Victor

18, damn.

Much better. We try to be nice to each other here, treat each other with respect. I find it’s going nicely. 🙂

Mazel tov on your breaking free from Reddit! 🎈

Oh wait, maybe that expression isn’t really kosher anymore.

… Ahh shit.

That’s the most lucrative desk I’ve seen I think.

deleted by creator

ZSA Voyager, it’s the best keyboard I’ve ever tried and/or owned. The ergonomic comfort is amazing to me. Lots of easy but powerful customizability as well. Using the softest switches that it comes with, as well as those Shhhhock rings or whatever, for even more silence. I have the black edition.

That’s honestly the vibe yeah, less child looking I guess

Wow. Necky.

Awesome, same 😊 All the best to you buddy!

Dude I looked up Aphex Twin for the first time in a few years to listen to what kind of sound they have and I see the logo and think yo that looks kind of like the lambda from Half Life, right. Now this pops up in the feed!!

Thanks again, mate. So basically, if I’m exposing my junk to the world, and by junk I mean service(s), and by world I mean the open internet, I should do it using a reverse proxy and enable HTTPS, otherwise it’s not really very secure? Would that be a reasonable takeaway?

Yet again, thanks. Especially for pointing out the things you (may) be not so sure about. That’s admirable. 🫡

Okay cool, thanks for that follow-up and confirming my SHH setup seems reasonable. 🙏

There’s one thing I don’t really get though, with the whole reverse proxy thing and how that’s supposedly safer:

putting the resilient software (a good reverse proxy) infront of Jellyfin (or most other software) simply increases your security by having the more safe web server be the one interfacing with end users.

Like, once a user client has contact with the Jellyfin instance, via the reverse proxy, wouldn’t the Jellyfin instance be just as vulnerable as without the reverse proxy? Once a connection is established, or found to be available, you could just start exploiting away in the same way, right? Or wrong? If wrong, how? 😅 Maybe it’s too long for a text reply? Maybe I should watch some helpful video explaining how it works. 😁

Yes, even without this current news.

https://forgejo.org/compare-to-gitea/

That’s exactly what I do.

What I mean by making them in the pot is that the popped corn rise from the bottom (pushed up by newly popped kernels), also without a chance to burn, whereas in a microwave all the corn will continue to be zapped by the electromagnetic waves even after being popped, for a significantly higher risk of burning.

Even if you keep the pot too long in the stove/hob, only the very bottom layer of corn will burn. 👍

Could you explain a bit more?

Like, right now, I have two machines on my local network. Both are running sshd on port 22.

In my router, I’ve set the port forwarding to be some high port number in the 19000’s to forward to port 22 on the first machine, and then the same high port number incremented by one (1) to forward to port 22 on the second machine.

Also key based login only of course.

Is this insecure in some way?

Would a VPN make connecting to my computers more secure somehow? I’m not sure I understand how if so.

What I meant with the Jellyfin question was kind of, how is having it exposed via a reverse proxy different from exposing its port right away? Is it because the only allowed connection would be HTTPS/encrypted etc, maybe?

I’ve never set up a home network apart from physical cables and using routers and switches before, no advanced site/network configuring. Definitely interested to learn more though for when I want to serve a real media center using a NAS and like a Pi.

Touché

This sounds like a blocker for me to not switch to Jellyfin… What else is in there that’s equally severe?

having your ssh port blocked in the firewall being second

So like if I want to access my PC from outside, is it enough that I don’t have a firewall installed but that I open up some random port and redirect it to my PC’s port 22, and then connect to it via the random port?

make sure you aren’t accidentally exposing jellyfins port directly to the internet

Same thing for Jellyfin?

No NSFW tag I guess

avocadoes

Both forms are accepted. 👍