smb

joined 1 year ago
[–] smb@lemmy.ml 8 points 9 months ago

Now see, that’s all more reasonable.

That is only "more reasonable" when you ignore the reality that "disliking some parts" of a resolution usually is followed by not voting, but they explicitly voted against thus made any argument why they did not vote 'for' that right a clearly undenieable lie.

maybe the world should follow their vote to the point, those countries voting against should be prevented from receiving food from other countries for free, especially fishing industry that rips off resources on the open seas or near other countries should be physically stopped with force if they come from or go to the countries that voted against a right for food for everyone. That would only be reasonable as they explicitly wanted such a right to not exist, thus it should be explicitly removed in practice from them too. The countries who voted for a right for food then just put a freely increaseable tax on every gram(!) of food exported to those countries that don't want food to be a right for everyone. And then the against voters can have what their wish they explicitly voted for. i like that idea: those who don't want food as a right, shouldn't have that right then. period.

The US is evil and wrong

+1

[–] smb@lemmy.ml 6 points 9 months ago

The whole point of ssh-agent is to remember your passphrase.

replace passphrase with private key and you're very correct.

passphrases used to login to servers using PasswordAuthentication are not stored in the agent. i might be wrong with technical details on how the private key is actually stored in RAM by the agent, but in the context of ssh passphrases that could be directly used for login to servers, saying the agent stores passphrases is at least a bit misleading.

what you want is:

  • use Key authentication, not passwords
  • disable passwordauthentication on the server when you have setup and secured (some sort of backup) ssh access with keys instead of passwords.
  • if you always want to provide a short password for login, then don't use an agent, i.e. unset that environment variable and check ssh_config
  • give your private key a password that fits your needs (average time it shoulf take attackers to guess that password vs your time you need overall to exchange the pubkey on all your servers)
  • change the privatekey every time immediately after someone might have had access to the password protected privkey file
  • do not give others access to your account on your pc to not have to change your private key too often.

also an idea:

  • use a token that stores the private key AND is PIN protected as in it would lock itself upon a few tries with a wrong pin. this way the "password" needed to enter for logins can be minimal while at the same time protecting the private key from beeing copied. but even then one should not let others have access to the same machine (of course not as root) or account (as user, but better not at all) as an unlocked token could also possibly be used to place a second attacker provided key on the server you wanted to protect.

all depends on the level of security you want to achieve. additional TOTP could improve security too (but beware that some authenticator providers might have "sharing" features which could compromise the TOTP token even before its first use.

[–] smb@lemmy.ml 3 points 9 months ago (2 children)

My theory is that you already have something providing ssh agent service

in the past some xserver environments started an ssh-agent for you just in case of, and for some reason i don't remember that was annoying and i disabled it to start my agent in my shell environment as i wanted it.

also a possibility is tharlt there are other agents like the gpg-agent that afaik also handles ssh keys.

but i would also look into $HOME/.ssh/config if there was something configured that matches the hostname, ip, or with wildcards* parts of it, that could interfere with key selection as the .ssh/id_rsa key should IMHO always be tried if key auth is possible and no (matching) key is known to the ssh process, that is unless there already is something configured...

not sure if a system-wide /etc/ssh/ssh_config would interfere there too, maybe have a look there too. as this behaviour seems a bit unexpected if not configured specially to do so.

[–] smb@lemmy.ml 3 points 9 months ago

Space X has an entire department that does nothing except to keep musk from meddling in projects.

It's still a company where egon murks had his hands in, so no warranty is given that ANY department there achieves anything they "claim" to do, want, can, should, would but blame others to sabotage or such, same with that department. period. There was murks in it once, you never now when some shit he pooped there would hit the fan or the oxygen generator.

Do you want a "claiming to provide oxygen" system on mars or would you rather want the ACTUAL oxygen no matter who is in charge, claims to be or not but delivers it anyway?

[–] smb@lemmy.ml 46 points 10 months ago (6 children)

antarctica:

  • no bad politics
  • no wars so far
  • people there are mainly interested in science
  • no economic abuse or exploitation
  • pinguins!
  • no air conditioning needed to survive the summer.
  • winter is offline time, visitors won't arrive or leave then.
  • last place to stay cool during boomers heritage "heat death of our planet"

well sure, it has downsides too. Next Rollercoaster park is -tbh- unreachable, internet connection is sloo.oo..oow (or did they already finish the submarine fibre cable?) and sunbathing basically only brings you frost bites (if you're lucky).

However i am not planning to migrate there.

[–] smb@lemmy.ml 2 points 10 months ago* (last edited 10 months ago) (1 children)

its a slippery slope into chaos

sounds exactly like what those gangs with badges are doing over there.

if they only had any law enforcement in that poor country! then they could stop such crimes and start to build up civilisation instead.

possibly harming innocent people

that argument is way too weak, when "possibly" harming innocent is the alternative to "de-facto" harming innocent, that "possibly" is obviously the better choice then because there would still be a chance to NOT harm the innocent. get better arguments or remove crimes and criminals from law enforcement.

[–] smb@lemmy.ml 10 points 10 months ago

meanwhile in other countries:

https://qcostarica.com/4-police-officers-may-be-fired-or-sent-to-jail-for-running-over-and-killing-dog/

"could lead to their dismissal, assured Zamora, and possible prison time"

and:

"following a complaint from the Police itself, the agents were detained"

my citing is a bit misleading, and you have to read it completely yourself, but overall it looks very different there.

[–] smb@lemmy.ml 4 points 10 months ago

so whenever they want teamwork from you, say they'ld just have to wait until the 'teamwork' starts dropping down from where the extra surplus if previous teamwork flowed to. without teamwork from above, there's no teamwork below, exactly as the leaders showed how they want it to be.

[–] smb@lemmy.ml 60 points 10 months ago

news from msn...

https://www.entrepreneur.com/business-news/microsoft-ai-publishes-fake-news-on-msn-angers-the/464775

"MSN's editorial AI published stories from low-quality outlets that are patently untrue, […]"

maybe this is also just some cheap msn lies?

[–] smb@lemmy.ml 5 points 10 months ago

maybe firefox forks already do the trick for you, i've heared there are plenty free ones. no need to pay, but maybe donations are very welcome. also a complete open source solution that is ready to be compiled by anyone could also be patched by anyone for himself to disable a feature heshex dislikes or such.

welcome to free adult world ;-)

[–] smb@lemmy.ml 3 points 10 months ago (1 children)

i once heared something like this:

"the idea of having more than those who have nothing is the very only reason shareholders can ever imagine someone would work for at all, thus they also falsely believe they would do something good when enforcing this by removing everything from those who already are vulnerable and thus create a living example of how you would end when you don't help them rob even more."

[–] smb@lemmy.ml 2 points 10 months ago (1 children)

🤔 as long as debian is correted to devuan, i'm with it 😅

view more: ‹ prev next ›