syncthing is great.
Respect the burrito.
syncthing is great.
It’s this (excuse formatting): https://www.openssh.com/releasenotes.html
sshd(8) will now penalise client addresses that, for various reasons, do not successfully complete authentication. This feature is controlled by a new sshd_config(5) PerSourcePenalties option and is on by default.
sshd(8) will now identify situations where the session did not authenticate as expected. These conditions include when the client repeatedly attempted authentication unsucessfully (possibly indicating an attack against one or more accounts, e.g. password guessing), or when client behaviour caused sshd to crash (possibly indicating attempts to exploit bugs in sshd).
When such a condition is observed, sshd will record a penalty of some duration (e.g. 30 seconds) against the client’s address. If this time is above a minimum configurable threshold, then all connections from the client address will be refused (along with any others in the same PerSourceNetBlockSize CIDR range) until the penalty expire.
Repeated offenses by the same client address will accrue greater penalties, up to a configurable maximum. Address ranges may be fully exempted from penalties, e.g. to guarantee access from a set of trusted management addresses, using the new sshd_config(5) PerSourcePenaltyExemptList option.
I recall hearing that openssh has something like fail2ban built-in now. I forget the name of the feature.
Unless somethkng changed in the last few years, SSDs are much much faster.
That’s true. I did learn a lot, but the idea of setting it all up again gives me anxiety.
I self host my email. It was hard work to set up. 0/10. Would not come again.
What the hell is this? Half way down the page it becomes a crypto advert…
In case, like me, you were wondering what this has to do with ssh:
openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma.
With ftps, can you use a self-signed cert? If so, how does it verify the cert? Do you have to upload the public key, or does it cache it on first use?
When using reolink in a self-hosted setting:
Thanks
Why what?
Alright. Who bent the rack ears? Own up…
I’m not crazy on web apps either. I’d want to edit my notes in vim.
Freebsd, but it would be openbsd if it had a better filesystem.
Platters make good coasters
Call me old fashioned, but fstab…
Of course. Just put disks in and set up whatever remote filesystem and it’s a NAS.
man hier
For a while I was exchanging encrypted backups with a friend. An easy way to offside without granting shell accounts.
I gave up on kodi. Jellyfin works better, presumably because it transcodes better.