Free MetalVPS Intel i9-13900 Traditional Shell Account! Make Your Own VPSes!

12728303233

Comments

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Nubuki said: In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
    Can you maybe elaborate what count as open source and what doesn't?

    Maybe something more or less like:

    If the executable is present on the server we all should be able to see the source code. :) We also ought to be able to see and modify and share any compiler or intermediate tool that was used to create the executable as well as any low level executable (assembly or machine language) that's present on the server. If we can't see, modify, and share the source, the code isn't "Open Source."

    Um, approximately. :)

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said:
    @Not_Oles forgot to mention, but please ensure that apache is not running as "root". It should be running as user "www-data" and group "www-data", otherwise certain scripts can be used to get shell access to the server as root user.

    Do not enable cgi-bin or perl scripts for apache for the same reason.

    What's running now is the default which came out of apt-get install apache2. Root didn't start apache2, apt seems to start stuff. Does the following look right?

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # systemctl status apache2
    ● apache2.service - The Apache HTTP Server
         Loaded: loaded (/lib/systemd/system/apache2.service; enabled; preset: enabled)
         Active: active (running) since Wed 2023-05-10 00:31:36 UTC; 17h ago
           Docs: https://httpd.apache.org/docs/2.4/
       Main PID: 6892 (apache2)
          Tasks: 55 (limit: 76830)
         Memory: 33.1M
            CPU: 5.726s
         CGroup: /system.slice/apache2.service
                 ├─6892 /usr/sbin/apache2 -k start
                 ├─7773 /usr/sbin/apache2 -k start
                 └─7774 /usr/sbin/apache2 -k start
    
    May 10 00:31:36 fsn systemd[1]: Starting apache2.service - The Apache HTTP Server...
    May 10 00:31:36 fsn systemd[1]: Started apache2.service - The Apache HTTP Server.
    root@fsn ~ # grep www-data /etc/group
    www-data:x:33:
    root@fsn ~ # 
    

    Hmm. The following might not seem right. Any user can run the apache2 command?

    root@fsn ~ # ls -l $(which apache2)
    -rwxr-xr-x 1 root root 725920 Apr 13 03:26 /usr/sbin/apache2
    root@fsn ~ # file $_
    /usr/sbin/apache2: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=32f93713681b4a762449554c6cf2964156c2be5b, for GNU/Linux 3.2.0, stripped
    root@fsn ~ # 
    

    Thanks!

    @yqua :)

    Thanked by (1)Yqua
  • @Not_Oles said:

    @RtedPro said:
    Hello @Not_Oles
    Could you add my ssh key again? ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAdxnYG6YQ7yl/JpMl1v2+NS9fnaf+NiWWyWLsC7PUcg

    Want to provide identity information? :)

    Can i also ask you about the vms (if they are allowed or no?) simply whats not allowed real quick if you can.

    I don't want to have a bunch of rules about what is and isn't allowed. Right now I'm thinking about asking guys to run only open source software and not automatically adding new Neighbors to the kvm group. :)

    Have a good day! Thanks for your continuing interest! :)

    Hello @Not_Oles
    What identify information?

    Thanked by (1)Not_Oles
  • edited May 2023

    @Not_Oles said:
    Neighbors from certain countries may have to overcome increased challenges to providing identity verification. These neighbors need additional support. But, how? :)

    I like the post card idea! Think of it as writing to a pen pal.

    I am sure you'll be delighted to receive post cards from different places as well.

    Unless you will get into trouble for writing to a pen pal outside of the country... Which i don't think is the case for most people wishing to use MetalVPS.

    Thanked by (1)Not_Oles

    The all seeing eye sees everything...

  • edited May 2023

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    Thanked by (1)Not_Oles
  • @Not_Oles said:
    Hi @Nubuki!

    nice is old enough that I know about it. :) I think I might know what you mean by cpulimit too. I might understand a little about child process inheritance.

    I see great then

    Would it be too crazy to imagine that you might want to share a bit about what exactly it is you have been doing on the server and about how you have been doing it? :) Thanks!

    Best wishes!

    Tom

    Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Thanked by (1)Not_Oles

    Teehee!

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Nubuki said: Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Can one do this with Open Source software exclusively? :)

    Thanked by (1)Nubuki
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @ralf said:

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    @Not_Oles said:

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # 
    

    How does a "non-root user . . . override the default configuration file path?" Is it by making an alternate configuration and pointing Apache to the alternate configuration, or perhaps by specifying the configuration through command line options? Hmm. I probably should Google this before posting. Bad boy! :)

    No issue that process 6892 is running as root? Why? :)

    Thanks!!!

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @RtedPro said:

    @Not_Oles said:

    @RtedPro said:
    Hello @Not_Oles
    Could you add my ssh key again? ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAdxnYG6YQ7yl/JpMl1v2+NS9fnaf+NiWWyWLsC7PUcg

    Want to provide identity information? :)

    Can i also ask you about the vms (if they are allowed or no?) simply whats not allowed real quick if you can.

    I don't want to have a bunch of rules about what is and isn't allowed. Right now I'm thinking about asking guys to run only open source software and not automatically adding new Neighbors to the kvm group. :)

    Have a good day! Thanks for your continuing interest! :)

    Hello @Not_Oles
    What identify information?

    Hi @RtedPro! The proposed identity information types are specified explicitly in the public draft of the upcoming new MetalVPS ad. If you have time, could you please take a look and tell me how the draft could be improved? Best! Tom

  • @Not_Oles said:

    @ralf said:

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    @Not_Oles said:

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # 
    

    How does a "non-root user . . . override the default configuration file path?" Is it by making an alternate configuration and pointing Apache to the alternate configuration,

    Yes, -f config_file defaults to /etc/apache2/apache2.conf

    or perhaps by specifying the configuration through command line options?

    There are far too many for that! The config file includes a whole load of other files too.

    No issue that process 6892 is running as root? Why? :)

    I'm guessing that's for when it needs to re-read the config files and possibly needs to bind to a new port.

    I believe the startup is somewhat complicated - worker processes are created that setuid(www-data) to protect against vulnerabilities. Then the config file is read and the worker processes communicate with the original root process to say what ports need to be listened on. The root process creates these as it has permission, and these are then shared with the worker processes to accept() and process the incoming requests.

  • @Not_Oles said:

    @Nubuki said: Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Can one do this with Open Source software exclusively? :)

    Yup everything is run using Python and the repository is public the dependencies like ffmpeg (which is actually used in encoding) is open source too

    Thanked by (1)Not_Oles

    Teehee!

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Nubuki said:

    @Not_Oles said:

    @Nubuki said: Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Can one do this with Open Source software exclusively? :)

    Yup everything is run using Python and the repository is public the dependencies like ffmpeg (which is actually used in encoding) is open source too

    Excellent! If you have time, can you post an example or a link? Thanks!

  • @Not_Oles said:

    @Nubuki said:

    @Not_Oles said:

    @Nubuki said: Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Can one do this with Open Source software exclusively? :)

    Yup everything is run using Python and the repository is public the dependencies like ffmpeg (which is actually used in encoding) is open source too

    Excellent! If you have time, can you post an example or a link? Thanks!

    Okay Here!

    Thanked by (1)Not_Oles

    Teehee!

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Nubuki said:

    @Not_Oles said:

    @Nubuki said:

    @Not_Oles said:

    @Nubuki said: Well I have been encoding videos 😑

    Basically it's more of archiving though
    A telegram bot is deployed, I forward a video to the bot on tg, bot compresses it and uploads the compressed file to my drive or returns the file on telegram

    Can one do this with Open Source software exclusively? :)

    Yup everything is run using Python and the repository is public the dependencies like ffmpeg (which is actually used in encoding) is open source too

    Excellent! If you have time, can you post an example or a link? Thanks!

    Okay Here!

    Thanks! I took a quick look at the README.md. Sometime, when you have a chance, could you please link to an example video? Sorry, I've never used Telegram, and so I have no idea what kinds of videos would be forwarded to Telegram. And you say that the Telegram bot compresses the video file. Does "forwarded" plus "bot compression" mean something akin to posting the video? :) Thanks!

  • @Not_Oles said:
    New Terms of Service for MetalVPS Neighbors might include:

    • Run open source software only?

    I'm OK with this actually.

    • No transfer of account or sub-accounts?

    Surely this is a must.

    • kvm group membership deferred?

    I don't think this is actually a good idea, this may make people lost interest in MetalVPS. Maybe just limit them to use not more than 8GB RAM and 4 CPU cores. Or maybe limit it to people who has verified their identity by using any method.

    • sudo group membership deferred?

    I'm OK with no sudo access, at least I still need to use KVM

    New Benefits for MetalVPS Neighbors might include:

    • Shared hosting, maybe /home/neighbor/www/ is served?
    • Please check https://fsn.metalvps.com
    • First time for me to set up Apache for shared hosting. So, I'm clueless!™ :)

    This looks like a great idea!

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @itsmepaddi said: I still need to use KVM

    Thanks for your helpful comment! :)

    What is the program you want to run inside Qemu-KVM?

    How could you run your program directly on the metal so that Qemu-KVM would not be needed?

  • @ralf said:

    @Not_Oles said:

    @ralf said:

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    @Not_Oles said:

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # 
    

    How does a "non-root user . . . override the default configuration file path?" Is it by making an alternate configuration and pointing Apache to the alternate configuration,

    Yes, -f config_file defaults to /etc/apache2/apache2.conf

    or perhaps by specifying the configuration through command line options?

    There are far too many for that! The config file includes a whole load of other files too.

    No issue that process 6892 is running as root? Why? :)

    I'm guessing that's for when it needs to re-read the config files and possibly needs to bind to a new port.

    I believe the startup is somewhat complicated - worker processes are created that setuid(www-data) to protect against vulnerabilities. Then the config file is read and the worker processes communicate with the original root process to say what ports need to be listened on. The root process creates these as it has permission, and these are then shared with the worker processes to accept() and process the incoming requests.

    The config file /etc/apache2/apache2.conf should contain the default user and group

    User www-data
    Group www-data
    

    If it is something different, change and restart apache2

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said:

    @ralf said:

    @Not_Oles said:

    @ralf said:

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    @Not_Oles said:

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # 
    

    How does a "non-root user . . . override the default configuration file path?" Is it by making an alternate configuration and pointing Apache to the alternate configuration,

    Yes, -f config_file defaults to /etc/apache2/apache2.conf

    or perhaps by specifying the configuration through command line options?

    There are far too many for that! The config file includes a whole load of other files too.

    No issue that process 6892 is running as root? Why? :)

    I'm guessing that's for when it needs to re-read the config files and possibly needs to bind to a new port.

    I believe the startup is somewhat complicated - worker processes are created that setuid(www-data) to protect against vulnerabilities. Then the config file is read and the worker processes communicate with the original root process to say what ports need to be listened on. The root process creates these as it has permission, and these are then shared with the worker processes to accept() and process the incoming requests.

    The config file /etc/apache2/apache2.conf should contain the default user and group

    User www-data
    Group www-data
    

    If it is something different, change and restart apache2

    Thanks so much @somik! Your help is greatly appreciated! :)

    root@fsn ~ # cat /etc/apache2/apache2.conf
    [ . . . ]
    # These need to be set in /etc/apache2/envvars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    [ . . . ]
    root@fsn ~ # cat /etc/apache2/envvars
    [ . . . ]
    export APACHE_RUN_USER=www-data
    export APACHE_RUN_GROUP=www-data
    [ . . . ]
    root@fsn ~ # 
    

    However

    root@fsn ~ # echo $APACHE_RUN_USER
    
    root@fsn ~ # echo $APACHE_RUN_GROUP
    
    root@fsn ~ # 
    

    Nevertheless

    root@fsn ~ # ps -o uid,gid -p 6892
      UID   GID
        0     0
    root@fsn ~ # ps -o uid,gid -p 6974
      UID   GID
       33    33
    root@fsn ~ # ps -o uid,gid -p 7773
      UID   GID
       33    33
    root@fsn ~ # ps -o uid,gid -p 7774
      UID   GID
       33    33
    root@fsn ~ # grep 33 /etc/group
    www-data:x:33:
    root@fsn ~ # 
    

    It's interesting to read the comments in /etc/apache2/apache2.conf ("Apache 2 web server configuration in Debian is quite different to upstream's. . . .") and /etc/apache2/envvars (". . . there is no sane way to get the parsed apache2 config in scripts. . . .")

  • @Not_Oles said:

    @somik said:

    @ralf said:

    @Not_Oles said:

    @ralf said:

    @Not_Oles said:
    Hmm. The following might not seem right. Any user can run the apache2 command?

    Yes, any user can run any service on any port >=1024. To bind to a low-numbered port, such as 80 (HTTP) or 443 (HTTPS) requires root privileges. A non-root user will override the default configuration file path, otherwise it'll default to the one in /etc which will fail because they can't bind to the port.

    @Not_Oles said:

    root@fsn ~ # ps aux | grep apache | grep -v grep
    root        6892  0.0  0.0  13328 10680 ?        Ss   00:31   0:03 /usr/sbin/apache2 -k start
    www-data    6974  0.0  0.0   3408   164 ?        Ss   00:31   0:02 /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
    www-data    7773  0.0  0.0 2006044 20800 ?       Sl   01:54   0:00 /usr/sbin/apache2 -k start
    www-data    7774  0.0  0.0 2006176 23472 ?       Sl   01:54   0:01 /usr/sbin/apache2 -k start
    root@fsn ~ # 
    

    How does a "non-root user . . . override the default configuration file path?" Is it by making an alternate configuration and pointing Apache to the alternate configuration,

    Yes, -f config_file defaults to /etc/apache2/apache2.conf

    or perhaps by specifying the configuration through command line options?

    There are far too many for that! The config file includes a whole load of other files too.

    No issue that process 6892 is running as root? Why? :)

    I'm guessing that's for when it needs to re-read the config files and possibly needs to bind to a new port.

    I believe the startup is somewhat complicated - worker processes are created that setuid(www-data) to protect against vulnerabilities. Then the config file is read and the worker processes communicate with the original root process to say what ports need to be listened on. The root process creates these as it has permission, and these are then shared with the worker processes to accept() and process the incoming requests.

    The config file /etc/apache2/apache2.conf should contain the default user and group

    User www-data
    Group www-data
    

    If it is something different, change and restart apache2

    Thanks so much @somik! Your help is greatly appreciated! :)

    root@fsn ~ # cat /etc/apache2/apache2.conf
    [ . . . ]
    # These need to be set in /etc/apache2/envvars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    [ . . . ]
    root@fsn ~ # cat /etc/apache2/envvars
    [ . . . ]
    export APACHE_RUN_USER=www-data
    export APACHE_RUN_GROUP=www-data
    [ . . . ]
    root@fsn ~ # 
    

    However

    root@fsn ~ # echo $APACHE_RUN_USER
    
    root@fsn ~ # echo $APACHE_RUN_GROUP
    
    root@fsn ~ # 
    

    Nevertheless

    root@fsn ~ # ps -o uid,gid -p 6892
      UID   GID
        0     0
    root@fsn ~ # ps -o uid,gid -p 6974
      UID   GID
       33    33
    root@fsn ~ # ps -o uid,gid -p 7773
      UID   GID
       33    33
    root@fsn ~ # ps -o uid,gid -p 7774
      UID   GID
       33    33
    root@fsn ~ # grep 33 /etc/group
    www-data:x:33:
    root@fsn ~ # 
    

    It's interesting to read the comments in /etc/apache2/apache2.conf ("Apache 2 web server configuration in Debian is quite different to upstream's. . . .") and /etc/apache2/envvars (". . . there is no sane way to get the parsed apache2 config in scripts. . . .")

    Ya, i was worried about that... Maybe someone here with more knowledge about apache2 on debian can help...

    Thanked by (1)Not_Oles
  • edited May 2023

    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Thanked by (1)Not_Oles
  • @Not_Oles said:
    What is the program you want to run inside Qemu-KVM?

    How could you run your program directly on the metal so that Qemu-KVM would not be needed?

    For now I'm not sure yet. Probably something that runs inside Linux and is interesting for me.
    To run the program directly sometimes I may need sudo because of dependecies issues.

    Thanked by (1)Not_Oles
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @itsmepaddi said:

    @Not_Oles said:
    What is the program you want to run inside Qemu-KVM?

    How could you run your program directly on the metal so that Qemu-KVM would not be needed?

    For now I'm not sure yet. Probably something that runs inside Linux and is interesting for me.
    To run the program directly sometimes I may need sudo because of dependecies issues.

    Seems reasonable. . . .

    The i9-13900 isn't really ready yet, but I will make an account for you. kvm group and sudo group 🔜

    The i9-9900K is turned off, which seems a shame. Could you please let me know which one of the following distros you would like?

    AlmaLinux 8.7 base
    Arch Linux latest minimal
    CentOS 7.9 minimal
    CentOS Stream 8 base
    Debian 10 base
    Debian 10 LAMP
    Debian 11 base
    Rocky Linux 8.7 base
    Ubuntu 18.04.5 LTS minimal
    Ubuntu 18.04.5 LTS Nextcloud
    Ubuntu 20.04.3 (HWE) LTS minimal
    Ubuntu 20.04.3 LTS base
    Ubuntu 22.04.1 LTS base
    

    Thanks! Best wishes and welcome, again, to MetalVPS. :)

  • @itsmepaddi said:

    @Not_Oles said:
    What is the program you want to run inside Qemu-KVM?

    How could you run your program directly on the metal so that Qemu-KVM would not be needed?

    For now I'm not sure yet. Probably something that runs inside Linux and is interesting for me.
    To run the program directly sometimes I may need sudo because of dependecies issues.

    Fyi, you can still run the program on LXC containers inside metalVPS without KVM or sudo access. That brings me to the question, is KVM group membership required for LXC or should there be a seperate LXC group membership?

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

  • @Not_Oles said:

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

    Create me an account using the previous SSH key btw :)

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said: Fyi, you can still run the program on LXC containers inside metalVPS without KVM or sudo access.

    I think usually, but not always. For example, an unprivileged LXC user can't mount file systems.

    That brings me to the question, is KVM group membership required for LXC or should there be a seperate LXC group membership?

    kvm group membership is not required for LXC. The user needs to be in /etc/subuid, /etc/subgid, and /etc/lxc/lxc-usernet. Please see https://linuxcontainers.org/lxc/getting-started/ .

    Maybe what @itsmepaddi and what @dwight want to do could be done with LXC containers. @itsmepaddi @dwight Have you guys tried LXC yet? :)

    Best wishes!

    Thanked by (1)somik
  • @iamvinh123 said:

    @Not_Oles said:

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

    Create me an account using the previous SSH key btw :)

    BTW = by the way

    Thanked by (1)Not_Oles
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @iamvinh123 said:

    @Not_Oles said:

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

    Create me an account using the previous SSH key btw :)

    Hi @iamvinh123! As a result of the port scan that Hetzner caught, MetalVPS has an identity requirement now. How do you want to verify your identity? You could send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Or send by LES PM? Or maybe you prefer another way?

    Thanks! :) Best! :)

    Tom

  • @Not_Oles said:

    @iamvinh123 said:

    @Not_Oles said:

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

    Create me an account using the previous SSH key btw :)

    Hi @iamvinh123! As a result of the port scan that Hetzner caught, MetalVPS has an identity requirement now. How do you want to verify your identity? You could send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Or send by LES PM? Or maybe you prefer another way?

    Thanks! :) Best! :)

    Tom

    Hmmmm, I would prefer the another way as I'm 13 yo old
    yo = years

    Thanked by (1)Not_Oles
  • @iamvinh123 said:

    @Not_Oles said:

    @iamvinh123 said:

    @Not_Oles said:

    @dwight said:
    Hi, I want to create a NAT kvm with IPv6; then I want to establish an ip6tnl between two different IPv6 KVMs. Can I join this party?

    Here is my pub key
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXNzoL4Y7b+LDxR9tdR5jGzc7Vce0a15U3mdM/dnP77

    Hi @dwight!

    Thanks for your message. kvm is "not right away." If that's okay, how do you want to verify your identity? Send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Send by LES PM? Another way?

    Best wishes!

    Tom

    Create me an account using the previous SSH key btw :)

    Hi @iamvinh123! As a result of the port scan that Hetzner caught, MetalVPS has an identity requirement now. How do you want to verify your identity? You could send

    Name
    Address
    Email
    Phone number
    Scan of government ID

    to the email address on my LES profile? Or send by LES PM? Or maybe you prefer another way?

    Thanks! :) Best! :)

    Tom

    Hmmmm, I would prefer the another way as I'm 13 yo old
    yo = years

    Since I'm from Vietnam, I don't have any gov ID

    Thanked by (1)Not_Oles
Sign In or Register to comment.