If you want to run Geekbench 4 on a linux server, this is how to install and run it.
Note that you need to have a working internet connection on the server.
You can run it as root or as any other user.

Let's start from the home directory and put the files there.
cd

Download the files from geekbench.com:
(change version number if needed for latest version)
wget http://cdn.geekbench.com/Geekbench-4.3.3-Linux.tar.gz

Extract the downloaded files:
tar -zxvf Geekbench-4.3.3-Linux.tar.gz

Go to the extracted folder:
cd Geekbench-4.3.3-Linux

Run the test in tryout mode, results are uploaded automatically:
./geekbench_x86_64

After a few minutes the test is completed and you'll see a link to a webpage which is unique for each test.

Upload succeeded. Visit the following link and view your results online:
https://browser.geekbench.com/v4/cpu/1234567

Just enter the link in any browser and you'll see the results of the test.

@dbeato said in NVMe and RAID?:

One of the first Dell Servers with Hotswap NVME was the R7415 so yeah
https://www.dell.com/en-us/work/shop/povw/poweredge-r7415

Not sure what others have seen.

The newer ones have a 5 in the model number, so R7515, R6515 etc.
That's the ones you want to buy. AMD Epyc 2 Rome CPUs.

Dual sockets models are R7525, R6525 etc.

And to make this complete: 6 is 1U and 7 is 2U. R7515, R6515 etc.

@jasgot said in Macbook Air for College:

Daughter wants a Mac laptop for college. Any suggestions?

Yes, take her to the store and buy the one she wants.

Buying an Apple product is not a technical issue that needs to be figured out. It's an emotional issue. Like a Gucci bag.

If you have a RAID controller with 8 ports, you can connect up to 8 SAS/SATA drives directly to the RAID controller. That's fine but if you for instance have a server with say 36 drive bays you would need a 36 port RAID controller. Those are hard or maybe even impossible to find.

Well, here is where the SAS expander comes into play. It will work somewhat like a network switch but for SAS/SATA ports.

The SAS expander IC can be integrated directly on the backplane of the drive bays or it can be a standalone card or PCIe card. These are often used when you have more than 8 drive bays and even more so when you have 16 or more drive bays.

It allows you to expand the number of drives the RAID controller is able to connect to. It's transparent to the user because the RAID cards have integrated support for SAS expanders. This is also true of HBAs (Host Bus Adapters).

The only drawback is that the maximum transfer rate is, as always, limited by the PCIe link to the RAID controller card but also by the SAS connections from the RAID controller to the SAS expander. In real life though these bottlenecks are seldom bottlenecks as it's uncommon to read from all drives at the same time and drives are also often slower, especially when using HDDs.

SAS expanders are also used heavily in external JBOD chassis which are expander chassis for drive bays that you connect to a server so you can attach more drives than fits in the standard enclosure, aka Direct Attached Storage DAS. In that case the SAS expander sits inside the JBOD chassis.

@hobbit666 said in How to Secure a Website at Home:

Why not GitHub or GitLab for free?

That was part of the etc
Also I thought GitHub was more for storing scripts and opensource stuff.

It's not generic hosting of websites as you don't have control like you would on a normal webserver.

It's simplified hosting and the github/gitlab pages was initially intended to complement the projects on there. So it would be easy to make a html website from the git repositories, for instance for documentation.

Since you can store any files on gitlab/github you could of course also use the pages for any type of static website.

Here is how to get started in the simplest way possible:
https://guides.github.com/features/pages/

Good to know about WoeUSB.

If you have windows available, rufus is an easy tool to make bootable USB drives.
Doesn't need to be installed and it's fast.
https://rufus.akeo.ie/

But in all honesty it's very easy to make a bootable windows installer USB drive manually. Just make a primary bootable FAT32 partition on the USB drive and copy the files from the ISO onto it. Done.

You can copy more files onto the drive, for instance drivers or other software. If you do that, it makes sense to make a dd image of the entire thing when you're done. That way you can easily write a new USB drive with your custom files on it.

First, ransomware is big business run by organized crime. I think about 19 billion dollar per year industry.

Everything can be compromised in different ways. There is just no way to protect your data 100% and to think otherwise is just naive.

We have chosen to go with tape as our last line of defense. Once you take it offline there is no way it can be remotely compromised. We believe that is enough to be able to recover from most attacks and the cost is reasonable.

Integrity of files

If you want to check the integrity of a bunch of files you can do it with md5deep, which can be thought of as a recursive version of md5sum. It was initially designed for forensic work.

If a file has the same hash as another file they are identical. If you save the md5 hash of a file and later recheck it, you can be sure the file hasn't been changed, corrupted or tampered with.

Installation on Debian

You'll find it in the package md5deep.

apt install md5deep

Inside the package you'll also find sha256deep and some other good stuff. Use sha256deep instead if you want to use sha256 hash. It's better and actually more secure than md5 but might be slower. You use it in the exact the same way though.

Besides linux it's also available on other OSs such as Windows, MacOS. You can build it from source too. https://github.com/jessek/hashdeep

Create MD5 signatures

md5deep -rl /check_this_dir/* > files.md5

This will create a text file (files.md5) with the md5 hash of all files (*) in the "/check_this_dir" directory.

Check MD5 signatures

md5deep -rlX files.md5 /check_this_dir/*

It will return the files that don't match. So if any file has been changed, it will show up.

Common Options

-r is to go into subdirectories as well
-l is to use local paths instead of absolute paths
-X is to do check the signatures

-e is if you want to see the progress while it's working.

Find more info on basic usage with examples here:
http://md5deep.sourceforge.net/start-md5deep.html#basic

Example

Let's check that our files in /boot and it's sub-directories stays intact.

First let's create an md5 file that we will compare with.

md5deep -r /boot/ > boot.md5

Let's verify the files have not been tampered with.

md5deep -rX boot.md5 /boot/ 

If a file or several files has been changed it will return the file and the new hash (exit code 1).
If all is good it will not return anything (exit code 0).

Maybe stop using USB drives for things they aren't designed for?

It looks like we've been down this road before.
https://mangolassi.it/topic/20070/so-xen-server-gave-me-an-error-what-do-i-do

A small SSD would do better. Something with write endurance and something that is designed to attached 24/7 in a hot environment.

If you don't have drive bays or don't want to waste them, use satadom.

Maybe I'm alone but on the top of my list:

1. Only use Microsoft as a last resort when all other options have been explored.
2. If you get paid by the hour disregard #1.

@scottalanmiller said in December 2022 Maintenance:

Yes, I've been saying this about certain core functionality for a long time.

Me too, since the early 90's.

VB plug-ins and Delphi plug-ins were the bane of my existence for many client projects back in the day on Windows. You'll use something and when the client wanted some changes made a year or two later, the plugins didn't work with the latest version, hasn't been upgraded or were deprecated. In either case you had to find another plugin, rinse and repeat or just give up and solve the problem with your own code.

@scottalanmiller said in December 2022 Maintenance:

@Pete-S said in December 2022 Maintenance:

@scottalanmiller

FYI youtube links are broken (no embedded view).

yeah, all of the plugins that handled that are no longer available I tried bringing the old one in, but it doesn't do anything anymore, either.

Classic plug-in problem.

Also the reason why the idea of extending the software´s base functionality with plug ins sucks in general. Better to have that functionality embedded in the base software so it can live on forever. Otherwise every upgrade breaks something else.

What I'm trying to say is that plug-ins SUCKS. Much better to have developers who want add functionality contribute to the open source project instead. That's the way to do it.

@scottalanmiller

Preferences for categories have gone missing. Now I get to watch cat pictures again...

@scottalanmiller

FYI youtube links are broken (no embedded view).

@dimforest

For the .it TLD.

Who can register a .it domain?

"An unlimited numbers of .it domain names can be registered by anyone who is an adult and has citizenship, residence or commercial headquarters in the countries of the European Economic Area (EEA), in the State of the Vatican, in the Republic of San Marino and the Swiss Confederation."

Source, the Italian NIC
https://www.nic.it/en/find-your-it/how-register

@dimforest said in Do international TLD's have restrictions?:

ML is using the .it TLD, which is obviously for Italy... but it's a perfect TLD for the site given the subject matter.... obviously. Just something I've never thought about until now but are there any actual restrictions on using the TLD like this despite this not necessarily being an Italian based site/company? Are they just free to use however you want along with some "suggestions" to use them a certain way?

Some country TLDs have restrictions and others do not.

If you check a domain name with a certain TLD at godaddy.com you'll see what restrictions apply.

@scottalanmiller said in SAMIT: Stop Using Secure Email:

@JasGot said in SAMIT: Stop Using Secure Email:

@scottalanmiller
For regular e-mail (not "Secure E-Mail"), isn't the message traveling un-encrypted when it is moving MTA to MTA on port 25?

If you use things like free cPanel email or your ISPs email or have your nephew deploy his own email server without hiring any IT people... it's plausible that someone will screw up the config and leave it unsecured or if you accidentally host your email with scammers or something. That's essentially true with any misconfigured system of any type.

And even when misconfigured, most systems today will enable it by default. You'd have to run something unmaintained for a super long time or really go out of your way to do a bad job to have it come up in a new deployment.

There's no reasonable case where a business (or an individual at home) would not have obvious access to a secure system and defy all reasonable recommendations for many years and demand to be intentionally insecure to make them be in a situation where they don't have security on their own end and only if sending data to an insecure second party would the data be at risk and when that happens, the encrypted channel is moot because the target itself is insecure so it doesn't matter.

Yes, even scammers and spammers use TLS nowadays.

The only time we ever receive emails that are not TLS encrypted have been same odd email notifications from ERP or LOB systems. Probably legacy systems.

@scottalanmiller said in SAMIT: Should You Provide Equipment for Work from Home Staff?:

Here's two important takeaways I think people should have...

1. If you represent an employer, you should never want to have employees that are adversarial with you. You want to be a good employer that encourages employees to like working there and seek the common good. Good employers should want to benefit employees, and employees should want the business to do well. It's mutually beneficial. If it isn't, rethink things. If you are doing things as an employer to negatively impact your employees beyond what is necessary (like making them work, lol) why? That's just shitty. If your employees hurt work just to hurt the business, why are you paying them? There's always someone who will appreciate the job. Be a team, or move on.
2. As an employee, you shouldn't want to work in an environment where you don't desire the success of the whole. Employment is a huge portion of our lives and being happy with your work, with your career, are keys to being a happy person. If you feel hostility towards your job or your career, move on. There are other employers out there. If we were more aggressive about leaving bad ones, bad ones would be less common. One of the reasons that bad employers thrive is because people just put up with it. And the more good employees put up with bad employers, the fewer good employers are out there.

While you make good points there is an obvious advantage for the company supplying IT and office equipment for the employee and that is taxation.

Most countries have sales tax and payroll tax so when an employee (not a company) buys something for his own money, that money has been heavily taxed already.

So in a win-win scenario for the maximum benefit of everyone, an employee should never buy anything for his own money that a company can buy.

@scottalanmiller said in SAMIT: Should You Still Be Using Disk Partitions:

@Pete-S said in SAMIT: Should You Still Be Using Disk Partitions:

Well, if you extend the definition of lvm then everything is using it

Everything should be using it, it's the only really logical approach in the modern world. The idea of hard partitions should have died long ago. But we saw people using it just today in an example, it's still out there in a lot of servers.

If you skip the LVM layer entirely today, you'd feel it. You'd lack snapshots, ability to resize (within reason), and all the flexibility we expect.

I know it seems weird to think about, but if you look at how LVM2, ZFS, a PERC and Qcow2 works... it's all identical under the hood. But it is all different from partitions, but the same as each other.

I think the only thing that makes it feel like these might not all be LVMs is that one of them used the name LVM2 23 years ago, and the others did not. In the Windows world they called their LVM "dynamic disks". Only on Linux and AIX did their LVM layer get called LVM or LVM-something. Everyone else gave it a product name rather than the category name.

In that case physical drives are using lvm too.

Mechanical disks can remap their logical sectors to physical sectors. SSDs even more so. And NVMe drives have namespaces which maps logical blocks into different independent "drives".

@scottalanmiller said in SAMIT: Should You Still Be Using Disk Partitions:

If you skip an LVM layer inside a server, you normally provide one from the outside. File based LVM systems like Qcow2 and others allow you to do some flexible things that don't require partitions such as resizing and providing different containers as completely different drives eliminating the need for partitions inside the containers because you can create an unlimited number of logical volumes.

Qcow2 on top of XFS or ETX4, for example, is the same as an LV on top of LVM. Just fatter. LVM2 is one type of LVM that works by making a super lean filesystem and making LV files on top of that. Qcow2 doesn't create the underlying lean filesystem and relies on traditional fatter filesystems like XFS or EXT4, but has basically all the same functionality - can be copied, resized, unlimited numbers, snapshots, etc. It's an LVM without the complex management layer.

The other approach is like ZFS, where the LVM layer is built into the filesystem itself. This is essentially the LVM approach + XFS or similar, but all through a single command line to make it feel like a single entity. But the layers remain the same regardless of it we break them out to an incredible degree like making file based virtual disks, if we have a management layer that does only that like LVM2, or we integrate it all into a single entity like ZFS.

Well, if you extend the definition of lvm then everything is using it