gerowen

joined 2 years ago
sorted by: new top controversial old
goodbye plex in c/selfhosted@lemmy.world
[–] gerowen@lemmy.world 4 points 1 week ago

It is the command line interface for libvirt/qemu/kvm on Linux. I usually just use virt-manager remotely via SSH to create and manage my VMs, but virsh can be handy as well.

Emblematic of the current fascist US regime in c/progressivepolitics@lemmy.world
[–] gerowen@lemmy.world 51 points 1 month ago (4 children)

If they're gonna go after people who mutilate children they need to start by banning circumcision.

Mozilla is shutting down Pocket, their read-it-later and content discovery app, and Fakespot, their browser extension that analyzes the authenticity of online product reviews. in c/technology@lemmy.world
[–] gerowen@lemmy.world 13 points 1 month ago (13 children)

Pocket is one service of theirs I did use from time to time. Save an article you want to read later without committing it to a bookmark.

What's your favorite anime? Only tell us by quoting it and seeing if we can guess in c/asklemmy@lemmy.world
[–] gerowen@lemmy.world 1 points 1 month ago* (last edited 1 month ago)

"A battle? No, a massacre."

"Look over there, a warrior!"

How to harden against SSH brute-forcing? in c/selfhosted@lemmy.world
[–] gerowen@lemmy.world 2 points 3 months ago (1 children)

Generate a unique key for each client or device. SSH keys identify devices, not people, so I do not recommend sharing the same key between two different devices.

How to harden against SSH brute-forcing? in c/selfhosted@lemmy.world
[–] gerowen@lemmy.world 31 points 3 months ago* (last edited 3 months ago) (1 children)

I generally do a few things to protect SSH:

  1. Disable password login and use keys only
  2. Install and configure Fail2Ban
  3. Disable root login via ssh altogether. Just change "permit root login" from "no password" to just "no". You can still become root via sudo or su after you're connected, but that would trigger an additional password request. I always connect as a normal user and then use sudo if/when I need it. I don't include NOPASSWD in my sudoers to make certain sudo prompts for a password. Doesn't do any good to force normal user login if sudo doesn't require a password.
  4. If connecting via the same network or IPs, restrict the SSH open port to only the IPs you trust.
  5. I don't have SSH internet visible. I have my own Wireguard server running on a separate raspberry pi and use that to access SSH when I'm away, but SSH itself is not open to the internet or forwarded in the router.
*Permanently Deleted* in c/world@lemmy.world
[–] gerowen@lemmy.world 4 points 3 months ago

They straight up ambushed those guys. Makes me wonder if the car accident was staged specifically to attract emergency workers.

Selfhosting Sunday - What's up? in c/selfhosted@lemmy.world
[–] gerowen@lemmy.world 2 points 3 months ago

So far I haven't seen any attempts to change their user agents. I've seen one or two other bots poking around, but nothing to write home about so I've left them alone.

I have heard however that changing user agents is a tactic they do indeed employ, especially Claude, so it may be that I'll eventually have to adapt my defenses.

Selfhosting Sunday - What's up? in c/selfhosted@lemmy.world
[–] gerowen@lemmy.world 5 points 3 months ago (2 children)

I've been fending off AI bots the last week or so; wrote about it here:

https://gerowen.substack.com/p/the-ai-data-scraping-is-getting-out

*Permanently Deleted* in c/technology@lemmy.world
[–] gerowen@lemmy.world 33 points 3 months ago (9 children)

Why did they get removed? I feel like I'm missing a whole backstory here.

Google decimates Twitter search results after Elon Musk imposes limits on reading tweets in c/technology@lemmy.world
[–] gerowen@lemmy.world 1 points 2 years ago (1 children)

She straight up admitted that she was essentially a sock puppet CEO and would offer no friction to anything Musk wanted.

view more: next ›