Lots of new people coming in today, and there will be lots in the next couple of days... the last Introductions post was months ago, we're overdue for another one. Drop in, say hi, tell us whatever you like about yourself, even if it's just how your day is going. On Tildes, ~talk is the casual space, so don't feel pressured to be clever or anything. :P

Past introduction threads for everyone to catch up: -1- . -2- . -3- . -4- . -5-

Also in case anyone missed it, there's an intro to tildes post to help bring you up to speed on this place.

As the title says! I recently got a fretless bass and it's super hard to intonate correctly since I'm used to the frets doing it for me. It's such a weird sound but it isn't bad. I'm learning a few songs on it already and it's funny to me that even if I switch to my fretted bass, that I still try to maintain proper intonation

(Still don't know if Tilders is a thing, but I'm rolling with it.)

Red Dead Redemption 2 has hooked me like no other game has in years, and that's saying something. My collection is massive between my Steam library, PS4 library, and all the older titles I hoard. But ever since RDR2 came out a few months ago, it's almost all I have played on a daily basis.

Aside from the fact that the graphics and animations are objectively jaw-drop gorgeous, there is something about this game's pacing, writing, thematic story telling, game-play, and characters that has absolutely captured my imagination, and has become my go-to way to unwind after a long day. Most of this applies to the story mode.

But I also dove completely head first in the Online Beta for a few months straight. I'm now rank 101, have all I want really for online as it stands, and I loved every minute of my crazy solo-hunting/fishing/griefer oblitherating grind. Taking a break for new content coming on the 26th of this month, and also really need to get some friends to play with... (I have a perma-posse on PS4 named "The Pariah" as well if anyone decides they may be interested)

I'm a lifelong vegetarian, and somehow, RD2 MADE ME FALL IN LOVE WITH HUNTING IN IT. I could go on, but I'm hoping to get some discussion out of this and not just blabber on and on like I do in real life about it.

So... please tell me I'm not the only freak on here that loves this game. The Reddit communities for this game are a toxic dumpster fire, and I really want to discuss it with some people who actually like to... discuss.

For my particular use case I share my home PC with my spouse and since I'm the more tech-savvy of the two I'll need to occasionally remote in and help out with some random task. They know enough that the issue will usually be too complex to simply guide over the phone, so remote control it is.

I'm also trying to improve my personal efforts toward privacy and security. To that end I want to avoid closed-source services such as TeamViewer where a breach on their end could compromise my system.

The following is the current state of what I'm now using as I think others may benefit from this as well:

Setup

Web

I use a simple web form as my first authentication. It's just a username and password, but it does require a web host that supports server side code such as PHP. In my case I just created a blank page with nothing other than the form and when successful the page generates a 6 digit PIN and saves it to a text file in a private folder (so no one can simply navigate to it and get the PIN).

I went the text file route because my current hosting plan only allows 1 database and I didn't want to add yet another random table just for this 1 value.

Router

To connect to my home PC I needed to forward a port from my router. I'm going to use VNC as it lets me see what is currently shown on the monitor and work with someone already there so I forward port 5900 as VNC's default port. You can customize this if you want. Some routers allow you to SSH into their system and make changes that way so a step more secure would be to leave the port forward disabled and only enable it once a successful login from the web form is disabled. In my case I'll just leave the port forwarded all the time.

IP Address

To connect to my computer I need to know it's external IP address and for this I use FreeDNS from Afraid.org. My router has dynamic DNS support for them already included so it was easy to plug in my details to generate a URL which will always point to my home PC (well, as long as my router properly sends them my latest IP address). If your router doesn't support the dynamic DNS you choose many also allow either a download or the settings you would need to script your own to keep your IP address up to date with their service.

Signal

Signal is an end-to-end encrypted messenger which supports text, media, phone and video calls. There's also a nifty command line option on Github called Signal-cli which I'm using to provide my second form of authentication. I just downloaded the package, moved to my $PATH (in my case /usr/local/bin) and set it up as described on their README. In my case I have both a normal cell phone number and another number provided by Google Voice. I already use my normal cell phone number with Signal so for this project I used Signal-cli to register a new account using my Google Voice number.

VNC

My home PC runs Ubuntu 18.04 so I'm using x11vnc as my VNC server. Since I'm leaving my port forwarded all the time I most certainly do NOT want to leave VNC also running. That's too large a security risk for me. Instead I've written a short bash script that first checks the web form using curl and https (so it's encrypted) with its own login information to check if any PIN numbers have been saved. If a PIN is found the web server sends that back and then deletes the PIN text file. Meanwhile the bash script uses the PIN to start a VNC session with that PIN as the password and also sends my normal cell the PIN via Signal-cli so that I can login.

I have this script set to run every minute so I'm not waiting long after web login and I also have the x11vnc session set to timeout after a minute so I can quickly connect again should I mess something up. It's also important that x11vnc is set to auto exit after closing the session so that it's not left up for an attacker to attempt to abuse.

System Flow

Once everything is setup and working this is what it's like for me to connect to my home PC:

1. Browse to my web form and login
2. Close web form and wait for Signal message
3. Launch VNC client
4. Connect via dynamic DNS address (saved to VNC client)
5. Enter PIN code
6. Close VNC when done

Code

Here's some snippets to help get you started

PHP for Web Form Processing

<?php
// Variables
$username = 'your_username';
$password = 'your_password_super_long_and_unique';
$filename = 'path_to_private_folder/vnc/pin.txt';

// Process the login form
if($action == 'Login'){
	$file = fopen($filename,'w');
	$passwd = rand(100000,999999);
	fwrite($file,$passwd);
	fclose($file);
	exit('Success');
}

// Process the bash script
if($action == 'bash'){
	if(file_exists($filename)){
		$file = fopen($filename,'r');
		$passwd = fread($file,filesize($filename));
		fclose($filename);
		unlink($filename);
		exit($passwd);
	} else {
		exit('No_PIN');
	}
}
?>

Bash for x11vnc and Signal-cli

# See if x11vnc access has been requested
status=$(curl -s -d "u=your_username&p=your_password_super_long_and_unique&a=bash" https://vnc_web_form.com)

# Exit if nothing has been requested
if [ "$status" = "No_PIN" ]; then
  # No PIN so exit; log the event if you want
  exit 0
fi

# Strip non-numeric characters
num="${status//[!0-9]/}"

# See if they still match (prevent error messages from triggering stuff)
if [ $status != $num ]; then
  # They don't match so probably not a PIN - exit; log it if you want
  exit 1
fi

# Validate pin number
num=$((num + 0))
if [ $num -lt 100000 ]; then
  # PIN wasn't 6 digits so something weird is going on - exit; log it if you want
  exit 1
fi
if [ $num -gt 999999 ]; then
  # Same as before
  exit 1
fi

# Everything is good; start up x11vnc
# Log event if you want

# Get the current IP address - while dynamic DNS is in place this serves as a backup
ip=$(dig +short +timeout=5 myip.opendns.com @resolver1.opendns.com)

# Send IP and password via Signal
# Note that phone number includes country code
# My bash is running as root so I run the command as my local user where I had registered Signal-cli
su -c "signal-cli -u +google_voice_number send -m '$num for $ip' +normal_cell_number" s3rvant

# Status was requested and variable is now the password
# this provides a 1 minute window to connect with 1-time password to control main display
# again run as local user
su -c "x11vnc -timeout 60 -display :0 -passwd $num" s3rvant

Final Thoughts

There are more secure ways to handle this. Some routers support VPN for the connect along with device certificates which are much stronger than a 6 digit PIN code. Dynamically opening and closing the router port as part of the bash script would also be a nice touch. For me this is enough security and is plenty convenient enough to quickly offer tech support (or nab some bash code for articles like this) on the fly.

I'm pretty happy with how Signal-cli has worked out and plan to use it again with my next project (home automation). I'll be sure to post again once I get that ball rolling.

Hi guys,

I'm really stumped and looking for a nudge in the right direction for how to utilise the ghoneycutt/pam module in puppet. Relatively new to this but got what I'd like to think as most the basics down.

I've configured a few things using modules such as NTP, SSSD and NSSWITCH but I'm just stuck on how I can use this module and pull info from Hiera into it.

So, lets start with

.yaml file:

        ### nsswitch.conf authentication configuration

        nsswitch::passwd:     'files sss'

        nsswitch::shadow:     'files sss'

And then looking at the nsswitch.pp file:

        ### nsswitch.config setup

        class profile::linux::base::nsswitch {

        # Get heira values

          class { 'nsswitch':

            passwd    => [lookup('nsswitch::passwd')],

            shadow    => [lookup('nsswitch::shadow')],

Simple enough to call the values I want and works how I want, now I'm trying to do the same type of thing for PAM using the ghoneycutt/pam module and there doesn't seem to be much info on how to use it, or it's just not sinking in for me.

Some of my PAM Heira values:

        pam::pam_auth_lines:
          - '# Managed by Hiera key pam::pam_auth_lines'
          - 'auth        required      pam_env.so'
          - 'auth        sufficient    pam_fprintd.so'
          - 'auth        sufficient    pam_unix.so nullok try_first_pass'
          - 'auth        requisite     pam_succeed_if.so uid >= 500 quiet'
          - 'auth        sufficient    pam_sss.so use_first_pass'
          - 'auth        required      pam_deny.so'
        pam::pam_account_lines:
          - '# Managed by Hiera key pam::pam_account_lines'
          - 'account     required      pam_unix.so'
          - 'account     sufficient    pam_localuser.so'
          - 'account     sufficient    pam_succeed_if.so uid < 500 quiet'
          - 'account     [default=bad success=ok user_unknown=ignore] pam_sss.so'
          - 'account     required      pam_permit.so'
        pam::pam_password_lines:
          - '# Managed by Hiera key pam::pam_password_lines'
          - 'password    requisite     pam_cracklib.so try_first_pass retry=3 type='
          - 'password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok'
          - 'password    sufficient    pam_sss.so use_authtok'
          - 'password    required      pam_deny.so'

Some things I've tried:

1:

        class profile::linux::base::pam {
          # resources
          class { 'pam':
            password-auth-ac  => [
              lookup('pam::pam_auth_lines')],
              lookup('pam::pam_account_lines')],
              lookup('pam::pam_password_lines')],
              lookup('pam::pam_session_lines')],
           }

2:

	
	      passwd  => [
	
	      lookup('pam::pam_auth_lines'),
	
	      lookup('pam::pam_account_lines'),
	
	      lookup('pam::pam_password_lines'),
	
	      lookup('pam::pam_session_lines'),
	
	      ],
	
	  }

        include ::pam

	class profile::linux::base::pam {
	
	  # resources
	
	    include ::pam

	         lookup('pam::pam_auth_lines')
	
	}

I've tried a few other ways and can't get it to work as I want it to. Can anyone help?

Thanks

I've been programmer for past 4 years and signs of sedentary life, not being active and overconsuming certain stuff is showing... what do you do to stay healthy?
I plan on signup for a swimming pool, I started IF but I fail too many times.. Also i'm trying to cut sugar as much as possible but today was a really bad day in this regard...

my goal is not to get thiner. (i don't consider myself fat where it would be determinal to my health).
my problem is that I feel like my muscles are always tired (can't explain, like I could be strecthing them all day long and they would feel tired), my right side of body starts hurting everyday after 14:00 (+/- few hours, depends on what I am doing). I have regular lower back pains... :(

edit2:
wasn't on computer for the whole day after posting. thanks for all the responses.
My plan for the following weeks is:
-Waking at regular hours (6:30)
-Going to beed at regular hours (22:00 - 22:30)
-My morning routine will be:
some water, wimhof breathing, stretching, shower, coffee -> work.
I'll signup for a swimming pool and try to get my active hours in by going to swimming pool 3-5 times per week.
Regarding food:
Intermitting fasting between 12-20, no sugar, only tea,coffee,water.
Will be cooking my own meal every day / meal prep for the whole week.
all above should be simple to implement and not too hard to give up. On days when I will not feel energetic I'll take some modafinil in the morning.
Also I'll be abstaining from alchocol and any drug... also I'll try to smoke weed on weekends only in small quantites.
all the above shouldn't be hard to do because I allready do some of the things above...
I try to do wimhof breathing when I can, I cook 2-3 times per week. so the biggest ones will be:
giving up daily weed, signing up for swimming pool, going to sleep and waking up at regular hours.

Hey everyone!

I'm pretty new here, and I'm already enjoying this place, but I was wondering when there will be a group to post photos. I take photos and I'm sure some of you do as well, and I thought it would be cool to be able to share the photos we take and get honest feedback on them like we have honest discussions in the news articles, share tips and tricks, and generally have another way to connect.

I know generally photos are kind of taboo, as places like instagram have kind of ruined it and turned every single person with a camera on their phone into a photographer, so I get it if you have reservations. I have some myself, but I still want to take the chance.

Idk, I thought it would be cool. If not, then whatever, I ain't picky about this place I enjoy it very much.

Hey fellow tilderinos,

I thought it'd be interesting to have a semi-regular discussion where we get into those songs, whether a new find or old standby, where we relate them to specific emotions.

I'd like to keep it pretty general for now and not put too many rules or regulations on how the discussion unfolds (it is a discussion after all) so we start with something more ambiguous: anxious.

So tilderinos what songs do you gravitate towards when you feel anxious or what songs do you feel capture the emotion of anxiousness properly to you?

For instance: Ful Stop by Radiohead really captures what anxiety feels like for me. From the underlying base to the manic cries of Thom Yorke is really is an experience. One or two times I've been on my way home from work and this song pops on and it's almost too much for a drive home after a long shift.

On the flip side, Lion's Mane by Iron and Wine has the ability to calm me down even at my most anxious. It gives me the idea that it isn't always easy but its relatable and everything will calm down and be okay. It's mostly just really soothing to me for whatever reason.

Your turn Tilde. What songs do you associate with the word "anxious?"

For me, it has to be getting up the moment I wake up. No matter if I wake up before the alarm, I still get up. That helps a lot with fighting oversleeping. Not only am I late, but I also feel bad after spending a lot of time in bed, my head often hurts. So I only figured I better spend less time sleeping than more. And it works, too!

I came across a site about Chinese tech and video gaming and found it very Buzzfeed-y with its headlines and writing. It made me wonder what are the websites that curate a standard of thoughtful articles, essays, discussion, etc. and aren't part of the American internet scene.

I don't care what language it's in, what it's about, what country specifically it's centered on, if it's community-centric or not. If you have a suggestion, let's hear it.

Edit: An example I have is The Blizzard. It's really a subscription-model digital magazine (about soccer) but you can read various articles online.

I have a slight struggle that I wonder if anyone else can relate to. I'm a creative "type" in that both my job (scientist) and hobbies (many, over the years) require constant innovation, in addition to the usual labor, to keep them going.

I have a note/journal app where I store my ideas. Sometimes these are ideas with acute utility e.g. an experiment design that I can test out the next day at work or maybe an idea for a paper. Other ideas are what I would consider "highdeas" - insights or thoughts that seem amazing when you're stoned but after you sober up they're kind of nonsense. The former are productive and the latter are non-productive forms of creativity (barring any offshoots of the latter that prove useful later on).

But then sometimes I get idea in-between. Say, an insight into how certain human behaviors are a certain way or maybe a rant on a topic/issue in my lab work that is interesting but not valuable enough to publish or bring up in a formal meeting. My question / discussion topic for you, is, what do you do with these sort of self-ascribed interesting ideas that have no immediate value? One option is to write them out on a forum, as I am currently doing, but I would end up writing all day. Does anyone else keep track of these? Do you schedule a follow-up with these intermediate ideas for future inspiration? I currently use Joplin which is great but I don't think there are any features to stimulate creativity in this manner.

This will probably be controversial, but I disagree with the current password policy. Checking against a list of known broken passwords sounds like a good idea, but that list is only ever going to get bigger. The human factor has to be taken into account. People are going to reuse passwords. So whenever their reused password gets hacked from a less secure site, it's going to add to that list.

Ideally, a password would be unique. Ideally, users should maybe ever use a password manager that generates garbage as a password that no one could hack. An ideal world is different from reality. Specific requirements are going to lead to people needing to write things down. In the past, that was on paper, like Wargames. Now, it's going to lead to people pasting their username and login into text documents for easy reference. That's probably what i'm going to have to do. Was my previous method of reusing passwords safe? No. Will my new method of remembering passwords be safe? Probably not either.

I'm not entirely sure what all the account security is about, either. For my bank, sure, a complex password. I have a lot to lose there. For an account on a glorified message board? There's better ways to establish legitimacy. 4chan, of all places, dealt with this (nod to 2chan), by having users enter a password after their username that got encoded and displayed as part of their username to verify that they were, in fact, the same user.

So the topic for discussion would be, what's the endgame here? Where is the line drawn between usability and security? I may well be on the wrong side of this, but I think it's worth discussing.

Edit: I think there may be some good reasons, evidenced in this reply. I think it was a good discussion none the less, since it wasn't obvious to me and perhaps not to other people.

Edit 2: I'm going to hop off, but I think there's been some good discussion about the matter. As I said in the original post "I may well be on the wrong side of this". I may well be, but I hope I have addressed people well in the comments. Some of my comments may be "worst case" or "devil's advocate" though. I understand the reason for security, as evidenced above, but i'm unsure about the means.

I'm making an effort to cut out meat from my diet and I'd love to hear what everyone's favourite vegetarian meals are.

For a long time I have been making pasta with ground beef and I recently found out that I can just not put the beef in and it tastes even better. The tomato sauce really gets a chance to shine without the beef.