xwiggen

  • Posts

    117
  • Joined

  • Last visited

Profile Information

  • Gender
    Male
  • Location
    Netherlands
  • Interests
    Armbian

Contact Methods

  • IRC
    scope
  • Github
    xwiggen

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

xwiggen's Achievements

  1. you want buffers to be flushed directly so the drive does not spin up whenever the kernel decides it needs to flush. IMHO I wouldn't recommend it (esp in RAID), consumer disks aren't as loud as 20 years ago and spinning up is the point where drives fail most. Early USB disks where prone to early catastrophic fails due to USB power mgmt.
  2. What does below yield? % cat /sys/class/hwmon/hwmon0/temp1_input /sys/devices/virtual/thermal/thermal_zone0/temp /etc/armbianmonitor/datasources/soctemp
  3. If you're planning to do 4K do read https://forums.plex.tv/t/info-plex-4k-transcoding-and-you-aka-the-rules-of-4k/378203
  4. odd, both zeropi (http://ix.io/2DtK) and opipc+ (http://ix.io/2DEm) have ok temps (though 7z does not finish) and do not throttle below 80; buster is somewhat leaner than focal (~2C). have you run without X (acceleration?) ?
  5. I had connectivity issues on 5.4 earlier which resolved by mounting with vers=2.1, you might try that
  6. might consider Epyc with 8 channels, 16 dimm slots and better I/O, memory is "cheap"/upgradeable upto 1TB. Best of luck!
  7. https://apt.armbian.com/armbian.key if the image is signed by Igor's key then it is an 'authentic' image. If signature verification fails due whatever reason (be it modification afterwards) the image is not authentic. The SHA hash only verifies the image but not who creates the SHA hash, for this you have signature verification. So, if either SHA, image or asc file are maliciously altered on server, you still have signature verification to verify it's an authentic image (which fail in case of modification, because it requires access to Igor's key to sign). The fingerprint we can read from the public key, but in the end we have no guarantee the pubkey is Igor's; for this ideally you'd like to check the fingerprint in person to verify the pubkey with a post-it. But it's not necessary really, at this point we can safely assume the key's Igor's and should it ever be compromised the key will be revoked. Read up on public key cryptography, the system is pretty locked down secure as it is.
  8. Try cross-compiling with -mfloat-abi=soft -static, all libraries on your armbian image are armhf: % dpkg -S libm.so libc6:armhf: /lib/arm-linux-gnueabihf/libm.so.6 libc6-dev:armhf: /usr/lib/arm-linux-gnueabihf/libm.so
  9. On my headless machines I usually skip user creation and enable SSH pubkey login only after transferring my key (https://wiki.archlinux.org/index.php/SSH_keys) IMHO the reason for not allowing root login (whether SSH or getty) is both to prevent wreaking havoc on the system by accident and not running processes elevated by default (which is a good security measure -- privileged account management). I'm just too lazy to type sudo as I do only configuration/package/service management on the machines.
  10. xwiggen

    xwiggen

  11. Dependency on binary blobs will eventually render your system useless... and somehow I suspect GPU libraries/drivers are intentionally closed source partly due to the patent-riddled 3D ecosystem
  12. After you've imported the public key with step 1: % gpg --verify Armbian_20.08.1_Zeropi_bionic_current_5.8.5.img.xz.asc gpg: assuming signed data in 'Armbian_20.08.1_Zeropi_bionic_current_5.8.5.img.xz' gpg: Signature made Thu 03 Sep 2020 04:20:28 PM CEST gpg: using RSA key DF00FAF1C577104B50BF1D0093D6889F9F0E78D5 gpg: checking the trustdb gpg: no ultimately trusted keys found gpg: Good signature from "Igor Pecovnik <igor@armbian.com>" [unknown] gpg: aka "Igor Pecovnik (Ljubljana, Slovenia) <igor.pecovnik@gmail.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: DF00 FAF1 C577 104B 50BF 1D00 93D6 889F 9F0E 78D5 What it says is Armbian_20.08.1_Zeropi_bionic_current_5.8.5.img.xz is signed by Igor Pecovnik. If any bit is flipped in the xz after being signed (after download or modified on server) verification will fail. The only weakness in this is the public key (as shown by WARNING above); you have to assume this is really Igor's pubkey and not compromised (but the keyserver's version and https://apt.armbian.com/apt/armbian.key match, the only thing more assuring would be if @Igor posts his fingerprint). You can trust this key as follows to remove the warning message; % gpg --edit-key 93D6889F9F0E78D5 gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub rsa4096/93D6889F9F0E78D5 created: 2015-03-16 expires: never usage: SC trust: undefined validity: unknown sub rsa4096/9D465D88C70F53E4 created: 2015-03-16 expires: never usage: E [ unknown] (1). Igor Pecovnik <igor@armbian.com> [ unknown] (2) Igor Pecovnik (Ljubljana, Slovenia) <igor.pecovnik@gmail.com> gpg> trust pub rsa4096/93D6889F9F0E78D5 created: 2015-03-16 expires: never usage: SC trust: undefined validity: unknown sub rsa4096/9D465D88C70F53E4 created: 2015-03-16 expires: never usage: E [ unknown] (1). Igor Pecovnik <igor@armbian.com> [ unknown] (2) Igor Pecovnik (Ljubljana, Slovenia) <igor.pecovnik@gmail.com> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y pub rsa4096/93D6889F9F0E78D5 created: 2015-03-16 expires: never usage: SC trust: ultimate validity: unknown sub rsa4096/9D465D88C70F53E4 created: 2015-03-16 expires: never usage: E [ unknown] (1). Igor Pecovnik <igor@armbian.com> [ unknown] (2) Igor Pecovnik (Ljubljana, Slovenia) <igor.pecovnik@gmail.com> Please note that the shown key validity is not necessarily correct unless you restart the program. gpg> save Key not changed so no update needed Hope this helps
  13. The transcoding is handled by the jellyfin-ffmpeg package, which is basically a fork of ffmpeg. You can specify your own path to ffmpeg binary in settings, as the supplied binary is linked with raspberry libs (which is the only rpi specific code of jellyfin). Raspberry pi is ok for VPU. @Wernertry jellyfin on your NEO3 and compile ffmpeg with --enable-version3 --enable-rkmpp --enable-drm Personally I don't use transcoding but leave it all to the RPI3 (LibreElec) which happily plays all formats from SMB except for 10bit x265.
  14. Does thermal throttling work? At night cronjobs start which might overheat the board. Nonetheless, /etc/fake-hwclock.data should update by the hour, could you include hwclock -r and /etc/fake-hwclock.data?
  15. The fingerprint is a crypto hash over the public key which makes it easier to identify due to the smaller size.