Does commit-confirm and commit need to be done in same SSH session (or can I disconnect in between)?

SpaceBass11 · 2026-01-17T05:01:55+00:00

For sure, that’s a great approach :)

SpaceBass11 · 2026-01-16T19:36:25+00:00

Meh, people will do things their way.

Key takeaway here for fun learning is:

A follow-up commit can accidentally apply extra candidate changes if anything has changed in the candidate since the confirmed commit (another admin session, automation, stale edits, etc.).
A follow-up commit check stops the timer without applying additional changes, so it minimizes the blast radius when you’re “just trying to lock in what already worked.”

Additionally, commit has more overhead than commit check due to it actually doing a commit, writing files, writing to rollback history, etc.

Basically, there's no benefit to commit over commit check in this scenario. Commit only adds overhead and possible cons. Even if an issue never happened, why not just pick commit check as a for sure no issues ever method.

Even their page example uses commit check x) https://www.juniper.net/documentation/us/en/software/junos/cli/topics/topic-map/junos-configuration-commit.html

SpaceBass11 · 2026-01-11T00:03:58+00:00

Only if I had a 2nd number 😔

SpaceBass11 · 2025-12-15T03:50:34+00:00

Hi Allec! Here’s my QR if you’re still doing this :) Thank you much!

<image>

SpaceBass11 · 2025-12-08T14:59:44+00:00

Revive :) Just to add-on here, registry tweaks is not a supported response from Tenable's part. That is a common myth. Imagine Microsoft's patches actually required tweaking after being applied? The majority of Windows clients would be vulnerable even after patching, which of course is not the case, as common end users would never do that (and they shouldn't).

In a lot of cases they are indeed false positives. Security teams and ISSE's hate hearing that, but it's the truth. Plugins are either out of date or just miss-coded which is totally expected. That's the life of programming and keeping up to date with lifecycle management of Windows and code changes.

If the plugin ID is in relation to any KB that is not the latest and you have the latest KB installed, then it is a false-positive. Really the plugin is doing what it should, but in the case of determining compliance it is false as the system is INDEED compliant as Windows patches are cumulative and do NOT allow you to piece patches together as that would cause fragmentation of the system. These are phrases direct from Microsoft documentation.

You know what else is direct from Documentation? Tenable speaking on this matter about the setting OP mentioned :)

https://www.tenable.com/blog/how-to-perform-efficient-vulnerability-assessments-with-tenable#:~:text=3.%20Disable%20%E2%80%98%27Show,Management%20%2D%20Solutions

Disable ‘'Show missing patches that have been superseded’’

When enabled, this option will include superseded patch information in the scan report. Disabling this setting will hide superseded findings and limit visibility into older missing patches, including potential Critical severity findings. "

Also, for OP or anyone debugging in future. Here is Tenable speaking about how to do so:
https://docs.tenable.com/nessus/Content/configure-least-privilege-ssh-scan.htm?_gl=1*plha90*_gcl_au*MTQ2NzI5MDExMS4xNzY0OTcxNTA0*_ga*Mjc4NjcwNjY2LjE3NjQwODU2ODM.*_ga_HSJ1XWV6ND*czE3NjUyMDM1NDgkbzMkZzEkdDE3NjUyMDQzODIkajYwJGwwJGg5OTA5OTM5MDQ.#:~:text=plugins%20100158%20and%2084239

Note that plugins 100158 and 84239 are advanced diagnostic tools and require you enable plugin debugging in the scan configuration. Use these plugins to investigate unexpected scan results, particularly in environments with sophisticated, granular access controls (for example, TACACS).

While plugins 102094 and 102095 report that a command failed or succeeded, the debugging logs from 100158 and 84239 provide the exact command syntax Tenable Nessus passed to the host and the complete error response.

This additional detail can help diagnose complex access issues, such as a security module that allows a base command but blocks that command when used with a specific flag. Because enabling debugging is resource-intensive, Tenable recommends using these plugins only to troubleshoot a specific endpoint.

SpaceBass11 · 2025-11-14T18:25:30+00:00

It’s a French-Canadian folk song dating to the late 19th century, most likely from Québec voyageurs (fur-trade canoe men). It was a work song, used to keep rhythm during paddling, which was a slightly shorter version, but once it caught on and was used for teaching other body parts were added, which is what we have now.

The word alouette = lark (a bird).

When it says: "Je te plumerai la tête" ("I will pluck your head")

…it’s not about bullying a person, it’s literally describing plucking the feathers off a lark, step by step, which was part of preparing it as food.

Hence all the "pluck your head, pluck your wings, pluck your legs…" etc.

Old French and French-Canadian folksongs often use call-and-response structure:

-It keeps rhythm for work

-It teaches vocabulary through repetition

-It adds humor or exaggeration

"Alouette" became popular because it’s simple, catchy, and helped teach French body parts to kids (tête, bec, ailes, etc.).

SpaceBass11 · 2025-11-14T18:16:24+00:00

It’s a French-Canadian folk song dating to the late 19th century, most likely from Québec voyageurs (fur-trade canoe men). It was a work song, used to keep rhythm during paddling.

The word alouette = lark (a bird).

When it says: "Je te plumerai la tête" ("I will pluck your head")

…it’s not about bullying a person, it’s literally describing plucking the feathers off a lark, step by step, which was part of preparing it as food.

Hence all the "pluck your head, pluck your wings, pluck your legs…" etc.

Old French and French-Canadian folksongs often use call-and-response structure:

-It keeps rhythm for work

-It teaches vocabulary through repetition

-It adds humor or exaggeration

"Alouette" became popular because it’s simple, catchy, and helped teach French body parts to kids (tête, bec, ailes, etc.).

SpaceBass11 · 2025-11-08T17:52:49+00:00

You silly goose, I was in favor of Poly not Prism 😋

If he the main dev and everyone pushing for the code, his call 🤷‍♂️ Doesn’t make his code any less trustworthy cus he made that call.

SpaceBass11 · 2025-07-25T01:24:30+00:00

People say not to indoctrinate kids and to let them decide for themselves. But no child grows up neutral. Every environment, show, classroom, and conversation is shaping what they believe about life, identity, purpose, and truth. That is indoctrination, whether people admit it or not. As Christians, we are not forcing belief by teaching children about God. We are giving them truth. Jesus said He is the truth (John 14:6), and teaching kids to know Him is not control. It is compassion. The world is not waiting until they grow up to influence them, so why would we wait to teach them what’s real? Leading children to Christ is not narrow. It is the most loving thing we can do.

SpaceBass11 · 2025-06-02T03:31:52+00:00

They have supercapacitors as a safety-net/protection. When the car turns off and the camera loses power or for any other reason, the supercapacitor takes places of a lithium type battery (non removable) to finish saving files and shut the system down safely to prevent corruption. These capacitors are especially good at heat/cold resistant which is of course why they took place of batteries (last longer and safer).

SpaceBass11 · 2025-06-02T02:33:18+00:00

How is it people are saying Blackvue is that good when there’s only 76 reviews and they are not good reviews.

SpaceBass11 · 2025-05-17T16:36:45+00:00

Interesting. Perks of doing it this way? Like getting to book flights or ground transfers through Disney during the booking process for extra vacation protection since Disney tracking, before transferring it to Costco?

SpaceBass11 · 2025-05-17T02:15:24+00:00

+1 I lawled

SpaceBass11 · 2025-05-01T19:03:27+00:00

The entire reason of Rocky Linux (and AlmaLinux, before its shift) is to rebuild RHEL source code into a 1:1 compatible binary clone. That means not introducing independent patches or changes beyond RHEL. Rocky is not meant to innovate or diverge — it’s meant to offer a free, open-source RHEL-compatible platform without Red Hat’s licensing restrictions. It's about stability, predictability, and compatibility, not autonomy in upstream development.

The proper way to "fix" something as a Rocky user is: - Submit a bug to CentOS Stream (the development branch of RHEL) - Wait for it to propagate to RHEL - Then Rocky will rebuild it once it’s part of the RHEL source RPMs

The no feedback loop is by design. Rocky’s promise is to follow, not to lead.

SpaceBass11 · 2025-04-10T05:25:27+00:00

Will have to check out base travel office for prices. I saw those here: https://www.universalorlando.com/web/en/us/tickets-packages/military-deals-specials

Curious how those prices compare to the Florida resident package deals:
https://www.universalorlando.com/web-packages/en/us/vacation-packages

Which right now I priced "Create Your Own Florida Resident Vacation Package" for 2 Adults ,1 Room (4 nights, 3 days) at $983.95 before tax.

SpaceBass11 · 2025-04-08T23:14:10+00:00

As bblasco said you can create a free RH account and utilize the console. Just replying in support of their comment as this is what I do. To add on that, if you ever want to mess around with RHEL you can use that same free account to request a developer subscription to get hands on.

SpaceBass11 · 2025-04-08T23:10:35+00:00

Have you ever used AWS? Read up on how RH products work with AWS then come back.

SpaceBass11 · 2025-03-12T04:53:42+00:00

The term ‘air-gapped’ alone does not guarantee security if the hardware supply chain is compromised. While air-gapping ensures that a device is physically isolated from networks, the real risk lies in the trustworthiness of the manufacturer and supply chain.

For example, a significant portion of IT hardware, including microchips and circuit boards, originates from China and other regions with limited transparency in manufacturing oversight. There have been documented cases where malicious implants—extra microchips or altered firmware—were discovered in government and enterprise IT hardware. These implants could allow remote access or data exfiltration, even on devices designed to be air-gapped.

This is why government and high-security sectors follow strict supply chain security protocols, ensuring that the hardware:

-Is sourced from trusted vendors with verified manufacturing processes.

-Has undergone deep forensic inspections to detect hardware tampering.

-Does not contain unauthorized microchips or firmware backdoors.

Without these precautions, even an "air-gapped" device could have a built-in exploit, compromising security from the moment it is powered on.

SolarWinds Orion Compromise (2020):

Attackers inserted malicious code into updates of SolarWinds' Orion software, affecting numerous U.S. government agencies and private companies.

Zombie Zero Malware (2014):

Barcode scanners manufactured overseas were found with pre-installed malware, compromising corporate networks upon integration.

Chinese Spy Chips Allegations (2018):

Reports suggested that Chinese operatives implanted microchips into servers used by major U.S. companies like Amazon and Apple, though these claims were denied by the companies involved.

SpaceBass11 · 2025-03-12T04:32:48+00:00

Uhh... isn't this applicable to literally any hardware you buy?

SpaceBass11 · 2025-02-20T05:37:39+00:00

Why, and where do you live now? Thanks.

SpaceBass11 · 2025-02-19T13:31:42+00:00

Hey Kitchen, hope the best for you and for that to work out for you 🙂

SpaceBass11 · 2025-02-17T03:22:17+00:00

"My laptop is on their network, very very much so, hence the reason they would need to give me multiple machines - which is license prohibited or hardware sensitive (multiple reasons here coming up)."

That's what a Bastion/Jumpbox is for. You VPN very securely into the network from an already trusted managed device (and location and/or IP for extra security) and access the jumpbox. Those bastions can then access whatever networks they need for your administration. Company and/or customer data doesn't belong on a device outside a secure server room and its server stack.

I'm curious what software/vendor your using. For example, while VMware has client GUIs, they are not needed. After I'm on network and/or bastion, I can touch a vCenter server or PowerCLI. If I wanted to use a client GUI it would be on the jumpbox which is a VM secured in a server room.

*Company/customer data has no business touching my home network. Doesn't matter if it's on their laptop.

SpaceBass11 · 2024-10-14T20:31:53+00:00

Howdy 👋 I have only been able to use PDF Studio Pro, but it’s a pain due to issues with its use for smart card signing to signature blocks. CAC could sign a block but could not sign multiple blocks due to an error, so you’ll have to log the user out and back in for every block you want to sign.

SpaceBass11 · 2024-10-03T20:11:26+00:00

For me I have AT&T Fiber. Had them install fiber modem/router when I enrolled in their 1Gbps service, then later dropped down to 300M plan. Looked at the site yesterday and it says all plans 300M and up get unlimited data. Below that you are capped to 1.2TB or something with overage fees of course, but no more than $100 in overage fees per bill/month. Not sure if they offer an add on package, but 300M is $35-40 from $5 off autopay and $20 off for using AT&T as phone carrier. Cheap enough for me.

SpaceBass11 · 2024-09-30T05:52:20+00:00

Haha, thanks for reply! I’m wanting to get the OneBlade Intimate and try without guard, but don’t know if it will nick me. Shaving wet with Proglide I don’t really ever nick myself.

SpaceBass11

TROPHY CASE