This action will delete this post on this instance and on all federated instances, and it cannot be undone. Are you certain you want to delete this post?

This action will block this actor and hide all of their past and future posts. Are you certain you want to block this actor?

This action will block this object. Are you certain you want to block this object?

Are you sure you want to delete the OAuth client [Client Name]? This action cannot be undone and will revoke all access tokens for this client.

Are you sure you want to revoke the OAuth token [Token ID]? This action cannot be undone and will immediately revoke access for this token.

Hi. 👋

I am JayVii, a data enthusiast with a passion for Free and Open Source Software. I care about social inclusion & privacy. This is my personal Fediverse server, powered by ktistec. I modified its appearance with my own adjustments.

I typically remove shared posts after ca. 3–6 months. I do keep most of my own posts (for now).

I post about a variety of topics, both in German and English, such as:

#Debian / #Linux
#FOSS / #OpenSource
#vegan #Food
#ktistec
#webdev, particularly #CSS and #PHP
sometimes posts & shares about German and EU politics (#DEpol, #EUpol)

I also developed a few tiny & simple self-hostable tools to ease my life (and that of others), such as:

You can find out more about myself on my website or in my introduction post.

JayVii shared a article by senioradmin 10:32am

Are you still banning, or do you already penalize?

Still using fail2ban just for stopping SSH brute force attempts? Since OpenSSH 9.8 there is a new config option for sshd_config: PerSourcePenalties This option has several parameters where you can define how long a client, based on its IP address, will be blocked, according to the unwanted behaviour. The most important parameters are: [...]

Still using fail2ban just for stopping SSH brute force attempts? Since OpenSSH 9.8 there is a new config option for sshd_config: PerSourcePenalties This option has several parameters where you can define how long a client, based on its IP address, will be blocked, according to the unwanted behaviour. The most important parameters are:

min:duration – the minimum penalty which must be accumulated before it is enforced, default 15 seconds (15s).
max:duration – the maximum penalty which can be accumulated, default 10 minutes (10m).
crash:duration – penalty that cause a crash of sshd, default 90s.
authfail:duration – penalty for disconnecting clients after making one or more unsuccessful authentication attempts, default 15s. Consider also MaxAuthTries, which defaults to 6. So in an default setup an IP would be banned for 15 seconds if someone typed the wrong password for 6 times.
invaliduser:duration – penalty for authentication attempts with an invalid user, default 5s (available since OpenSSH 10.3)
noauth:duration – penalty for disconnecting without attempting authentication , default 1s. Don't change this if you're running monitoring checks against sshd.
grace-exceeded:duration – penalty for not logging in after LoginGraceTime (default: 120s), default 10s.

There is also PerSourcePenaltyExemptList, which is a comma-separated list of addresses to exempt from penalties.

As you can see the default values are quite lax. Let's tighten the rules a bit:

A client should be refused connection for 1 hour after 3 unsuccessful auth attempts (using also MaxAuthTries) and crash attempts.
Since penalties do accumulate and the default max duration is 10 minutes we must define a new maximum penalty.
As for invalid user attempts I set the penalty to 5 minutes, since typos can happen (if OpenSSH >= 10.3)
I don't touch the noauth parameter, since monitoring tools and tools like ssh-keyscan could be blocked.

The resulting sshd_config snippet looks like this (for OpenSSH 10.3 and newer)

MaxAuthTries 3
PerSourcePenalties crash:3600s invaliduser:300s authfail:3600s max:86400s

Since OpenSSH 10.3 is quite new (released on 2026-04-02), most Linux users would want to omit the invaliduser parameter:

MaxAuthTries 3
PerSourcePenalties crash:3600s authfail:3600s max:86400s

This makes tools like fail2ban quite obsolete, if it is used in an default setup just for blocking SSH brute force attempts. Of course, if you're using them in more complex scenarios and not only for SSH, these tools are still useful.

JayVii shared a note by Hasufin Apr 6, 2026

Perhaps one of the most frustrating things about the usage of AI is, people are being pushed into it in order to poorly address previously-solved problems (e.g. web search) which have been taken away from us. I don't want ChatGPT, I want a search engine that gives me the results I requested and not what advertisers want on my eyeballs.

JayVii shared a note by Aral Balkan Apr 3, 2026

If you don’t have the resources to write and understand the code yourself, you don’t have the resources to maintain it either.

Any monkey with a keyboard can write code. Writing code has never been hard. People were churning out crappy code en masse way before generative AI and LLMs. I know because I’ve seen it, I’ve had to work with it, and I no doubt wrote (and continue to write) my share of it.

What’s never been easy, and what remains difficult, is figuring out the right problem to solve, solving it elegantly, and doing so in a way that’s maintainable and sustainable given your means.

Code is not an artefact, code is a machine. Code is either a living thing or it is dead and decaying. You don’t just write code and you’re done. It’s a perpetual first draft that you constantly iterate on, and, depending on what it does and how much of that has to do with meeting the evolving needs of the people it serves, it may never be done. With occasional exceptions (perhaps? maybe?) for well-defined and narrowly-scoped tools, done code is dead code.

So much of what we call “writing” code is actually changing, iterating on, investigating issues with, fixing, and improving code. And to do that you must not only understand the problem you’re solving but also how you’re solving it (or how you thought you were solving it) through the code you’ve already written and the code you still have to write.

So it should come as no surprise that one of the hardest things in development is understanding someone else’s code, let alone fixing it when something doesn’t work as it should. Because it’s not about knowing this programming language or that (learning a programming language is the easiest part of coding), or this framework or that, or even knowing this design pattern or that (although all of these are important prerequisites for comprehension) but understanding what was going on in someone else’s head when they wrote the code the way they wrote it to solve a particular problem.

It frankly boggles my mind that some people are advocating for automating the easy part (writing code) by exponentially scaling the difficult part (understanding how exactly someone else – in this case, a junior dev who knows all the hows of things but none of the whys – decided to solve the problem). It is, to borrow a technical term, ass-backwards.

They might as well call vibe coding duct-tape-driven development or technical debt as a service.

🤷‍♂️

#AI #LLMs #vibeCoding #softwareDevelopment #design #craft

JayVii posted Mar 29, 2026

Well, TIL that you can pipe tar directly into ssh. Need to play around with that a little. Maybe it overcomes the requirement to have enough space for a giant tar file on the host?

From Drew Devault's blog post on tar as rsync alternative

JayVii shared a note by Baldur Bjarnason Mar 28, 2026

“On The Enshittification of Audre Lorde: "The Master's Tools" in Tech Discourse”

https://tarakiyee.com/on-the-enshittification-of-audre-lorde-the-masters-tools-in-tech-discourse/

> Read against the speech itself, Lorde's argument seems less concerned with whether antitrust law can break up monopolies and more with whose knowledge counts, who gets to define the problem, and what gets systematically erased when liberation movements reproduce the exclusions of the systems they are opposing.

JayVii shared a note by Gary Strydom's Tiny Car Mar 28, 2026

LLMs do not "democratize programming". A 4-year-old can learn to program. LLMs throw up stupid barriers by convincing you that you can't learn to program and you have to rely on whatever shit the bobot spits out. Every asshole that says that AI "democratizes" fucking anything is trying to scam you.

JayVii posted Mar 28, 2026

In an attempt to use my smartphone a lot less, I am currently trying Newsboat's Podcast integration and a slim script I hacked together this morning. It automatically fetches podcast episodes, downloads and pushes them to the MP3-Player I bought a few months ago for taking to the gym.

It is of course a little bit more clunky than simply using Antennapod on my smartphone, but honestly, it is a quite smooth and pleasant experience nonetheless. Let's see how this goes for a few weeks.

#newsboat #podboat #rss #podcast

JayVii shared a note by Mike :nixos: Mar 26, 2026

For many people, the #Linux vs #Windows vs #Mac debate is a privilege — it assumes you can choose. But working with the Computer Upcycle Project, I've seen the real choice is often Linux vs no computer at all.

~95% of donated computers are "too old" for Windows 11 or macOS. Linux installs on them anyway, adding 10+ years of life to machines #Microsoft and #Apple called trash.

This isn't Linux vs Windows. It's Linux vs e-waste.

JayVii shared a note by Anya Karl Mar 28, 2026

Perfekter Zeitpunkt, um die Miniserie "Adolescence" zu empfehlen.

Im Zentrum steht ein 13-jähriger, der verdächtigt wird, eine Mitschülerin getötet zu haben.

Es geht um die Auswirkungen von Patriarchat & Frauenfeindlichkeit, um Online-Radikalisierung, toxische Männlichkeit, die Incel-Bewegung & die Konsequenzen, die all das für Jungen & Mädchen hat.

Die schauspielerischen Leistungen sind legendär, der One-Shot-Dreh pro Folge ebenso, die Intensität kaum aushaltbar & erschütternd.

JayVii shared a note by kcxt (casey) Mar 27, 2026

AI, mental health

if you're using AI regularly to generate text/presentations that you intend to use persuasively i don't think i can trust a single thing you say. Where does the AI end and the human begin?

I think this is why im so against AI generated commit messages especially if the code was written by a human, you wrote the code so you should be able to demonstrate that you understand what the change does and why.

If you're deferring that to an AI and you made a subtle logic error that it decides to justify for you suddenly we have obfuscated our own fucking zero days. Good luck finding the bug if the commit message describes the error as if it was intentional.

For general text, if you start with the conclusion and let the AI write the justification then there is no justification!!! Details matter, having a paper trail for decision making matters.

I wonder how many executives will escape the consequences of their white collar crimes by blaming AI.

AI zombification is coming and it's going to create a distinct difference in communication styles between those who do and don't use it, honestly that point is already here.

And we're gonna find out yet again that marx was right when it becomes clear that AI usage correlates with class lines.