Jump to content

tr0910

Members
  • Content Count

    1383
  • Joined

  • Last visited

Everything posted by tr0910

  1. tr0910

    Newbie, intro.

    Hey Julian, expect awesome help for your data hoarding (music and movies especially), but hosting email servers and websites is less commonly done. It will still work fine via VM provided you have skills in that area. It's just the community here isn't so deeply experienced along those lines. Glad you're here as we need more people who use unRaid in other creative ways.
  2. You're using unRaid I'm a way that only a few of us are. When I bought my version it was 8 years ago we were still on version 4. I'd give you better than 50-50 odds that once the licence key is in place, you'll not need a call home, but it's not certain.
  3. Yes, but only available via CLI at present. Are you using VM snapshots today?
  4. Do you mean? I want my VM to behave like a live CD image? Nothing saved, and a VM restart completely takes it back to original status? Snapshots implemented in the VM manager would make this easy to achieve. I am very interested in snapshots for unRaid VM. I use different VM for different tasks like[mention=62528]jonp[/mention] alludes in the OP but gaming isn't one of them. Today I need to take frequent Macrimum Reflect backups of my VM to allow for rollback. An implementation like vmWare workstation for snapshots and rollback would be very handy
  5. More and more, security becomes the the concern. But, Qubes is an adventure too far for many just looking for a daily driver. Maybe someday?
  6. This use of VM's for security mirrors the ideas behind Qubes, a Snowden approved Fedora security focused distribution (https://www.qubes-os.org/) Is this where we are going??
  7. Everyone who responded to you was an unRaid user. Nobody gets any benefit whether you buy or not. It is the quality of the community that is the real value here. We don't have much drama. If you like that you'll like unRaid. If you are looking for drama this might not be for you.
  8. This is not just an ASrock issue. With Intel 2600cp in Intel P4000 chassis I get the following log spamming. Dynamix system Temperature on the unRaid dashboard is reporting Array Started100 C81 CunRaid webGui. I'll use this Dynamix CPU temp (the first of the 2 shown) to show how rogue Windows VM's are mostly to blame. At this time the system should have been idling early in the morning. This is with 3 Win10 VM's running, pfSense and a Transmission docker. unRaid dashboard was reporting that 2 of the 3 VM''s were flashing over 50% utilization of their allocated CPU cores. Investigating the VM's showed that Firefox and Chrome were pulling a lot of CPU in the VM's. One was related to a sitting at a youtube screen, and the other was sitting at the unRaid dashboard. Closing those browser tabs helped a bit, bringing cpu temp down to about 90C. Killing the worst offending VM brought CPU temp down to 74 C. Killing the Transmission dropped temp to 73 C, killing pfSense didn't change anything, killing the second Win10 VM also had minimal impact, but now Dynamix is showing 70 C58 C. This seems to be about the baseline for this box with no dockers or VM's running. Jul 11 08:48:39 Tower99 kernel: CPU30: Package temperature above threshold, cpu clock throttled (total events = 42758769) Jul 11 08:48:39 Tower99 kernel: CPU30: Package temperature/speed normal Jul 11 08:48:41 Tower99 kernel: CPU30: Core temperature above threshold, cpu clock throttled (total events = 40455975) Jul 11 08:48:41 Tower99 kernel: CPU30: Core temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU14: Core temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU28: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU12: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU14: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU24: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU8: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU25: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU9: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU10: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU26: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU11: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU27: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU29: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU13: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU15: Package temperature/speed normal Jul 11 08:53:35 Tower99 kernel: CPU31: Package temperature/speed normal Jul 11 08:53:39 Tower99 kernel: CPU30: Package temperature/speed normal Jul 11 08:53:41 Tower99 kernel: CPU30: Core temperature above threshold, cpu clock throttled (total events = 40479777) Jul 11 08:53:41 Tower99 kernel: CPU30: Core temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU14: Core temperature above threshold, cpu clock throttled (total events = 40504114) Jul 11 08:58:35 Tower99 kernel: CPU12: Package temperature above threshold, cpu clock throttled (total events = 42808178) Jul 11 08:58:35 Tower99 kernel: CPU28: Package temperature above threshold, cpu clock throttled (total events = 42808195) Jul 11 08:58:35 Tower99 kernel: CPU24: Package temperature above threshold, cpu clock throttled (total events = 42808325) Jul 11 08:58:35 Tower99 kernel: CPU8: Package temperature above threshold, cpu clock throttled (total events = 42808322) Jul 11 08:58:35 Tower99 kernel: CPU9: Package temperature above threshold, cpu clock throttled (total events = 42808346) Jul 11 08:58:35 Tower99 kernel: CPU25: Package temperature above threshold, cpu clock throttled (total events = 42808351) Jul 11 08:58:35 Tower99 kernel: CPU10: Package temperature above threshold, cpu clock throttled (total events = 42808345) Jul 11 08:58:35 Tower99 kernel: CPU26: Package temperature above threshold, cpu clock throttled (total events = 42808348) Jul 11 08:58:35 Tower99 kernel: CPU11: Package temperature above threshold, cpu clock throttled (total events = 42808337) Jul 11 08:58:35 Tower99 kernel: CPU27: Package temperature above threshold, cpu clock throttled (total events = 42808352) Jul 11 08:58:35 Tower99 kernel: CPU29: Package temperature above threshold, cpu clock throttled (total events = 42808357) Jul 11 08:58:35 Tower99 kernel: CPU13: Package temperature above threshold, cpu clock throttled (total events = 42808349) Jul 11 08:58:35 Tower99 kernel: CPU31: Package temperature above threshold, cpu clock throttled (total events = 42808339) Jul 11 08:58:35 Tower99 kernel: CPU15: Package temperature above threshold, cpu clock throttled (total events = 42808334) Jul 11 08:58:35 Tower99 kernel: CPU28: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU12: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU8: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU24: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU25: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU9: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU26: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU10: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU27: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU11: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU13: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU29: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU15: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU31: Package temperature/speed normal Jul 11 08:58:35 Tower99 kernel: CPU14: Core temperature/speed normal Jul 11 08:58:39 Tower99 kernel: CPU30: Package temperature above threshold, cpu clock throttled (total events = 42808190) Jul 11 08:58:39 Tower99 kernel: CPU30: Package temperature/speed normal Jul 11 08:58:41 Tower99 kernel: CPU30: Core temperature above threshold, cpu clock throttled (total events = 40504573)
  9. If you don't like what we have today just load up 4.7. @bonienl and helpers deserve a lot of credit for getting us this far. If you create a mock-up and post it, I'm sure you'll get some feedback. The forum is quite open-minded
  10. Minor inconvenience Create a new unRaid flash drive on fresh thumb drive. Install unRaid trial. Connect only your cache. You should be able to view your boot backups and then you could even restore them to the newly created flash drive and bring everything back online. If you decide the old flash is getting past it's best used by date, simply transfer your licence to this new flash, and pitch the old one in the trash.
  11. After 10 yrs with 6 unRaid servers the only one I've had go bad was one that I broke off with my foot. I now recommend nano sized thumb drives for klutzes
  12. You might have a damaged USB boot thumb drive. Can you boot with a newly created fresh USB thumb drive?
  13. My dual 2670 report AES enabled repeating the following 32 times. But when I change pfSense to support Cryptographic Hardware I get the following on pfSense 2.4.3-RELEASE (amd64) on noVNC: pfsense padlock0 no ace support root@Tower:~# grep flags /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts I changed it back to disabled for now pending advice on this error. Is AES enabled in spite of this error?
  14. My Intel based tams servers with ipmi card are happily on running 6.5.3. Same generation as the h8dme-2. Surprised me too...
  15. Perhaps your problem is less severe than you think? I have about 10 tb of dear wife images on my server. Many millions taken in RAW, JPG and edited versions in PSD and Tiff. Trying to delete duplicates is an exercise in futility. Space is cheap. Trying to organize it is also a waste of time. Every way you try to do it is wrong in some way. What I need is a image search engine that makes it easy to find what you are looking for. Face recognition helps, but it would be nice to be able to query "Show me all the images of the cousins together" I am still looking....
  16. After having used this for several months, I can say that it seems to be a keeper. I am still running on Dig Ocean, but would like to see an unRaid docker. Anybody with any ideas? What would it take to run this on unRaid as a docker? @Squid @sparklyballs @CHBMB @linuxserver.io @peter_sm
  17. I can do some USA - China rsync tests. Today the transfer speed is highly variable ranging from 20 kb/sec during peak evening times to 10mb/sec when it wants to run and run...
  18. @pwm regarding your labratory results with cutting power to btrfs during write operations. Was this to spinning media, SSD, or USB? Would you expect the results to differ depending on media?
  19. Or you can have it located offsite at somebody else's house and connect over the internet for the key. I wouldn't suggest wifi as that is only one more thing to go wrong. But I don't see this as being an increased level of security for determined folks. If they really want you data, they will find the rpi. The only thing in you favor, is you may be able to destroy the rpi before they find it. If this is good enough for you, see @gridrunner and @bonienl approach using your cell phone as the rpi. Fundamentally the rpi doesn't add more security than your cell would. You can create your encrypted array by converting one disk at a time. Thankfully @dlandon has updated unassigned devices plugin to support encrypted disks. What you cannot do is format the disks via unassigned devices. And you cannot covert a disk in-place without having a spare disk to copy to. It really is the same process as converting your disks from ReiserFS to XFS or BTRFS file system.
  20. Yep, I want to make sure that if by some strange bit of fate that the key is compromised, that the 2fa keeps them locked out. The timing you suggest would do it. And there could be a ramping up of the timing, after 3 sets of 3 failures, the server is locked for a few hours. This logic would have to be baked in very tightly, as you wouldn't want someone just changing the server bootup "go" file and defeating the security.
  21. We would never want the 6 digit code being treated as a password. Of course it's not secure. But having it combined with an approved key file in classic 2fa way would be better than just the key file with no 2fa.
  22. Might be your USB key having issues. When you finish the trial and before going live, you should verify the key is good enough for the long term. When I did my trial years ago, I wasn't careful enough and had to replace a USB key soon after go live. Sent from my Nexus 6 using Tapatalk
  23. I''ve seen some very well thought out ideas here for starting encrypted arrays, but I haven't seen any discussion of some very strongly supported and well reputed 2 factor authentication systems like Google Authenticator, or Authy. Two factor authentication was first implemented by sending an unlock code via cell text message, but spoofing cell text messages have not proven as unhackable as hoped. I'll focus on Authy as it is my current solution but you might also want to look at Starling and Duo Security too. Authy is 2 factor authentication supporting Android, iOS, Chrome apps, as well as Win32, Win64 and MacOS desktop solutions. Authy creates a 6 digit random ever changing number for each service you link to it. The 6 digit number changes every 60 seconds. To use, you tell google that you want to set up 2 factor authentication, and then create an Authy secure entry that matches the google account. Then you can have Google force you to enter the random 6 digit number every time you login, along with your password, or more infrequently such as every time you reboot. (this is configurable based on your paranoia level). The nice thing about Authy, is that it works without needing cell phone coverage as it is fully offline once set up. I have changed stuff I want more secure over to Authy. Facebook, gMail, hotmail, Amazon, Digital Ocean, twitter, AWS, Teamviewer etc now all support this approach. Why Bank of America, Chase etc still don't support a system like this is beyond me. I have the Authy app on my phone protected by my fingerprint. If you are wanting more flexibility, you can have Authy replicate to another device (say a Chrome browser or desktop) so that if you lose a device, you can still manage the account and unregister the lost device. Could we lock down the unRaid encryption keyfile for encrypted array startup and only have it divulged based on a successful Authy 2 factor authentication challenge?
  24. Figuring out old data center stuff is terribly frustrating. You must be a person who never gives up.... I'd hate to think what your bill would be if you got to charge for the time you invested. Maybe you can bill tams?