Thread replies: 73
Thread images: 2
Thread images: 2
Why don't we ssh into each others computers? What can possibly go wrong?
>>
>>55987633
>Why don't we ssh into each others computers?
Because everything can go wrong
>>
>>55987633
I have nothing to hide.
>>
how strong is your root password
>>
>>55987665
I have root login disabled
>>
>>55987672
then my next question is how much do you trust openssh
>>
>>55987653
But no one can break into your hardened gentoo meme os.
>>
>>55987665
8 characters. I ssh into other systems with shared keys though so it logs in quickly. Still have to use sudo though so I assume disabling root account is pointless.
>>
Have ssh to only allow local ip range connections. Does this protect me from Chinese botnets? Also fail2ban...not sure if it does anything on my machine.
>>
>>55987748
someone could drive up to your house and crack your wifi??
>>
>>55987759
Possibly but that takes more effort.
>>
>>55987759
Yeah, but what if he lays landmines?
>>
>>55987799
minesweepers?
>>
>>55987799
What if they use a drone with a cell phone signal?
>>
I only do RSA key based SSH with multi factor auth through authy so no
>>
>>55987633
my root password is the same as my regular password, and I don't have a regular password
>>
>>55987824
what if they hit you with a $5 hammer
>>
>>55987633
The NSA won't like it, they would rather have you use backdoor VPN services instead (without logging)
>>
>>55987813
He could hire a trusted person to sit in his house and snipe anyone who checks for mines. Then all he has to do is get some dirt on the guy, and he's all set
>>
>>55987824
I'm the same way. No one's ever really going to make it necessary, but it's fun to setup
>>
>>55987860
can you ever trust another person tho
i know i cant. not... not anymore at least.
>>
>>55987824
>not ECDSA keys
nigga
>>
>>55987834
then he's fucked
>>
>>55987834
It's too late, I don't know any of the passwords, the key to unlock anything is written on a scrap of paper that I can easily destroy by burning / eating -- you can't torture me out of information that I don't possess
>>
>>55987827
This.
>>
>>55987882
Bomb collars make everyone trustworthy
>>
>>55987895
they hit you again, and again, all the while you maintain you dont know the password
>>
>>55987895
>you can't torture me out of information that I don't possess
They can keep torturing you until you give them the information you don't possess though
>>
>>55987895
What if they decide to torture you just to get back at you for destroying it?
>>
all of these spam bots derailing the thread, ssh is the best
get a raspberry pi
shadowsocks
squid3
ssh
>>
>>55987834
> le leddit eccss kkeeyy ceee deee funneh mane
face it anon, in anybody has the kind of data that would warrant that they are either
1) Already six feel under
2) Rich enough to afford security
3) Posing as a beggar in Petropavlovsk-Kamchatsky
>>
>>55987944
warrant a 5 dollar hammer?
>>
Is there a better way to move files than scp? Getting shitty speeds over my network (worse than my internet).
>>
>>55987931
Whoa there <man|dude|bro> why would you <think|believe> we're bots? We're <actual|real> people, and saying that hurts my feelings.
>captcha didn't believe I was a real person
>>
>>55987959
rsync might fit the bill i dont know
>>55987944
what kind of security do (You) propose is sufficient
>>
>>55987959
A webserver and aria2c
rsync (probably won't fix speed issues)
rsync wrapped in a parallelizer (probably will fix speed issues if multiple files)
>>
>>55987959
SFTP?
>>
>>55987983
Why would sftp be a solution to shitty speeds?
>>
>>55987955
> warrant a 5 dollar hammer?
You're saying that as if I would be receiving it as a gift. Torture is illegal, anon :^) besides, in Bongladesh, you can't pass gas without the government having a live CCTV feed of your colon. If the actual gubmint is out for my ass I'm fucked six ways from Sunday.
>>
>>55988008
i dont think i want to ssh into your computer, or vice versa
>>
>>55988001
Right, yeah. I've kind of forgotten the slow speeds ever since it got blocked at my work
>>
>>55987683
Erm, lad... By SSHing... uh. They did.
>>
>>55988008
who decided who the gubmint is
>>
File: 1307576777001.jpg (34KB, 600x567px) Image search:
[Google]
34KB, 600x567px
>tfw monitoring your auth.log obsessively
>>
>>55988052
*decides
>>
>>55988001
SSH-HPN
https://aur.archlinux.org/packages/openssh-hpn-git/
https://www.psc.edu/index.php/hpn-ssh/640
>>
>all this paranoia
lmao nobody is gonna bother cracking your anime machines, I've been running Intel AMT with the default password for MONTHS on my notebook and even connected it to multiple campus networks and nothing happened. Nobody cares about your anime enough to bother connecting.
>>
>>55988093
Bots though may come in and encrypt all your home files then leave a note pay in buttcoins.
>>
>>55987633
If I could I would mount your EFI vars and delete them just for shits and giggles
>>
>>55988113
How exactly do you think those bots are going to connect to my machine?
>>
This sounds fun, I'd like to do this on my throwaway laptop later
>>
>>55988136
By attempting to login to your machine with various passwords until one works because fail2ban and keys are paranoia
>>
>>55987633
Because there's like 50 public privilege escalation exploits for Linux at all time.
>>
>>55988166
Essential for web servers and home if you have files nobody should see.
>>
>>55988093
>running intel AMT
mah trusted stick skylakes intel ME rrand Huffman backdoors hush hush
>>
>>55987971
Whatever shit you're gonna throw at it, it is probably sufficient. Threat model, anon. Who do you expect to want your data?
0) nobody
1) random thieves
2) economic espionage from your competitors (if any)
3) gubmint
For 0, see >>55988093, nobody cares about the data on our meme machines unless it's some ransomware bot.
1) Install leenacks and encrypt, herp derp
2) You need a combination of know-how and/or money. Excellent security will take you a long way, but if whoever wants your data is rich, they don't give a fuck, they can and will hire help. You will make a mistake sooner or later. One of the best defence is money. Yes, it doesn't stop you from being a blubbering retard, but if you know what you're doing, it can go a long way. The rest about some sole leet haxxor fending off the oposition is just a digital robin hood-ism meme.
3) Haha, you're fucked, might as well turn in before you get unperson'd, or practice russian and stow away in a tanker headed for previously mentioned Russia, where you'll get to slurp pierogi untill some random Boris is payed half a vodka bottle to cave your skull in.
>>55988052
>>55988070
It really doesn't matter who, whoever is on top has the access to the power to monitor one way or another, or has access to the manpower. Unless you are full autismo, you will make a mistake
>>
>>55988166
and they gonna do that how, exactly?
there's not a single public IP address that points to my device.
>>
>>55987959
Compress the data first and pipe through SSH to minimize the throughput:
tar -cJf - /dir/files | ssh remote_host "tar -xJf -
should about do it. The "-J" flag to modern GNU tar uses XZ compression, but if you have a good machine, you could pipe tar through pigz or pxz and get faster, better throughput.
Highly recommend checking out pigz and pxz if you do not use them.
>>
>>55988221
Forgot to close my quote on the command for the remote host. Make sure you close it after the "-" character. Also test it first with a small directory as I am writing this from a machine without access to man pages, so purely from memory.
>>
>>55988189
Whats this got to do with sshing into anons computer
>>
>>55988253
Anon asked what kind of security I thought was sufficient, friend. I simply responded with a quantified "it depends".
>>
>>55988251
Yes I always play about in /tmp testing commands. Haven't fucked up a machine yet. I have to check the man pages before doing.
>>
Depends on what
>>
>>55988189
I dont expect anyone to want my data
>>
>>55988325
Well then, you're set, anon. Just practice basic security. Don't do dumb shit and don't hide data in obvious places and you should be fine
>>
If nobody cares about the data on your meme machine would you let anon in via ssh
>>
>>55988343
Whats the worst that could happen
>>
>>55988343
dumb shit and basic security are redefined everyday, it's all about stayin' in touch with the seasons
>>
>>55987959
use sftp moron and use lftp to use multiple concuurent connections
>>
>>55987725
You don't need root account to use sudo, you dim witted mongoloid.
>>
192.168.7.2 admin:admin Hack me!
>>
>>55987748
Why would you need to do that if your router doesn't allow the port through?
>>
>>55987633
Okay, you go first. My IP is 127.0.0.1
Thread posts: 73
Thread images: 2
Thread images: 2