Yeah, linux-servers without the tools installed in your PC are a hassle. That’s why I learned to work with vim, as that’s in nearly every distro’s repo.
I recommended atuin as I was using it before, but currently I am using ohmyzsh with the fzf plugin for zsh. This has a very atuin-like interface and handling, but as a plugin for zsh itself.
Yes, a backup in a different location is necessary either way, I should have worded that better.
I still prefer selfhosting, if feasible. Having data sovereignty has it’s benefits.
Saved! Thank you so much.
I’ve used Linux full-time since late 2020 and I never knew about ctrl+y and ctrl+u.
I’d also like to contribute some knowledge.
aliases
You can put these into your ~/.bashrc or ~/.zshrc or whatever shell you use.
###
### ls aliases
###
# ls = colors
alias ls='ls --color=auto'
# ll = ls + human readable file sizes
alias ll='ls -lh --color=auto'
# lla = ll + show hidden files and folders
alias lla='ls -lah --color=auto'
###
### other aliases
###
# set color for different commands
alias diff='diff --color=auto'
alias grep='grep --color=auto'
alias ip='ip --color=auto'
# my favourite way of navigating to a far-off folder
# this scans my home folder and presents me with a list of
# fuzzy-searchable folders
# you need fzf and fd installed for this alias to work
alias cdd='cd "$(sudo fd -t d . ${HOME} | fzf)"'
recommendations
ncdu - a shell-based tool to analyze disk usage, think GNOME’s baobab or KDE’s filelight but in the terminal
zellij - tmux but easy and with nice colors
atuin - shell history but good, fuzzy-searchable. If you still have the basic shell history (when pressing ctrl+r), I cannot recommend this enough.
ranger - a terminal file-browser (does everything I need and way more)
If you’re thinking about cloud hosting, read up about how google accidentally deleted the whole of australias pension funds account and maybe think twice about if you can afford to lose everything you have in the cloud.
Of course, stuff like that doesn’t happen everyday or to everyone. But will knowing that you’ve just been fucked by random chance help you when it happens?
If you can, do selfhosting. If you can’t, at least have backups somewhere other than the cloud, because the cloud is nothing more than someone else’s computer. And if it’s someone else’s computer, the weakest link in the chain of security is always a human, who may or may not be an idiot or who may have a bad day.
Maybe I am misunderstanding you, but why not update via stamdeck UI? You can change the “stable” branch in your steamos update settings page to “beta” or “preview”.
Yes it is. Though after using arch for a few years, I miss the abundance of packages.
If a package wasn’t in the official arch repos, it was probably in the AUR. If you use arch, you don’t need other package managers like homebrew on linux.
The first one I saw was Debian 3.1 (Sarge). I was in school and our objective this time was installing debian + getting a working Xorg session. Never heard of Linux before, didn’t get a working Xorg session, but wow man, there’s something other than Windows and MacOS. I couldn’t have imagined.
The first one I actually used on a desktop (laptop for school, in that case) was Ubuntu 6.06 (Dapper Drake).
I’ve tried oh so many different linux distributions over the years, I probably forgot most of them. Maybe some don’t even exist anymore. My goal was always Arch Linux, having seen it on a schoolmates laptop. I really fell for the “here’s a pretty minimum base, do whatever” thing.
In the end, I exclusively used Arch from 2020 until this year. Actually using Arch and reading the ArchWiki were probably what taught me most of what I know about linux in general and how things work.
I’ve been searching for a less DIY-solution which is still up-to-date (especially with kernels and mesa) and I landed on Fedora Workstation, which is what I’m currently using on my work latpop and desktop at home. I do miss some things from Arch, but Fedora has been pretty good to me and I, for the meantime, intend to stay here.
Yeah, I do daily VM-backups which include all of the data on syncthing. No matter what you have, you always gotta have a good backup-strategy.
I use syncthing for some of my “can-never-lose-these” files. syncthing synchronizes files between different devices. This is not an online-file-hosting thing like Google Drive or OneDrive. These files are physically present on all synchronized devices.
My server is the “main” (you can make everyone equal) syncthing every other syncthing connects to. With an established connection, files will be synchronized on participating devices. AFAIK, syncthing is compatible with Windows, Android and Linux.
This way, my important files are on my server, my smartphone, my PC and my laptop and every single one of these devices must simultaniously explode for me to lose my data. Also, it’s on docker hub
pi-hole is another great one. Local adblocker for the whole network, just set it as your DNS server or let the DHCP server propagate this DNS server to your clients. This too is on docker hub
I don’t know what stingray is, but if it needs a connection to somewhere and the protocol to connect verifies os-trusted certificates, it should be safe.
Set OPNSense default policy
As far as I remember, OPNSense has a default policy rule of “deny all incoming, allow all outgoing”. If not, this should be one of the first steps to take.
Get your own VPN
If you can, you could use your own VPN service. I run a VPS for 6 € / month. If you can get your hands on something like this and install an openvpn server, you could always use that VPN for every connection.
So even if an attacker highjacks your connection somehow, he would only be able to see encrypted content and all content will be encrypted by a server you own and can verify / trust. You could also integrate this VPN into your OPNSense, so you’ll be connected as soon as OPNSense starts up and has internet.
Regarding MITM attacks
Please someone correct me if I am wrong, but MITM attacks should generally be impossible when connecting to SSL backed connections, right?
These certificates (or rather the certificate authority the HTTPS certificates have been issued by) are generally trusted by your own operating system. Therefore, if someone wanted to highjack your connection without you getting some kind of certificate error, he would have needed to get his hands on a certificate issued by a worldwide trusted certificate authority and the address name matching the certificate.
Ha, that would’ve helped me a few times. Good to know!
Still, I wouldn’t switch vim for nano ever again. nano is a good and easy start, but I think if you do more than just basic editing of a few files every now and then, learning vim is the way to go.
vim is pretty customizable, widespread and it has been around for quite some time after all. If you think you need it, somebody most likely already made it as a vim-plugin :)
vim was such an unimaginable improvement over nano for doing stuff on linux servers. Having an in-shell-editor search-and-replace function alone is worth everything you have to do to learn vim.
And after I was comfortable around vim because of all the “training” on servers, I just switched to vim fulltime. No more GUI editor for me!
Yes, TUIs definitely help reduce possible stress and fear of complexity for new users.
Thanks for the git link, didn’t know that, just starred it :)