Toggle menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

Minutes 2024-10-31

From MTU LUG Wiki
Revision as of 20:44, 1 November 2024 by D2wn (talk | contribs) (initial commit)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
  1. Happy Halloween!
  2. Bryce inquired about BIOS RAID for his dualboot setup
    1. BIOS RAID is bad apparently
    2. Hardware RAID is only available via PCIE cards
  3. WinBTRFS
    1. Missed opportunity to call it WinTRFS ("WinterFS")
    2. Scuffed, but apparently works
      1. Anthony used it for a Windows C:\ drive once
  4. Best project for mounting Linux partitions on Mac/Windows literally just runs an Alpine VM in the background and shares the drive via a local NFS share
    1. Kinda scuffed, but actually a smart way to do it
      1. All Linux filesystems would already be supported without writing new drivers
      2. LUKS/LVM/MDADM support would probably be trivial to add
    2. NOTE: Post-meeting I think I found it, it's called "linsk"
  5. WireGuard and Tailscale presentation
    1. What is a VPN?
      1. Open Protocols like OpenVPN
      2. Proprietary protocols like F5 Big-IP VPN (booo!)
    2. What is WireGuard?
      1. Veeeery fast
      2. UDP-based
        1. Nice advantage in that if a packet is invalid, it just silently drops it
        2. Attackers have very hard time finding a wireguard server endpoint (versus services like SSH that send a handshake on first connect)
      3. Works off the fundamental properties of asymmetric crypto
        1. Standard "Alice and Bob" setup [1]
        2. The server has a public and private key
        3. Each client has a public and private key
        4. The server has each client's public key
        5. Each client has the server's public key
        6. All messages sent are encrypted with that respective parties public key
    3. What is Tailscale?
      1. WireGuard on "easy mode"
      2. Much easier to configure
      3. Utilizes mesh network over the more common "hub-and-spoke" model
    4. What is Headscale?
      1. Self-hosted Tailscale
    5. Good resources to learn more
      1. OpenConnect project
      2. How Tailscale works
      3. What is Tailscale
      4. Some WireGuard examples
      5. Headscale
      6. WireGuard protocol
      7. WireGuard conceptual overview
      8. Sectigo primer on asymmetric cryptography
  6. LUG Headscale server?
    1. Could help bypass NAT if you have a restrictive ISP
    2. Makes it easier to connect to your devices from anywhere (on/off campus, back home, etc)
    3. If we get our public IP subnet, we could do reverse-NAT through a VPN to give you an entire public IP for your homelab
    4. Tim's warning on GLRC admins apparently not liking orgs using their own VPNs
      1. Should we warn ITO/WMTU?
      2. Literally every org in the GLRC uses their own VPN over the crappy MTU F5 one, does IT really care?
  7. Wizard guy came in and gave us candy
    1. Thank you wizard guy
  8. Tech apparently has an official Tailscale server
    1. You'll see a bunch of random devices on an internal MTU Tailscale network if you authenticate with your @mtu.edu Gmail to the Tailscale app
    2. ...they respond to pings
    3. "What are the odds someone put an iDRAC in there?"
  9. GLRC Pizza Party has been decided!
    1. Meeting this Saturday @ 1PM, in the GLRC main lobby
    2. Little Caesars was voted the pizza of choice