I’m currently using KeePassDX and I’ve set up the Nextcloud server and downloaded the Android app. I’ll give it another shot. Can you explain more how you’ve set this up for yourself? What does CF mean, and what file manager do you recommend?

Thanks!

I’m talking about this issue: https://github.com/nextcloud/android/issues/19

This issue: https://github.com/nextcloud/android/issues/19

I’m looking for a selfhosted alternative, I’m not really to keen to place all of my password eggs into one company basket so to speak. But yes, other than that, Proton is a good choice (but I’d probably go with Bitwarden personally). Thank you.

Do you do it manually into e.g. protected json, or to a normal zip (the former doesn’t support attachments as far as I know)? Or have you found a way to do it automatically? One con that I’ve read about this is that backups from one version is not guaranteed to work on another version. Thanks.

I actually used pass many years ago and I quite enjoyed it, except for the fact that the entry names are presented in clear text. You’d also have to manage your GPG secret which I’m not a fan of (in fact, my password manager is how I usually manage GPG and SSH keys in the first place). On the other hand, I guess you should keep a key file on each device on top of a passphrase even if you use a KeePass database, so I guess that point is moot. There are also no good way to include attachments. At that point Vaultwarden feels more convenient, but the more I’m thinking about it, the more I’m warming up to the idea. We’ll see, maybe I’ll give it a shot again.

Thanks for sharing your thoughts!

Edit: I did some quick research and I found this video:

https://www.youtube.com/watch?v=j-qBChKG15Y

It brings up some pretty important security concern that still seem to be relevant.

Yeah, I have a tendency to modify my database quite often. I often make new accounts, add attachments, modify passphrases on older accounts, etc. I modify it several times a week. I might be an outlier, and in that case I understand why people don’t consider this to be a huge problem haha.

I used to enjoy AI a lot, and I still think the technology is really cool, but lately I’m beginning to despise it. It spreads and nestles itself into every corner of our life, and it rots whatever it touches, be it the humans that rely on it or the projects in which it’s used. I see so many open source projects that are tainted with it, it’s almost impossible to avoid it. It’s sad. The generations that will grow up with AI will be fucked.

The reason it’s promising is primarily because it does both floating and tiling window management well. It didn’t really click with me though the last time I tried it.

I would love to give GNOME an honest try, but there are so many ways in which it feels like it’s actively working against me. In KDE I can for example create as many panels as I want on as many monitors as I want. On GNOME? There’s an extension to put the panel on another monitor, but then you can’t use the dock. I guess the GNOME developers don’t use multiple monitors? I mean you can’t even set different wallpapers on different monitors without a third party application.

As for Niri, Hyprland and all that… Yeah, they’re cool, but I’m too old nowadays. I just want shit to work, even though I do miss some of the functions that exist e.g. on Hyprland that doesn’t exist in KDE. But on the other hand, the developer of Hyprland is an asshole, so I wouldn’t really want to promote or use the project anyway.

They’re in the process of doing so, and they’re a long way off from being finished. Frankly, I doubt we’ll ever see a release.

Heroic is great. Bottles has the potential to be great but it needs umu, and I’m skeptical about them rewriting the project (rewrites are seldom a good sign of a FOSS project in my experience).

deleted by creator

It should be opposite though. They should keep the top domain AI free, and introduce a subdomain with AI.

deleted by creator

It’s worth noting that Obsidian is closed source and proprietary.

Enabling SSH password authentication is unnecessary and not a good idea, especially if your temporary passwords are simple.

Noted, thank you!

I haven’t used Hetzner but there is probably a way to upload a file or to paste into the console

Pasting generates garbled text, with letters and symbols being replaced or simply missing. I haven’t found a way to upload a file, nor have I found a solution to the issues in general. I found a few threads on Reddit complaining about the same thing, but no one had found a solution. It just seems to be an issue with the way Hetzner has set up their KVM console.

There is a way to upload custom ISO files, but it’s quite annoying as you have to open a ticket with a direct link to the ISO and wait for the staff to upload it for you to the UI.

You may want to look into cloud-init instead of manually installing and configuring your VMs.

Thank you! I’ll check it out.

LUKS may not make your server meaningfully more secure. Anyone who can snapshot your server while it’s running or modify your unencrypted kernel or initrd files before you next unlock the server will be able to access your files.

That’s true. It’s mostly just to prevent data recovery should the VPS be recycled for services that don’t support E2EE, like Immich. I thought it would be better than nothing.

If I can use E2EE, I will. This VPS will never be exposed to the internet, it will only be accessible through Netbird. The main reason for setting up FDE is for Immich which doesn’t support E2EE, so that the data won’t be (as easily) recoverable should the VPS be recycled. But yeah, it’s not perfect, but like you said it’s better than nothing.

I don’t really take physical access (including Hetzner and law enforcement) into account in my threat model.