thegreekgeek
@thegreekgeek@midwest.social
- Comment on Alternative to Life360? 1 month ago:
Oh this is cool! It reminds me of aeGis from CyanogenMod back in the day.
- Comment on SSH through Tailscale sidecar container? 2 months ago:
Well that’s the thing, there’s no git user. I’m trying to directly ssh into the gogs container through the tailscale sidecar container via the tailnet, so I’m not going through the host machine. I’m just trying to see if there’s a way I can do it that’s a bit less fiddly than having to rebuild the container with the right user and whatnot.
- Comment on SSH through Tailscale sidecar container? 2 months ago:
Yeah and I figured that was the case. I’m just trying to figure out the best practice for my use case would be as I’d rather not have to build a new container. Also I’ve included the vvverbose output of the SSH attempt below.
❯ ssh -vvvT git@gogs.tailacbd65.ts.net OpenSSH_9.8p1, OpenSSL 3.2.1 30 Jan 2024 debug1: Reading configuration data /data/data/com.termux/files/usr/etc/ssh/ssh_config debug3: expanded UserKnownHostsFile ‘~/.ssh/known_hosts’ -> ‘/data/data/com.termux/files/home/.ssh/known_hosts’ debug3: expanded UserKnownHostsFile ‘~/.ssh/known_hosts2’ -> ‘/data/data/com.termux/files/home/.ssh/known_hosts2’ debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug2: resolving “gogs.tailacbd65.ts.net” port 22 debug3: resolve_host: lookup gogs.tailacbd65.ts.net:22 debug3: channel_clear_timeouts: clearing debug3: ssh_connect_direct: entering debug1: Connecting to gogs.tailacbd65.ts.net [100.126.96.115] port 22. debug3: set_sock_tos: set socket 3 IP_TOS 0x48 debug1: Connection established. debug1: identity file /data/data/com.termux/files/home/.ssh/id_rsa type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_rsa-cert type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa-cert type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa_sk type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519 type 3 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519-cert type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519_sk type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_xmss type -1 debug1: identity file /data/data/com.termux/files/home/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.8 debug1: Remote protocol version 2.0, remote software version Tailscale debug1: compat_banner: no match: Tailscale debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to gogs.tailacbd65.ts.net:22 as ‘git’ debug1: load_hostkeys: fopen /data/data/com.termux/files/home/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2: No such file or directory debug3: order_hostkeyalgs: no algorithms matched; accept original debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com debug2: host key algorithms: ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com lman-group14-sha1,kex-strict-s-v00@openssh.com debug2: host key algorithms: rsa-sha2-256,rsa-sha2-512,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc: aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96 debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug3: kex_choose_conf: will use strict KEX ordering debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:obfuscation! debug1: load_hostkeys: fopen /data/data/com.termux/files/home/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2: No such file or directory debug3: hostkeys_find_by_key_hostfile: trying user hostfile “/data/data/com.termux/files/home/.ssh/known_hosts” debug3: hostkeys_foreach: reading file “/data/data/com.termux/files/home/.ssh/known_hosts” debug3: hostkeys_find_by_key_hostfile: trying user hostfile “/data/data/com.termux/files/home/.ssh/known_hosts2” debug1: hostkeys_find_by_key_hostfile: hostkeys file /data/data/com.termux/files/home/.ssh/known_hosts2 does not exist debug3: hostkeys_find_by_key_hostfile: trying system hostfile “/data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts” debug1: hostkeys_find_by_key_hostfile: hostkeys file /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts does not exist debug3: hostkeys_find_by_key_hostfile: trying system hostfile “/data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2” debug1: hostkeys_find_by_key_hostfile: hostkeys file /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2 does not exist The authenticity of host ‘gogs.tailacbd65.ts.net (100.126.96.115)’ can’t be established. ED25519 key fingerprint is SHA256:obfuscation!. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added ‘gogs.tailacbd65.ts.net’ (ED25519) to the list of known hosts. ha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug3: kex_input_ext_info: extension server-sig-algs debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss> debug3: kex_input_ext_info: extension ping@openssh.com debug1: kex_ext_info_check_ver: ping@openssh.com=<0> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: tailscale debug3: start over, passed a different list tailscale debug3: preferred publickey,keyboard-interactive,password debug1: No more authentication methods to try. git@gogs.tailacbd65.ts.net: Permission denied (tailscale).
- Comment on SSH through Tailscale sidecar container? 2 months ago:
Ope sorry, right now I just have the serve config doing a redirect of port 22, however when I try to SSH in I get rejected by tailscale ACL. Says there’s no user named git.
If I followed the steps for the vanilla docker setup I’d add a git user to the host and softlink the host authorized_keys file to the gogs container’s version, as well as add a shim script to forward the command into the container using the docker exec command, but I’d rather not do that by mucking about in the sidecar if there’s a better way. The tailscale universal docker mod for linuxserver.io says they have ssh access for their containers but as far as I can tell it just pops in the --ssh flag in tailscale up.
- Submitted 2 months ago to selfhosted@lemmy.world | 6 comments
- Comment on Flipboard is going to let you follow fediverse accounts right inside the app 3 months ago:
It does! I haven’t configured mine yet but I use Feedme’s mobilizer to do the same thing at the moment.
- Comment on Just as a heads up, AutoDesk will start deleting your Fusion Files if you don't login once a year 3 months ago:
Damn them too? I guess I shouldn’t be surprised they’re both in the enshittification olympics. I moved away from F360 in favor on Onshape a while ago but started muddling my way through FreeCAD when I heard about Onshape.
- Comment on Just as a heads up, AutoDesk will start deleting your Fusion Files if you don't login once a year 3 months ago:
It is but you can’t sell any models you design on the free version because “TeRmS oF sErViCe”.
- Comment on FOSS Alternative to Chromecast? 3 months ago:
Amazon is working on adding casting capabilities to the Matter framework, but at the moment it’s only implemented in the Echo Show and on Prime video.
- Comment on What self-hosted services can help during a crisis or emergency? This is for those affected OR those who want to help 3 months ago:
So it’s like a LibraryBox with an Archiver?
- Comment on Immich v1.109.1 released with optional paid license 3 months ago:
Yeah this terminology just gives me the impression they don’t consider the AGPL to an actual license
- Comment on Wall Street Journal fires Hong Kong reporter allegedly over her role as chair of Hong Kong Journalists Association advocating for press freedom 3 months ago:
Wow, what assholes
- Comment on What's the ideal self hosted RSS setup? 4 months ago:
I use FreshRSS in a docker container both served and funneled from my tailscale network (can’t fetch feeds otherwise) and I read it on mobile with FeedMe. My main reason for using FeedMe is the customizable mobilizer though I’m pretty sure you can enable that in FreshRss as well.
- Comment on [Beginner] Proxmox & storage configuration 4 months ago:
This will save you a lot of pain lol
- Comment on Need help getting started 4 months ago:
I recently fell into this rabbit hole myself! Though I decided against hosting the blog myself(because I don’t want to do anything stupid lol) Nowadays for sites like that you can install a static site generator to automatically build the site based off of markdown files. I personally use Hugo but I hear good things about Jekyll too.
The way mine is set up I make a post or a page on my machine and push it to my backend github repo. Github detects a change and rebuilds the site with the new content using a github action, then uploads the whole public folder to my host at neocities.
- Comment on Options for equalizing temperature between the basement and the rest of the house in summer? 4 months ago:
If you’re looking for a commercial product it’s called a whole house fan. The tl;dr is there are vents in the places you want cooled connected to this fan that sits in your attic. Twice a day or so it exhausts the hot air letting it be replaced by the cooler basement air. Depending on the humidity you might need to run the AC to dehumidify the air a bit.
- Comment on Vladimir Putin peace terms slammed at Ukraine summit 5 months ago:
Oh look, a Nazi.
- Comment on Fallout 4 gets some further tweaks to its mod-destroying “next gen update” 6 months ago:
Well the last one broke F4SE so it basically did lol.
- Comment on Report: Microsoft to face antitrust case over Teams 6 months ago:
Well of course not, ever since they got that deal with Uncle Sam they knew they could do anything up to Steve Ballmer kicking a secret service agent in the nuts and stealing the Football. Maybe even including that, won’t know until it happens lol.
- Comment on Is anyone still playing Command and Conquer Generals (+ Zero Hour)? 6 months ago:
Same, Generals and Tiberian Wars were all right but RA2 and Tiberian Sun were my jam.
- Comment on Is anyone still playing Command and Conquer Generals (+ Zero Hour)? 6 months ago:
Before my deck crapped out I was playing around with OpenRA, that was pretty fun. Romanov’s Vengeance really scratched my Red Alert 2 itch.
- Comment on FreshRSS how to force articles not load in full length - (It's FOSS) 6 months ago:
Have you tried going into the setting for the feed itself and using the CSS selector filters? You might be able to cut out the extraneous bits using that.
- Comment on Finally, fans are getting what they've been demanding for years, a crossover event between the Kelvinverse and... World of Tanks 6 months ago:
BOLOS!
- Comment on Traefik 3.0 GA Has Landed: Here's How to Migrate 6 months ago:
Oof, that’s what killed my V1 setup lol
- Comment on Google Feed alternative 6 months ago:
They couldn’t effectively serve ads through it lol
- Comment on Stop Using Your Face or Thumb to Unlock Your Phone 6 months ago:
Or get a geofence warrant
- Comment on what's your fav recipe manager? 6 months ago:
I’m trying to find that out myself, just started playing with it yesterday. Right now I’ve got a personal store of recipes in CopyMeThat, and that’s got some nice features like meal planning and shopping lists but its not integrated into anything.
I’ve seen a few approaches so far, some guy on the forums has all the ingredients stored in the front matter and uses dataviewjs to display them in the note which allows for unit conversion but I think that’s too much, I still want to be able to read them without obsidian.
Right now I’ve got tags and method and ingredients in the front matter along with checklist add-on formatted tasks in the main part of the note. Eventually I want to have it pull a recipe at random and put it in my weekly note or something.
- Comment on what's your fav recipe manager? 6 months ago:
I’ve been using copymethat but I’m trying to move to obsidian.
- Comment on [deleted] 6 months ago:
Yeah I honestly forgot about this integration lol. Kinda want to see how I can work it into my setup now.
- Comment on [deleted] 6 months ago:
Im looking at dashy’s widget documentation and it doesn’t look like they have an API query widget quite yet. You could probably output the temp sensor as an RSS feed and pick it up with dashy’s datafeed widget.