That wasn’t luck - it was best practice backup strategy.

Tell me you’re bi without telling me you’re bi

Probably not. It looks like it’s setting the fake address before reading the tunnel parameters, where the real address is stored. Probably a kludge in case the connection address is undefined so the program doesn’t crash. So check whether the address is included there.

Also check the function that establishes the connection. 10.1.1.1 is not a public subnet, so unless there is a VPN device listening at the local address, the tunnel should fail to establish and throw an error, triggering the exception clause in that code. Again, you’ll want to confirm that in the code.

The money in calligraphy is usually made on wedding invitations, diplomas, “fine fining” menus, and corporate award certificates

That’s because “Dual License” means there are two licenses. Anyone can use it under the terms of the LGPL. If a company doesn’t want to abide by those terms, they can pay them not to by buying one of the commercial licenses

If your usecase and threat model don’t require the pinpad, Onlykey Duo is worth a look. No pin, USB A or C, and still gives you 6 slots to support any combination of Fido2, TOTP, SSH, PGP, and password storage.

Manually keying in the pin is only needed when plugging in the device. Challenges for TOTP, FIDO2, etc. are a configuration option, and are only 3 digits if enabled (press any button if disabled).

As for “excessive amount of security”, security as an absolute measure isn’t a great way to think about it. Use case and threat model are more apt.

For use case, I’ll point out it’s also a PGP and SSH device, where there is no third party server applying the first factor (something you know) and needs to apply both factors on device.

For threat model, I’ll give the example of an activist who is arrested. If their e-mail provider is in the country, they can compel the provider to give them access, allowing them to reset passwords on other more secure services hosted outside the country. The police now have the second factor (something you have), but can’t use it because it’s locked.

Aldo that it has sun sensitivity as a side effect

https://onlykey.io/

Built in hardware pin entry means your unlock code can’t be captured by a compromised machine. Emulates Yubikey if you need that, handles Fido / U2F, stores up to 12 passwords, acts as PGP and SSH key if you install the (open source) agent.

The SSH agent implementation is forked from https://trezor.io/ which is advertised more for crypyo wallet uses.

Edit: For OP’s concern about losing the key, it also has the ability to export an encrypted backup that can be restored to a replacement key

Nope - it was Unix not Linux. The minus makes the command invalid on many Unix versions of tar (though most modern BSD versions allow it)

Sorry, it was Solaris - you just blew it up (the minus is invalid on many Unix versions of tar)

I seriously doubt it

No, a lot less confrontational.

Guess I should switch. I always get funny looks when I say my number is “Beechwood 45789”

Even more extreme, actually. I knew one person who was actually, honestly, voluntarily homeless. For years. Living on the street, no car. No obvious mental health issues, had family who would have been happy to take him in, strong social network, active in the community. Didn’t want to be tied to all of the things ownership of stuff brings, and was willing to make the many and extreme sacrifices that entails.

To be clear, this is not the normal homelessness experience. I’ve known too many homeless people, and the right-wing conspiracy theories of middle to upper class panhandlers on every corner are utter nonsense. Ideologically motivated self justifying cruelty inspiring bullshit. Even when homeless people I have known said it was by choice, I usually knew enough about their situation to recognize it as a face saving salve to their pride (a hard thing to come by in the lower rungs of society, and very precious). But there was that one.

For those not in the US south and afraid of being judged, “all” on its own is an option.

“Hi all” is unlikely to raise any eyebrows

You were right. Cute as hell. Boyfriend is the pinhead.

Sorry, but I have bad news for you. Privacy in major car brands no longer exists.

You don’t say where your family member lives, but you might look into smaller regional brands that focus on cheap cars for less overdeveloped areas of the world. Be aware the tradeoff is probably in safety features.

No. He’s been real clear about that. Neither will Trump.

Short of armed insurrection, US subjects have no control on this one. The ones that are arming for insurrection also support the genocide. FML

For a privacy friendly OS, surprised nobody has mentioned Freedombox

It’s designed explicitly for your use case, along with an easy path to other self hosted services. When you’re ready for more than it offers through the web interface, it’s a full Debian install under the hood - so you can install whatever you need to. Privacy friendly and super stable, with smooth upgrades to new releases and security updates for old versions several years after the new one is available.

As far as hardware, your old computer is probably more powerful than a Pi and can support more drives, but the Pi will be more power efficient. As others have mentioned, if you care about your data long term then backups are a must, so a separate NAS or a Pi with a large drive for backup storage is a good idea as well, whatever OS you choose.