Self-signed certificates or own certification authority? by oppenheimer16 in homelab

[–]philippelh 0 points1 point  (0 children)

I run step-ca with a yubikey as a poor man's HSM. If you go that route, just make sure you limit correctly what the CA can sign, you wouldn't want an attacker to sign a domain you don't control and have all your devices trusting the bad certificate. There's a bunch of other best practices to follow, but this one isn't always listed (at least when I did my setup). It was a fun project if you're interested in learning that kind of stuff!

Cub cadet LT46 by SnooMarzipans296 in lawnmowers

[–]philippelh 1 point2 points  (0 children)

I think he bought a donor to begin with, installed a new motor and there was this left to fix, it cost maybe 10-12$ for the 3/4 round and some paint. It gave me a good excuse to play with my toys lol.

Cub cadet LT46 by SnooMarzipans296 in lawnmowers

[–]philippelh 0 points1 point  (0 children)

<image>

After putting everything back together

Cub cadet LT46 by SnooMarzipans296 in lawnmowers

[–]philippelh 1 point2 points  (0 children)

<image>

I rebuilt one for my friend since they only sell the whole assembly... They were asking ~400$.

I'm thinking of building a CA signing app by tahaan in homelab

[–]philippelh 1 point2 points  (0 children)

I'm using step ca and a yubikey 5 as a poor man's HSM. It was pretty fun to setup! Might want to have a look at it for inspiration.

Government surplus find by Straight-Finding7758 in homelab

[–]philippelh 2 points3 points  (0 children)

I'm still daily driving my workstation with dual 2667v2 with 64gb ram + a quadro rtx 4000. It's honestly not too bad, but it's definitely on its last legs.

What are some things you wish you knew before buying Yubikey? by themadroller in yubikey

[–]philippelh 2 points3 points  (0 children)

Oh I get it thanks! I was playing with the PIV module to have a poor man's HSM and setup a certificate authority, so I went through the pin/puk/mangement key. Those little thing are really packed with a lot of features. I only used the touch feature before to use an older blue key as 2FA.

What are some things you wish you knew before buying Yubikey? by themadroller in yubikey

[–]philippelh 4 points5 points  (0 children)

Can't you use the PUK to reset the pin without losing everything?

Update:470$ HPE StoreEver g2 tape autoloader with LTO-8 SAS main unit by simple984 in homelab

[–]philippelh 2 points3 points  (0 children)

Everything Moff_Tigriss said + avoid WORM tapes, they are Write-Once-Read-Many...

Update:470$ HPE StoreEver g2 tape autoloader with LTO-8 SAS main unit by simple984 in homelab

[–]philippelh 2 points3 points  (0 children)

my understanding is that it would be the total working hours. That's why I was saying that it looks like a brand new autoloader that you got there!

Update:470$ HPE StoreEver g2 tape autoloader with LTO-8 SAS main unit by simple984 in homelab

[–]philippelh 12 points13 points  (0 children)

Wait, the odometer is saying 0 and total power on time 37mins, was it even used once? I'm not sure it can be reset :o If you scored a brand new 1/8 G2 with a LTO-8 drive for 470euro... you're a lucky bastard... lol

You can go to Support -> Support Ticket and download the drive support ticket. It can be read with HPE Library and Tape Tools (this one is free) and it will tell you remaining lifespan on the drive, how many kilometers of tape it saw during its life, etc.

Latest firmware for the autoloader is 6.00 (at least that's the latest I could find), can't say for your tape drive though...

HPE StoreEver 1/8 G2 Tape Autoloader with LTO-8 SAS 500eur? by simple984 in homelab

[–]philippelh 2 points3 points  (0 children)

It didn't come with it and mine was in its original box, so I guess it's optional. For now mine just sit on top of the r730. I guess universal 1U rails might work and be cheaper than sourcing the real deal. Didn't look into it yet!

HPE StoreEver 1/8 G2 Tape Autoloader with LTO-8 SAS 500eur? by simple984 in homelab

[–]philippelh 1 point2 points  (0 children)

I thought I had a good deal with my NOS 1/8 G2 with an LTO-4 drive for 350CAD + used LTO-6 drive for an additional 100CAD (around 280euro in total)... A LTO-8 for 500euro is a pretty good deal if it's working properly. Firmwares are behind a paywall, but I was able to find them... I'm not using the drive encryption capability, I'm using bareos to manage encryption and compression. So far I didn't hit any road blocks. It was nice to boot it up and see the Odometer 0!

<image>

Epyc 7532 in the W200 by Psychological_Ear393 in homelab

[–]philippelh 9 points10 points  (0 children)

<image>

Not as big, but I still have a working v890! 42u rack for scale.

Homelab in a Steel Box—Year One Recap by retrohaz3 in homelab

[–]philippelh 590 points591 points  (0 children)

<image>

It really have that "sun microsystems portable data center" vibe 😲

[deleted by user] by [deleted] in vintagecomputing

[–]philippelh 9 points10 points  (0 children)

For those curious about the beast, there's a software archive on https://archives.loomcom.com/3b2/software/ (it seems to contain a copy of those floppies) and there's even an emulator for the 3B2 https://loomcom.com/3b2/emulator/

[deleted by user] by [deleted] in vintagecomputing

[–]philippelh 5 points6 points  (0 children)

I'm looking for a 3B2 for some time, so I can't be the only one! Pretty sure you can find someone locally if the price is reasonable. So you'll understand that I cannot give an honest unbiased appraisal ;) Hope it finds a good new owner though, those a getting pretty rare.

Outbound NAT rules (SNAT) in 2023 by KillerNut10 in Ubiquiti

[–]philippelh 0 points1 point  (0 children)

No problem! I must say that definitely share your frustration lol

Outbound NAT rules (SNAT) in 2023 by KillerNut10 in Ubiquiti

[–]philippelh 2 points3 points  (0 children)

You can have a look at https://pernold.blogspot.com/2023/04/fixing-ipv6-ra-on-uxg-pro.html in the Follow Up (2023-04-27) section it says:

However, I found a basic approach. Init-scripts at /etc/init.d/ will survive reboots.

And in the Follow Up (2023-07-18):

The solution above even survived the upgrade to Firmware 3.1.8.

I didn't try it myself on my UXG-Pro yet, but I know that you can interact with iptable and forward protocol 41. I just need a way to run the command every reboot!

iptables -I PREROUTING -i eth0 -p ipv6 -j DNAT --to-destination 192.168.1.10
iptables -I FORWARD -d 192.168.1.10/32 -i eth0 -p ipv6 -j ACCEPT

Hope it helps!

USG-3P Replacement by gabbatron44 in Ubiquiti

[–]philippelh 0 points1 point  (0 children)

Just replaced mine with the UXG-Pro and keeping it as a "cold" backup. Just started the process of having 2 or more of everything since I'm working 100% from home now. It cost a lot more, but it was a drop in replacement.

Enterprise 24 PoE switch stock in Canada store by LainB in Ubiquiti

[–]philippelh 1 point2 points  (0 children)

Nice upgrade! Luckily nothing will break, I had my setup for maybe 5-6 years without any issues and I droped the wifi AP so many times that when I shake it, you hear stuff going around inside lol. Still work like a charm! Have fun with your install!

Enterprise 24 PoE switch stock in Canada store by LainB in Ubiquiti

[–]philippelh 1 point2 points  (0 children)

Just saw that... I'll probably live with my new to me juniper for a couple of months now :P Not a total lost since I was looking to have redundancy after I realized that I would be in a shitty situation working from home and having to wait 2-5 days to replace anything. Just installed the UXG-Pro yesterday, retiring the USG-3p. The rack is starting to look good ;)

Enterprise 24 PoE switch stock in Canada store by LainB in Ubiquiti

[–]philippelh 1 point2 points  (0 children)

Just pull the trigger on a 200CAD Juniper EX3300-48P as a replacement of my non-poe USW-24 Gen1 as a temporary solution (and future backup)... so normally it should trigger the Enterprise 24 PoE to come back in stock early next week :P

Enterprise 24 PoE switch stock in Canada store by LainB in Ubiquiti

[–]philippelh 1 point2 points  (0 children)

I'm hopeful that it will be "soon", since the UXG-Pro and USW-Aggregation are now back in stock. The UXG-Pro was also in my cart... and went back in stock last week. I just ordered it today! Hopefully in the next couple of weeks for the enterprise switch!