Hi everyone,
Please can you recommend a domain registrar that won't treat me like poo and that won't force me to use their name servers so I can host my own DNS? Reasonable pricing and someone that doesn't throw up needless obstacles to leaving would be a plus.
Thanks,
Paul.
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Hello,
A while back, a customer asked about installing Slackware. This
happens from time to time, and my usual response is something like:
"I'm afraid I haven't used Slackware since around 1995, wouldn't
know where to begin on devising a Xen-compatible installer for
it, and it's asked for so rarely that it probably wouldn't be
the best use of time to work on it.
However, we do have a rescue environment from which it should be
possible to install pretty much any Linux distribution. Maybe
you could try doing it that way? If you document on our wiki how
you did it then that would be most appreciated."
Usually I hear nothing back after that, but in this case I was
pleased to see the customer did go ahead and install Slackware via
the rescue environment and as far as I know they have had a working
Slackware VPS for some time.
They also created a wiki article on how they did it, and this
morning I found time to go through it, tidy it up and try it
out myself:
https://tools.bitfolk.com/wiki/Installing_Slackware
Unfortunately it did not work!
It's very nearly there though, and I'm sure that someone with more
recent Slackware knowledge can figure out what is wrong there. As I
say, as far as I know there is at least one customer running
Slackware via a procedure something like this.
I've also put some of my concerns about the article as it stands in
its discussion page:
https://tools.bitfolk.com/wiki/Talk:Installing_Slackware
So, if any of you are Slackware fans, you could help by:
- Letting me know off-list or on the discussion page what might be
wrong with the instructions.
- Fixing the shortcomings of the article, small edits or large,
please just go ahead. Log in with your usual credentials.
If anyone is very very keen to see it working, I can give you access
to the "slacktest1" account I used for that test; you could
completely blow it away and start again if need be. Contact me
off-list if interested. I am prepared to offer service credit for
non-trivial assistance here.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
I've set up IPv6 tunnelling between my VPS and a linux box at home (both
CentOS) and now have IPv6 working on my home network a treat.
The problem is, though, that the tunnel appears to time out after a few
minutes when traffic stops flowing and I start getting "network
unreachable" errors when trying to connect out from my home network. If
I ping6 something on the home network from the VPS it appears to wake
the tunnel up again.
Is there a way round this (other than having a cron job ping something
every minute or so) - maybe some sort of timeout parameter when setting
up a sit tunnel?
Thanks in advance,
Mike
I tried following the guide at https://tools.bitfolk.com/wiki/IPv6/VPNs
to set up a tunnel between my VPS and a machine at home (both running
Debian testing), the plan being to give out v6 addresses to the machines
at home.
I have a /56 assigned to my VPS (2001:ba8:1f1:a00/56), and the VPS's
eth0 has 2001:ba8:1f1:a00::2 assigned to it as well as an IP from the
original /64 (2001:ba8:1f1:f07a::2). The IPv6 on there seems to work
fine (I can ping ipv6.google.com etc.).
The two ends are assigned IPs in 2001:ba8:1f1:a01::/64 - the VPS has
::1, the machine at the other end ::2.
When I start tinc on both machines, I can ping the other endpoint IPs
(i.e. ::2 from the VPS, ::1 from the machine at home) as well as the
VPS's other IPs (i.e. I can ping the IP from the original /64 from
home), but the machine at home can't get to anything beyond the VPS.
On the VPS (ra):
tinc.conf
Name = ra
ConnectTo = camulus
Interface = camulus
Device = /dev/net/tun
DeviceType = tap
BindToAddress = 85.119.82.221
Port = 655
Mode = switch
tinc-up
#!/bin/sh
ip address add 2001:ba8:1f1:a01::1/64 dev $INTERFACE
ip link set dev $INTERFACE promisc on
ip link set dev $INTERFACE up
exit 0
On camulus:
Name = camulus
ConnectTo = ra
Interface = ra
Device = /dev/net/tun
DeviceType = tap
BindToAddress = 192.168.1.13
Port = 655
Mode = switch
tinc-up
#!/bin/sh
ip -6 addr add 2001:ba8:1f1:a01::2/64 dev $INTERFACE
ip link set dev $INTERFACE promisc on
ip link set dev $INTERFACE up
ip -6 route add default via 2001:ba8:1f1:a01::1 dev $INTERFACE
exit 0
On both:
hosts/camulus
Port 655
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
hosts/ra
Address = 85.119.82.221
Port = 655
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
What am I missing?
Cheers,
Stuart
So, I receive mail that would be killed by SPF checks and I'm thinking
of getting my exim server to use SPF because of this.
So, to the VPS users, I was wondering if anyone who has implemented SPF
checks found downsides to it?
And to the Bitfolk admins, have you considered adding SPF checks to the
Bitfolk SA?
n
Hello,
Today a customer popped up on IRC saying that they had broken their
VPS and couldn't remember their account details in order to use the
console / rescue VM.
Unfortunately they had also at some point in the past disabled
email password reset, so they were unable to regain access.
My concern at that point was that since they had previously disabled
email password reset they were obviously security-conscious, so I
did not feel comfortable resetting their password and giving it out
to them over IRC.
Of course, I could see that the customer's service was down as
claimed, which did lend weight to the story and meant that I could
not just ignore the issue.
In the end I asked the person on IRC to send me a photo or scan of a
utility bill bearing their name and address as present in BitFolk's
customer database, and on receipt of that I did reset their
password.
If it had been you in the customer's position would you have
considered that reasonable?
If you have disabled email password reset, are you comfortable with
this being circumvented by someone who is able to present a
convincing image of a utility bill to support(a)bitfolk.com?
Perhaps you can offer some guidelines for how this should be dealt
with in future so that there can be a consistent response.
Suggestions revolving around the customer identifying themselves
using public key crypto (PGP keys, SSH keys) are fine but do bear in
mind that most customers have not presented either a PGP nor SSH key
to me, and that would have to be done before it was actually needed.
I could require that an SSH and/or PGP key be uploaded to the panel
before the panel allows you to disable email password resets, though
there would still need to be a plan in place for the inevitable case
where the customer claims to no longer have access to any of the
keys they have uploaded.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Could you ask them to add a simple message to their home directory via
ssh thus proving they have access to the account?
Google do something similar, asking customers to add a randomly
generated subdomain to the dns records.
Steve
