• 0 Posts
  • 59 Comments
Joined 1 year ago
Cake day: February 15th, 2025
  • HelloRoot@lemy.loltoSelfhosted@lemmy.worldHow do you protect a remote backup from a compromised account?English
    1·
    7 days ago

    OP asked:

    How can you grant access to an account to write remotely, but also protect the data from this account?

    So I was thinking that the account should not be able to delete the filesystem in an unrecoverable way. Like overriding the current fs with random data or an encrypted fs and filling it etc.

    Like I said on a Hetzner storage box, multiple users get access to the same system, but each one only has file editing commands, not fs editing and they can only access their assigned directory. So if the system does scheduled snapshots (outside of that user’s scope of access) there is no way for a user to delete the files beyond recoverability. (no matter if their own files or other users files).

    The user can still delete their own data. But because the fs is cow with snapshots (like btrfs) and they can not touch that, the data can be recovered easily.

  • HelloRoot@lemy.loltoSelfhosted@lemmy.worldHow do you protect a remote backup from a compromised account?English
    7·
    9 days ago

    I think you could do it somewhat like hetzner does for their storage boxes. You get an account that has read and write access to a directory and nothing outside. The accound can only run a limited set of commands, like ls, cat, nano, rsync etc. but has no access to commands that modify the filesystem.

    Then you can use a copy on write fs like btrfs and make scheduled staggered snapshots.

    I usually do 1x per year, 1x per month of current year, 4 per week of current montg, 7 per day in current week.

    I have no clue what they use to limit the user accounts like that btw. but maybe that gives you a new jump off point for further research.

  • HelloRoot@lemy.loltoSelfhosted@lemmy.worldRemote Tech Support services?English
    8·
    11 days ago

    Rustdesk is what I use for tech support for my family. By default it uses the rustdesk official server for the handshake and holepunching or whatever, but you can also selfhost your own if you want to.

    But I want to migrate to some kind of hardware web kvm like nanokvm, cause sometimes their pc doesn’t boot and walking them through bios settings over a shaky videocall is a nightmare.

  • HelloRoot@lemy.lolto3DPrinting@lemmy.worldMulti-material jointsEnglish
    4·
    17 days ago

    I think the interface will be difficult to print. If the underside is smooth, the non sticking material might not stay in place. If the underside is rough … well then you have a joint with at least one rough spot in it’s rotation. Thats just from thinking about my experience with using pla with petg supports (and vice versa) so it may be better than I expect. Depending on the usecase, I think it might work.

    But I think it’s easier to print a joint in place from a single material and then “snap” it so it moves. Or design something where you print the parts seperately and then assemble.

  • HelloRoot@lemy.loltoPrivacy@lemmy.worldProton is funding the French far right on YouTubeEnglish
    2712·
    21 days ago

    Well… they did it. Right up until the issue was raised and now they will presumably not do it anymore.

    But saying “They are doing no such thing.” is kinda disingenuous when they just admitted doing it in their stated clarification 50minutes ago and the sponsorship contract is probably not even actually cancelled yet.

    Also they deleted all of the posts about it on their own subreddit, claiming they are duplicates (and they didn’t leave up an original). Plain old damage control censorship hurray!

    Why does this thread get downvoted? I’m not on reddit, I wouldn’t know about it if it wasn’t shared here.