 We are live. If I click the button properly. Welcome to vlog. There's a number 372. That's a lot. We're going to talk about the Chunas scale update, which has gone perfectly fine. I really don't have too many complaints or comments on that one. Oh, I should change this. It looks like it's still set up to be, there we go. Our homelab show banner. Um, I will note and I don't know the solution to this problem because I just make the videos. YouTube is supposed to process the videos. Um, for reasons I can't understand the captions aren't working on my last live stream or on my last homelab show video, but the data is there the way YouTube works is after I upload a video, it auto captions them. And that caption is the tool that I use. Well, part of the tool I use, you grab the captions via tool I use that, uh, makes a summary of the video. So all the data is there. It just the little caption button doesn't work. And on the back end, it just says processing. So, um, if you're wondering what happened to captions or you know what happened to the captions and we couldn't find, I mean, I found people talking about it, but I didn't find any moment with solution other than it shows up eventually. And well, that's all I got to say about that. Thought it was just an interesting little side note for those of you looking for those. But the Chunas scale I updated and actually let's log into my Chunas scale server, which I should have been logged in before I started, you know, preparedness. I have the notes pulled up at least. I got that far. I just didn't log into Chunas scale. Share the screen, pull up my Chunas. And so I updated it six days ago, which is when the update came out. I'm generally really on top of the updates because I don't mind troubleshooting the problems and posting in the forums. I kind of have fun doing that. You know, little adventure because Chunas is actually quite reliable. So sometimes when there's an update that does something funky, I'm pretty good at troubleshooting it myself or opening a bug report to share with other people. But nonetheless, I really haven't had any issues with this update except for the usual weird problems. But I don't know if this was related to the update or not. I knew prior to the update, I had a couple of apps that needed to be updated. And I was like, I'll update Chunas base OS first, and then I'll go into the apps and click update. Unfortunately, that didn't work. That's the only problem I ran into is not all, but specifically sync thing and that data. But these ones, I think there was an update for both of these that worked fine, but syncing failed to update the solution, delete and reinstall. Now, this is really not a big deal. I've talked about this before in this part, even though the applications have gone through some changes around a few things, which probably I'll do a new video sooner later. I'm not even exactly set when because they keep updating it to be a moving target. But provided you followed one of my guides on setting them up, I always tell you, and it's funny because people were telling me a long time ago, not to do this. And I don't know why. There's some comments on the other videos that I'm telling people to use it wrong. And I'm like, no, my answer is use the host path setting because it's easy. I simply deleted the application. I added it back. I set the host path of where the data is, the configuration data and all the data that's related to this application and reinstalled it. No big deal. I mean, it was a couple of minutes of my time because I had to delete and reinstall the app, but that was the only issue I really ran into. So I would say the TrueNAS scale update has gone fine. I updated four systems right away to it that I just because I have happened to have four of them running right now. This is not a really significant update, though. If we look at some of the notes, let me find them here. Make them bigger, make them legible on the screen, that looks pretty readable. Apps redesigned and overhaul apps screen and back end improvements provide a more complete experience. I don't really guess. I guess it was, I don't really see it as a big overhaul. Not in this minor update. Linux, new updated kernel, new updated drivers, open ZFS, updated RAID layouts. I don't think I see anything here that was wild, though, in terms of the updates. Because this was just an incremental to the 20, I think that's the 23. Where's the, yeah, this is the 10.2, specifically the 10.2 change log here. Yep, the two, we're now at 223 for this, Linux kernel at 6.174. Fail cleanup after attempting to open ZFS, snapshot directory are prevented. Okay. Accidentally deleting your ACLs, that's good. We don't want to accidentally delete those. I've had people mess up the ACLs, you just got to reapply them. I run into people that do it, I don't run into that bug as much myself, but I've seen people, I can't tell because, like, when they get hired for consulting, how did it get in this state? I don't know the history of how it got there. Frequently, that's why they're consulting with us. They're not sure what they were clicking before it all got there. So, that was definitely, we've seen plenty of them that are goofed up. Fixed third-party apps catalog. Well, I'm not using any of the third-party apps catalog, so I'm not too worried about that. But like I said, the update went fine. So, if you're wondering if you should update, yeah. Persistent data, yes. This is the whole thing with Docker or any of those is making sure that you understand where your data is at. I tell people, this is one of those things. You got to make sure that all of your data, you understand where it is. It's not just stuck somewhere. And you're not able to rebuild or reset up the application. That's, like, to me, just part of the planning I do when I set up the apps is I set the app up, maybe throw some demo data in there. And then I try to rebuild it, you know, and walk through the process. But, yeah. Well, those things. Do you have any other options for DNS resolvers? I, you said it, I know I don't. I just use PF Sense. I don't really have an issue with the way PF Sense does it. It's really not, I don't, I've never had a problem doing it. So, I guess I'm not sure why that's what you find challenging about it. But I've never, I have a video on PF Sense and DNS. I don't know. I don't find it really to be challenging to work with. But for sure, Nass, if you're thinking about updating to the latest version of scale, definitely update to it. I got no cautions or big warnings out there other than, you know, a couple of the apps didn't work. But I don't know exactly if that was the update or a back-end update. Because it said it couldn't upgrade from that version to the next version. But there's no other option. You just are stuck at that little error message and there's no way to round it. You can hit a pull down. There's only two versions, the version around then the next version up. But I wasn't skipping versions. So I don't really know what caused it. But, you know, nonetheless, yeah. Okay. So I see your question. You have a hundred entries. I can't think of why you would have a hundred entries. There's better ways to do it. But I mean, this answer is actually good too. Bind nine is a popular one is learning bind. I usually don't have a hundred entries in my DNS for things in PF sense. So that's probably why I'm not having an issue with it. Not part of my use case. Yeah. Yeah. I would not want to maintain that many of them. Do it all with zone files. Yeah. Next, I want to talk about Zen Orchestra and get that out of the way. This last update was super cool. And I have, and I'll pull it up at the same time. We're going to go over, because I just finished a video that's uploading right now. But the new Zen Orchestra, it's been, they've got a video on it as well. I really like that they do a live stream, do a video. They do a really good blog post. They've been talking about the popularity. It's funny because we've got more people context today. Someone, I was just reading in our Slack at work here. Someone talking about the price increases, two different people complaining about the price increases that are substantial. I think one of the increases Brett told me this morning, I think the price jump from when we first started quoting it to the new VMware price now that the client is thinking they want to go with it. I think it's a $30,000 jump and that's it. It's just incredible how much more VMware costs now for people that want to use it. But back to what does make some sense and whatnot. Oh, cool. I didn't even realize I got a minute. I just now noticed this. This is serendipitous here. I did not know that I had a series of them. So how do you get started with the XCPNG networking explained and how to set Windows VTPM. How do you do all those videos and two guys tech? Also, I'm going to mention to him Rich. His video is really good. I like his ESXI versus XCPNG video. If you haven't seen the two guys tech video and I'll just throw the link to this blog post. It's got everything in here for you. But yeah, absolutely. I did some good videos on there. They've got a lot of great stuff. So it's really cool to see that all of us getting to mention. I got to make sure to send it to Rich. And then some ideas. We want to do a video together as well from two guys tech. And yeah, that's definitely, you know, on my to-do list. We're going to talk about hypervisors and things like that. But they have made public their whole new UX design. I got to see it a while ago. So I know what I kind of know a little bit more is going on behind the scenes. They posted a little bit about this before. But I've actually been talking with some of the people at Bates. Now they're making a lot more of a public as they kind of narrowed down the design. They have a, you know, dedicated people doing this. It's really nice to wait. They're building it. The whole design architecture is just going to be really nice. People are complaining so to speak that it's taking a long time. I've seen that in the comments, but I'm like, I'd rather take a long time, do it right. And of course get the dark mode looking right. The UI is looking right. Then hurry into it like some of the other places have. So definitely. And this is very much what their XO light looks like right now. So you can kind of get the ideas of how these are going to look. It's a really nice UI that they're putting on top of it. So they're doing just a great job of all of that, but carrying on a little bit further. Let's go down the beta two. That's the one I used in my getting started video. They've made a few more things. They got a backup retry that's now been added to Zen, which is pretty cool. So if you have any backups that fail, instead of just failing, you can actually tell them to retry again, that particular backup and you can set that. I think that's a really cool option. This is neat too. They've got improved VHD loop detection for the mirror backup capability. Mirroring backups is really neat because you can tell instead of backing up from one VM to multiple destinations, you can back your VM up to a singular destination and then take the destination and mirror it. So instead of having to try to stagger that bandwidth usage, you can schedule the job to take all your backups and run them locally and then pick a different time to take all those local backups that you have on any storage device and then copy them over using the VM mirroring tool. I don't know if I'm going to do a dedicated video on that. It's really simple to use, but it's just so cool that they've done that. It's pretty neat because it lets you easily back up locally, but then hey, we're just going to set a mirror and we're going to mirror it once a week or whatever your time is where you don't want to impact the users by sucking up the bandwidth and do it. Or maybe you don't care and let the users deal with the slow internet while they back it up because getting those backups off site is important. So pretty cool. Now this is two things right here. The new system they have, the new XOA they just built, they also did a better automation pipeline thanks to a tool called Packer. They have a whole write up on using Packer as well, which I think is really cool. This is also coming from a VATES contribution up. Packer is just an automation not related directly to hypervisors or XCPEG at all. It's a way to automate your build process for building Linux instances. So yeah, they've got a whole write up on Packer as well. So you can kind of dive into that. So this is really clever stuff. Host hyperthreading status change that's in here. So if you have that, I think there's a couple of times in the forums where people wanted to understand it. So what I'm going to do, if I'm not mistaken, it says, yeah, we added a plug-in XCPEG to see if a host was using hyperthreading SMTV. It's useful for security, but also for licensing reasons. Yes. Some of the proprietary software has licensing restrictions on things. So being able, one more feature they've added on there. Updates to XO Light. They're getting slowly but surely XO Light is getting up to date. So I think that's pretty cool. It takes some time, but I am looking forward to it. Probably later this year, they're going to have a lot more on it. And once again, more of the UI stuff that they're talking about here, color context. Some updates to the load balancer. I've not done a video on that, but the one I think a lot of people, and this is what I did, just finish a video that's uploading right now. USB pass through. This is exciting. So now we can do this right in the UI. That is just really a feature I think a lot of people have asked for, making pass through easier. So I did a video on PCI and USB pass through. Having this in here is what inspired me to do the video with the USB. I was going to just do a PCI pass through, but since this drop today, I recorded the video this morning after they dropped this. I'm like, perfect. The updates are in. The patches are in. This all works. So, yes. Definitely a really cool feature being able just to click and pass them all through. Plus, I know people have been wanting the PCI pass through video. Let me answer some questions before you go further here. Let's see. You want to virtualize OpenSense with XCPNG? You can. It should work. I assume. I don't know of any issues. Would you recommend passing through the SAP Nix? I prefer to do it that way. So you never have any hangups. Will the unlock XO? There is a way you can deploy XO proxy using the Zen install updater in case you're wondering. If you're using it and you need the free tier, because it's for your home lab, not business use, there is a way to get it deployed on there. But if you're using it for business, I recommend setting it up with and buying their subscription. See if you can get the team to work with Synology and get a native XCVAC to back up for business. Not going to happen. There's going to be no priority for that, simply because the backups inside of XCPNG are so good. I don't see them spending much time with third parties, but Synology can be a target for the backups. Reality is they spent so much time building an incredibly robust backup system in XCPNG. They don't really have the incentive. As a matter of fact, this is one of those lowers your total cost of ownership because people are like, well, why don't Veeam? Why don't I get Veeam integration? I'm like, why would you? It has all the features that you want. You can get that level of integration in there. So why would you want to pay for a third party licensing on there? And other than people not wanting to learn a new system. But having everything natively built in the way it is in XEN, their backups are really, really good. HA backed by a cluster file system. Yeah, maybe at some point. If I have grade D.3, the ISO will keep my bonded networks, so I'll need to recreate them. I have a pool of four hosts. Double check on the forums because it's in beta. It should keep the network settings. Post-center forums to double check. I don't usually use bonded network interfaces that often. So how do you go about VDI with XCP and G? I don't. I mean, whatever VDI solution you want to work, it just runs virtual machines. It's not figuring out how you want to do VDI is separate software. What's the program in Linux? What the program for Linux have I been pwned, but it'll actually show your data has been pwned? I don't understand your question. Are you talking about the password? How do you check if your password has been pwned? How do you create a rule in XO that will control VM guests to which VM host can fail over if you have an HA setup? You can set an affinity host. Is that what you're wanting to do? So you can set different affinity hosts in here, like this. So maybe that's the thing you're looking for. Probably the, I think that's what you're asking. Good afternoon. Hope your week is going well. Do you have any opinions on the 45 Drives plugins? Navigator, file sharing, identities for cockpit, managing Samba shares, and Debian? I think it works great. I really like cockpit. I've talked about it before. Any reviews on Wi-Fi 7 APs coming up? Not hot on my list. I don't know why people get so excited about them. If I was focused on views, I would definitely jump on every Wi-Fi 6, then 7 video. But it's not what we're really using in the commercial space as much. That's part of the reason I don't jump on them. It's easy for me to do videos on XCPNG or TrueNAS because we use it so much. And the Wi-Fi 7 is not the request we get as often. So I don't see them as often. I might, but I don't know. It's always one of those problems of everyone loves benchmarks, but they have the least amount of meaning when it comes to Wi-Fi. And the reason why is because unless I have it in a fair day cage, I can't do an accurate test because everything interferes with Wi-Fi. I was playing around one time and I love, maybe I should do a video on this. I put my laptop on a lazy Susan. By spinning my laptop around, it would lose a few decibels either way on the Wi-Fi signal. You'd watch the signal go up and down. You could turn it at different angles and change the speed test results that you would get on that test. Wi-Fi is very reflective and it's very running into things. So it's hard to get perfect speed from it. So when you get a faster one, cool. But most of my downloads, like I don't care how fast it gets to my phone. Can I watch YouTube on my phone? Awesome. If I need to, in the case of like video editing, I'm not video editing over Wi-Fi because it's just not fast enough. That's why I don't get as excited about the Wi-Fi stuff. Maybe I just have a weird view on it. What's your tip to migrate from a USG to a PF sense and existing networks? Set it from scratch or other ideas? Yeah, there's no import. So essentially you're set up from scratch. Put the settings as close as you can get them, but I'm not aware not to say that someone couldn't make one. I'm not aware of any way to export rules that you have in a USG and bring them into a PF sense. You said you prefer VPN rather than exposed SSH. Is VPN server technology less susceptible to attacks? Yes. Short answer, yes. The VPN technology, because it's the way they use certificates is generally speaking less susceptible to attacks. For example, if you look in history as a way you can judge this, go back and add up all the flaws that we found in open VPN and then go back up and add all the flaws that we've had in SSH. And we've had a few more this year already, I believe. I think we've already had two SSH problems come across this year. So I would definitely lean towards VPN overall being more secure. Also, it's part of having security in layers. First, someone in order to get into your system has to figure out a flaw in whatever VPN you're using. Cool. All right. Now they have to separate. Now, they have to hopefully find a flaw in your SSH as well. So you have two layers of security when you have VPN. If you're just exposing SSH and there's a flaw in SSH, that's bad. But if you don't have SSH exposed and you have a VPN exposed and they find a flaw in a VPN, they still have to find a secondary flaw in SSH at the same time. So it's kind of having this layers of security to get through. That's why I recommend it. Is it okay to place XE821 and A3 in the same host pool? You're going to find that won't work. You can't have resource pools. You're going to have a hard time with resource pools. I think you can upgrade the primary one first to the 8.3, and it will remain the 8.2 join, but you need to update them. They're supposed to all be the same version if they're in a resource pool. That's important. So true about the Wi-Fi signal. Spent years testing LTE for AT&T and the amount of variables and a nuance will make your head spin. Yes. Can you do a video configuring and securing a log server so the system's logging into it can't access it to try evidence? There's not really any way to do that other than have a separate air gap system of some sort. That only has like just the log sniffing interface. Like have an air gap system on a port mirror. It's kind of a thought exercise, not really a video. It's like, yeah, I could port mirror something, having logs, and then have no actual way to admin it, like actually disconnect any type of admin interface. That's the only way I could think of to do that. So yeah. It's not recommended to run different XCB host in the same pool? Yep. Open VM has been widely used for less time than open SSH just comparing historical CVE counts as a red herring. Yeah, a little bit, but you kind of get the concept that if you looked at the flaws and when, I see, when did OpenVPN come out? I love that auto completed. So OpenVPN starts in 2001. And SSH2 is 1998. And I chose SSH2 because it's a big departure from the original 1995 SSH. SSH is 95, SSH2 is 98. So they're only a couple of years apart. They've been around for a long time. But Open, I would still say the way OpenVPN does the require, provided you set it up this way. I've gotten videos on this. You set OpenVPN up to use the certificates and it works well. Wouldn't fail to pan to indicate your VPN is compromised as you start getting random SSH login requests? I mean, maybe if you... It's not necessarily that your VPN failed it, but if you have non-exposed systems, you have SSH internally running, and suddenly lots of things are trying to log into it, I'm going to assume someone's on your network. I don't know how they get on there. Maybe VPN, more likely because you don't see as many flaws where someone attacked OpenVPN or WireGuard. These are A, have stolen credentials. There's a pretty popular attack, or B, and B is the more popular option. You clicked a link that got people shell access into your system. That's super common. That is where most of the things, like stopping people from clicking on things is the bigger attack factor that we deal with more than anything else. Any plan to review VergeOS? Well, seeing as I've never used Verge, I have no idea. Not likely I'm going to do it. What is VergeOS? I'm assuming it's this. VergeIO, VergeOS versions, what is it? Oh, VMware alternative. You know, there's a bunch of these companies starting up. Is it open source? Why would I, yeah. Why would I even consider a closed source option? That's a lot of the... So no, no interest in this either. The problem I have with any of the closed source ones is they all end up like VMware. AceMagic with built-in malware. Yeah, my friend's been covering this, the net guy. He's been doing videos on it for a little while. He messaged me a while ago on it. We've been tweeting about it. This happened a couple of weeks ago, but it's making its rounds again. I don't know, and my first reply to him on Twitter was, I don't trust any code from those companies. I don't trust anything that these companies have shipped on those systems. So yeah. So what gives the login server a skilled attacker can just connect the login server and destroy evidence of compromise? There must be a way to secure it. No, there's not. There's not a magic button, because if there was a magic, I want to make this secure button. We would put that magic secure button on each thing. So then no one would compromise anything. That's the solution to it. There's not like a magic to it. It's constant levels of isolation. So for example, my gray log server, the username and password and all the things it takes to get into my gray log server don't match any of my other servers. And my gray log server also is isolated from things it doesn't need to talk to. That's my solution. There's not like a more magical solution than that. It just usually when I get credentials, and this is whenever we've done incident response, it's always the same story, especially you talk to a lot of IR people, read different reports, you're like, oh, they settled on this password for everything admin has the same password. So they run through a new lateral movement. We had a company in July, same password everywhere. There was no question as to how the threat actors wiped everything, including their backups, their backups, their TrueNAS. Everything had the same username and password. It was, that's in people like, but it's hard to have it all separate. I'm like, yes, it is. Maybe I missed it. What is the recommended within PF Sense Framework? OpenPN or Wirecard and professional setting for a client connection, us that is. Wirecard for site to site, open VPN for users. As the search wrapped in a VPN seems like a good idea. I'll agree with that. Would provide more insight to infiltration Yes. Massive marketing campaign. Oh, that's why you suggest. All right. No, I don't know. I looked at Harvester. It doesn't look very complete and it's not as well supported as XCPNG. One of the things like XCPNG, I think the company that contacted us today and this is not, this is not the first company we worked with. I mean, they need, was it, I got to look at their site again. I can't remember if it's 500 or 600 VMs moved off of VMware. I mean, and I have the absolute confidence with XCPNG that it can handle it. So I don't really have an interest in looking at the other ones that lack some of the polish, lack some of the features, lack a backup system. They're just not as complete as XCPNG. So I don't have a big interest in them. I encourage everyone to try everything that they want. But when I look at it, I just scratch my head going, well, it's a very incomplete project. And, you know, until then, I'm going to keep using XCPNG. Now, if XCPNG, you know, wasn't good or was incomplete or was unstable or unsupported or didn't have a very big active user base, active element and great documentation and a support contract people can buy, then you start looking at other systems. I do like someone suggested, where did it go? Yes, send your logs to a printer. Absolutely. I mean, WireGuard is fine if you have users, but WireGuard doesn't have a username, password, or any type of management of usernames. Therefore, I suggest open VPN. We do a lot of people having open VPN and you tie it to whatever authentication system they have, such as Active Directory. This just makes it easier because now your user management is tied to your user management system. You're not trying to go third party for user management. Finally, get to Kitsch the Livestream, driving home from 275 South, Michigan traffic. Yep, I know right where that is. It's all of about 25, 20 minutes from me, maybe. Not too far. That's my area. Ah, fun stuff. But the USB pass-through, I talked about that. I think, yeah, I'll have the other video out about the... I may all finish it tonight. All it needs is a thumbnail. Oh, and upload it. But my whole pass-through video, I will have that done. Actually, no, I have to type up the commands. I put all the commands together for the pass-through video. So we gotta get that going. Hold on. Hit upload. LTS video. There we go. Now it's working. How do you typically host XO? I didn't want it in a VM running XP and G servers or an issue with that server. I ran it in a bunch of VM, which is your use. I prefer Debian. Debian's my go-to for that. Works fine. You can run it in a virtual box, and it works perfectly fine. You don't have to run it on the system. It just depends on your use case. But yeah, XO running in virtual box, no problems there. Definitely a very valid solution if you want to run it that way. Let's see here. What else did I have in my notes? Close that. Close all these windows. The USB pass-through was added, but also the thing I did in the video. And this is... Let's see if I can share the screen for this one here. So let's present. Stop. Present. There we go. This is what the video is all about, is how to pass through the PCI devices in there. Something a little bit confusing is people kept telling me it's more so in the Proxmox that you do everything through the UI, but it looked like to me when we set up the Hashcat one. I'm not as experienced on Proxmox. You still have some command line to do. And a number of more people kept telling me that you can't do the same type of pass-through in XDPNG. So what I did in the video was show how you do all these different parameter sets inside of here in the video. It looks a little daunting for people who don't know how to use command line, so I kind of get that, but it's really not that big of a deal. If you want to do these parameters, it's pretty, I mean, it's LS PCI, LS, to list the devices that you just find the device you want to pass through. For example, in the video demo, I passed through the real tech adapter, which is right here. So you just copy-paste the ID on there, and then you pass the PCI ID through to the VM. It's only a couple steps. And how to do the password. It's in our documentation how to do this. I'm not, I don't use this a lot because it's not something we get a ton of requests for in the business space. Now, when it comes to the user space, the home users, oh yeah, all the time. This is a popular request in the forums. That's why I did the videos. I think this gets more home users into it being able to understand how they pass through devices, making it easy to pass through things like the USB devices or any of the PCI cards and, you know, you want to do different things. You know, my example I used I have the, in here is the ever media card. There it is. I just had an extra capture card. So I put the capture card in there. You know, I mean, technically I could build a Zen server that virtualizes my host computer that is for and have pass, have it pass through all of my capture cards for how I do my media ingestion. I mean, I just run it on bare metal, but it works. I did verify. I can load the drivers and everything else on it. So it's pretty straightforward to do. So that video will be done pretty soon. I'll have that one. I don't know if I'll release it tonight or tomorrow. I just got to do a thumbnail and I have all the commands in my notes. I just got to take my notes and convert my notes over to a forum post so people can copy and paste everything. When you run XO or XCB and cluster, which component actually makes decisions about migrating VMs and a host failures at XO or the XCP cluster? The XCPNG host does it. XO doesn't tell the host where. Yeah, if you're running XO dies, HA it'll make restart in the host in another instance. Yep, they will. Exactly what Sam said here. No, not the same with backups. Backups are completely run. Backups are not part of XCPNG, they're part of XO. So if XO isn't working, then your backups aren't working. The way all the backups do is they funnel through the Zen Orchestra instance. So yeah, the backups do not work unless unless XO is working. No, the backups are stores, etc. All right, what else do we have? Oh, this is the... Do I have this? What happens if I start this? I think it's still in here. You know, I'm using StreamYard still, but I kind of want to learn how to do this. I think there's a way to do this inside of OBS as well. I kind of like using OBS because then I can use my StreamDoc to switch between screens. Right now I got to right click share, right click share for each one of them. But yeah, I definitely like to do this with OBS. I think there's a way to do it. What's the verdict on the Sheerness Scale update? I did that earlier. I say two thumbs up to the update. It didn't break any virtual machines. It definitely I had a couple app updates that I don't know if it was related. The apps broke but all I did was reinstall the apps and then they worked. Is there a way to change the council resolution of XEPNG? No, not of XEPNG, but you can change... Here, let's do this. You can change this. So if we stop the VM you can go in here and set the resolution. I just did... I hit the escape key to get in here and you can set the resolution here. So you can set it... If you're using the UFI settings you can do that. Possible setup, HAXO, XA behind your lab, HA. I don't understand your question. Use cases where you use Churnass Core versus Churnass Cal. I'm still pushing Churnass Core because it works perfectly fine for business clients who just want storage. They don't care about apps. That's most of my business clients. Very, very few. Maybe zero of any of my business clients run apps on their storage server. They're usually using it as a storage server at the end of the story. Yep, exactly. Core is more catered for NAS setup. Scale is targeted for VMs and apps. I mean, I would say scale works fine for storage. I'm using it for storage but it's also good for apps. But that also comes with the fact that there's a lot more frequent updates and when it comes to business use cases less frequent updates are a happier thing for things you don't use. I'm using Spice. I figured what they're using on the back end but it's not Spice. What VMs do you host in Churnass? The only thing I host in Churnass is one VM, mostly for a proof of concept. I just want to know if it works. I'm building a VM each time I update. I have one Debian VM in my Churnass. It's actually my Jumpbox. That's the only thing I have running in there is a Debian Jumpbox. I've talked about it before, a little MacBook Air but I don't have my SSH keys on the MacBook Air. I don't want my SSH keys on the MacBook Air. The Air is a really easy and even though I've got encryption and everything else it's easy to wander off with a small laptop. I always SSH to my Jumpbox where I do have a set of keys that allows me to pivot to other places. It also allows me to just have my Tmux session set up on my Jumpbox where I can just jump over to things. That's the only VM that I'm running inside of Churnass. Yeah, they just sometimes break things. You're not wrong about that at all. I don't have a knowledge base in case of emergencies. My knowledge base is employees if for some reason I am out of town and everything goes wonky at home I would say my staff knows how to work things so I would just send my staff over. I know not everybody has that so I would recommend documentation that is probably a better solution. Not everybody has employees that they can say hey let me open a ticket called Fix My House My office is only about a mile from my house my wife has keys so she can also go work at my office if she needed internet and couldn't so that's also an alternative plan to be able to do that. Move your SSH key to UBK instead of Jumpbox Yes, no there's more challenges with doing a UBK with SSH because try SSHing into a Churnass core system with your UBK and you go wait the versions don't work properly you're right, they don't there's not support for it built into that version of SSH so you've run into a bunch of things where it doesn't work it's gotten better but you're not wrong that it's definitely bad experiences with the way they did their K3s yes, you're not wrong and it's still where a lot of the updates are if you look at the update notes you'll see lots of times you're constantly working on the apps that's why there's more updates for scale than there is for core I mean it is what it is, it's an ambitious project I'm glad they're moving forward with it and it does add some cool functionality to that system I mean I do run a couple apps on my server, where's it at too many links because this is the one in my studio this has the most apps of any of the Churnass scale instances I have I run NetData I got to seed my Linux ISOs here I have a rSync that allows me to sync some things with my Synology I don't really need to do it, I did it as a demo when I left it working because it works so it's an extra backup I have two Synologies backing up to each other and then one more backup of my Synology going to my Churnass because I can why not have three copies locally of data that then once it's here gets sent off-site again and Syncthing I love Syncthing Syncthing is still my go-to for keeping keeping everything where I want it to be my business docs, graphic docs Syncthing is definitely huge Syncthing broke with this last update but as I commented earlier the solution I have is I'm not afraid to delete Syncthing any time it breaks because all my data is stored right here so that's where the data is at so as long as if it breaks, no big deal, I just delete it point it back at the host path, have a great day oh, confusing articles yeah, it's not that the ubiquity edge routers are unsafe, it's that people are lazy and don't change the default credentials so yes, I've seen the articles on it it's interesting but yes I run Linux so all of my stuff is all just done with SSH SSH is how I handle any of it I limit teleport it's pretty cool, I just don't like having to run another app on all my systems I like just normal SSH maybe slightly complex versus an app, but I've personally been happier with the network bridge to expose NFS SMB on a VM and run stuff like Syncthing and Docker I mean, you can run Syncthing and Docker and that's fun that's fine, has Syncthing changed me since your video worth an update? yes, it's been like let's do an update because they've actually added a lot of features so why not make a new video on it I realize I've been using Syncthing for like I think 10 years now and I've been doing videos on it for almost as long do you have to use S3 storage to cloud back up a Windows bare metal system? I guess you need block storage if you're not sending inviduals each day I mean you could it depends on what backup software you're using I'm not exactly sure maybe I'm missing some context for your question, but it kind of depends on the backup you're using so yes, you could for example with XCPNG pointed out an S3 and do a backup that way so I probably need more context for that question but SSH all day just actually did I ever switch, ooh this is the question let's see if I can bring this up nope, not that one so we can share it this way stop, present see if I make it can resize it like that I don't have the other one in here which one do I have in here so this is how I just jump from one box to another this is what it, you know to me it's just, I'm used to using this where I can use T-Mux to put the screen and then SSH if I need to gray logs over here or SSH into my forums there we go and now I'm rooted into my forums from here so this is how I do all of my bouncing back and forth into things and because this is T-Mux I can just attach or reattach to those sessions I've done a video on T-Mux Jay has an entire large series on how to do things in T-Mux once you get used to using something like just SSH and T-Mux and even if you're running Windows, you can do this in the Windows subsystem for Linux as well and it works quite well good way to get started on there plus, there we go not enough height whoops and if you're wondering about the shell and everything that I'm using this is all on my GitHub as well so if you want the same customization like you see here this is all something I have available on my GitHub that you can pull from this it's the dot files that I have I give them all away for free this is all my customization I recently, if you're wondering, started using ZShell as well I just kind of said why not and once I started using it, I was like, okay this is cool but this has all my T-Mux settings in there BashRC, the profile that sets different things like that, so for anyone interested let's see yep, that's the Kelly prompt yes it is I looked at StoreJ I looked interesting but I never used it I never did any much deeper it was interesting for a minute and then it looked I don't know there's something about it I didn't like I don't remember what it is I like systems like it so if you want to use it they've the people that I system seem to say seem to be like I think they have some plugins for it I'm trying to think of what they had or an article about it or something like that but that's something I'm using ZSH Compatible Bash I haven't really found anything that doesn't work so it's not I made notes in my GitHub about it you don't have to by the way, these my .files, they work with both so you don't have to by default it doesn't switch you to ZSH so if you want to use ZSH you can and I made notes about it so here's my GitHub I'll throw a link in there for I'm trying to post more on my GitHub for anyone who wants any of the commands or whatever it is I'm doing in videos more and more on these things are easier than you can just get clone or whenever there's a new version just get pull and pull a new version of it to get your .files matter of fact I'm working on and I'm going to get there is learning from Jay Jay from LearnLynx TV he's got a really nice automation that just keeps pulling all of his stuff automatically so as he updates his GitHub files run the get clone once but then you can update all those machines by having them check when there's a new version they can get clone and pull a new version so whenever I make a push up to GitHub you know it pulls it can pull down to all the other places yeah storage is interesting because of the way they do this shared storage but yeah I don't know I'm not really tested it so how do you make ZSH have to use ZSH work and there's nothing better about it plenty worse than bash everything just doesn't quite work I don't know I liked it because the autocomplete was good but I don't know I go back and forth not all of my systems are set to it I have some on it and some not and I haven't run into any problems so I guess it depends on what you're doing how can I make an iSCSI shared storage via host CPU not connected directly to Nix is it configured make sure my iSCSI shared storage via host CPU not connected directly on Nix is configured for good performance as possible are you asking how to configure iSCSI for performance on TrueNAS because there's not a lot you I don't I mean there's people that post in the forums that have changed some parameters for some amount of tuning I don't know how much faster they were able to get out of it though so so yeah check out the XCPNG forums they like I said someone was posting about some tuning things for the most part it works fine and I don't mess with it out of the box most of the performance you get has to do more with the hardware you choose and setting up TrueNAS properly or even analogy I've done analogy with XCPNG and it seems to work perfectly fine but yeah yeah I didn't that autocomplete it's just convenient he just you know it has all the stuff I like it's autocomplete but then more the way it does all the parameter completion that's what made me try it was I was playing with some Kali stuff and I'm like oh this just completes really nice and I'm like oh that's CSH let me just copy a lot of this stuff out of Kali over to what I do and modified it all and I don't know I've been happy with it but I'm not unhappy with Bash so why not why not both I'm not that picky but I'm gonna end this here so thank you all for joining this was a fun live stream I have more stuff planned I will mention because all of you are here still I'm still working on the idea around doing like paid sessions where I do training one-on-one not some prerecorded webinar but one-on-one training and if you're interested in that you know send me a message I brought I forgot to put this up on here but I've put this a few times and it didn't reach me and people that have emailed know I do reply to vlog Thursday at LawrenceSystems.com I do check that email box and reply to people you get a reply from Vlog Thursday and it's me because there's still only one person right now working for Lawrence Systems and that is this guy so if you have things you want to send me or questions whatever but yeah the training thing I'm sorting out what I want to do for pricing what I want to do for training and yeah that's the fun stuff figuring out exactly how I want to handle all that I'm thinking an XCPNG course is going to be the popular one it's just so many questions I did my whole getting started with it but there's still some people that want more and I think maybe a one-on-one class might be pretty good that's what I'm trying to decide is what the rate should be it's kind of crazy because I know what some of my friends charge for these things and I'm trying to figure out how to make it reasonable do I bring in 10 people at $500 a person I don't think that's an unreasonable amount I do know a few of my friends that charge $3,000 a person I just seen one of them post that on Twitter with some of the classes they're holding that granted it's a two-day in-person course I'm not doing a two-day in-person course and I'm doing like a four-hour course is what I'm thinking I'll do for teaching not any longer maybe three hours of teaching in one hour Q&A I don't know I haven't really decided exactly how I want to handle that but it's something I'm thinking about so let's see can you post a video about VM storage expansion it'd be a really short video because the VM expansion all you have to do if you want to add more storage to a VM you just go to the disk type a number so it's at 80 gigs if I type in 90 it'll have 90 gigs or 910 gigs or 190 gigs I'm not going to change it right now but that's all you have to do to change the storage in there do your friends work for Red Hat yes I do have friends there too Patreon courses seems like they might help keep the lights on yes I'm trying to avoid a bunch of advertisers but I am going to do some more ads the advertisers are where you make the most money on YouTube I'm not going to lie how do you resize the drive in the host to expand or shrink the drive I mean that depends on what the host operating system is you know that's the part of the video that's harder is not how do you do it next CPNG it's how do you expand Linux or how do you expand Windows that's a that's the bigger topic I am aware of but I have never met Eli the computer guy he's been around a long time I don't really watch his stuff but he was forever go doing YouTube things fdisk all the things do you ever go do you go to the new Unify system they released I've seen it I don't know there's some people and I'll leave it to them they like every new thing that Unify does I think it's a novel I don't know I'm not I'm not actually excited about everything they release I'll just say that but I'll leave you all with that there is a new version of G-Parted out as well so that just got released today where's that at G-Parted 1.6 is here Eli's definitely been around for a long time a long time but yeah check out there's a new version of Partition Magic out kind of on that topic of doing things yep shut the host down increase the virtual disk power the host up and expand it yep pretty much alright well thanks everyone for joining and uh oh well we have these probably I don't know read the article it's all the details written there hello son alright later everyone