Notices by Solène :flan_hacker: (solene@bsd.network)

@mudala what's your threat model you need to defend against?

@logout yeah, I still use free software :flan_thumbs:

@n8chz @HopelessDemigod maybe you overwrote a partition of the disk the second time

@lcavallaro I can't help you on this sorry, you should report the problem following this process https://www.openbsd.org/report.html

:flan_thumbs:

@dlatchx @joel @mischa @graslander oh, rcctl get sshd flags does not exist, I thought so

@dlatchx @joel @mischa @graslander on the other hand, rcctl set flags doesn't compose easily as if you want to add a new flag, you have to pass the current list of flags to the command line, so it's not ideal either

maybe this should do the trick

rcctl set sshd flags $(rcctl get sshd flags) -o PasswordAuthentication=no

@joel @mischa @graslander on systemd you can override the service to change the ExecStart property to add arguments to it

@boo_ no FDE ? This is just a nogo for me then 😅

@boo_ thanks! I was actually wondering if the Apps were well maintained, I guess you answered the question ;)

@mischa @graslander I never thought doing it this way :flan_aww:

@graslander at first, I thought you wrote about setting up a PKI on OpenBSD

As you use keys to authenticate clients, you still rely on TOFU when connecting to the server, you have two solutions to solve this:

- use SSH certificates to authenticate both clients and servers
- use SSHFP DNS entries

I covered the second system if you are interested https://dataswamp.org/~solene/2023-08-05-sshfp-dns-entries.html

@moksh I quickly stop using Alpine as I didn't really like it :/

@otfrom what is/are the typical issue you are facing when trying to add / bump a software in guix?

@videlft if you use fzf on fish, the history search is even more powerful :flan_evil:

@moksh does this give some hints already https://bsd.network/@solene/113493999319891521 ?

Qubes OS works with 8 GB of memory, but do not expect to open firefox in 3 qubes at the same time

Although, depending on what one does on Qubes OS, 8 GB can be really enough, or not.

@recourse try it to make your own opinion :)

@thorstenzoeller @steven php does it too IIRC

but I guess python3 is installed almost everywhere as long, whereas ruby or php may be less ubiquitous :flan_thumbs:

@steven some would call this bloat 😂

by the way, python3 -m http.server can be used to run a web server serving the current directory, this is quite useful sometimes :flan_thumbs: httpd needs to be run as root, which may not be practical if you need to serve a directory quickly in one shot

@joel yes, for instance my client qubes can not receive copy/paste from outside or exfiltrate data to the outside, but I can copy/paste between them

@joel there is also a clipboard system to copy between qubes

the file / clipboard systems are configured in qubes os, you can allow / forbid sources and destinations.