This post documents some of my commonly used WSL configurations.
\nInstall Common Packages
\nUbuntu:
\nsudo apt install build-essential\nDebian:
\nsudo apt install gcc g++\nDebian Common:
\nsudo apt install gdb valgrind git gpg curl wget zip unzip zsh\nConfigure Zsh
\nSet /bin/zsh as the default shell:
chsh -s /bin/zsh\nInstall oh-my-zsh and commonly used plugins:
wget https://gist.githubusercontent.com/dingwen07/1261eac531f7f080d72b78f931a8ca01/raw/omz-setup.sh\nchmod +x ./omz-setup.sh\n./omz-setup.sh\nEdit ~/.zshrc to enable plugins:
plugins=(\n git\n zsh-autosuggestions\n zsh-syntax-highlighting\n)\nJava Environment
\nJava environments are generally managed using SDKMAN!. Make sure the unzip package is installed:
curl -s "https://get.sdkman.io" | bash\nConfigure Windows Terminal for WSL
\nEnable Mouse Scrolling for CLI Programs
\nBy default, CLI programs in WSL, such as less and nano, do not support mouse scrolling. After configuration, mouse operations will default to being received by the application. To select content, hold the Shift key while selecting.
less (Including man)
\nSave the following content as a text file:
\n#env\nLESS = --mouse\nThen run lesskey <filename> (for newer distributions, save the text directly to ~/.lesskey).
nano
\nAdd the following to ~/.nanorc:
set mouse\nvi[m]
\nAdd the following to ~/.vi[m]rc:
set mouse=a\nSSH Agent
\nUse npiperelay.exe to forward the Windows socket //./pipe/openssh-ssh-agent to WSL 12.
Make sure npiperelay.exe is in the Windows PATH. This allows WSL to directly access it. It can be installed via WinGet. Then install socat in WSL:
sudo apt install socat\nNext, put the following script into ~/.win-ssh-agent/agent-bridge.sh:
# Code extracted from https://stuartleeks.com/posts/wsl-ssh-key-forward-to-windows/ with minor modifications\n\n# Configure ssh forwarding\nexport SSH_AUTH_SOCK=$HOME/.win-ssh-agent/agent.sock\n# need `ps -ww` to get non-truncated command for matching\n# use square brackets to generate a regex match for the process we want but that doesn't match the grep command running it!\nALREADY_RUNNING=$(ps -auxww | grep -q "[n]piperelay.exe -ei -s //./pipe/openssh-ssh-agent"; echo $?)\nif [[ $ALREADY_RUNNING != "0" ]]; then\n if [[ -S $SSH_AUTH_SOCK ]]; then\n # not expecting the socket to exist as the forwarding command isn't running (http://www.tldp.org/LDP/abs/html/fto.html)\n echo "removing previous socket..."\n rm $SSH_AUTH_SOCK\n fi\n echo "Starting SSH-Agent relay..."\n # setsid to force new session to keep running\n # set socat to listen on $SSH_AUTH_SOCK and forward to npiperelay which then forwards to openssh-ssh-agent on windows\n (setsid socat UNIX-LISTEN:$SSH_AUTH_SOCK,fork EXEC:"npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork &) >/dev/null 2>&1\nfi\nAdd the following to .bashrc or .zshrc:
source $HOME/.win-ssh-agent/agent-bridge.sh\nGnuPG
\nRefer to Using GPG Command-Line Tools in WSL2 and Signing Git Commits3.
\n1Password CLI
\nUse the op command-line tool for convenient and secure credential access. First, install it on Windows:
winget install AgileBits.1Password.CLI\nThen add the following to .bashrc or .zshrc:
# Aliases\nalias op="op.exe"\n# alias sudo="sudo -S <<< $(op read "op://Personal/Account Password/password")"\n\n# Completions\neval "$(op completion zsh)"; compdef _op op.exe\nReferences
\n![\"IMG_3843\"](\"IMG_3843.png\")
\n\nThe exact error message was:\n\n> Time Machine detected that your backups on “destination” can not be reliably restored. Time Machine must erase your existing backup history and start a new backup to correct this.\n\nThis happens after a kernel panic.\n\nAfter some digging, it does not necessarily mean the backup disk image is corrupted, but in some cases, Time Machine will 'mark' a backup disk image as 'bad' and refuse further backups to it.\n\nTo bypass this issue without erasing the backup history, locate the backup disk image (`sparsebundle`) in the network share. The disk image file might be in a \"locked\" state. Use ⌘ + I to open the info panel and unlock it. \n\n![\"Screenshot-2024-12-12-at-13.51.36\"](\"Screenshot-2024-12-12-at-13.51.36.png\")
\n\nNext, use Xcode to open file `com.apple.TimeMachine.MachineID.plist`. Change the value of the key `VerificationState` from `2` to `1` and save the file. \n\n![\"Screenshot-2024-12-12-at-13.53.07\"](\"Screenshot-2024-12-12-at-13.53.07.png\")
\n\nNow we should be able to complete backups, but make sure to verify the backup after the first completed backup. If the verification succeeds, then the backup disk image is not corrupted.\n\n---\n\nTranslated from my Chinese blog post: [Mac 时间机器“检测到备份无法可靠恢复”的解决方法](https://cn.extrawdw.eth.limo/BF15E650-41F6-4F5E-8610-1DDCBDFBE34D/)\n",
"contentRendered" : "Recently, my MacBook's Time Machine backup to a network disk (on a Mac mini) gives following error:
\n\nThe exact error message was:
\n\n\nTime Machine detected that your backups on “destination” can not be reliably restored. Time Machine must erase your existing backup history and start a new backup to correct this.
\n
This happens after a kernel panic.
\nAfter some digging, it does not necessarily mean the backup disk image is corrupted, but in some cases, Time Machine will 'mark' a backup disk image as 'bad' and refuse further backups to it.
\nTo bypass this issue without erasing the backup history, locate the backup disk image (sparsebundle) in the network share. The disk image file might be in a "locked" state. Use ⌘ + I to open the info panel and unlock it.
Then right-click → Show Package Contents, where the token file might also be locked. Unlock it similarly.
\nNext, use Xcode to open file com.apple.TimeMachine.MachineID.plist. Change the value of the key VerificationState from 2 to 1 and save the file.
\nNow we should be able to complete backups, but make sure to verify the backup after the first completed backup. If the verification succeeds, then the backup disk image is not corrupted.
\n\n
Translated from my Chinese blog post: Mac 时间机器“检测到备份无法可靠恢复”的解决方法
\n", "created" : 757327599.881062, "externalLink" : "", "hasAudio" : false, "hasVideo" : false, "heroImage" : "https://blog.extrawdw.eth.limo/E9D02EA8-784F-4291-A736-4FA185E68EE3/IMG_3843.png", "heroImageFilename" : "IMG_3843.png", "heroImageHeight" : 748, "heroImageURL" : "https://blog.extrawdw.eth.limo/E9D02EA8-784F-4291-A736-4FA185E68EE3/IMG_3843.png", "heroImageWidth" : 716, "id" : "E9D02EA8-784F-4291-A736-4FA185E68EE3", "link" : "/E9D02EA8-784F-4291-A736-4FA185E68EE3/", "slug" : "", "tags" : { "mac" : "Mac", "macos" : "macOS", "time-machine" : "Time Machine" }, "title" : "Solution to \"Time Machine detected that your backups can not be reliably restored\"" }, { "articleType" : 0, "attachments" : [ ], "cids" : { }, "content" : "\nMost of the methods found online involve using `npiperelay` to map the Gpg4win GPG Agent's socket into WSL2. However, a simpler approach is to use `gpg.exe` directly within WSL2.\n\nIf you want to sign Git commits but your private key is stored on a smart card, you can directly set it with: \n`git config --global gpg.program gpg.exe` \n(If GPG is not in Windows' PATH, you need to use the absolute path, which is usually `/mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe`. For convenience, it's better to add it to PATH. After doing so, open a new terminal.)\n\nUnless a program requires direct GPG Agent access or does not support custom GPG binaries, this approach is far more convenient than mapping the GPG Agent socket.\n\n---\n\nTranslated from my Chinese blog post: [在 WSL2 中使用 GPG 命令行工具以及对 Git commit 进行签名](https://cn.extrawdw.eth.limo/E866F5DA-F9C4-4137-9D7F-60A1F68FC0AD/)\n", "contentRendered" : "Most of the methods found online involve using npiperelay to map the Gpg4win GPG Agent's socket into WSL2. However, a simpler approach is to use gpg.exe directly within WSL2.
If you want to sign Git commits but your private key is stored on a smart card, you can directly set it with:
\ngit config --global gpg.program gpg.exe
\n(If GPG is not in Windows' PATH, you need to use the absolute path, which is usually /mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe. For convenience, it's better to add it to PATH. After doing so, open a new terminal.)
Unless a program requires direct GPG Agent access or does not support custom GPG binaries, this approach is far more convenient than mapping the GPG Agent socket.
\n\n
Translated from my Chinese blog post: 在 WSL2 中使用 GPG 命令行工具以及对 Git commit 进行签名
\n", "created" : 757325339.477323, "externalLink" : "", "hasAudio" : false, "hasVideo" : false, "id" : "E8F6E4D8-A27B-4869-BD85-022DFE2D0168", "link" : "/E8F6E4D8-A27B-4869-BD85-022DFE2D0168/", "slug" : "", "tags" : { "git" : "Git", "gnupg" : "GnuPG", "wsl" : "WSL", "wsl2" : "WSL2" }, "title" : "Using GPG Command-Line Tools in WSL2 and Signing Git Commits" }, { "articleType" : 0, "attachments" : [ ], "cids" : { }, "content" : "First, make sure there is IPNS Key in local IPFS keystore:\n\n```\nipfs key list\n```\n\nIf the key is not present, import with:\n\n```\nipfs key importFirst, make sure there is IPNS Key in local IPFS keystore:
\nipfs key list\nIf the key is not present, import with:
\nipfs key import <name> <key>\nThen, update IPNS record with:
\nipfs name publish --key=<key name> /ipfs/...\nExtrawdw Blog will also be accessible on extrawdw.bit from now on.
\nThe .bit is another blockchain domain name that can be registered here:
\n\nNote: The above is the referral link, if you register through the above link then I will receive a pay back, feel free to delete and replace the referrer. The registration fee will be reduced by 5% if there is a referrer.
\nOne advantage of .bit addresses over .eth is that updating domain records is free: you don't need to pay gas (network fee) for it.
\n", "created" : 686730660, "externalLink" : "", "hasAudio" : false, "hasVideo" : false, "id" : "F1A42BFB-4222-45C3-86FA-983D95724071", "link" : "/F1A42BFB-4222-45C3-86FA-983D95724071/", "slug" : "", "tags" : { "ipns" : "IPNS", "web3" : "Web3" }, "title" : ".bit address" }, { "articleType" : 0, "attachments" : [ ], "cids" : { }, "content" : "Welcome visitor,\n\nThis is Extrawdw Blog ([blog.extrawdw.net](https://blog.extrawdw.net) and [i.extrawdw.net](https://i.extrawdw.net)) on IPFS.\n\nArchives of obsolete/deleted articles are available at [`/ipns/k51qzi5uqu5dk04xxfqzcfc2ya5dhoer3xy1i4ppo9u1r4cilcxhih6fpbvfg0/`](https://ipfs.io/ipns/k51qzi5uqu5dk04xxfqzcfc2ya5dhoer3xy1i4ppo9u1r4cilcxhih6fpbvfg0/). It might contain posts in Chinese.\n\n\nArticles will start being posted here soon.\n\nEnjoy!\n", "contentRendered" : "Welcome visitor,
\nThis is Extrawdw Blog (blog.extrawdw.net and i.extrawdw.net) on IPFS.
\nArchives of obsolete/deleted articles are available at /ipns/k51qzi5uqu5dk04xxfqzcfc2ya5dhoer3xy1i4ppo9u1r4cilcxhih6fpbvfg0/. It might contain posts in Chinese.
Articles will start being posted here soon.
\nEnjoy!
\n", "created" : 683621280, "externalLink" : "", "hasAudio" : false, "hasVideo" : false, "id" : "58EE7099-4A3F-428B-832D-EE2C6E2B07F2", "link" : "/58EE7099-4A3F-428B-832D-EE2C6E2B07F2/", "slug" : "", "tags" : { "ipfs" : "IPFS", "ipns" : "IPNS", "web3" : "Web3" }, "title" : "Welcome to Extrawdw Blog on IPFS" } ], "created" : 683664449.740886, "discordLink" : "", "githubUsername" : "dingwen07", "id" : "EC4DF131-066C-4FB9-8837-69E015AEDAEE", "ipns" : "k51qzi5uqu5dh11cyqktyw5m9ilymx50a3n8oxng6uer77wzpz69v98dv9f4ul", "juiceboxEnabled" : false, "mastodonUsername" : "", "name" : "Extrawdw Blog", "plausibleAPIServer" : "plausible.io", "plausibleDomain" : "", "plausibleEnabled" : false, "podcastCategories" : { }, "podcastExplicit" : false, "podcastLanguage" : "en", "tags" : { "developer" : "Developer", "git" : "Git", "gnupg" : "GnuPG", "ipfs" : "IPFS", "ipns" : "IPNS", "linux" : "Linux", "mac" : "Mac", "macos" : "macOS", "ssh" : "SSH", "time-machine" : "Time Machine", "web3" : "Web3", "windows" : "Windows", "wsl" : "WSL", "wsl2" : "WSL2" }, "telegramUsername" : "extrawdw", "twitterUsername" : "realExtrawdw", "updated" : 758586323.346231 }