Today I Learned: Storage expensive, Data priceless

We have a combination Plex Media/Minecraft/Archive server that we’ve had since we purchased our first 6TB Hard Drive on December 30, 2019 ($99.99 at the time). After some time we upgraded to our massive 14TB Hard Drive ($293.00 at the time) on October 16, 2021. It took a bit over a couple years to fill things up, and now we recently invested into a 16TB Hard Drive ($279.00 at purchase) to continue our storage needs.

$ df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda3       457G  288G  169G  64% /
/dev/sda1      1014M  202M  813M  20% /boot
/dev/sdd1        13T   12T   52G 100% /mnt/usb14
/dev/sdc1       5.5T  4.3T  962G  82% /mnt/usb03

Now it’s time to get this new drive ready for usage.

Read More

ssh port forwarding / ssh tunneling

I’ve always been curious on ssh port forwarding enough to experiment and learn it to be deadly enough. I currently have two machines that I’d like to test this with, both -L (local) and -R (remote).

I have a C7 host behind a router and a C8 host on the internet that I’ll be testing with.

Our set up is the following:

192.168.2.222:22 (c7 Host) <-> 192.168.2.1:* (router) <-> 159.203.99.198:22 (c8 host)

Local Forwarding

What I’m going to do is forward port 4444 on my c7 machine to connect to the c8 host on port 22 by launching the following on 192.168.2.222:

$ ssh -L 192.168.2.222:4444:159.203.99.198:22 localhost

At this point I can start a SSH session to 192.168.2.222 at port 4444. I’m prompted to log in at 159.203.99.198, and i’m good to go. As long as the command is running I maintain a connection.

To remove the login necessity I added ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys for passwordless local log in.

Remote Forwarding

Remote forwarding allows world-accessible hosts to provide access to internal hosts. In our previous scenario we forwarded from an intranetwork host to a world host. Now we’re gonna use that intranetwork host and make it so that if we SSH to the world host at port 4444 that we will be ssh-ing to our intranetwork host, bypassing the router.

On 192.168.2.222 I execute the following:

$ ssh -R 4444:localhost:22 159.203.99.198 -ldiffuser

On my world-accessible host I log in with “diffuser”, and the forwarding is set up.

On 159.203.99.198 I can ssh to localhost:4444 and connect as internaluser with ease:

$ ssh localhost -p 4444 -linternaluser

Due to how /etc/ssh/sshd_config has GatewayPorts set up by default I cannot connect with my home computer to my world-accessible host. I would have to restart sshd service after setting GatewayPorts=yes (by default it’s no)

Learning Docker: Take 1

It was time. I’ve been waiting for enough time to learn Docker and begin to get familiar with it. I’ve heard of it, seen it in action, and thought it was the coolest thing in the world and I had to learn it. I decided to take the dive off the actual Docker ship and descend into the depths.

So, I found a YouTube video from the Docker YouTube video channel (link: https://youtu.be/iqqDU2crIEQ). Albeit it provided me some terminology and knowledge, it didn’t really tell me everything I wanted to know, like some under-the-core or how docker did the docker thing. I learned how to build, ps, port forward, docker hub, and a Dockerfile, but then they went to docker-compose and I got lost.

So, after sitting on that video and registering all the information I decided to set a goal: Load minecraft in a docker container. This shouldn’t be difficult, as it requires java, some source files, and that should be simple.

Read More

SimpleSAMLphp / quick&ez

Background: For about 5 years at my place of work we have used a software called SimpleSAMLphp to help offer identity solutions to TVE (TV Everywhere) customers. In essence I have been one of a team of 20th century cable people.

This software, in it’s current version has been heavily customized to offer quick deployment solutions for new customers. All I can say is that it’s awesome running an Identity Stack with 50+ IdPs and 5000+ SPs.

I decided to see how quick I could set up a SAML SP -> IdP relationship between two Centos 7 Virtual Computers:

Read More

Server Upgrade Time!

So, it’s time to update my server! Currently, it’s hosted at DigitalOcean with an old Centos 6.5/2GB/40gb droplet. I pay a cool $20/month for my server for hosting, email, and about 10 other domains. It’s time to update!

So, I have to decide whether I will go with a Centos 7 or a Centos 8 image at $15/month. The only main difference is that I have to determine whether I need the updated Kernel and the additional updates and if my software/configs are easily portable to the new host.

Read More