• 1 Post
  • 27 Comments
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle


  • Personally I’ve used Western Digital, Seagate, and PNY drives with no failures. Stay away from anything HP branded; they don’t actually produce drives but rather rebadge other failure-prone models and make it damn near impossible to claim any warranty.

    I’ve had a Samsung Evo drive fail on me, but warranty was pretty easy. I’ve also had a PNY 2.5" ssd that has never failed on me, but I did break the connector off accidentally. Warranty was actually ridiculously easy on that, despite it being entirely user error.

    If data is mission critical, it’s worth shelling out extra; stay away from any cheap brands (HP, SanDisk, etc) and opt for the higher end models in reputable brands (Eg WD Red, Purple, and Gold vs Green and Blue, or Seagate Ironwolf or Firecuda)

    These are my own personal experiences. Others will have better/worse experiences and I encourage you to seek out others’ experiences and options, as well as others to add their own
















  • It’s not “best practice”, but a compromised key is a compromised key whether that key is used to connect 1 or 100 computers to a server. No, I can’t shut off access to exactly one machine, I do not however have any difficulty in shutting off access to every machine and replacing it with a new key. Your system and my system are no different with a single compromised key.

    If I had 100 computers that I had to change identity files on each time it was compromised, and my keys were being compromised often, I would see a benefit from using multiple different keys.

    Quit acting like I’ve left the front door to my house open when the door is locked but my roommate and I share the same key.



  • Again, I know it’s not amazing security but it’s not inherently bad. The key (actually encrypted), if (not when) compromised would provide the same level of access to my system as having two keys with one compromised. Assuming I’m an all knowing wizard and can smell when a key is compromised, I can log in remotely and replace the old key with a freshly generated one. More likely however is that if anybody was going to actually do something with my compromised key, they’d clear my authorized_keys file and replace it with a key I don’t have access to. Don’t kid yourself into thinking having multiple keys suddenly makes you 10x more secure.

    What’s more likely is someone finds my flashdrive on the ground, goes “oh boy free flashdrive full of Linux ISOs and recovery tools!” And proceeds to wipe it and use it for their own shit, while I regenerate a new key when I notice it missing.