●● IRC: #boycottnovell @ Techrights IRC Network: Saturday, August 13, 2022 ●● ● Aug 13 [00:01] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 13 [03:24] schestowitz-TR I lost passwordless access to ipfs.techrights.org [03:24] schestowitz-TR I've removed the three packages you had added [03:24] schestowitz-TR also tried readding keys [03:24] schestowitz-TR but still cannot get that to work [03:24] schestowitz-TR for now, I'll upload the files manually ● Aug 13 [04:13] Techrights-sec2 I turned on nftables a few minutes ago because all remaining system logs [04:13] Techrights-sec2 were filled with attacks and had no actual system information due to the volume [04:13] Techrights-sec2 which account can't use keys to get to ipfs.techrights.org? [04:13] Techrights-sec2 ok checking [04:13] Techrights-sec2 that'll certainly be a permissins problem [04:13] schestowitz-TR 0/ [04:14] schestowitz-TR just in time ;-) [04:14] schestowitz-TR xxxx [04:14] schestowitz-TR gemini works OK, I configured that hours ago [04:14] schestowitz-TR xxx worked ok until yesterday [04:15] Techrights-sec2 can you try xxxxx again now please? [04:15] schestowitz-TR cannot even reach this address over ssh [04:24] Techrights-sec2 checking [04:24] Techrights-sec2 spotted it, just a sec [04:24] Techrights-sec2 try now [04:24] schestowitz-TR now prompted for password, but at least rechable [04:24] Techrights-sec2 (I've copied over the NFT settings from tm-new) [04:24] Techrights-sec2 """ [04:24] Techrights-sec2 Authentication refused: bad ownership or modes for directory /home/xxx [04:24] Techrights-sec2 """ [04:24] Techrights-sec2 checking [04:29] schestowitz-TR now it works [04:29] schestowitz-TR I don't know what happened or changed since yesterday, but I manually added the 9 missing files and treble-checked just to know the archive is complete [04:29] schestowitz-TR incidentally I noticed a mistake [04:29] schestowitz-TR a [04:29] schestowitz-TR a usefuless file that was not supposed to be in ipfs [04:29] schestowitz-TR it was inherited from the home-hosted repo [04:29] schestowitz-TR but it's not a bad file [04:29] schestowitz-TR it just makes things less tidy [04:29] schestowitz-TR apparetly snuck in there in Marcheach year there are 9x365/6 new files [04:29] schestowitz-TR adding them can be made vastly more efficent, that's on the todo list [04:29] schestowitz-TR also, in git you can find history for complete-split and update [04:29] schestowitz-TR where you attempted to make grep better but it did not work the first time around, hence reverted back [04:29] Techrights-sec2 checking [04:29] Techrights-sec2 excellent [04:29] Techrights-sec2 :/ [04:29] Techrights-sec2 # rc-service ipfs status [04:29] Techrights-sec2 * status: stopped [04:35] schestowitz-TR I will soon get somr rest [04:35] schestowitz-TR I summoned some energy after work (5-30-1am) to make several posts that I thought were OK [04:35] schestowitz-TR this weekend I can make videos and work on the sites [04:35] schestowitz-TR if you restart tr-new it'll knock ii offline, but that's OK [04:35] schestowitz-TR I assume you might want to test rs-service with ipfs [04:35] schestowitz-TR at some point phphirc (irc bots) can be brought over to the new server, but not yet as we need http first, there is stuff exported from them to public_html every [04:35] schestowitz-TR 5 mins and that affects scrollback in gemini etc. [04:35] schestowitz-TR gm, feel free to break things [04:35] schestowitz-TR *gn [04:35] Techrights-sec2 ok I'll try to keep it calm anyway, looking at NFT atm [04:35] Techrights-sec2 gn ● Aug 13 [05:06] *DaemonFC_ (~chatzilla@2vr2py5ze6bgu.irc) has joined #boycottnovell [05:07] *DaemonFC_ has quit (Quit: ChatZilla 0.13 [SeaMonkey 2.53.13/20220708150114]) [05:07] *DaemonFC has quit (Quit: Leaving) [05:08] *DaemonFC (~chatzilla@2vr2py5ze6bgu.irc) has joined #boycottnovell [05:16] *britney has quit (Ping timeout: 2m30s) ● Aug 13 [06:10] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell ● Aug 13 [07:00] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [07:29] *Despatche has quit (Quit: Read error: Connection reset by deer) [07:31] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [07:42] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [07:42] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [07:48] *asusbox2 has quit (Quit: Konversation terminated!) [07:48] *asusbox2 (~rianne@x6gnqyt8r46u8.irc) has joined #boycottnovell ● Aug 13 [08:04] *DaemonFC has quit (Quit: ChatZilla 0.13 [SeaMonkey 2.53.13/20220708150114]) [08:27] Techrights-sec2 turned off password authentication on tr-new to harden it and to quiet the logs [08:27] Techrights-sec2 added nftables to tr-new [08:27] Techrights-sec2 added a simple AWK script to tr-new along with a matching openrc init script to block attacking IPv4 addresses, to harden it and to quiet the logs [08:27] Techrights-sec2 the system logs are useless without the above mitigations [08:27] Techrights-sec2 configured system logs, via syslog.conf, to split out authentication logging to a separate file [08:27] Techrights-sec2 fixed bad permissions for /var/log/ipfs/ipfs, the service must run as 'ipfs' and not 'glr' [08:27] Techrights-sec2 back in an hour or three [08:39] schestowitz-TR excellent!! [08:39] schestowitz-TR just done some sanity check on gemini side, all is well [08:39] schestowitz-TR I had put down some notes for myself -- things to be checked [08:39] schestowitz-TR so gemini is done (for tuxmachines also) [08:39] schestowitz-TR in ipfs's case, it's all set, just not automated yet [08:39] schestowitz-TR we still have one git repo on centos ● Aug 13 [09:04] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [09:30] *Noisytoot has quit (Ping timeout: 2m30s) [09:32] *Noisytoot (~noisytoot@tkbibjhmbkvb8.irc) has joined #boycottnovell [09:50] Techrights-sec2 for ipfs there is an openrc script in /etc/init.d/ for automation [09:50] Techrights-sec2 it can be enabled [09:50] Techrights-sec2 the system logs on tr-new are much better now and useful for further diagnosis [09:50] Techrights-sec2 as needed [09:56] *britney has quit (Ping timeout: 2m30s) [09:56] schestowitz-TR moments ago (when you got back) i recorded a video about what you had seen, I think, last night [09:56] schestowitz-TR video about the text [09:56] schestowitz-TR it's about how I envision how being both online and active the next 10 years [09:57] schestowitz-TR yesterday morning I reached a resolution (verbally at least) on the matter that bothered me for 2 weeks [09:57] schestowitz-TR days ago I also received a totally firvolous copyirhg threat [09:57] schestowitz-TR I will show the letter at a later point [09:57] schestowitz-TR it's incrediby stupid [09:57] schestowitz-TR and would not be the first time I get a threat over a fucking MEME [09:57] schestowitz-TR EU had discussions on copyright in relation to memes [09:57] schestowitz-TR iirc, the resultant law was, it's OK as long as the eme is low res [09:57] schestowitz-TR I think it's like the 5th time we receive threats over "copyright" in some random image [09:57] schestowitz-TR of course I'm picky with licences [09:57] schestowitz-TR but with memes the originals' licences are unknown ● Aug 13 [10:09] Techrights-sec2 ack [10:10] schestowitz-TR one child costs about the same as 20 years of freedom for a couple [10:10] schestowitz-TR like dfc said, the only reason some people maim for 6-figure salaries is kids [10:10] schestowitz-TR but the latter comes before the former [10:10] schestowitz-TR an afterthought [10:11] Techrights-sec2 more since the effective age of majority has become aroudn 25 or so and then [10:11] Techrights-sec2 there are "boomerang" kids and such then come grandkids [10:11] Techrights-sec2 those and expensive, poorly made cars and clothes [10:12] schestowitz-TR we assessed that with a kid a car too would be required for many reasonsd [10:12] schestowitz-TR and maybe simple activities like cycling would no longer be posible [10:12] schestowitz-TR except with slave labour like grandparents [10:12] schestowitz-TR (who btw I'm told don't genuinely want to look after the kids; it's tiring) [10:12] schestowitz-TR so they pretend [10:16] Techrights-sec2 ack [10:20] schestowitz-TR speaking of which, poorly made electronics [10:20] schestowitz-TR lots of recent strories to telel [10:20] schestowitz-TR inc. an hour old [10:20] schestowitz-TR I gave rianne headphones from over 20+ years aog [10:20] schestowitz-TR she wants only one side to work [10:20] schestowitz-TR so she can hear what goes on [10:20] schestowitz-TR a set from 2 years ago went all dead, neither side works [10:20] schestowitz-TR so there are old spares [10:20] schestowitz-TR these are never made for filutre at the links [10:20] schestowitz-TR the metals wears off and then you lose signal [10:20] schestowitz-TR adding more material means investing more money in production [10:20] schestowitz-TR or better conductive material [10:20] schestowitz-TR it's like the light bulb industry [10:20] schestowitz-TR you;re meant to buy like 50 headphones in a lifetime... and throw away as many [10:22] Techrights-sec2 those are usually built so that the cables break or fray irreparably [10:22] Techrights-sec2 ack [10:24] schestowitz-TR I had one or two other new examples in mind [10:24] schestowitz-TR from yesterday [10:24] schestowitz-TR forgot or cannot recall upon demand, but that does not matter [10:24] schestowitz-TR one can find new examples every day [10:24] schestowitz-TR as things in the house age poorly, break, wear off.. [10:24] schestowitz-TR imagine if medical equipment like pacemakers got made the same way [10:24] schestowitz-TR they knoew they would get sued a lot [10:34] Techrights-sec2 As far as I know they do get made the same way, at least insofar as they are [10:34] Techrights-sec2 intentionlly made without a modicum of security; they are operatated in and [10:34] Techrights-sec2 if an attacker wears down the battery of a pump or pacemaker, without killing [10:34] Techrights-sec2 the patient outright, then the patient must undergo a replacement operation [10:34] Techrights-sec2 back when Karen Sandler was pro-FOSS she spoke several times in detail about [10:34] Techrights-sec2 the proprietary nature of the pacemakers and their insecurity. She was not [10:34] Techrights-sec2 allowed to examine them even under NDA. [10:44] *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #boycottnovell ● Aug 13 [11:04] *DaemonFC (~chatzilla@yjyrg438sk5z6.irc) has joined #boycottnovell ● Aug 13 [12:26] *DaemonFC has quit (Quit: ChatZilla 0.13 [SeaMonkey 2.53.13/20220708150114]) ● Aug 13 [13:40] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell ● Aug 13 [15:28] *britney has quit (Ping timeout: 2m30s) ● Aug 13 [16:17] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [16:30] Techrights-sec2 I'm thinking that the incron and cron jobs on tm-new and tr-new could be [16:30] Techrights-sec2 moved to /etc/incron.d/ and /etc/crontabs/ so that they are easier to note [16:30] Techrights-sec2 and back up. Thoughts? [16:30] Techrights-sec2 I guess that's where they are already so the question is moot. [16:31] schestowitz-TR after losing pi system I made it a practice to cron -l -u into files in homedirs [16:31] schestowitz-TR the crontab could cron their own backup ;-) [16:34] Techrights-sec2 :) ● Aug 13 [18:57] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 13 [19:43] *u-amarsh04 has quit (Ping timeout: 120 seconds) ● Aug 13 [20:29] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [20:37] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [20:51] *britney has quit (Ping timeout: 2m30s) ● Aug 13 [21:16] *DaemonFC (~chatzilla@bcba5b8eb7taa.irc) has joined #boycottnovell [21:20] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [21:34] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [21:34] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 13 [22:30] *britney has quit (Ping timeout: 2m30s) [22:38] *britney (~britney@muarsy2vret2q.irc) has joined #boycottnovell [22:50] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [22:50] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell ● Aug 13 [23:12] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [23:20] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [23:30] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [23:30] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell [23:43] *psydruid (~psydruid@jevhxkzmtrbww.irc) has left #boycottnovell [23:43] *psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #boycottnovell