Protected: Building a AI server for relatively cheap: Nvidia V100s, Custom boards, NVlink, and $1300
There is no excerpt because this is a protected post.
pfSense: NAT firewall rules for Multi-WAN setups
This guide assumes that you have setup Gateway groups with the appropriate tiers as well as DDNS setup. For my setup, I have 3 tiers (Fiber, coaxial, and LTE through a VPN to a VPS provider) and I use Cloudflare as my DDNS provider. Both are needed for this to work properly. In order this
Read More »
VFIO: How to enable Resizeable BAR (ReBAR) in your VFIO Virtual Machine
What is ReBAR and Why Do I Want It Resizable BAR is a PCIe setting that allows the device (in this case GPU) to negotiate Base Address Register size (in this case access the whole frame buffer at once rather than in 256MB chunks). Some games make better use of this than others, and older
Read More »
PFSense CE 2.7.0: pfatt Do not upgrade to 2.7.0
This is a PSA for any pfatt users out there. PFsense 2.7 removed the functionality needed to get netgraph working. I compiled my own modules from the source and it was not enough. Upgrade to PFsense Plus and use its module to bypass or migrate OPNsense. Good luck with your decision! Maybe someone better can
Read More »
Password Managers: Migrate from LastPass to Bitwarden
Given LastPass has once more been compromised, and this time it has been confirmed that password vaults have been accessed by the attacker, now is a very good time to transition away from it. Personally I feel that Bitwarden is a very strong option for a password manager to transition to. It is open source,
Read More »
Step-CA: Run as a systemd service
Create /etc/systemd/system/step-ca.service Fill it with this, make sure your directories are correct in the ExecStart line: [Unit] Description=step-ca After=syslog.target network.target [Service] User=step Group=step ExecStart=/bin/sh -c '/bin/step-ca /home/step/.step/config/ca.json --password-file=/home/step/.step/pwd >> /var/log/step-ca/output.log 2>&1' Type=simple Restart=on-failure RestartSec=10 [Install] WantedBy=multi-user.target Next, populate the pwd file with the plaintext intermediate CA password. I put mine in /home/step/.step/pwd Next, configure the
Read More »
Step-CA: Change Certificate Authority and Intermediate Authority Encryption type and key size
Step-CA is a decent CA management program but it has one issue, its annoying to set the algorithm on the CA and intermediate CA. So I spent the day figuring it out. Here are the results. Choosing the Right Key Type There are 3 supported key types : EC (elliptic curve), OKP (octet for “Ed25519”
Read More »
OpenSSL CA: make a certificate signing request work on Arch Linux
#edit /etc/ssl/openssl.cnf Find [ ca ] and make sure this matches: #################################################################### [ ca ] default_ca = CA_default #default ca section #################################################################### [ CA_default ] dir = /etc/ssl # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database =
Read More »
VFIO: Tuning your Windows gaming VM for optimal performance
This will be a guide on advanced tuning for a VFIO gaming VM. If you’re starting from scratch, read through the Arch Wiki guide on PCI passtrhough via OVMF. It is a great starting point and covers all of the basics. I’d recommend using libvirt instead of straight QEMU. Host hardware configuration Before we begin,
Read More »
PFsense 2.6.0: Fix pf-att bypass mode
As of Writing this (2/17/22), there is a bug in the latest version of pfSense with the Intel if_em.ko driver. This is causing the pf-att script to not work. Thanks to the work of neydah700 on github, the fix was found by replacing the kernel driver with a newly compiled binary that has the issue
Read More »