cultural reviewer and dabbler in stylistic premonitions

  • 66 Posts
  • 132 Comments
Joined 3 years ago
cake
Cake day: January 17th, 2022

help-circle




  • (disclaimer: this information might be years out of date but i think it is still accurate?)

    SSH doesn’t have a null cipher, and if it did, using it still wouldn’t make an SSH tunnel as fast as a TCP connection because SSH has its own windowing mechanism which is actually what is slowing you down. Doing the cryptography at line speed should not be a problem on a modern CPU.

    Even though SSH tunnels on your LAN are probably faster than your internet connection (albeit slower than LAN TCP connections), SSH’s windowing overhead will also make for slower internet connections (vs rsync or something else over TCP) due to more latency exacerbating the problem. (Whenever the window is full, it is sitting there not transmitting anything…)

    So, to answer OP’s question:

    • if you want to rsync over SSH, you usually don’t need a daemon (or to specify --rsh=ssh as that is the default).
    • if you the reason you want to use the rsync daemon is performance, then you don’t want to use SSH. you’ll need to open a port for it.
    • besides performance, there are also some rsync features which are only available in “daemon mode”. if you want to use those, you have at least 3 options:
      • open a port for your rsync daemon, and don’t use SSH (bonus: you also get the performance benefit. downside, no encryption.)
      • setup an SSH tunnel and tell the rsync client it is connecting to a daemon on localhost
      • look at man rsync and read the section referred to by this:
        • The remote-shell transport is used whenever the source or destination path contains a single colon (:) separator after a host specification. Contacting an rsync daemon directly happens when the source or destination path contains a double colon (::) separator after a host specification, OR when an rsync:// URL is specified (see also the USING RSYNC-DAEMON FEATURES VIA A REMOTE-SHELL CONNECTION section for an exception to this latter rule).

    HTH.





  • Arthur Besse@lemmy.mltoProgrammer Humor@lemmy.mlcarrot.py
    link
    fedilink
    English
    arrow-up
    56
    arrow-down
    1
    ·
    1 month ago

    only hobbyists and artisans still use the standalone carrot.py that depends on peeler.

    in enterprise environments everyone uses the pymixedveggies package (created using pip freeze of course) which helpfully vendors the latest peeled carrot along with many other things. just unpack it into a clean container and go on your way.


  • Funny that blog calls it a “failed attempt at a backdoor” while neglecting to mention that the grsec post (which it does link to and acknowledges is the source of the story) had been updated months prior to explicitly refute that characterization:

    5/22/2020 Update: This kind of update should not have been necessary, but due to irresponsible journalists and the nature of social media, it is important to make some things perfectly clear:

    Nowhere did we claim this was anything more than a trivially exploitable vulnerability. It is not a backdoor or an attempted backdoor, the term does not appear elsewhere in this blog at all; any suggestion of the sort was fabricated by irresponsible journalists who did not contact us and do not speak for us.

    There is no chance this code would have passed review and be merged. No one can push or force code upstream.

    This code is not characteristic of the quality of other code contributed upstream by Huawei. Contrary to baseless assertions from some journalists, this is not Huawei’s first attempt at contributing to the kernel, in fact they’ve been a frequent contributor for some time.











  • This video is full of jarring edits which initially made me wonder if someone had cut out words or phrases to create an abbreviated version. But, then I realized there are way too many of them to have been done manually. I checked the full original video and from the few edits i manually checked it seems like it is just inconsequential pauses etc that were removed: for instance, when Linus says “the other side of that picture” in the original there is an extra “p” sound which is removed here.

    Yet another irritating and unnecessary application of neural networks, I guess.




  • Upload bandwidth doesn’t magically turn into download bandwidth

    Actually, it does. Various Cable and DSL standards involve splitting up a big (eg, measured in MHz) band of the spectrum into many small (eg, around 4 or 8 kHz wide) channels which are each used unidirectionally. By allocating more of these channels to one direction, it is possible to (literally) devote more band width - both the kinds measured in kilohertz and megabits - to one of the directions than is possible in a symmetric configuration.

    Of course, since the combined up and down maximum throughput configured to be allowed for most plans is nowhere near the limit of what is physically available, the cynical answer that it is actually just capitalism doing value-based pricing to maximize revenue is also a correct explanation.