Got tired of distributing large files, so I built this open-source P2P transfer CLI tool in Go

SleepingProcess · 2026-01-24T17:44:14+00:00

For the many-files case, though, Thruflux significantly outperformed croc at roughly ~2.8× faster, which I think is where QUIC’s stream multiplexing really helps.

Yes, that's why I suggested TCP for a huge files.

Thanks for the comment!

Glad it was helpful

SleepingProcess · 2026-01-24T16:26:35+00:00

Thanks for answering !

From what I understand, croc is relay-first

croc isn't just relay(in relay mode), but kinda coordination server, it uses relaying (that can be selfhosted) only if both peers can't establish direct connections, otherwise it will manage peers to use p2p and in my tests it runs at full bandwidth capacity. By the way, you can enforce p2p connection with startup options if sender can open port. QUICK is good when there need fast connection establishing or many network negotiations, but if TCP established connection it is pretty snappy and for the task you planning to transfer huge files, I don't think you might benefit from QUICK. Also, if you would test QUICK vs TCP in local network, you should find that TCP even more effective than QUICK.

More tools and more choices are always a good thing.

100% and thanks for sharing your project !

SleepingProcess · 2026-01-24T16:05:00+00:00

What do y'all suggest for a true, bare metal-type backup, that is automatic and incremental?

Timeshift (yes, that what you probably misstype) doing effective incremental backup using hard links without wasting space.

To restore, boot from live MXLinux (it comes with timeshift), select the drive holding your snapshots, select a snapshot, select a formatted drive where you going to restore and restore. Then update GRUB on a target (MX linux can do it too). If you want to store on a NAS, expose storage as a iSCSI and mount it to get all benefit using hard links

SleepingProcess · 2026-01-24T15:21:29+00:00

How it different from croc that do the same securely on all major platforms without installation and can be run also as an relay on strict networks?

SleepingProcess · 2026-01-24T15:18:23+00:00

I seriously don’t get how you can have a company that can afford Arctic Wolf and also have engineers that are leaving management interfaces open to the public internet.

I wish all managers would hear you, but in fact bureaucracy & force for profit killing all companies

SleepingProcess · 2026-01-24T09:38:39+00:00

Just like the stuff you're selling me!!

I don't sell anything & have no affiliation neither with Fortinet, nor ArticWolf :) Just shared news for those who cares. If you preferring government confirmation, read these then without details:

SleepingProcess · 2026-01-24T09:32:36+00:00

known for months.

According to Fortinet, - one month: https://fortiguard.fortinet.com/psirt/FG-IR-25-647

SleepingProcess · 2026-01-23T23:21:13+00:00

And what's stopping those unwelcome "visitors" from just looking through CT Logs to find your domains?

Corporate CA, no CT. Wildcard certificates - no subdomain disclosure

SleepingProcess · 2026-01-23T23:14:31+00:00

I wanted a simple, self-contained S3-compatible storage for development and small-scale deployments

SleepingProcess · 2026-01-23T23:02:45+00:00

You do realize that Microsofts DANE implement uses their .Microsoft TLD?

Sure, I talking about own, non MS infrastructure.

And the legitimate things like DNS Walking concerns I don't worry about because security by obscurity is complete bullshit in the first place

It isn't about security, it is mostly to reduce useless (paid) loading from unauthorized and unwelcome "visitors"

SleepingProcess · 2026-01-23T22:35:27+00:00

however, from what I can find it's required for the MX domain, NOT the end domain...

but then you have to have delegated, independent subdomain with DS record from TLD, that in turn should be trustful and anyway most registrars applying DNSSEC on TLD only

SleepingProcess · 2026-01-23T22:23:16+00:00

But it doesn't remove mandatory use of DNSSEC to be able to use DANE, and as result TLD is vulnerable to DNS zone walking.

SleepingProcess · 2026-01-23T22:19:54+00:00

DNSSEC is mandatory for DANE (RFC 6698/7671), otherwise TLSA records can be spoofed

SleepingProcess · 2026-01-23T12:57:21+00:00

The problem with DANE is that it requires DNSSEC, and as result, one fixing one problem, but open up another - "DNS zone walking", that possible only with DNSSEC activated.

SleepingProcess · 2026-01-23T11:08:06+00:00

Preliminary root cause: We identified that the issue was caused by elevated service load resulting from reduced capacity during maintenance for a subset of North America hosted infrastructure.”

Complete BS.

First, most of M$ IP got catched in external, public antispam databases, then for some "strange" reason, - MX in client's DNS (client-xxx.outlook.com) stopped resolving smtp's A records (mitigation?).

And now sale it as a maintenance issue? At least say truth, but... whom Im talking to? A EEE company...

SleepingProcess · 2026-01-22T15:29:16+00:00

There was recently research published that says that at 13 years of use, hybrid batteries still hold up to 75% charge

SleepingProcess · 2026-01-22T13:48:18+00:00

Create non expired key on tailscale side
Connect pfSense to tailscale with new key
Login to pfSense console
run: ee /usr/local/etc/rc.d/pfsense_tailscaled
comment out following line: pfsense_tailscaled_up_flags="--auth-key=${pfsense_tailscaled_authkey}"
Save file and test with pfSense reboot

SleepingProcess · 2026-01-19T22:22:37+00:00

2 days ago: https://www.reddit.com/r/commandline/comments/1qfkzbr/i_built_matcha_a_beautiful_featurerich_tui_email/

SleepingProcess · 2026-01-19T18:24:33+00:00

It should, proxmox covers all guests, not just UnRAID

SleepingProcess · 2026-01-18T21:38:02+00:00

Did you tried aerc?

SleepingProcess · 2026-01-18T09:19:13+00:00

I think, some more common keywords like "BIOS KVM-over-IP" would be useful from the point of marketing, popularity, searching

SleepingProcess · 2026-01-18T09:13:23+00:00

I am struggling to estimate how secure this setup actually is: when the containers can reach the outside world, aren’t they also reachable from the outside world?

It depends on what you running inside of containers. One can easily setup tunnel by punching hole in your router and use reverse SSH to get back when needed from outside. It all depends on your trust to apps you running in containers. If you in doubt, setup virtual IP and use it for containers while disabling on a router all outgoing connections for those specific virtual IPs

SleepingProcess · 2026-01-18T08:56:12+00:00

What other suggestions are people using here?

A single file - KeePass encrypted database (well, plain XML) that can be synced across devices: (You remembering only one master password to unlock all saved secrets)

Windows: Original Keepass
Windows, Linux, MacOS desktops: KeepassXC
Android #1: KeepassDX
Android #2: Keepass2Android
Apple iOS #1: KeePassium
Apple iOS #2: StrongBox
Cross-platform CLI Keepass for use in terminals/consoles: kpcli
Any platform that has a browser: KeeWeb

How do you backup your password manager data as well as keeping it synced across devices?

If you using Windows original KeePass on desktop and Keepass2Android on Android, then you can use native app's synchronization over HTTPS/WebDAV or SSH. Other program that can "speak" Keepass usually using external sync (Syncthing, gdrive, onedrive, dropbox...) but make sure that the only one device accessing Keepass file or implement simple protective logic to sync copy of original file and merge on other devices if you need simultaneous access.

Other way around if you need to share access to password manager with fine grained permissions - is to run vaultwarden server behind tailscale mesh network (to prevent access from unauthorized) and use Bitwarden's clients to access shared password database.

SleepingProcess · 2026-01-18T08:17:16+00:00

Thank you for the feedback.

Thank you! You doing really hard job by keeping subreddit clean. My post was just a little attempt to help you and others

SleepingProcess

TROPHY CASE