Also add acoup.blog##.darkmode-layer
to your filters.
Also add acoup.blog##.darkmode-layer
to your filters.
You can take the package from the Ubuntu PPA, which is generally updated quickly, and rebuild for Debian using the instructions here.
You can give chisel a try. It tunnels all traffic over http/https, and the client can then create port forwards, just as with ssh, to access other services.
Yes, for example, syncing on a kernel panic could lead to data corruption (which is why we don’t do that). For the same reason REISUB is not recommended anymore: The default advice for a locked-up system should be SysRq B.
Edit i2psnark.upbw.max
in i2psnark.config
(this can be in a number of locations based on install type and platform - just search for it).
Or you can remove the maxlength
and size
attributes from the text input, it will save just fine.
There is no central naming authority in I2P. All hostnames are local. (Naming and Address Book)
Therefore, if an url doesn’t work, it isn’t in your local address book.
You can add mappings yourself if you know the destination or b32 address, or make use of subscriptions. In this case, add http://i2p-projekt.i2p/hosts.txt and http://notbob.i2p/hosts.txt to your address book subscriptions, the latter contains the destination for mysu.i2p.
Try removing all the superfluous default routes.
Yes this is sane and one of the main use cases for encrypted lease sets. Encrypted lease sets make it impossible for unauthorized users to connect to your hidden services.
If you know beforehand that only one client needs to be able to connect, choose “DH” as a security strategy, and share the client’s key with the server. This article explains these concepts in detail.
If you don’t care about anonymity (given the 0-hop tunnels), you could also stick both hosts on an overlay network like Yggdrasil. This may or may not be more convenient / performant based on the number of services you want to expose.
I think glider can do this, with -strategy rr
(Round Robin mode). I have not used it in this way myself, so you might need to experiment a little. Proxychains can also do this, but it doesn’t present a socks5 interface itself (it uses LD_PRELOAD
, so it won’t work everywhere).
Argon2id (cryptsetup default) and Argon2i PBKDFs are not supported (GRUB bug #59409), only PBKDF2 is.
There is this patch, although I have not tested it myself. There is always cryptsetup luksAddKey --pbkdf pbkdf2
.
This seems right and exactly the way I’ve set it up. On subvolid=5 I have subvolumes and
@home
, in /etc/fstab
I mount /
as subvol=@
, and /home
as subvol=@home
.
Could you run sudo lshw -C network
and post the output for the wireless interface?
Quad9, a Swiss public benefit, not-for-profit foundation. Main address is 9.9.9.9.
Here is a config template to run an obfs4 bridge, make changes as required:
BridgeRelay 1
# Replace "TODO1" with a Tor port of your choice.
# This port must be externally reachable.
# Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port.
ORPort TODO1
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
# Replace "TODO2" with an obfs4 port of your choice.
# This port must be externally reachable and must be different from the one specified for ORPort.
# Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port.
ServerTransportListenAddr obfs4 0.0.0.0:TODO2
# Local communication port between Tor and obfs4. Always set this to "auto".
# "Ext" means "extended", not "external". Don't try to set a specific port number, nor listen on 0.0.0.0.
ExtORPort auto
# Replace "" with your email address so we can contact you if there are problems with your bridge.
# This is optional but encouraged.
ContactInfo
# Pick a nickname that you like for your bridge. This is optional.
Nickname PickANickname
You can also use the reachability test to check if everything is configured correctly. If it is reachable and bootstrapping reaches 100% you should be set.
Set SocksPort
if you want to connect your browser (don’t confuse this with ORPort
). Default is localhost:9050.
I’m not on NixOS, but I have a decent working knowledge of Tor.
Not quite clear on what you’re trying to do, are you trying to run a relay, or just connecting to the Tor network and pointing your browser to the socks proxy?
Arti (the official Tor implementation in Rust) is not a complete replacement for the Tor C implementation yet. Hidden service support is disabled by default (due to the lack of a security feature that could allow guard discovery attacks), and bridges don’t work either. If you don’t understand Tor very well stick with the old router.
I thought about torrents, but found no way to do that privately either.
You can torrent privately using I2P (It’s like Tor but peer-to-peer). The Java router comes with a pre-installed torrent client, accessible from the console. After installing and setting up your browser you can browse the main tracker at tracker2.postman.i2p.
I occasionally experience the same thing. When this happens, it appears the jwt token is not sent with the initial request (thus appearing to be logged out), but it is sent with api requests on the same page (unread_count
, list
, etc.), so the cookie is not lost (document.cookie
also shows it). Sometimes refreshing again fixes it, but I haven’t yet found a good workaround. I’ll experiment a bit next time it happens.
This element is never generated as a candidate in the picker, probably a quirk of this specific site. I just looked at the DOM and saw this related element next to the dark mode button.