Back to Home / #linode / 2019 / 10 / Prev Day | Next Day
#linode IRC Logs for 2019-10-19

---Logopened Sat Oct 19 00:00:03 2019
00:02<fergtm>a few days ago I asked about a problem with OpenSSL hardware acceleration. SSL sessions fail after transferring a few Mb of data with "SSL routines:ssl3_get_record:decryption failed or bad record mac"
00:03<fergtm>it turns out it only happens in AMD based Linodes, I ran several tests and I am pretty sure it works fine in Intel based linodes
00:03<fergtm>maybe there is a bug in OpenSSL hardware acceleration for AMD cpus?, or something specific to Linode?
00:03<dwfreed>it is probably something in KVM
00:04<dwfreed>or a bug in the AMD CPU (though somebody probably would have noticed by now)
00:04<millisa>you're seeing it on multiple distributions?
00:04<fergtm>I only tested in Ubuntu 18.04
00:05<millisa>do you have a simple set of steps to test with? i'm stuck waiting on windows updates tonight; could try on a few systems.
00:07-!-GeorgeJetson [~oftc-webi@135-180-25-205.fiber.dynamic.sonic.net] has quit [Remote host closed the connection]
00:08<dwfreed>millisa: I wish I could hide the 1903 update in WSUS without declining it
00:08<millisa>i wish i had windows systems new enough that they could get an update with a name like '1903'...
00:09<dwfreed>heh
00:10<dwfreed>I have 4 win server 2019 (equiv of 1809), 1 1903, and 2 1809 (soon to be 3); only 1 (soon to be 2) is physical, rest are VMs
00:11<fergtm>it is some custom software that I wrote so it is possible that I did something incorrectly, but maybe it can be reproduced with "openssl s_client" / "openssl s_server"
00:11<dwfreed>the 1 physical is one of the 1809s; only reason it's physical is it's an end user machine
00:13<millisa>i was down to zero physical at the beginnining of the year but $medicalsystemvendor said their system *had* to be metal installs... and then didn't want to use the latest OS.
00:14<dwfreed>wsus is so annoying to maintain
00:14<dwfreed>I suppose some of what I do to it can be cron jobs
00:15<dwfreed>I wish the server cleanup wizard could be easily scheduled, though
00:15<millisa>i hated using it. i used to hate running into problems with it and having to look for solutions because there was one guy that was really prolific that'd tell you how it should work
00:15<dwfreed>oh, it can
00:18<millisa>I remember bad-mouthing the guy somewhat recently and realized, I hadn't seen one of this posts about how things should work recently. and after a couple quick googles founds his obit... he was posting his well meaning responses all the way up to the last day
00:18<dwfreed>damn
00:45<dwfreed>I just noticed MMC is using 1 core
00:46<dwfreed>and it's the WSUS snap-in, of course
00:47*Ikaros snickers
01:06-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has quit [Ping timeout: 480 seconds]
01:09<FluffyFoxeh>millisa: D:
01:13-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has joined #linode
01:13-!-CodeMouse92 is "Jason C. McDonald" on #c++ #linode #packaging
01:14-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has quit []
01:26-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has joined #linode
01:26-!-AugustusCaesar24 is "Augustus Caesar" on #linode
01:44-!-V-Pariah [viciouspar@c-24-62-136-178.hsd1.ma.comcast.net] has joined #linode
01:44-!-V-Pariah is "Vicious Pariah" on #linode
02:24<linbot>New news from community: ip_vs module is not present <https://www.linode.com/community/questions/18990>
04:13-!-SirCuiBap [~oftc-webi@171.240.152.47] has joined #linode
04:13-!-SirCuiBap is "OFTC WebIRC Client" on #linode
04:13<SirCuiBap>i can't create my account
04:13<SirCuiBap>any support can help me, please?
04:15<@mtjones>Hello! Are you unable to sign up, or are you waiting to hear back from us after signing up?
04:19<SirCuiBap>i receive email cancel account
04:19<SirCuiBap>but i dont know why
04:23<@mtjones>Reply back to the email and we'll be happy to look into it. Alternatively, try signing up again and make sure to use the address that matches the payment card you sign up with. If you use a VPN or proxy, be sure to turn it off before signing up.
04:24<SirCuiBap>thank you so much
04:49-!-SirCuiBap [~oftc-webi@171.240.152.47] has quit [Quit: Page closed]
06:32-!-thiras [~thiras@195.174.215.70] has joined #linode
06:32-!-thiras is "Ant" on #debian #linode #tami
07:03-!-hays [~quassel@hays.user.oftc.net] has quit [Ping timeout: 480 seconds]
07:07-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has quit [Quit: Going offline, see ya! (www.adiirc.com)]
08:03-!-TJ- [~root@2a02:8011:2007:0:69b0:e4d2:7264:34ec] has joined #linode
08:03-!-TJ- is "TJ https://launchpad.net/~tj" on #linode #virt
09:17-!-amazaki [~amazaki@36.73.150.249] has joined #linode
09:17-!-amazaki is "amazaki" on #linode
09:19<amazaki>nick amazaki777
09:20<amazaki>helo
09:20<amazaki>hello
09:20-!-amazaki is now known as amazaki1
09:20-!-amazaki1 is now known as amazaki
09:20<amazaki>clear
09:20<amazaki>test
09:22-!-lex_ [~lex@71.17.172.11] has quit [Remote host closed the connection]
09:22<amazaki>quit
09:22-!-amazaki [~amazaki@36.73.150.249] has quit [Quit: leaving]
09:23-!-lex [~lex@71.17.172.11] has joined #linode
09:23-!-lex is "Despite All My Rage.." on #linode
09:23<Peng_>ah
09:23-!-lex is now known as Guest5302
09:25-!-descender [~heh@45.56.153.217] has joined #linode
09:25-!-descender is "Chong Kai Xiong" on #linode
09:48<FluffyFoxeh>ehlo
10:02-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has joined #linode
10:02-!-CodeMouse92 is "Jason C. McDonald" on #packaging #linode #c++
10:13-!-waltman [nunya799@c-68-81-107-5.hsd1.pa.comcast.net] has quit [Quit: leaving]
11:32-!-thiras [~thiras@195.174.215.70] has quit [Ping timeout: 480 seconds]
12:10-!-waltman [~waltman@c-68-81-107-5.hsd1.pa.comcast.net] has joined #linode
12:10-!-waltman is "Walt Mankowski" on #linode
12:19-!-thiras [~thiras@195.174.215.70] has joined #linode
12:19-!-thiras is "Ant" on #debian #linode #tami
12:24-!-joecool|mobile [~joecool@c-174-57-44-238.hsd1.nj.comcast.net] has quit [Quit: ZNC 1.7.4 - https://znc.in]
12:34-!-schaeffer [~schaeffer@li97-193.members.linode.com] has joined #linode
12:34-!-schaeffer is "noway" on #linode
12:41-!-joecool|mobile [~joecool@c-174-57-44-238.hsd1.nj.comcast.net] has joined #linode
12:41-!-joecool|mobile is "Joe" on #ck #linode
13:07<linbot>New news from community: Do I need to use Linode DNS… <https://www.linode.com/community/questions/18991>
13:18-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has quit [Ping timeout: 480 seconds]
13:38-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has joined #linode
13:38-!-CodeMouse92 is "Jason C. McDonald" on #c++ #linode #packaging
13:44-!-Hisham [~oftc-webi@2607:fea8:4e1f:fc25:79ad:588a:de5f:f59c] has joined #linode
13:44-!-Hisham is "OFTC WebIRC Client" on #linode
13:44-!-Hisham [~oftc-webi@2607:fea8:4e1f:fc25:79ad:588a:de5f:f59c] has quit []
13:52-!-stoned [~Nyle@000125dc.user.oftc.net] has joined #linode
13:52-!-stoned is "realname" on #linode
13:52<stoned>Hello
13:55-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has quit [Ping timeout: 480 seconds]
13:58<stoned>I just signed up an account and after which I found about the IRC, here I am. I've a question. I was on Rackspace for 10 years, and ran an email server for a few years, and all my emails went to inbox, never to spam. I hardly send emails, maybe couple of dozen a month if that. I couldn't afford RS any longer, it was costing upwards of a few hundred coupled with their minimal $50 service/support fee per month. Someone suggested I try out Digital
13:58<stoned>Ocean, and I migrated my services there, which was fairly painless, just tedious in setting up zones. Emails from DO's vps/droplet now go into gmail/yahoo/outlook etc. spam. All email tests return 10/10 for all kinds of tests. Someone mentioned that it's probably the ip which is internally spamblocked by google. When I sent using a amazon SES or mailgun, they go to inbox no problem. DO only has one location available in Santa Clara where I'm getting
13:58<stoned>an IP from and I don't know if imaging my server and trying another VPS ip to see if it's clean would help. So after all this background, I'm wondering if linode would be able to provide a good happy clean ip I can use for personal email, as I use mailgun and SES for news and other kinds of emails, which seem to work okay.
13:58<stoned>Tldr: looking for a clean ip that hopefully won't send emails to spam folder.
13:59<stoned>I did some looking online and lot of peopel say you guys have good reputation and low spam rates so you're golden. I just want to make sure before I make the effort to clone the server here
14:20-!-dannyAAM [~dannyAAM@saru.saru.moe] has quit [Quit: znc.saru.moe : ZNC 1.6.2 - http://znc.in]
14:20-!-dannyAAM [~dannyAAM@saru.saru.moe] has joined #linode
14:20-!-dannyAAM is "Danny" on #linode
14:39<millisa>you can certainly run mail servers on linode - they pretty proactive about keeping their setup clean
14:39<millisa>but it doesnt mean you cant end up on an IP that has been abused.
14:40<millisa>Many folks here advise relaying through one of the third party providers that specialize in that sorta thing, regardless of whether you use do/linode/aws
14:40<millisa>there's usually other value-adds they have (like unsubscribe, suppression when someone does report, reporting).
14:41<millisa>best bet is to start with a $5 nanode, do some testing of the IP you end up with, after setting it up with proper reverse/forward/ehlo, getting your spf prepped to account for it. and see how it looks
14:41<millisa>if it's good, you can always resize the linode to a larger one, or rebuild it completely and keep the ip
14:41<stoned>yes, I do use them for that use case. This use case is different. I have a custom webmail client for my editor as well currently at webmail.thestonedapes.com
14:42<stoned>I have a dozen or more domains, but my mx sending is always thestonedapes.com
14:42<stoned>I need accounts like hash@ and admin@ for each domain, where I do personal email
14:42<stoned>ARGH. I have not had this issue on RS. I guess they are too expensive for spammers to buy and abuse..
14:42<millisa>well, try them. it's cheap to test. some of us run successful mail sending and receiving setups on linode. if you are willing to put in the effort to keep your setup clean, the longer you stay on it, the easier it gets even
14:42<stoned>Yeah
14:43<millisa>you get root access to linux distribution you spinup; you can make any address you want work
14:44-!-Nyle_ [~Nyle@73.95.135.3] has joined #linode
14:44-!-Nyle_ is "realname" on #linode
14:51-!-stoned [~Nyle@000125dc.user.oftc.net] has quit [Ping timeout: 480 seconds]
14:52<dzho>oh, too bad
14:52*dzho was wondering if they had been running spf or even dkim
14:52<Nyle_>dunno where I disconnected
14:52-!-Nyle_ is now known as stoned
14:53<dzho>stoned: so
14:53<stoned>hi
14:53<dzho>stoned: were you running SPF or even DKIM on your other hosts?
14:53<stoned>yes, everything was hunky dory
14:53<stoned>I had a python script to talk to RS api, add records as needed, generated keys, put them in exim for use, etc. etc.
14:53<dzho>"everything" is a fluid concept here alas
14:54<stoned>I run tests, even on DO, I get 10/10 on all mail tests
14:54<grawity>my mail works fine on a linode, but you do want to get a dedicated IPv6 range instead of using the default
14:54<dzho>but yeah if you were generating keys for DKIM then that's a good sign
14:54<stoned>yeah, I did everything solidly.
14:54<dzho>grawity: interesting
14:55<stoned>I can't find a single problem in my setup. Which is where others in ##networking on freenode suggested it's probably because of the ip change
14:55<stoned>that DO ip probably has bad reputaiton with gmail and other hosts because of previous abuse
14:55<stoned>though I can't find my ip on any black lists
14:55<stoned>I am afraid if i move to Linode or another vps it may happen
14:55<stoned>But then, other say linode has a much better reputation for spam dealing
14:55<stoned>so I am hopeful
14:55<dzho>grawity: now that you mention it, at one point I might have disabled IPv6 on my mail server because I noticed sites bouncing it or flagging it if it came via IPv6
14:56<grawity>the last time I dealt with this (probably mid-2018), Gmail absolutely refused to take anything from London's default /64
14:57<grawity>I guess they track reputation on a per-/64 basis
14:57<grawity>IPv4? perfectly fine
14:57<grawity>dedicated /64 given by Linode? also fine
14:57<linbot>New news from community: Volume stuck in loading state in dashboard? <https://www.linode.com/community/questions/18992>
14:58<dzho>good to know
14:58-!-Nyle_ [~Nyle@97-122-88-163.hlrn.qwest.net] has joined #linode
14:58-!-Nyle_ is "realname" on #linode
14:58<dzho>I may have seen it mentioned here before but only now am I making the connection
15:00<grawity>(and yes I had DKIM and SPF; the exact same message would show up with dkim=pass via IPv4 and be refused via IPv6)
15:01*dzho nods
15:01<dzho>tbh I haven't bothered with DKIM yet, just SPF, which seems usually to be enough on IPv4
15:01-!-hawk [~hawk@0000fcb7.user.oftc.net] has quit [Quit: WeeChat 2.4]
15:01<dzho>also, I hadn't realized for a long time that the tooling around DKIM had gotten better
15:02<dzho>frustrating that one could use it and it still not matter
15:02<dzho>it's like, why does anyone bother
15:03-!-hawk [~hawk@0000fcb7.user.oftc.net] has joined #linode
15:03-!-hawk is "hawk" on #linode
15:03<Toba>fuck spammers for ruinign a great system for everyone
15:03<Toba>well not really that great I guess
15:04-!-stoned [~Nyle@000125dc.user.oftc.net] has quit [Ping timeout: 480 seconds]
15:11<Nyle_>I check all mail headers for the email that went into gmail spam
15:12<Nyle_>everything passes, everything looks ok, all tests are 10/10 etc.
15:12<Nyle_>It seems it has to be the new DO ip on their droplet. RS didn't have this issue. Bastards charge so much though! OMG
15:12-!-Nyle_ is now known as stoned
15:13<stoned>So what do you guys think?
15:21<dzho>I concur with what millisa said above.
15:32-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has joined #linode
15:32-!-CodeMouse92 is "Jason C. McDonald" on #c++ #linode #packaging
15:33<millisa>try it and see. linode bills by the hour, so you are only invested as much as that. they do some form of money back guarantee thing in the first 7 days too
15:34<millisa>there's probably even a promo code on the getting started page that can marginalize any testing you do further...
15:40-!-kenyon [kenyon@darwin.kenyonralph.com] has quit [Quit: irssi configuration]
16:11-!-descender [~heh@45.56.153.217] has quit [Remote host closed the connection]
16:45<nate>stoned: How did you send it from the server?
16:45<nate>Basic from something like a PHP mail() or such?
17:09<stoned>nate, mail client
17:23-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has joined #linode
17:23-!-AugustusCaesar24 is "Augustus Caesar" on #linode
17:35-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has quit [Quit: Going offline, see ya! (www.adiirc.com)]
17:47-!-wcpan [~quassel@2400:8902::f03c:91ff:fee0:f952] has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
17:47-!-wcpan [~quassel@2400:8902::f03c:91ff:fee0:f952] has joined #linode
17:47-!-wcpan is "wcpan" on #dot #linode #debian
17:51-!-Juma [~amir@185.3.145.80] has joined #linode
17:51-!-Juma is "Amir Uri" on #linode
17:51-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
17:56-!-Juma [~amir@185.3.145.80] has joined #linode
17:56-!-Juma is "Amir Uri" on #linode
17:56-!-stoned [~Nyle@000125dc.user.oftc.net] has quit [Quit: Leaving]
17:56-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
18:06-!-Juma [~amir@185.3.145.80] has joined #linode
18:06-!-Juma is "Amir Uri" on #linode
18:06-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
18:11-!-Juma [~amir@185.3.145.80] has joined #linode
18:11-!-Juma is "Amir Uri" on #linode
18:11-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
18:16-!-Juma [~amir@185.3.145.80] has joined #linode
18:16-!-Juma is "Amir Uri" on #linode
18:16-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
18:21-!-Juma [~amir@185.3.145.80] has joined #linode
18:21-!-Juma is "Amir Uri" on #linode
18:21-!-Juma [~amir@185.3.145.80] has quit [Read error: Connection reset by peer]
18:25-!-thiras [~thiras@195.174.215.70] has quit [Ping timeout: 480 seconds]
18:26-!-kwmonroe [~quassel@162.213.32.224] has quit [Ping timeout: 480 seconds]
18:31-!-kwmonroe [~quassel@162.213.32.224] has joined #linode
18:31-!-kwmonroe is "Kevin W Monroe" on #linode
18:37-!-dubidub [~dubidubno@2001:464b:151a:0:69f7:3259:2c79:7dd5] has joined #linode
18:37-!-dubidub is "Dubidubno" on #debian #linode
18:41<dubidub>I just got a very genuine looking email saying my payment has been declined, but it is a scam. Question is, how do they know I'm a Linode customer?
18:43<dubidub>SPF and DMARC failed but it was sent to my inbox because I have a filter to never send anything from linode.com to spam.
18:43<dwfreed>what's the sending mail server?
18:44<dubidub>https://hastebin.com/raw/xebixovamo
18:46<dwfreed>how long have you been a Linode customer?
18:47<dubidub>~10 years
18:50<dubidub>I whish the gmail filter could reject emails that fails SPF.
18:57<dwfreed>dubidub: so my guess is that your address was picked up in a dump posted online from one of Linode's previous compromises
18:58<dubidub>Linode has been compromised?
19:01<dwfreed>a few times
19:01<dwfreed>https://www.linode.com/2013/04/16/security-incident-update/
19:01<dzho>https://status.linode.com/incidents/ghdlhfnfngnh
19:02<dwfreed>https://www.linode.com/2014/01/19/an-old-system-and-a-swat-team/
19:06<dwfreed>https://www.linode.com/2016/02/19/security-investigation-retrospective/
19:07<dwfreed>my last link refers to the same incident as dzho's
19:22-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has joined #linode
19:22-!-AugustusCaesar24 is "Augustus Caesar" on #linode
19:22<AugustusCaesar24>should i change the default port 22 for ssh?
19:25-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has quit [Remote host closed the connection]
19:25*Peng_ shrugs
19:26-!-CodeMouse92 [~JasonMc92@00025241.user.oftc.net] has joined #linode
19:26-!-CodeMouse92 is "Jason C. McDonald" on #packaging #linode #c++
19:33<Unit193>Some people do, I wouldn't think of it as a strong security measure, but it can be useful to free up the port for endlessh. :P
19:34<Peng_>\o/
19:40<AugustusCaesar24>hardening ssh would be more important right?
19:41<virtual>AugustusCaesar24: I changed the port for ssh. It managed to be hidden somehow for > 10 years. now I get lots of failed login attempts. :P
19:41<AugustusCaesar24>why is that
19:43<virtual>because someone finally found the port I run it on. :P
19:46<DrJ>virtual: on all my servers I just use the firewall to only allow access to ssh/22 to IP addresses that ever need access
19:46<DrJ>if possible, that is the best way to go really
19:47<virtual>I know. But this one server is my 'open to the world' server. :)
19:47<DrJ>sounds scary
19:47<virtual>all other machines do have that limitation.
19:47<virtual>I'm not the only user...
19:47<virtual>and when travelling, this is the bastion.
19:48<virtual>I was debating port knocking, but that sounds like a faff.
19:48<DrJ>in that case, you should consider looking into Duo
19:48<virtual>duo.com?
19:48<DrJ>yes
19:48<DrJ>free for up to 10 users
19:49<DrJ>ni how much it is past that
19:49<virtual>10 would probably be enough
19:49<DrJ>https://duo.com/docs/loginduo
19:50<virtual>thanks - reading it now, this could be interesting, or a similar solution :)
19:50<DrJ>I also use them to protect the RDP on my home computer
19:50<DrJ>which ... if I need to SSH into one of my servers I RDP into that computer remotely and then SSH in
19:51<DrJ>which gets around the traveling issue you mentioned
19:51<DrJ>https://duo.com/docs/rdp
19:51<virtual>I don't have windows machines..
19:51<DrJ>ah, then disregard that
19:51<AugustusCaesar24>what do you guys recommend in security things to be aware of in server?
19:52<DrJ>AugustusCaesar24: not sure what you exactly mean
19:52<virtual>hah. I was writing the same.
19:52<DrJ>but maybe this will help: https://www.linode.com/docs/security/securing-your-server/
19:53<virtual>btw, not strictly true. I do have windows machines, btu they are only for games, and nothing serious is done on them.
19:53<virtual>no RDP though, I think, because they are windows 10 home?
19:54<DrJ>if they're linux I would just do the same thing really, but through ssh
19:54<DrJ>ssh protected by duo, of course
19:54<virtual>yeah - I like the idea, I have never used duo before but have heard the name. and it's an excuse to buy a yubikey. :P
19:54<DrJ>I like to have my servers firewalled off though because, if nothing else, it stops most of the constant brute force attempts
19:55<virtual>yeah, totally
19:55<DrJ>which, even if they fail still take up cpu cycles
19:55<virtual>maybe I should have a web based 'open ssh access' thing instead.
19:55<virtual>small pain everytime my DSL reconnects, but that's relatively rare.
19:56<virtual>now you got me thinking, DrJ :)
19:56<AugustusCaesar24>thats a good article
19:56<DrJ>I just use the duo mobile app virtual
19:56<AugustusCaesar24>thank you
19:56<AugustusCaesar24>ill look through that
19:56<virtual>Having a third party app requirement seems like a slight pain, is all.
19:56<DrJ>cool think about the app is you can just have it automatically prompt when someone does a successful login
19:56<DrJ>just hit accept or deny and done
19:56<virtual>interesting
19:57<DrJ>no entering 2FA codes at all
19:57<virtual>got it - that is cool.
19:57<DrJ>the ssh connection will just kind of "hang" after login until you approve/deny on the phone
19:58<DrJ>a hacker that actually entered a correct username/pass wouldn't even know what is happening
19:58<virtual>while i'm talking to you about it, and you know about it, how good is it with subsequent connections - allows them through?
19:58<virtual>or configurable?
19:58<DrJ>every connection must be authenticated
19:58<DrJ>you can create bypass rules though
19:58<virtual>ok
19:59<AugustusCaesar24>so yay or nay on changing port 22?
19:59<AugustusCaesar24>to something else
19:59<DrJ>if you had a script for example that does something over ssh you would probably create a special user for them and exempt them ... only acccept a private key login from that script too
19:59<virtual>AugustusCaesar24: If you can limit access to certain networks or IPs - that's always good.
19:59<AugustusCaesar24>so yay!
19:59<DrJ>AugustusCaesar24: I'm not a big "fan" of changing ports
20:00<virtual>that way, keep SSH on port 22, it confuses people less.
20:00<DrJ>I mean, it can help... but not much really
20:00<AugustusCaesar24>i think you said why you were not a big fan but i think i missed it
20:00<virtual>10+ years was a good run, DrJ. I felt sad when it finally stopped working :)
20:00<AugustusCaesar24>was it because of many login attempts?
20:00<DrJ>if someone is actually activally targeting -you- then changing port 22 will not help
20:01<virtual>it's security by obscurity, AugustusCaesar24 - and that doesn't really work.
20:01<DrJ>if its just brute force bots then strong passwords are usually enough
20:02<DrJ>virtual: not to say it can't help... but if I was a hacker and you were my specific target... that port change isn't going to stop me
20:02<virtual>if you can limit to cert based auth too, that's good.
20:03<virtual>DrJ: I agree. It just stops drive bys, until someone's port scan works.
20:03<virtual>(fail2ban usually limits those a bit too)
20:03<AugustusCaesar24>im not stopping all the hackers im just limiting the pool
20:10-!-kenyon is "Kenyon Ralph" on #debian #debian-ipv6
20:10-!-kenyon [quasselcor@darwin.kenyonralph.com] has joined #linode
20:36-!-schaeffer [~schaeffer@li97-193.members.linode.com] has quit [Quit: well, bye]
20:36-!-schaeffer [~schaeffer@li1272-136.members.linode.com] has joined #linode
20:36-!-schaeffer is "noway" on #linode
21:02-!-chesty [~chesty@whocares.crashbunny.com] has quit [Quit: the ting go skrra]
21:02-!-chesty [~chesty@whocares.crashbunny.com] has joined #linode
21:02-!-chesty is "chesty" on #moocows #linode
22:10-!-Eliz [sid49379@00020871.user.oftc.net] has quit [Server closed connection]
22:10-!-Eliz [sid49379@00020871.user.oftc.net] has joined #linode
22:10-!-Eliz is "Elizabeth" on #moocows #linode
22:13-!-goose [~goose@bucket.goose.ws] has quit [Server closed connection]
22:13-!-goose [~goose@bucket.goose.ws] has joined #linode
22:13-!-goose is "Anthony Edwards" on #linode #goose
22:16-!-mmustac [~matt@0001b77f.user.oftc.net] has quit [Server closed connection]
22:16-!-mmustac [~matt@97.107.141.137] has joined #linode
22:16-!-mmustac is "matt" on #linode
22:21-!-rdaniels [~rdaniels@00028dd0.user.oftc.net] has quit [Server closed connection]
22:21-!-rdaniels [~rdaniels@2600:3c03::f03c:91ff:fe4c:9244] has joined #linode
22:21-!-rdaniels is "rdaniels" on #linode
22:21-!-mode/#linode [+o rdaniels] by ChanServ
22:25-!-mwildman [~mew@00028d7a.user.oftc.net] has quit [Server closed connection]
22:25-!-mwildman [~mew@irc.wildman.online] has joined #linode
22:25-!-mwildman is "mew" on #linode
22:25-!-mode/#linode [+o mwildman] by ChanServ
22:28-!-neersighted [sid5776@id-5776.brockwell.irccloud.com] has quit [Server closed connection]
22:28-!-neersighted [sid5776@id-5776.brockwell.irccloud.com] has joined #linode
22:28-!-neersighted is "Bjorn Neergaard" on #linode #bcache
22:33-!-dzho [~dzho@tsuga.etrumeus.com] has quit [Server closed connection]
22:33-!-dzho [~dzho@tsuga.etrumeus.com] has joined #linode
22:33-!-dzho is "D. Joe" on @#glimpse @#freecodecamp @#gtalug #ceph #interlock #tardigans #moocows #linode #rocwiki #rocfoss #bash #debian-ubuntu #ubuntu-expats
22:34-!-AugustusCaesar24 [~AugustusC@99-190-112-116.lightspeed.irvnca.sbcglobal.net] has quit [Quit: Going offline, see ya! (www.adiirc.com)]
22:35-!-theckman [sid295081@id-295081.brockwell.irccloud.com] has quit [Server closed connection]
22:35-!-theckman [sid295081@id-295081.brockwell.irccloud.com] has joined #linode
22:35-!-theckman is "Tim Heckman" on #linode
22:39-!-Strykar [~wakka@strykar.user.oftc.net] has quit [Server closed connection]
22:40-!-Strykar [~wakka@strykar.user.oftc.net] has joined #linode
22:40-!-Strykar is "vector" on #linode #bitrig #bitlbee
22:40-!-cruxeternus [~cruxetern@secspeed.com] has quit [Server closed connection]
22:40-!-cruxeternus [~cruxetern@secspeed.com] has joined #linode
22:40-!-cruxeternus is "Crux Eternus" on #qemu #oftc #linode
22:43-!-DanielNM [amen@0001518c.user.oftc.net] has quit [Server closed connection]
22:43-!-DanielNM [amen@0001518c.user.oftc.net] has joined #linode
22:43-!-DanielNM is "-=[ Galatians 2:20 ]=-" on #linode #bitlbee @#mvlug
22:44-!-MartyniP [~BNC@ip01.martynip.co.uk] has quit [Server closed connection]
22:44-!-tonyyarusso [~anthony@tonyyarusso.user.oftc.net] has quit [Server closed connection]
22:44-!-MartyniP [~BNC@ip01.martynip.co.uk] has joined #linode
22:44-!-MartyniP is "Martyn" on #linode
22:44-!-tonyyarusso [~anthony@tonyyarusso.user.oftc.net] has joined #linode
22:44-!-tonyyarusso is "Anthony Yarusso" on #linode #debian
22:46-!-Kassandry [~Kassandry@kassandry.net] has quit [Server closed connection]
22:46-!-Kassandry [~Kassandry@kassandry.net] has joined #linode
22:46-!-Kassandry is "Kassandry" on #ovirt #linode
22:47-!-Kamilion [kamilion@copper.sllabs.com] has quit [Server closed connection]
22:47-!-Kamilion [kamilion@copper.sllabs.com] has joined #linode
22:47-!-Kamilion is "I am kamilion. But you knew that, didn't you." on #tardigans #moocows #linode #debian-next #debian
22:47-!-TecnoBrat [~tecnobrat@173.255.254.92] has quit [Server closed connection]
22:48-!-FastLizard4 [fastlizard@ridley.fastlizard4.org] has quit [Server closed connection]
22:48-!-FastLizard4 [fastlizard@ridley.fastlizard4.org] has joined #linode
22:48-!-FastLizard4 is "These violent delights have violent ends" on #linode
22:48-!-dcraig [craig@00017371.user.oftc.net] has quit [Server closed connection]
22:49-!-dcraig [craig@00017371.user.oftc.net] has joined #linode
22:49-!-dcraig is "dcraig" on #oftc #debian #linode-beta #tardigans #moocows #linode
22:49-!-TecnoBrat [~tecnobrat@173.255.254.92] has joined #linode
22:49-!-TecnoBrat is "Brian" on #linode
22:52-!-Nightmare [ddoscomin@2600:3c03::f03c:91ff:feae:ab7] has quit [Server closed connection]
22:52-!-Nightmare [ddoscomin@2600:3c03::f03c:91ff:feae:ab7] has joined #linode
22:52-!-Nightmare is "Kim" on #oftc #linode #moocows
22:52-!-atrus [~atrus@nickurak.ca] has quit [Server closed connection]
22:53-!-atrus [~atrus@nickurak.ca] has joined #linode
22:53-!-atrus is "Jeremy Nickurak" on #linode
22:53-!-jticket [~jticket@2600:3c00::f03c:91ff:fe7b:a156] has quit [Server closed connection]
22:53-!-jticket [~jticket@2600:3c00::f03c:91ff:fe7b:a156] has joined #linode
22:53-!-jticket is "Jeremiah Ticket" on #nvda #linode @#liblouis #debian-a11y #brltty #bitlbee
22:56-!-monokrome [~monokrome@206.189.221.66] has quit [Server closed connection]
22:56-!-Edgeman [~edgeman@dhcp-198-2-79-125.cable.user.start.ca] has joined #linode
22:56-!-Edgeman is "Edgeman" on #linode
22:57-!-monokrome [~monokrome@206.189.221.66] has joined #linode
22:57-!-monokrome is "Bailey Stoner" on #linode
22:58-!-raj [~raj@2600:3c03::f03c:91ff:feae:498] has quit [Server closed connection]
22:58-!-raj [~raj@2600:3c03::f03c:91ff:feae:498] has joined #linode
22:58-!-raj is "Raj" on #linode #help
22:59-!-Patches [~Chokai@musashi.kcad.pw] has quit [Server closed connection]
22:59-!-Patches [~Chokai@musashi.kcad.pw] has joined #linode
22:59-!-Patches is "Hackerman" on #linode
23:06-!-gmcharlt [~quassel@www.librarypolice.com] has quit [Server closed connection]
23:06-!-gmcharlt [~quassel@www.librarypolice.com] has joined #linode
23:06-!-gmcharlt is "Galen Charlton" on #linode @#kohaproject #gsoc-evergreen #kohasecurity @#litachat
23:10-!-spinoza-the-jedi3 [~c137@172.104.12.88] has quit [Server closed connection]
23:10-!-spinoza-the-jedi3 [~c137@li1747-88.members.linode.com] has joined #linode
23:10-!-spinoza-the-jedi3 is "c137" on #linode
23:10-!-sircmpwn [znc@0001bb67.user.oftc.net] has quit [Server closed connection]
23:11-!-asedeno [sid1037@id-1037.hathersage.irccloud.com] has quit [Server closed connection]
23:11-!-sircmpwn [znc@173.195.146.141] has joined #linode
23:11-!-sircmpwn is "Drew DeVault" on #qemu #linode #ii
23:11-!-asedeno [sid1037@id-1037.hathersage.irccloud.com] has joined #linode
23:11-!-asedeno is "asedeno" on #linode
23:18-!-devilspgd [znc@wtf.thedave.ca] has quit [Server closed connection]
23:18-!-devilspgd [znc@wtf.thedave.ca] has joined #linode
23:18-!-devilspgd is "Dave" on #linode
23:19-!-darkmage [sid313090@id-313090.stonehaven.irccloud.com] has quit [Server closed connection]
23:19-!-darkmage [sid313090@id-313090.stonehaven.irccloud.com] has joined #linode
23:19-!-darkmage is "scroll master" on #linode
23:23-!-Eugene [~eugene@kashpureff.org] has quit [Server closed connection]
23:23-!-Eugene [~eugene@kashpureff.org] has joined #linode
23:23-!-Eugene is "Eugene E. Kashpureff Jr" on #linode
23:25<linbot>New news from community: How do I Boot into Rescue Mode and run a malware scan on my Linode? <https://www.linode.com/community/questions/18993>
23:30-!-jogie_ [~jogie@mithril.jonlight.com] has quit [Server closed connection]
23:30-!-jogie [~jogie@mithril.jonlight.com] has joined #linode
23:30-!-jogie is "jogie" on #ceph #linode
23:34-!-MrRobot7 [sid176400@id-176400.charlton.irccloud.com] has quit [Server closed connection]
23:34-!-MrRobot7 [sid176400@id-176400.charlton.irccloud.com] has joined #linode
23:34-!-MrRobot7 is "MrRobot7" on #linode
23:34-!-MJCS [~script2@li1001-24.members.linode.com] has quit [Server closed connection]
23:34-!-MJCS [~script2@li1001-24.members.linode.com] has joined #linode
23:34-!-MJCS is "Moo" on #linode
23:42-!-encode [~encode@2600:3c01::f03c:91ff:fe96:d82a] has quit [Server closed connection]
23:42-!-encode [~encode@2600:3c01::f03c:91ff:fe96:d82a] has joined #linode
23:42-!-encode is "Access Denied" on #linode
23:44-!-Chex [~Chex@sleepl.northnook.ca] has quit [Server closed connection]
23:44-!-Chex [~Chex@sleepl.northnook.ca] has joined #linode
23:44-!-Chex is "Chex UpNorth" on #linode #debian-quebec
23:48-!-randallman [~randall@aardvark.randallman.net] has quit [Server closed connection]
23:52-!-phlux [phlux@00011407.user.oftc.net] has quit [Server closed connection]
23:53-!-phlux [phlux@2600:3c00::f03c:91ff:fe50:4af6] has joined #linode
23:53-!-phlux is "phlux" on #linode
23:54-!-randallman [~randall@aardvark.randallman.net] has joined #linode
23:54-!-randallman is "Randall Shutt" on #linode
23:54-!-karstensrage [~karstensr@nibbler.warped.com] has quit [Server closed connection]
23:54-!-karstensrage [~karstensr@2607:3f00:1:0:216:3eff:fecb:8004] has joined #linode
23:54-!-karstensrage is "Karsten S. Rage" on #linode
23:55-!-Peng_ [~mnordhoff@00012c51.user.oftc.net] has quit [Server closed connection]
23:55-!-Peng_ [~mnordhoff@00012c51.user.oftc.net] has joined #linode
23:55-!-Peng_ is "Matt Nordhoff" on #galileo #launches #privacytech #tor-project #Corsair #tor-dev #linode-beta #english #help #moocows #python #opendns #oftc #linode
23:59-!-jmic [~jmic@2600:3c02::f03c:91ff:fe73:3caa] has quit [Server closed connection]
23:59-!-jmic [~jmic@2600:3c02::f03c:91ff:fe73:3caa] has joined #linode
23:59-!-jmic is "Jeff Mickey" on #debian-amd64 #debian #linode #debian-next
---Logclosed Sun Oct 20 00:00:04 2019