2·
1 year agoSame… Although maybe I’m just searching niche problems.
- 0 Posts
- 68 Comments
Joined 1 year ago
Cake day: June 20th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Hadrian’s wall still stands… Although in most places it’s easy to cross 😂
No sandboxing because I’m only using it on one device with no saved details…
Terminus IMO is utter crap, their sales team are useless and didn’t want to engage with me in a useful non-automated way. Their ‘Linux’ support is actually just a Ubuntu based deb installer which you need to manipulate to be useful on other distros. I am also very cautious of their cloud sync which holds your passwords and keys especially since it doesnt use your systems defaults on Linux.
However it is currently the best ssh client I can install on android via Google play on a device I can’t sideload Juice onto, I just don’t let it remember passwords and keys.
Wrapper - https://gist.github.com/adamboutcher/76aa402ad4478faeed95a4e953fdd200
If the motherboard has a built in 2d video card you’ll be fine, otherwise you can try via serial which will be slow. Ipmi can sometimes do video or it’s serial over Lan.
Serial bit will be slow and might not be default so the first bit night be really tricky. Also some systems won’t post with a video card, especially in the consumer world.
I’d personally boot with a GPU then swap it out once the system is correctly configured for ssh access.
2·1 year agoWait until 32GB RAM isn’t enough and the OOM decides to randomly kill processes. Especially with memory leaks…
T1 sites typically have replicas which usually get backed up on the experiment data to work with, T2 and T3 sites then get more local working copies that dont backup and are only kept as long as they need (as long as the delete cycle works).
A small T3 is likely around 1PB of storage.
I support only Dell XPS 13/15 inch laptops at work exclusively with Fedora Linux, 99% of things work; occasional issues with things like the fingerprint sensor which is better supported in Ubuntu (it’s a usb based goodix fingerprint sensor). The latest 15 inch has some issues with sound being quiet but over amplification solves this with some fidelity loss which isn’t a problem for normal alet type noises.
Iirc your model (we had one of) works more or less flawless out of the box.
4·1 year agoDL380 G9. Those bioses don’t support booting from PCIe at all.
They actually do but it can only be a HPE supported BootROM… anything non-HPE is ignored (weirdly, some Intel and Broadcom cards PXE boot without the HPE firmware but not all).
Most of these boards have internal USB and internal SD slots which you can boot from with any media, intact HPE sell a USB SD card raid adaptor for the usb slot. So I would recommend using SD card for this…
There might also be some magic/weirdness with IP routing in the kernel. Have a look at net.ipv4.ip_forward system variable.
Are you sure you’re not using local hostnames / DNS resolution?
You may also need to updates your nfs exports file for the new subnet. And also update systems on the fstab changes (daemon-reload).
My guess with that TDP is yes. Iirc it’s about 100W per connector.
27·1 year agoOther than fulling up storage, what is the actual issue? If the image is orphaned then surely nobody can actually access the content? Sure you could be blind hosting things but if nobody can get the content back out then the abuse is surely minimal apart from say a complex cyber and physical targetted campaign or simply fulling up storage…
Maybe try forcing only IPv4 connections for the traffic you want to keep private?
Your biggest leak maybe IPv6 DNS which is probably not that big of a deal really…
Ports 80 and 443.
The cli is easy and you could just Cron (scheduled task) a bunch of commands to open the firewall, renew cert and close the firewall. It’s how I do it for some internal systems.
I think the gentoo install guide will be helpful for this chrooting…
The bad practise would be to entirely disable IPv6. #ShittySysAdmin
I’m not sure about anything you’re running but I would look into certbot.
Either using the basic web plugin or DNS plugin. Nginx would be simpler, you’d just have to open your web ports on certificate generation to pass the challenge.
I know some proxy tools have let’s encrypt support, such as traefik.
43·1 year agoSurely a 1:1 emulator would just run DRM as expected and it would never know… Feels like it may stop day1 piracy via emulators but anything beyond I’m sure would be patched.
Because if your android forces the newer android security contexts for storage, it won’t install.