Thanks for the comments. I agree on the general consensus, that once an encryption key enters the VPS, the encryption is compromised.
However, I’m thinking more in practical terms, eg. the service provider doing just casual scanning across all disks of VPS instances. Some examples could be: cloud authentication keys, torrc files, specific installed software, SSH private keys, TLS certificates.
Wow, I didn’t know reads deteriorate SSDs. What’s the reason? Is the rate significant?
5 k€? No wonder no one uses tape for home usage. You can come up with a lot of cheaper alternatives for that price.
Do unplugged SSDs eventually lose the data?
I use Debian stable because I’m tired of constantly twiddling with breaking stuff, I just want a distro that keeps working without issues and tinkering.
If you still want to learn Linux stuff and debug packages, then go for a bleeding edge distro.
That’s a name I haven’t seen in a while.
Use software owned by Oracle? Fuck that, I would rather get mauled by a bear.
What are you running on, a dead badger?
Just put your system configuration in Ansible playbook. When your distro has new release, go through your changes and remove ones that are no longer relevant.
For home, I recommend a dotfiles repository with subdirectories for each tool, like bash, git, vim, etc. Use GNU stow to symlink the required files in place on each machine.
Finnish indeed. I’m not aware of any alternative layouts. å is completely unnecessary for finnish, so maybe the layouts you mentioned could work.
Typing \ in those cases instead of _ is super annoying.
In my keyboard layout backspace is behind altgr.
Does alt+arrow work in your terminal?
What would be the most common username and hostname?
Are there even any default usernames in distros?
As for hostname, I think Debian defaults to debian.
This is the way.
Add unattended-upgrades, and never worry about security updates.
Owned by Oracle. Stay away from Oracle.
I guess MRU means Most Recently Used.
Please include explanations for abbreviations you mention.
I recommend just backing up the files.
But if you really have to back up the disk image, dd a copy of it, mount the copied image as loopback device, write the loopback filesystem full of /dev/zero, sync, delete the zero file(s), unmount, cp --sparse=always and store the result.
The reason for using the loopback image step is to prevent wearing out the SD card with writing the free space full of zeros every time you make a backup.
There may be an existing tool for this, but I don’t remember it.
Do you use dropbear and manually input the password to unlock the LUKS partition, or have you scripted something to automate that?