JavaScript be like that sometimes…

That is so me sometimes.

You’re somewhat right in the sense that the point of disk encryption is not to protect from remote attackers. However, physical access is a bigger problem in some cases (mostly laptops). I don’t do it on my desktop because I neither want to reinstall nor do I think someone who randomly breaks in is going to put in the effort to lug it away to their vehicle.

Clevis pretty much does TPM encryption and is in most distros’ repos. I use it on my Thinkpad. It would be nice if it had a GUI to set it up; more distros should have this as a default option.

You do have to have an unencrypted boot partition, but the issues with this can at least in be mitigated with PCR registers, which I need to set up.

It’s a smidge more difficult on Debian if you want to use a non-ext4 filesystem - granted for most people, ext4’s probably still fine. I use it on my desktop, which doesn’t have encryption.

No - so long as the Federation has transporters and warp drive (realspace FTL in Star Wars lingo), they can probably pull it off.

If they could beef up their runabouts, that might help too.

Yes, fellow OpenTTD player.

I know this topic has been beaten to death online and honestly discussion is pointless, but I’m convinced the Federation could beat the Empire solely based on these two things:

• Warp drive travels FTL through what Star Wars would call “realspace”; not only does this provide Federation starships extreme tactical maneuverability (Picard maneuver and the like), but if a starship warped away far enough, the Empire might struggle to pursue with hyperdrive.
• The Federation has transporters - I’m not sure imperial shield would be design to protect against e.g someone beaming a bomb (or in dire cases, the warp core) onto a Star Destroyer or whatever.

I’d say the major difficulties are 1) Starfleet has nothing like a tie fighter except runabouts, which aren’t (yet) designed for combat. 2) The Federation might try to negotiate while the Empire does some sort of secret operation.

I’m using LVM. The BIOS solution would be a bad idea because it would be more difficult to access the drive on other systems if you had to; LVM allows you to enter your password on other systems to decrypt.

Do your servers have TPM? Clevis might be the way to go; I use it on my Thinkpad and it makes my life easy. If the servers don’t have TPM, Clevis also supports this weird thing called Tang, which from what I can tell basically assures that the servers can only be automatically decrypted on your local network. If Clevis fails, you can have it fall back to letting you enter the LVM password.

Well, it was worth a shot.

I don’t do it for my desktop because 1) I highly doubt my desktop would get stolen. 2) I installed Linux before I was aware of encryption, and don’t have any desire to do a reinstall on my desktop at this time.

For my laptop, yes, I do (with exception of the boot partition), since it would be trivial to steal and this is a more recent install. I use clevis to auto-unlock the drive by getting keys from the TPM. I need to better protect myself against evil maids, though - luckily according to the Arch Wiki Clevis supports PCR registers.

I wouldn’t necessarily say that - Debian and FreeBSD releases have roughly the same support lifespan, meaning if installed on release day, you’d get a few (~5 years) years of support without major upgrades.

I’d say both systems have a high chance of success at upgrading to the immediate next version, so that becomes maybe 7 or 8 years when adding the years of support left on the now older immediate next version.

For a second immediate next upgrade, you might be right that a BSD has a better chance of surviving.

I wouldn’t know about Open SD, though, as they operate on point releases and I don’t know to what extent they prevent breaking changes.

I think you might win.

On the topic of “two slips of Latinum memes”:

https://startrek.website/post/16764290

deleted by creator

I never get why people use RAR anymore when tar archives are good now.

I feel like I had a problem very much like this with Debian Testing on my Surface Go 1 (and I think my desktop too) a couple years back, and it turned out there was issues with /etc/nsswitch.conf. I can’t remember exactly what I did, but this is the current contents of that file:

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files systemd
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files mdns4_minimal [NOTFOUND=RETURN] dns myhostname
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

Compare yours - maybe even post it so I can try to reproduce the issue on my machine. Anyhow, hope it helps, and good luck.

It depends. Sometimes I shut it down every night. Occasionally, I’ll leave it in sleep mode for a few days.

I think the longest uptime I’ve had on anything I’ve owned is probably a month or so on a Raspberry Pi 4 server I used to have running with a personal Mediawiki instance (I still have the Pi, but if I ran a server in my dorm, I have the feeling someone might come to bite off my hand).

Have you tried SSH-ing into the system when it’s in the bad state to see if you can diagnose the problem? You might be able to see if any displays are being detected at all in the problematic state. Part of me wonders, though is not certain, if the switch is somehow providing an inconsistent display name that confuses the system, though this is just a hunch - I have no idea what I’m talking about, to be frank.

Also, try switching TTYs and seeing if those show up.