• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: September 28th, 2023

help-circle
  • You gave some options

    • TPM 2 based disk encryption. This is basically what bitlocker does, but it isn’t great. It uses an encryption key stored on your TPM chip, that shouldn’t ever be accessible to be exported. This means the disk should only be decryptable in the machine it’s in. That in conjunction with secure boot can give you some guarantees that the only way to access data is through the the computer itself (no pulling the disk first). The issue is there are many potential vulnerabilities that could subvert this, logoFAIL being the most recent.

    • You could setup a proper KVM. The two gotos are PiKVM and TinyPilot. Jeff Geerling did a good video on these. It’ll cost a few 100 bucks but can definitely be worth it. You might consider a motherboard with a builtin KVM in your next build too.

    • Setup NBDE (Network Bound Disk Encryption). This is pretty new, but what I’m planning to move to. Redhat has an implementation with Tang & Clevis (server and clients). You might be able to eventually use Clevis with other alternative backend too.


  • jellyfish@sh.itjust.workstoLinuxmodern unix
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    This used to be exactly what I said too, I still run bash as my terminal so when I remote it works the same way. I’m the girl everyone asks when they need a one liner, I read through the sed/awk man pages for fun, and I can skim a script and tell if it’s posix compliant. But I finally realized I already know that stuff. When I’m developing locally I should be as productive as possible. When I’m running stuff remotely I can worry about whether the environment is gnu, bsd, or busybox.


  • jellyfish@sh.itjust.workstoLinuxmodern unix
    link
    fedilink
    arrow-up
    22
    ·
    edit-2
    1 year ago

    Quite a few are just better, and others have the chance to get better because they’re actively accepting new features contributions.

    One I personally use:

    • delta Provides a better diff for code than git’s diff tool (even after trying all of git’s diff algorithms)
    • ripgrep So much faster than grep. Also had great include/exclude file filtering, easier to use than grep’s
    • jq Easy to exact json info. I tend to use rq too for yaml
    • instead of mcfly I use atuin, which is another alternative bash history. I really didn’t think I’d like it, but it’s been a big productivity boon
    • curlie/httpie A really nice alternative to something like postman when debugging HTTP connections. I use httpie rn but might switch because I’m so much more familiar with curl’s flags, but like the formatted output. There’s a few others I use that aren’t on the list too.

    It’s totally fine to not want to change what’s working for you, but if you do that too long you could miss out on something that just works better in your workflow. Give em a go and complain after you switch back.