HumanPerson

Openhab is a project like HomeAssistant. Both are basically websites that offer pre made smart home functionaility and can run on your own server. Openhab doesn't set a password by default (iirc), and when people expose it to the internet they end up with random bored people in another country somewhere flipping their lights on and off or adjusting their thermostat, though they could also get hacked. The openhab example was one of what not to do. I could have been more clear about that.

Security is an issue that people in this community are fairly opinionated on. Try to build up a practical knowledge of every tool you use (like tools for remotely managing your server). Think about how much access that tool gives you, and how easy it is to get. Ssh gets you basically full access to the system, except for bios level settings and things, but it is generally quite secure, and you can use keys instead of passwords. Cockpit, a remote management tool you can access from your browser, offers you a full terminal, so functionally the same access as ssh. However, hackers nearly got a back door into openssh (ssh is the protocol, openssh is the software on linux that implements that protocol), and cockpit is much less thoroughly looked at. Also cockpit doesn't let you use keys.

You're website will be static, which decreases the complexity and makes it easier to make it secure, so don't worry too much. Here are some links that might be useful: https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server

https://www.cyberciti.biz/tips/linux-security.html (this one seems to be geared more towards enterprise stuff, so not all of it is relevant, but a decent amount is.)

Edit: This one is good too. I recommend at least skimming it before the one above this. It will help you figure out which of the points in the link above are worth paying much attention to. https://owasp.org/www-community/Threat_Modeling

Yeah. I just forward SSH with keys only on a nonstandard port + fail2ban. Plus you can access local only services with an SSH port forward.

That's also why I don't use cockpit. It looks cool, but opens up vulnerabilities for very little benefit.

You can use I2p and upload to postman (tracker).

Not very true. Plenty of gen z still torrent. This seems more like a shitpost.

I believe zfs has deduplication built in if you want a separate backup partition. Not sure about its reliability though. Personally I just have a script that keeps a backup and an oldbackup, and they are both fairly small. I keep a file in my home dir called excluded for things like linux ISOs that don't need backed up.

To be fair, Netflix and the others all had to pay licensing fees and whatnot. I think governments should simply ban exclusivity deals so that competition can exist.

To be fair, most of Netflix is crap that no one watches.

Damn, federation is crazy. Over here you're the only comment lol.

It sounds like you're on the right track. As long as you aren't hosting anything too important, just go for it. The only thing to keep in mind is security, which in your case should be fairly simple.

Use common sense: if you never have to enter a password or have a security key to access something, neither does a hacker. You would be amazed how many people host their openhab instances to the internet with no passwords.
Use ssh keys and disable passwords. Ssh keys are sort of like giant passwords that sit in a file and you never have to type in. It is counter intuitive, but it is more secure. A giant key is harder to guess than a password. You can also encrypt your key so you need the key and a password, this is useful for laptops which could be stolen.

For how to learn simple html and css, w3schools is your friend. You can learn all the random stuff people become extremely opinionated on eventually, but don't get overwhelmed by all of it and just do what works for you.

Wow, that must have had like 12 shows.

Frequently software developed for one is commonly used on the other, such as openssh, iirc.

Boot to BIOS. That should show you either CPU arch. or an exact model that you can check on Intel's website. It may be an issue entirely unrelated to the architecture.

Take it or leave it.

I wouldn't switch to mint from debian. Freebsd could be worth trying, but I would play with it in a VM first. I am not knowledgeable about BSD's, but there are others if you were unaware. They have similar names but I think netBSD and freebsd exist. FYI, BSD isn't linux if you were unaware. Your phrasing suggested that you might think it is so I wanted to let you know.

Newer kernels are great if you need bleeding edge hardware or filesystems, but for your use case I really think debian is the way to go.

I would like to suggest you throw Fedora into the mix, or even opensuse if you want to try an rpm based distro. Opensuse has a leap flavor which is stable like debian. Fedora is fairly stable, but has regular releases (2 a year) so you also get more current software.

Sorry to throw more options into the mix, but those are fairly simple and mainstream options (fedora is more mainstream fyi) but they are worth considering.

Sorry to see you got downvoted for saying something that Reddit did better than Lemmy. I think a lot (though probably not the majority) of lemmings as well as people invoiced in open source can't take criticism, especially of an open source project they care about. It is unfortunate as it negates a lot of the benefits of open source / free software.

I know, but they didn't pass much info. They told me it was serverhold and nothing else. They could have at least said it wasn't them that did it.

They may be a registrar, but not the one I used. They were the registry that locked my domain.

I had mine through njal.la. It was the registry itself that locked it though. I switched registrar too after njalla took a long time to respond to my question with a vague, unhelpful, and short response.

I'm on a new domain now anyway. I will be more careful on this one, but I suspect they just didn't look into it. I do really appreciate that you seem to be both knowledgeable and not an asshole. That seems to be a rare combination to find in this thread.

It typically is, and I won't comment on whether mine is, but that isn't enough reason to take it down. I was quite careful about who I gave access to, as well as making sure people had secure passwords. It is highly unlikely that anyone got in and saw any copyright violation before reporting it.

HumanPerson

@ HumanPerson @sh.itjust.works

Posts

26
Comments

364
Joined

3 yr. ago

HumanPerson

Need help getting started

What are your thoughts on exposing a tool like dockge to outside of your man?

I am not able to upload my torrent to the web :(

Pity, really.

Deduplication tool

Five Men Convicted of Operating Massive, Illegal Streaming Service That Allegedly Had More Content Than Netflix, Hulu, Vudu and Prime Video Combined

Five Men Convicted of Operating Massive, Illegal Streaming Service That Allegedly Had More Content Than Netflix, Hulu, Vudu and Prime Video Combined

List of versions (stable, LTS, unstable etc) of major distributions from fastest to slowest updates?

Need help getting started

Five Men Convicted of Operating Massive, Illegal Streaming Service That Allegedly Had More Content Than Netflix, Hulu, Vudu and Prime Video Combined

Let's Try BSD, Part 1 of 7: Introduction (FreeBSD, OpenBSD, NetBSD, DragonFlyBSD)

Linux distro for an ancient Pentium PC

How much is privacy actually worth?

what linux OS should I install on a backup notebook if my main one is debian?

Never buy .xyz

Never buy .xyz

Never buy .xyz

Never buy .xyz

Never buy .xyz

Never buy .xyz