[plug] Workaround to an OOM

Brad Campbell brad at fnarfbargle.com
Sun Feb 7 02:24:49 UTC 2016 

On 07/02/16 06:23, Andrew Cooks wrote:

> It seems like you went through great lengths to avoid putting the drive
> in your desktop pc and running fsck there. Was there a technical reason
> for that? Did the fsck resolve the initial problem? I'm curious about
> the encryption with key-over-network as well.

A couple of reasons.
A) I did not really want to dismantle the unit to pull the drive out.
B) My desktop is an iMac.

I have plenty of ways of doing it externally, but I really just didn't 
want the hassle of dismantling the cheap plastic enclosure or handling 
the endiannes issues with LUKS (PPC is big-endian).

> Please consider doing a lightning talk at the PLUG meeting on Tuesday!
>
>     I really want to upgrade this poor box with something that has aes
>     acceleration. Does anyone know of any affordable single board
>     solutions (ie < $200) that are fanless? I've seen some nice late
>     model Atom units, but they are either $$ or don't have SATA. There
>     are some 64Bit ARM boards coming up that tick the boxes, but nothing
>     available off the shelf yet. My other option is something like an
>     Intel Nuc, but they are $$ too.
>
>
> The new APU2 from PC Engines [1] meet the stated requirements, but the
> enclosure doesn't have space for a 3.5" SATA drive. If you're willing to
> drill a couple of holes in the APU enclosure you could mount the drive
> on top, or you could use a separate USB enclosure for the drive. I have
> an APU1 that I can show you and an APU2 on order.

That looks like it'd do the job nicely excepting the price.

I'd be happy to talk about the encryption system further over a beer 
perhaps but for obvious reasons I don't want to really go into it on the 
net. Unfortunately due to personal circumstance I'm not likely to make a 
PLUG meeting in the next couple of months. In fact I don't think I've 
been to a PLUG function since an installfest somewhere around the year 2000.

I'm only mitigating against inadvertent or deliberate disclosure via 
physical theft of one or more machines. If you got root on any of the 
equipment while it was powered up and connected to my network it 
wouldn't take long to figure out how to get the keys, but that's not 
what I'm protecting against.

-- 
Dolphins are so intelligent that within a few weeks they can
train Americans to stand at the edge of the pool and throw them
fish.

More information about the plug mailing list