1·
19 hours agoUse dhclient -v to See the client side, check logs in the DHCP Server. Sniff maybe.
- 0 Posts
- 47 Comments
Joined 1 year ago
Cake day: March 7th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
5·1 day agoOnlyOffice recently got famous for not understanding FOSS.
22·2 days agoIf it’s calendar, use https://codeberg.org/svewa/MedicalCalendarLog to log and get alerts on being late…
disclaimer: mine
I used to have an alias ‘please’ for that.
usually port knocking opens the relevant port to the client IP that is knocking. So it makes a lot of sense to have the knocking done by the requesting client. In many situations knocking from your mobile while behind the same NAT as your jellyfin client will do the trick, but if you have different IPv6 on those devices etc, it won’t.
Also: if you assume your DNS lookups are sniffed - so are your port knocks. If you don’t, spare the extra work. But then, if you like port knocking - keep knocking, nothing wrong about it :D
You telling me jellyfin Clients can’t handle client certs but can port knock?
My proposal is for maxing ux on the client side while being properly hidden.
If jellyfin Clients can do URLs, sure
Just posted on the top level, should have been here:
Random subdomain, wildcard cert
If client certificates and basic auth is not supported by jellyfin:
- reverse proxy
- strong random subdomain
- wildcard certificate
- tls1.3 only
- doh/dot only
1-3 make random scanners unable to find your service, 4&5 even hide it from your ISP. Dot/doh service will still know your subdomain, so be your own dot/doh ! :D
Ports are closed by firewalls, and if you need to port forward on your home router this is a non-issue anyway
meh, how can that be :-( I’m still in the process of setting things up with jellyfin, didnt know…
Just put it behind a proxy and require a user cert? Bit of a burdon on the client side, admittedly
How comes you don’t have a baby? Was it eaten by fascists, maybe?
Traffic is still gonna be e2e encrypted, not too much to gain
4·12 days agoJust learned about KeyGuard. But I dislike their LICENSE:
All Rights Reserved
I use vaultwarden in my company - need to share some passwords/group with specific other users etc.
Push means: if your Server gets compromised, your backup is, too.
So I prefer pull. To not have the same effect I use a restricted ssh account that can only call rrsync.
Which one? The 4x10gbe rj45 (OKAY, thats no optic)? LR/SR? How many km between you server room and your gaming station? When 100gbe ont?
Clearly a problem on the VM. Run
dhclient -v ens18; for i in $(seq 60); do ip a s dev ens18; sleep 1; done
Just to see if its broken immediately or if another process probably fks it up later