29 replies to this topic

[boki15]

 

If you still choose VPN, forget openvpn, then you probably should take a look at wireguard.

Can you offer a guide, plugin for end users?
 

Yes, when I find some time I will. PPanel as guide could be done too I guess. Good news it will be implemented soon.

 

 

For ssh it is even better not to set a password

 

I fully agree, as passwords can be cracked whatever length they are. If you install as example ubuntu/debian server, if you set password for root user (you can leave it blank), then your root user will be with admin privileges, if you do not set root password, then your user will be added to sudo (in Debian, if you set root pass, user is not added to sudoers group).

 

All that makes sense, root is bad because you do not need to guess the username and that is why it is best if root has no password at all (even account). However, for some who read, please do not think you should not set your root password on receiver because in enigma2 it is designed to work as "root". In enigma2 you still can do whatever you are able to do in linux, like creating own/new groups where you add your users and restrict them also in WebIf etc... .

 

If you use your ssh key for services (like autossh), you should not set a password because service can't type it. For setting own user key for usage with manual interaction, password can be set. Good example for that are company PC's, you never know when your admins go rogue and copy your SSH keys (just one example). On private PC's, it differs by user requirements. In general, better use disk encryption which would prevent a thief access your data, possibility that it is stolen over internet from your linux pc is quite minimal.

 

Many people who want to use it for streaming and create RSA4096 keys will probably not be able to stream as encryption is too high for most receivers, RSA1024 would be alredy much faster but less secure. With SSH you can make it easy, you create hig and min security keys, lets say http/https/ftp/ssh ports use highest security second connection with RSA1024 for accessing stream ports. With openvpn or other solutions mostly gateway and routes are automaticly configured, you can do so manually but it is problematic to have multiple VPN connections on same interface, where you are not restricted in amount of SSH tunnels which you also can setup over VPN's (or VPN's over SSH).

 

Wireguard is faster than openconnect and I can stream 4k raw streams over openconnect, would have to try it with SSH, but sf8008's cpu is not that powerfull I guess to stream 4k over rsa4096 encrypted tunnel, will maybe try next week when I got time.

 

In my short advice about autossh above is one typo, -D PORT -p PORT should not be placed after the hostname but before, will edit it now.

[boki15]

seems either I am to dumb to find edit button or there is really none for current user. Well, the post is several days ago and then I was blamed for being stupid not waiting 15 minutes, really, maybe I just can't see, I will spare me time making and uploading screenshots. Before I am blamed to be stupid again, is there maybe some known limit of time after you can not edit posts?

 

Who can write me a guide how to edit a post   ? I guess somebody should look at user/group restrictions to find that "edit" button which hides somewhere in settings

[WanWizard]

You can only edit a post within a specific number of minutes (I thought 15 min) after the initial post. That should be enough to deal with typo's etc. New or additional info can go in a new post.

 

This restriction is added because we have had people that found it nessesary to alter or even completely erase posts, sometimes weeks later and after a lot of replies. So we had to, to preserve the integrity of topics.

 

I'm working on a hack to allow editing without time restrictions as long as it is the last post in a topic, but that hack isn't finished yet (you now see the edit link, but you still get an error message).

[boki15]

If I remember well, I could not edit it before 15 minutes passed (just check my second replie's time) and now it is kinda over 24 hours ago and it can not be edited.

 

This is very good example of how things get lost, I might forget about it (highly possible) and users who try it will complain that it does not work => producing unhappy users.

 

I am ok with no editing it at all, I mentioned it in next post but you can't expect people to read all posts in a thread, normally you keep updates in first (thread creator) but maybe I am to old and here are new rules.

 

As you see, git would be more useful , you never lose your history.

[WanWizard]

If I remember well, I could not edit it before 15 minutes passed (just check my second replie's time) and now it is kinda over 24 hours ago and it can not be edited.

 
If the limit is 15 minutes, it seems logical that after that you can no longer edit?
 
I checked for you, it is actually 10 minutes.
 Screenshot from 2020-04-25 12-37-34.png   15.17KB   4 downloads
 
I don't see how things could get lost, new or additional information can be posted at all times, without restrictions.
 

I mentioned it in next post but you can't expect people to read all posts in a thread, normally you keep updates in first (thread creator) but maybe I am to old and here are new rules.

 

Why not? Because they are lazy?

 

I disagree with your statement here, the latest information is always at the end of the thread. If you allow permanent editing, you are even forced to read the entire thread instead of go straight to the last post, because any post can be edited at any point in time.
 

And I personally find top posting in a forum as annoying as in an Email, as introduced by Outlook. You post an answer under the question, not before it.

Edited by WanWizard, 25 April 2020 - 11:44.

[boki15]

I think I edited it within first 5 minutes, post shows a little bit later, but I had to write that second post as well as I had a call during I wrote and my son asked me to replace battery of his car, by that it seems it took me to write one reply around 45 minutes which is the time of when I finished. Whatever it is, it is kinda confusing, especially if nobody does know for sure when and how, I see other editing their posts.

 

We simply have different views. You can flip it too, if you keep your thread with last post, then clicking that thread should be the link to latest post, not thread itself (1st post). As long as it shows 1st post (outlook type like you say), then latest news should be there.

 

There are threads with over 400 pages (not sure if here, but in general it is common) and in such threads you require again maintenance. Your view cares about maintenance, it is kinda obsolete to talk how forum soft can be improved if you have already enough tech to do it better. I guess also you can not fit everybodie's wish, but I imagine that if all those threads would exist as wiki on github, connected to code directly would simplify things and centralize them making it very easy to maintenance, that's great, isn't it? However, your overhead would be requirement for your users to register somewhere else, sure, you can port your users and create own git server (like bitbucket server or similar), for chat, even if encrypted like riot or mainstream like slack or discord, they all are much better suited for a "chat" like.

 

I do not ask for a change, there is openpli on github, so you got it already. However, I do not see there activity by your users, I do not see there binaries in releases, wiki and a lot info missing, etc..., I am just trying to say you have it already with github account and everything from here could be slowly moved to github wiki, which will also make it much easier for newcomers to push and maintenance their work, just look at the thread for translation, you clearly see that it is done the way it is done as most who do it did not find better/effiecient way of doing it. I see addons on github and those have then their own wiki's, issues etc... , you can automate also a lot, as example if user wants to report a bug a questions etc.. and assign it automaticly to somebody. All those things are for free. Github itself also offers you signed commits and users have 2FA, it would spare this teams time for forum maintenance. The only problem is to get users to post on github instead of here, search machines etc.. .

 

EDIT TEST

Edited by boki15, 25 April 2020 - 12:29.

[boki15]

Editing worked now on last post

[nor50]

For ssh it is even better not to set a password
http://www.milosoftw...p?body=dropbear

That was interesting in an English forum...

[littlesat]

Oeps it is indeed in dutch sorry

[athoik]

Press the "English" flag...

 

http://www.milosoftw...p?body=dropbear