If you’re trying to have password auth be a second layer on top of key auth (requiring a password after connecting with your ssh key), you can add the following to your server’s sshd_conf:
AuthenticationMethods "publickey,password"
If you’re trying to have password auth be a second layer on top of key auth (requiring a password after connecting with your ssh key), you can add the following to your server’s sshd_conf:
AuthenticationMethods "publickey,password"
/dev/sda is the whole raw disk - you typically don’t want to directly interact with /dev/sda, unless you are partitioning or overwriting it. There are a few layers between that device and the files:
You’ll need to find where that ext4 filesystem is mounted, and run the chown command on that. You can run lsblk
and see a tree of the above hierarchy, with the ext4 filesystem’s mountpount shown in the right-hand column.
Nikita Khrushchev, in his own memoir, stating clearly that the USSR could not have won the war on its own:
I would like to express my candid opinion about Stalin’s views on whether the Red Army and the Soviet Union could have coped with Nazi Germany and survived the war without aid from the United States and Britain. First, I would like to tell about some remarks Stalin made and repeated several times when we were “discussing freely” among ourselves. He stated bluntly that if the United States had not helped us, we would not have won the war. If we had had to fight Nazi Germany one on one, we could not have stood up against Germany’s pressure, and we would have lost the war. No one ever discussed this subject officially, and I don’t think Stalin left any written evidence of his opinion, but I will state here that several times in conversations with me he noted that these were the actual circumstances. He never made a special point of holding a conversation on the subject, but when we were engaged in some kind of relaxed conversation, going over international questions of the past and present, and when we would return to the subject of the path we had traveled during the war, that is what he said. When I listened to his remarks, I was fully in agreement with him, and today I am even more so.
-Khrushchev, Nikita Sergeevich; Khrushchev, Serge (2004). Memoirs of Nikita Khrushchev: Commissar, 1918–1945. Penn State Press. pp. 638–639.
https://grapheneos.org/faq#device-lifetime
You can buy a used Pixel 8 and it will be supported by Graphene through 2030 at the very earliest, probably the best support lifecycle you can possibly get on a phone.
Ctrl+r was a life-changer when I first learned it.
When it comes to privacy and security, I think you should treat all cloud providers equally. Use a client with client-side encryption so that the only thing that touches the provider is encrypted data.
Rclone is an example of a good client that can do this, and can even mount your cloud storage as a filesystem with its encryption layer in between.
I’d recommend a full battery calibration before running the command one more time, if you haven’t already (charge the battery fully, leave it on the charger at 100% for a while, then fully discharge until it shuts itself off, leave it for a bit, then fully recharge while off). If the calibrated values line up with a full:design ratio of ~80%, especially with a 10-year-old battery with almost 700 cycles on it, my take is that’s pretty great.
That said, I think the best way to get an accurate feel for the health of an old battery is to put it through one full cycle of normal use and time how long it takes to die.
If you’re genuinely worried about this, you shouldn’t be using untrusted machines for remote access.
Apache Guacamole might be a good option. “Clientless” (browser-based), supports various mfa, uses ssh/vnc/rdp on the backend.
However, if the data on that machine is sensitive, or if that machine has access to other sensitive things on your network, I’d suggest caution in allowing remote access from untrusted machines on the wider internet.
Good luck!
The only legitimate commands for a non-root shell are sudo -i
, exit
, and echo "yee haw"
powertop is a cool tool that can analyze your machine and provide a list of suggested power optimizations
DNS is what you’re looking for. To keep it simple and in one place (your adguard instance), you can add local dns entries under Filters > DNS Rewrites in the format below:
192.xxx.x.47 plex.yourdomain.xyz
192.xxx.x.53 snapdrop.yourdomain.xyz
What is your root filesystem installed on - lvm, zfs, or bare disk partitions? Are you booting with grub (legacy/bios) or systemd-boot (uefi)?
Can’t beat an X230 with an i5 for that use case, and you can still find them for around 100 bucks. Swap in an X220 keyboard, maybe a new battery, coreboot it, and in my opinion you’ve got the perfect laptop. I’ve daily driven that setup for the last 5 years and it’s been great.
It’s still right to complain and protest about something that is unjust, even when ways to circumvent it exist. Because the next logical policy step is to ban VPNs, as many countries already have, and the solved problem becomes unsolved again.
ssh predates the specification, exists somewhat independently of even the idea of a desktop (not common to see xdg env variables like XDG_CONFIG in a headless environment, for example), and uses the homedir/.ssh directory on both the client and server side of a connection. I think it’s less to do with security and more to do with uniformity for something as important as ssh - ssh doesn’t need to change to use the xdg spec, and xdg doesn’t need to allot anything special for ssh when it’s already uniform across the unix spectrum
Forgejo, a Gitea fork used by Codeberg. I chose it because it’s got the right balance of features to weight for my small use case, it has FOSS spirit, and it’s got a lovely package maintainer for FreeBSD that makes deployment and maintenance easy peasy (thanks Stefan <3).