Fix internal links that pointed to medium.com

2016-03-13-wifi-client-router-setup.html

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-<p>I’ve still got two devices in my home that can’t do WiFi natively, but that I don’t have a good wiring solution for (one is an RPi that has a strange device on the USB bus that panics if anything else is on the USB bus, and the other is a FireTV with <a href="https://medium.com/where-the-flamingcow-roams/hall-of-2-4-ghz-shame-2016-edition-97781b48cdb5#.1bt4sd207">issues</a>). This is a great opportunity to use another Raspberry Pi as a WiFi client &lt;-> wired connection, providing a wired drop wherever I want it.</p>
+<p>I’ve still got two devices in my home that can’t do WiFi natively, but that I don’t have a good wiring solution for (one is an RPi that has a strange device on the USB bus that panics if anything else is on the USB bus, and the other is a FireTV with <a href="2016-02-01-hall-of-2-4-ghz-shame-2016-edition.html">issues</a>). This is a great opportunity to use another Raspberry Pi as a WiFi client &lt;-> wired connection, providing a wired drop wherever I want it.</p>
 
 <p>If you search for this on the Internets, you discover a problem. While 802.11 looks like Ethernet, there’s a critical difference in this case. Most access points won’t let clients speak with anything other than their own MAC address. If you’re two or more devices (the client and the devices wired to it), you have a problem, with a few ugly solutions:</p>
 
@@ -27,7 +27,7 @@
 
 <p><img src="data:image/webp;base64,<!--# include file="images/wifi-router.webp.base64" -->" alt=""></p>
 
-<p><a href="https://medium.com/where-the-flamingcow-roams/streaming-netflix-from-android-to-os-x-4486cbc7eb9e#.kvnxuy3c5">Install and configure Raspbian Lite</a>. <a href="https://wiki.archlinux.org/index.php/WPA_supplicant">Get your device connected via WiFi</a>. (Side note: the ArchLinux wiki is really great).</p>
+<p><a href="https://dev.firestuff.org/firestuff/2016-03-13-raspbian-setup-notes.html">Install and configure Raspbian Lite</a>. <a href="https://wiki.archlinux.org/index.php/WPA_supplicant">Get your device connected via WiFi</a>. (Side note: the ArchLinux wiki is really great).</p>
 
 <h3>Assign a static IPv4 address</h3>
 

2016-03-17-raspberry-pi-3-serial-console.html

@@ -7,7 +7,7 @@
 
 <p>Turns out some winner in Piland re-used GPIO pins necessary to make serial work for Bluetooth. I guess they figured that no one used serial console?</p>
 
-<p>To fix, you’ll need a monitor &amp; keyboard. First follow the instructions <a href="https://medium.com/where-the-flamingcow-roams/raspbian-setup-notes-677a71de5b9f#.xm7jhawwi">here</a> up through “Update firmware” (rpi-update). Then edit /boot/config.txt and add the line:</p>
+<p>To fix, you’ll need a monitor &amp; keyboard. First follow the instructions <a href="2016-03-13-raspbian-setup-notes.html">here</a> up through “Update firmware” (rpi-update). Then edit /boot/config.txt and add the line:</p>
 
 <pre><code>dtoverlay=pi3-disable-bt
 </code></pre>

2016-03-26-nitrokey-hsm-ec-setup.html

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-<p>Following up from my previous writeup on <a href="https://medium.com/where-the-flamingcow-roams/elliptic-curve-certificate-authority-bbdb9c3855f7#.wv19mvxse">creating an EC CA</a>, let’s talk about key security.</p>
+<p>Following up from my previous writeup on <a href="2016-03-21-elliptic-curve-certificate-authority.html">creating an EC CA</a>, let’s talk about key security.</p>
 
 <p><a href="https://en.wikipedia.org/wiki/Hardware_security_module">Hardware security modules</a> are physical devices that manage keys. Generally, the rule is that they let you use the keys for operations (e.g. signing) given correct authentication, but don’t let you extract the raw key material. This means that if you’re holding the HSM, you know that no one else is currently abusing your key (though they may have done so in the past).</p>
 
@@ -100,6 +100,6 @@ OpenSSL&gt; req -engine pkcs11 -new -keyform engine -out cert.pem -text -x509 -d
 
 <p>More instructions on various Nitrokey HSM operations can be found <a href="https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM#init">here</a>.</p>
 
-<p>Instructions for running a complete certificate authority (CA) with your Nitrokey are <a href="https://medium.com/where-the-flamingcow-roams/ec-ca-redux-now-with-more-nitrokey-729061e1b7c9#.d7igz5dhv">here</a>.</p>
+<p>Instructions for running a complete certificate authority (CA) with your Nitrokey are <a href="2016-03-27-ec-ca-redux-now-with-more-nitrokey.html">here</a>.</p>
 
 <!--# include file="include/bottom.html" -->

2016-03-27-ec-ca-redux-now-with-more-nitrokey.html

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-<p>This is a revisit on my doc on <a href="https://medium.com/where-the-flamingcow-roams/elliptic-curve-certificate-authority-bbdb9c3855f7#.4z3bzvz6e">how to set up an EC CA</a>. In this version, we’re using the <a href="https://shop.nitrokey.com/shop/product/nitrokey-hsm-7">Nitrokey HSM</a> for key generation, storage, and operations. You’ll need two Nitrokey HSMs. You can get away with one, but there’s not a lot of point to splitting root and intermediate certs if you then keep them on the same device. You’ll also need a <a href="https://medium.com/where-the-flamingcow-roams/nitrokey-hsm-ec-setup-6ed9b9e43c36#.pgal18rvh">system set up</a> to talk to the Nitrokey, which is a bit tricky.</p>
+<p>This is a revisit on my doc on <a href="2016-03-21-elliptic-curve-certificate-authority.html">how to set up an EC CA</a>. In this version, we’re using the <a href="https://shop.nitrokey.com/shop/product/nitrokey-hsm-7">Nitrokey HSM</a> for key generation, storage, and operations. You’ll need two Nitrokey HSMs. You can get away with one, but there’s not a lot of point to splitting root and intermediate certs if you then keep them on the same device. You’ll also need a <a href="2016-03-26-nitrokey-hsm-ec-setup.html">system set up</a> to talk to the Nitrokey, which is a bit tricky.</p>
 
 <p>If you do this right, you can set up a CA where the keys never touched computer that you’re using to host the CA; they only ever reside protected in the Nitrokey.</p>
 

2016-05-17-wifi-bridging-redux.html

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-<p>I previously wrote about building <a href="https://medium.com/where-the-flamingcow-roams/wifi-client-router-setup-9712a5f943e4#.z3wzhlub9">WiFi client routers</a> instead of bridges; they get you broadcast domain isolation and a degree of conceptual simplicity (no L2 tricks). I finally ran into a requirement on a different project to build an actual bridge; here’s how I did it.</p>
+<p>I previously wrote about building <a href="2016-03-13-wifi-client-router-setup.html">WiFi client routers</a> instead of bridges; they get you broadcast domain isolation and a degree of conceptual simplicity (no L2 tricks). I finally ran into a requirement on a different project to build an actual bridge; here’s how I did it.</p>
 
 <p>You can copy the hardware from the router post, or use what you’ve got; I don’t believe this is driver-specific.</p>
 

markdown/2016-03-13-wifi-client-router-setup.md

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-I’ve still got two devices in my home that can’t do WiFi natively, but that I don’t have a good wiring solution for (one is an RPi that has a strange device on the USB bus that panics if anything else is on the USB bus, and the other is a FireTV with [issues](https://medium.com/where-the-flamingcow-roams/hall-of-2-4-ghz-shame-2016-edition-97781b48cdb5#.1bt4sd207)). This is a great opportunity to use another Raspberry Pi as a WiFi client <-> wired connection, providing a wired drop wherever I want it.
+I’ve still got two devices in my home that can’t do WiFi natively, but that I don’t have a good wiring solution for (one is an RPi that has a strange device on the USB bus that panics if anything else is on the USB bus, and the other is a FireTV with [issues](2016-02-01-hall-of-2-4-ghz-shame-2016-edition.html)). This is a great opportunity to use another Raspberry Pi as a WiFi client <-> wired connection, providing a wired drop wherever I want it.
 
 If you search for this on the Internets, you discover a problem. While 802.11 looks like Ethernet, there’s a critical difference in this case. Most access points won’t let clients speak with anything other than their own MAC address. If you’re two or more devices (the client and the devices wired to it), you have a problem, with a few ugly solutions:
 
@@ -23,7 +23,7 @@ If you’ve got a router at the front of your network that supports static route
 
 <img src="data:image/webp;base64,<!--# include file="images/wifi-router.webp.base64" -->" alt="">
 
-[Install and configure Raspbian Lite](https://medium.com/where-the-flamingcow-roams/streaming-netflix-from-android-to-os-x-4486cbc7eb9e#.kvnxuy3c5). [Get your device connected via WiFi](https://wiki.archlinux.org/index.php/WPA_supplicant). (Side note: the ArchLinux wiki is really great).
+[Install and configure Raspbian Lite](https://dev.firestuff.org/firestuff/2016-03-13-raspbian-setup-notes.html). [Get your device connected via WiFi](https://wiki.archlinux.org/index.php/WPA_supplicant). (Side note: the ArchLinux wiki is really great).
 
 ### Assign a static IPv4 address
 

markdown/2016-03-17-raspberry-pi-3-serial-console.md

@@ -7,7 +7,7 @@ Got my new RPi 3s. So exciting! Connect to my [serial cable](https://www.adafrui
 
 Turns out some winner in Piland re-used GPIO pins necessary to make serial work for Bluetooth. I guess they figured that no one used serial console?
 
-To fix, you’ll need a monitor & keyboard. First follow the instructions [here](https://medium.com/where-the-flamingcow-roams/raspbian-setup-notes-677a71de5b9f#.xm7jhawwi) up through “Update firmware” (rpi-update). Then edit /boot/config.txt and add the line:
+To fix, you’ll need a monitor & keyboard. First follow the instructions [here](2016-03-13-raspbian-setup-notes.html) up through “Update firmware” (rpi-update). Then edit /boot/config.txt and add the line:
 
     dtoverlay=pi3-disable-bt
 

markdown/2016-03-26-nitrokey-hsm-ec-setup.md

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-Following up from my previous writeup on [creating an EC CA](https://medium.com/where-the-flamingcow-roams/elliptic-curve-certificate-authority-bbdb9c3855f7#.wv19mvxse), let’s talk about key security.
+Following up from my previous writeup on [creating an EC CA](2016-03-21-elliptic-curve-certificate-authority.html), let’s talk about key security.
 
 [Hardware security modules](https://en.wikipedia.org/wiki/Hardware_security_module) are physical devices that manage keys. Generally, the rule is that they let you use the keys for operations (e.g. signing) given correct authentication, but don’t let you extract the raw key material. This means that if you’re holding the HSM, you know that no one else is currently abusing your key (though they may have done so in the past).
 
@@ -91,6 +91,6 @@ Now, delete the file, re-initialize the device, and you’re good to go.
 
 More instructions on various Nitrokey HSM operations can be found [here](https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM#init).
 
-Instructions for running a complete certificate authority (CA) with your Nitrokey are [here](https://medium.com/where-the-flamingcow-roams/ec-ca-redux-now-with-more-nitrokey-729061e1b7c9#.d7igz5dhv).
+Instructions for running a complete certificate authority (CA) with your Nitrokey are [here](2016-03-27-ec-ca-redux-now-with-more-nitrokey.html).
 
 <!--# include file="include/bottom.html" -->

markdown/2016-03-27-ec-ca-redux-now-with-more-nitrokey.md

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-This is a revisit on my doc on [how to set up an EC CA](https://medium.com/where-the-flamingcow-roams/elliptic-curve-certificate-authority-bbdb9c3855f7#.4z3bzvz6e). In this version, we’re using the [Nitrokey HSM](https://shop.nitrokey.com/shop/product/nitrokey-hsm-7) for key generation, storage, and operations. You’ll need two Nitrokey HSMs. You can get away with one, but there’s not a lot of point to splitting root and intermediate certs if you then keep them on the same device. You’ll also need a [system set up](https://medium.com/where-the-flamingcow-roams/nitrokey-hsm-ec-setup-6ed9b9e43c36#.pgal18rvh) to talk to the Nitrokey, which is a bit tricky.
+This is a revisit on my doc on [how to set up an EC CA](2016-03-21-elliptic-curve-certificate-authority.html). In this version, we’re using the [Nitrokey HSM](https://shop.nitrokey.com/shop/product/nitrokey-hsm-7) for key generation, storage, and operations. You’ll need two Nitrokey HSMs. You can get away with one, but there’s not a lot of point to splitting root and intermediate certs if you then keep them on the same device. You’ll also need a [system set up](2016-03-26-nitrokey-hsm-ec-setup.html) to talk to the Nitrokey, which is a bit tricky.
 
 If you do this right, you can set up a CA where the keys never touched computer that you’re using to host the CA; they only ever reside protected in the Nitrokey.
 

markdown/2016-05-17-wifi-bridging-redux.md

@@ -3,7 +3,7 @@
 
 <!--# include file="include/top.html" -->
 
-I previously wrote about building [WiFi client routers](https://medium.com/where-the-flamingcow-roams/wifi-client-router-setup-9712a5f943e4#.z3wzhlub9) instead of bridges; they get you broadcast domain isolation and a degree of conceptual simplicity (no L2 tricks). I finally ran into a requirement on a different project to build an actual bridge; here’s how I did it.
+I previously wrote about building [WiFi client routers](2016-03-13-wifi-client-router-setup.html) instead of bridges; they get you broadcast domain isolation and a degree of conceptual simplicity (no L2 tricks). I finally ran into a requirement on a different project to build an actual bridge; here’s how I did it.
 
 You can copy the hardware from the router post, or use what you’ve got; I don’t believe this is driver-specific.