What Makes openSUSE Special – Aeon & Kalpa Explained
Administered by:
#sysadmin
32 posts31 participants1 post today
Replied in thread
@lina np.
I think it's important to highlight such projects like https://cuiiliste.de and actually point people at it in the hopes that @ooni and @citizenlab add it to their test lists...
- Personally I did add it to my blocklist lists not as an endorsement [far from it!] but as a point of reference for #CUII...
Maybe someday I (or someone else) can get around and make a #VirusTotal - style #URL / #Domain checker that provides more than a mere "is clean" / "is sus" / "is dangerous" assessment but a more nuanced answers like:
- "This domain is blocked by CUII for alleged copyright infringement"
or
- "This domain belongs to #NSAbook"
and allow for granular, informed decisions (i.e. allow accessing it as a client, but blocking the entire #ASN from accessing one's Servers and thus block non-consensual #Scrapers that violate #RobotsTXT.)
cuiiliste.deCuiiListe.deDie CUII Liste zeigt dir, welche Domains von der CUII gesperrt sind und wie du die Zensur umgehen kannst.
The cloud is not (always) the best solution
Noticed that Debian went from bookworm to trixie recently. Pondered updating my Pis, then remembered I’m scheduled for surgery soon, and if something was to go wrong with the upgrade, and I couldn’t get it fixed before surgery, I would likely have no idea how to fix it afterwards.
Then thought about how OpenBSD system upgrades are a non-event. I wouldn’t have hesitated to turn the crank there.
I think this means my long-term task changed to “upgrade to OpenBSD on Pis.” #OpenBSD #SysAdmin
Terminator: The Ultimate Linux Terminal Emulator for Power Users
The default terminal emulator that comes with most Linux distributions is functional, but for serious work, you need something more robust. That's where Terminator comes in.
https://air-academy.org/terminator-the-ultimate-linux-terminal-emulator-for-power-users/
#linux #terminal #bash #infosec #tech #cybersecurity #devops #sysadmin
Air Academy · Terminator: The Ultimate Linux Terminal Emulator for Power UsersIn our line of work, efficiency is everything. Whether you're running multiple SSH sessions, monitoring logs, or executing commands across different systems simultaneously, having a powerful terminal environment can make all the difference. The default terminal emulator that comes with most Linux distributions is functional, but for serious work, you
My home desktop - 1 March 2000 - a Pentium 233 MMX.
The OS was Debian Linux - you can see a printed Tux near the keyboard.
No broadband connection, just a 56k modem.
Iomega Zip drive - so I could download stuff at Uni and bring it back home.
One year later, this became my first 24/7 server.
When I open a project's web page and find a guide to deploy it with Docker and also without it, I'm already liking that project.
Your servers have firewalls, you should too.
It's OK to set boundaries for yourself, especially over the weekend.
Disconnect from work. Disconnect from stress.
Reconnect to yourself.
How do we get Crawl-delay into the RFC 9309 robots.txt standard? Big tech hides behind RFC 9309 as an excuse to ignore Crawl-delay because they want to crawl as fast as they want.
It's Friday. So all 5 RHEL (Red Hat Enterprise Linux) servers get their `dnf update`, a reboot and are checked for running smoothly. On 3 servers I also updated the forgejo runner to the current version 9.0.3. Weekend can start!
(Yes, I update my private servers on a Friday so I have the weekend to fix stuff in case something goes wrong, thanks for asking ;)
UPDATE: All updates installed, all servers back online, no problems found.
Ma boîte recrute un⋅e responsable des systèmes d'information. On utilise beaucoup de linux, et on développe de temps en temps des petites applications internes. On bosse sur une conformité 27001. Il y a de quoi s'amuser et innover. L'équipe actuelle comporte deux personnes.
https://www.systerel.fr/actualites/offre-emploi/responsable-systemes-dinformation-h-f-dt_rsi/
#linux #sysadmin #jerecrute
SysterelIngénieur Systèmes d’Information H/F (DT_RSI) - SysterelVotre rôle sera de donner un nouveau souffle au SI face à la croissance de Systerel et aux nouveaux défis liés à la cybersécurité.
Why openSUSE Kalpa Is the Best KDE Immutable OS
Ubuntu Server 25.10 will drop wget from default installs, replacing it with wcurl, a curl-based wrapper offering simpler syntax 
This aims to reduce redundancy—wcurl handles most wget use cases, though wget remains supported and installable 
Also removed: GNU Screen & Byobu, with Tmux as the default terminal multiplexer 
Upgrades won’t remove wget
https://news.itsfoss.com/wget-removed-from-ubuntu-server/#fastcomments-widget
It's FOSS News · wget Removed from Ubuntu Server 25.10 Default Install (And No, It's Not Because of Rust)Ubuntu Server 25.10 drops wget by default; wcurl takes over.
Replied in thread
I remembered just now how upset certain people were at my last employer (in the finance industry) when we explicitly blocked Grammerly. Just use the built in stuff in Word and copy-paste the result into the customer support ticket or whatever. Or learn gud englysh.
Even back then it was so obvious you shouldn’t be sending confidential info to random third parties. Or hiring people without basic literacy.
#sysadmin
Even back then it was so obvious you shouldn’t be sending confidential info to random third parties. Or hiring people without basic literacy.
#sysadmin
2.5 Admins 259: New Web?
The Web is a mess of tracking and AI scraping so do we need a new one, would it even be possible, or is this the wrong question? Plus setting up servers in a garage where dusty woodworking is happening.
Replied in thread
If you're using the #activedirectory and AD CS, check this out 
http://github.com/Sleepw4lker/TameMyCerts
"TameMyCerts is a policy module for Microsoft Active Directory Certificate Services (AD CS) enterprise certification authorities that enables security automation for a lot of use cases in the PKI field."
"It supports, amongst other functions, inspecting certificate requests for certificate templates that allow the subject information to be specified by the enrollee against a defined policy. If any of the requested identities violates the defined rules, the certificate request automatically gets denied by the certification authority."
Got a #sysadmin question for y'all:
I have a network-based appliance that I'm trying to get an SSL cert onto. The interface has a "Generate CSR" button, but when I fill the form out, there is no Subject Alternative Name field. I can take the CSR and have our internal CA create a cert, but browsers won't like it due to the missing SAN. There is no console/ terminal on the device where I could generate the CSR manually.
Any ideas? If it matters, the internal CA is Microsoft's CA.
You asked for it, and size-capped telemetry retention in #Clickhouse is here in #Coroot v1.13! https://t.ly/vreLC
Specify the size of log and trace data you would like to keep, and Coroot will handle the rest: automatically dropping the oldest data when disk usage gets too high.