[03:12] <MIF> is there a way to install the ubuntu server installer on a flash drive with out installing software or having admin on a macbook?
[03:13] <mybalzitch> I'm not sure diskutil will let you make changes / write to a raw device file without admin
[03:13] <MIF> ok
[03:14] <MIF> because I am going to have to reinstall
[03:15] <MIF> :(
[03:23] <mybalzitch> well you can try launching diskutil / writing out the image to the raw usb device
[03:23] <mybalzitch> with dd
[03:23] <MIF> I first have to nuke my server
[03:25] <mybalzitch> why not write out the installer on your server
[03:26] <quadrathoch2> mybalzitch because it was compromized
[03:26] <MIF> yep
[03:26] <MIF> because I left a user with out a password
[03:28] <MIF> I thought I got all of the virus off but after I rebooted, there it was
[03:34] <dax> did i miss you giving us information about this virus in scrollback
[03:34] <MIF> no I said talked about it
[03:35] <dax> what did "there it was" involve?
[03:35] <dax> some specific process (which one?) in the output of `ps`, or...?
[03:36] <MIF> no it reinstalled its self
[03:36] <dax> yes, what did you see that leads you to believe that, is what i'm asking
[03:37] <MIF> dir.dir is the tell tale sign of this virus
[03:38] <dax> ah
[03:38] <dax> glad you're going the reinstallation route now
[03:39] <MIF> now I need to know how to install the installtion on a flash drive on a mac with out admin
[03:40] <dax> i forget whether Disk Utility requires admin to write to USB. if not, https://ubuntu.com/tutorials/create-a-usb-stick-on-macos#3-prepare-the-usb-stick . if it does, i think those constraints don't work
[03:40] <dax> since dd requires sudo and i think everything else that touches disks on the CLI does
[03:40] <MIF> ok
[03:40] <dax> the macos channel on here (i think it's #macos? not sure) might know better
[03:40] <MIF> ok
[03:41] <dax> oh, those instructions need Etcher, ugh
[03:41] <MIF> Yea
[03:41] <MIF> It is on my school computer
[03:41] <MIF> so I cannot install apps
[03:41] <dax> no other computers in the house apart from your server and a locked-down mac?
[03:42] <MIF> not that I can access
[03:42] <MIF> right now I am kinda in quarantine because I was exposed and my mom is high risk
[03:49] <quadrathoch2> MIF, afaik, disk util needs admin rights, as the underlying tool _is_ dd
[03:50] <tomreyn> MIF: got an android phone?
[03:50] <MIF> no
[03:51] <tomreyn> hmm ask a neighbour to place a stick on their doormat for you to fetch
[03:51] <tomreyn> or on yours if you're quarantined
[03:53] <tomreyn> or maybe your mom can do one for you, or you can swap spots with her for a while, using her computer to do the stick
[03:56] <mybalzitch> even if the server was compromised, it'd have to be some pretty advanced malware to modify the install image they copy over and write to the flash drive
[03:56] <dax> im looking forward to the upcoming #ubuntu-server discussion on fomites
[03:56] <dax> mybalzitch: yeah, you're angling down the route i'd take too, though it goes against "best practices"
[04:09] <JanC> ask a friend to make the USB stick and get it to you somehow...
[04:09] <MIF> I will find a way
[04:09] <JanC> also, if you have a router or NAS that you can log into which also has USB, that's an option too...
[04:09] <MIF> yes I do but I don't want to do anything to that
[04:10] <JanC> I mean, you could write the stick from that  :)
[04:10] <MIF> ok
[10:13] <jancoow> mmh
[10:13] <jancoow> when c onnecting through ssh for the first time in x hours it takes very long to connect
[10:13] <jancoow> why is this?
[16:40] <teward> jancoow: could be any number of reasons.  network lag, network access rules, Fail2ban, UseDNS is trying to rDNS your system and failing repeatedly, etc.
[16:40] <teward> but "very long" is subjective so you'll need to be more specific
[18:33] <kinghat> does the server installer have zfs support now?
[19:39] <jayjo-> how do curtin and cloud-init relate in terms of autoinstallations for servers?
[19:39] <jayjo-> I'm trying to mount a partition at the install stage so cloudinit can use it as a "file" debian repository (with offline packages)
[19:39] <jayjo-> it looks like cloudinit and curtin have different storage formats for this.
[20:41] <MIF> would curl still work
[20:42] <MIF> https://www.irccloud.com/pastebin/CbdEI9CR/
[20:42] <MIF> what that firewall config?
[20:42] <MIF> and I know nothing can get in
[20:59] <tomreyn> "Pastebin deleted"
[20:59] <MIF> oh
[20:59] <MIF> https://www.irccloud.com/pastebin/Fm1K1SWp/
[20:59] <MIF> try that
[21:00] <MIF> is that link working tomreyn?
[21:04] <tomreyn> MIF: yes, this link is working as says:    sudo ufw enable; sudo ufw default deny incoming; sudo ufw reload
[21:04] <tomreyn> what is your question?
[21:04] <tomreyn> *AND says
[21:04] <MIF> Will I beable to use curl and wget?
[21:04] <tomreyn> outbound, yes, inbound no
[21:04] <MIF> so I cannot download files?
[21:05] <tomreyn> depends on where you loading from and to, i guess
[21:05] <MIF> github
[21:05] <MIF> and to install things
[21:06] <tomreyn> so - i'm guessing, for llack of details - you want to download something from github to this server, after running these commands on the server, which has a default ufw configuration. is this correct?
[21:06] <MIF> yes
[21:06] <MIF> I am working on a script to help me get my server reinstalled and that would be the first thing ran
[21:06] <tomreyn> so that should be working. does it not?
[21:07] <MIF> I have not tried it yet
[21:07] <tomreyn> well, you shoudl try.
[21:07] <MIF> if you want to see that script https://github.com/Sturtz-Network/server-setup/blob/master/install.sh
[21:08] <tomreyn> i think denying inbound traffic is the default policy
[21:09] <tomreyn> this is unsafe: curl -O http://software.virtualmin.com/gpl/scripts/install.sh; sudo chmod +x install.sh; sudo ./install.sh
[21:09] <MIF> it is?
[21:10] <MIF> how is it unsafe?
[21:10] <tomreyn> download from http, not https, code not verified, run
[21:10] <MIF> oh ok
[21:10] <MIF> how would I verify it?
[21:11] <tomreyn> against a cryptographic signature if one is provided. or a checksum
[21:11] <MIF> (what?)
[21:11] <tomreyn> the latter is just a rough check
[21:11] <MIF> and how would I do that?
[21:12] <tomreyn> the easiest option is robably to just use the HTTPS url, if you trust their webserver not to get compromised. it's not really enough, though.
[21:13] <tomreyn> you'll need to ask virtualmin folks how to verify the authenticity of their software downloads
[21:13] <MIF> ok, what else can I do?
[21:13] <MIF> ok
[21:13] <tomreyn> hmm, their installation guide is really bad https://www.virtualmin.com/download.html
[21:13] <MIF> ok
[21:13] <tomreyn> suggests doing exactly what you do
[21:14] <MIF> ok
[21:15] <tomreyn> apparently they provide gpg signed apt repositories http://software.virtualmin.com/vm/6/gpl/apt
[21:15] <MIF> they have apt?
[21:16] <tomreyn> why, did i write so?
[21:17] <tomreyn> oh yes, i did. then it could be so.
[21:17] <tomreyn> you could inspect the link and maybe find out for yourself.
[21:17] <MIF> I am
[21:18]  * MIF has to do it though way back because his school blocked https://virtualmin.com/ because of the forum 
[21:20] <MIF> so how would I do that with apt then?
[21:22] <MIF> I will just have to go the https route
[21:30] <soulseeker> hey
[21:30] <MIF> hi
[21:30] <soulseeker> can this do a filrsystem backup at install like linuxmint
[21:31] <soulseeker> thinking of using the same  version mint based on
[21:33] <soulseeker> choosing carefully
[21:45] <soulseeker> MIF are you interested?