Opawesome

Members
  • Content Count

    146
  • Joined

  • Last visited

Everything posted by Opawesome

  1. https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions does not say, but some guy here says it's 512. But https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions#1-general-questions does indicate that : Maybe that was your issue. Best, OP
  2. I have a Supermicro X11SSH-LN4-F with one LSI SAS 9201 16i. It has been working flawlessly for a year, with 10 HDDs attached to it. I bought it from this guy : https://www.ebay.fr/usr/ac-tech for 150,00 USD +shipping. The card does get quite hot, so I installed a fan installed in the PCI-E slot right below the card, with blowing air directly to on to the SAS card radiator. The bracket used to install the fan is like this one: https://www.amazon.com/Bracket-Three-Mount-Video-Cooling/dp/B00UJ9JSBY
  3. Hi @ljm42, Thank you for your answer. I was unsure about this last chmod indeed. Have a good day. Best, OP
  4. Il est possible que le fingerprint d'une des 2 machines ait changé avec la résolution des problèmes que tu as mentionnés. Dans ce cas les scripts contenant des connexions SSH automatiques ne fonctionnent plus jusqu'à ce que le nouveau fingerprint soit ajouté au fichier "known_hosts" de la machine client SSH. Cela se fait simplement en se connectant une fois manuellement avec une console.
  5. I personally bought a LSI SAS 9201 16i for about 100 euros on eBay. You can add 16 SATA drives with it. No BIOS/firmware flashing required since it is just a HBA controller and not a RAID controller.
  6. May I ask why you want to connect to SSH without password? Because there is always the possibility to login via RSA keys if you don't want to type passwords.
  7. For what it's worth, I have a Supermicro X11SSH-LN4-F with one LSI SAS 9201 16i. It has been working flawlessly for a year. I had it connected to the PCI-E 3.0 x8 (in x16) slot first, but decided to move it to the 2nd PCI-E 3.0 x8 (in x8) slot afterwards, with a fan installed in the last PCI-E slot blowing air directly to on to the SAS card radiator. The bracket used to install the fan is like this one: https://www.amazon.com/Bracket-Three-Mount-Video-Cooling/dp/B00UJ9JSBY
  8. I believe there is indeed a chance to lose all your data if the LUKS header becomes corrupt, although I understand that the chance of that happening is lower with LUKS2 than with LUKS1. I am by no means an expert. I just have just been doing some reading / testing on the subject during a week or so. My understanding is that the LUKS headers only change if you perform an operation like changing the password, or add a new key. So based on that understanding, my guess would be that you only need to backup LUKS headers if and when you do perform such an operation. Anyway, a
  9. Hi @Lee Kim Tatt, Your problem was exactly as mine (freezing when jumping around the video), except that the problem occurred on 6.8.3 for me. Would you mind sharing your hardware configuration (MB, CPU, etc.) ? Best, OP
  10. Hi all, First of all many thanks to @limetech for the continuous development of Unraid and for the new 6.9 version. I am now preparing to upgrade and want to modify my /config/go file in order to comply with new features such as the including of Intel i915 drivers or the changes made to the SSH configuration. Indeed, my attention was caught regarding the SSH improvements: https://wiki.unraid.net/Unraid_OS_6.9.0#SSH_Improvements , the following part in particular: Currently, my /config/go file is set up to allow unsupervised SSH connections to/
  11. Today, I found this tutorial by Mister @SpaceInvaderOne. This may be worth having a look @loopback. On paper, it seems to suit your needs :
  12. Hi @grunter This may interest you: https://www.anandtech.com/show/15863/the-intel-w480-motherboard-overview-lga1200-for-xeon-w-1200 They provide a review of several motherboards with a W-480 chipset: ASRock W480 Creator ASRock Rack W480D4U ASUS Pro WS W480-Ace DFI CMS310-W480 GIGABYTE W480 Vision D GIGABYTE W480 Vision W GIGABYTE W480M Vision W Supermicro X12SCZ-TLN4F Supermicro X12SCZ-F Supermicro X12SAE
  13. Hi @kimifelipe Hi all Maybe I did not understand very well but, it does not seem safe to me to change the parity disk if you are already having problems with one data drive. Especially with only one parity disk and not knowing for sure that the issue is caused by the new data drive and not by something else like a cable, backplane, HBA adapter, or motherboard issue. What if you put back you old drive and it becomes corrupt because of a faulty hardware ? I guess you would be happy to not have removed your parity drive in such event. So unless I misunders
  14. That I don't understand. My understanding was that with LUKS : (i) the encryption/decryption is made at the kernel level, and that (ii) a device is created by LUKS resulting in software applications not even being aware that they are dealing with an encrypted partition.
  15. Hi again @itimpi Many thanks for you detailed and insightful answer. I have though about the various issues/scenarios you mentioned and I have a few remarks: 1ST ISSUE: This sounds very logical. I didn't know you could make such a choice however. In this case, I understand that the only case where having or not having encryption enabled would make a difference is: (i) when the bad sector would be located in the LUKS; and (ii) Unraid fails to rebuild the corrupted data correctly. Assuming that LUKS headers are checked and within the sco
  16. Not saying that you should encrypt your data by any means, but when one has all its data backed up on a remote location, then the risk of loosing the locally encrypted data because of some sort of data corruption is, IMO, well mitigated.
  17. Hmm. Scary. Wouldn't that be caught and fixed with a parity check ?
  18. In case this helps, I made tests and improved an existing script which enables you to easily backup LUKS2 headers: @itimpi, I was considering switching to xfs-encrypted on my server. What exactly are you thinking about when you talk about "file system level corruption" ? Do you have in mind something other than a corruption in the fist 16MB sectors ? Best, OP
  19. It seems that it is actually recommended to use the built-in command rather than the "dd" command: (abstract from https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions#6-backup-and-data-recovery) I also figured that: (abstract from https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions#10-luks2-questions) That means that @golli53's script, which only backups the first 2MB of each device, may not be compatible with LUKS2 (which is the version used by Unraid as of the date of this post). On the contrary,
  20. I forgot to mention that the huge 2017 WannaCry cyber attack used a vulnerability in the SMB protocol (port 445) to spread around the globe (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack). So in a way, even if you do not care about your data being at risk, leaving such services opened to the internet can help the spread of cyber attacks and harm others.