep failed.

Problems with s2idle on AMD machines are common. Problems are so common that Freedesktop cobbled together a script with cute emojis to help troubleshoot:

Framework user forums pointed me to the firmware-amd-graphics Debian package bug 1053856.

After firmware fiddling and an hour+ tweaking Xmonad for the high-dpi (2256x1504) display: all’s well.

I hate computers, but this one is pretty good.

@FramworkPuter, 2024-01-19

What I like:

  • Repairable – I hoard a closet of old ThinkPads because I know they’ll end up at the dump otherwise.
  • Hardware camera/mic switch + RFKill – Hardware switches beat camera covers any day. And a laptop that respects its users’ privacy is lovely.
  • Reference designs – While it’s not open hardware, Framework releases reference designs under a Creative Commons license.
  • Matte screen – Why are shiny screens an option? Who wants that?

What I dislike:

  • Keyboard – It’s mushy. Plus, the button under [/?] is [←], which is breaking my brain. I’m used to it being right CTRL (which I use as AltGr).
  • Brightness – Even at 0% brightness, the screen is too bright. There’s probably something I can do here.
  • HDMI requires back slots – HDMI expansion card plugged into the front left expansion slot failed. Moving to one of the back slots works.
  • 3:2 aspect ratio – Why? It’s an outre choice. I’m having a bad time mirroring to 16:9 displays. Plus, horizontal screen space is great for tiling window managers.
  • Trackpad – I still like buttons. The trackpad is good, but I’m a luddite—ThinkPads spoil you.
  • Keyboard backlight – Speaking of ThinkPads, why have we abandoned the ThinkLight?

🏛️ Verdict

In a barren industry where planned obsolescence is the norm, Framework produces nice hardware for a fair price.

The Framework AMD 13 is a powerful, modern laptop capable of running Linux. And all the buttons seem to do what they’re supposed to.

I look forward to the day when I can Ship-of-Theseus the guts of this beast to get an even beefier boxen. It sure beats throwing it on the pile of ThinkPads collecting dust in my closet.

EDIT 2024-01-31T13:53:30-07:00: Before, this article referred to the Framework AMD 13 as the “13th generation.” Commentors pointed out that that was incorrect. The 13th generation Framework laptops refer to the 13th generation of the Intel CPUs, not the Framework hardware.

  1. Man, I hope this comment ages well.↩︎

  2. I scripted the “Getting to Philosophy” Wikipedia game for the top 400 Wikipedia Articles of 2023↩︎

  3. Unless I do something silly like attend a zoom meeting.↩︎