fsebugoutzone.org:9999

       Post AupPQTiLMe2FrbL5o8 by feld@friedcheese.us
 (DIR) More posts by feld@friedcheese.us
 (DIR) Post #Auo97RXBS72tAx3pTM by emory@soc.kvet.ch
       2025-06-04T21:58:18Z
       
       0 likes, 0 repeats
       
       i saw #firezone scroll by in #macOS homebrew, it sounds like an alternative to tailscale? it uses wireguard for tunnels, had similar features?https://www.firezone.dev/kb/use-cases
       
 (DIR) Post #Auo97SlkrQIN0Qsyp6 by winterschon@mastodon.bsd.cafe
       2025-06-05T02:42:55Z
       
       0 likes, 0 repeats
       
       @emory Tailscale is terrible. This one sounds similar to ZeroTier, except that it only runs its gateways on linux and is therefore inferior, and the pricing is a rip off. Plus, no full tunnel routing on the free version is predatory to the cost model.
       
 (DIR) Post #Auo97TP6V7lqyTIP9k by feld@friedcheese.us
       2025-06-05T03:23:13.313063Z
       
       1 likes, 0 repeats
       
       @winterschon @emory tailscale is neat but people are going to have to learn the hard way that there is no free lunch
       
 (DIR) Post #AupNKII2j6LmmnxcmG by feld@friedcheese.us
       2025-06-05T17:38:08.261266Z
       
       0 likes, 0 repeats
       
       @emory if you don&#39;t care about connecting to the CPE remotely over this it does simplify the deployment a bit as you just need to have a couple yggdrasil nodes running in a datacenter somewhere and then the only unique part of the CPE&#39;s config is its private key. You have your publicly reachable nodes in the config template and then it can reach anywhere else in the network it needs to gohowever, you make me want to actually take a few minutes to hack on this and see if I can figure out how to get yggdrasil or a tool to spit out a key and associated IP address to ease deploymentscurrently when you install it, it expects you to run a command which generates a boilerplate config which has the key already in it. very annoying and unfriendly for templating purposes
       
 (DIR) Post #AupNKJWG9jJgbBcUZk by feld@friedcheese.us
       2025-06-05T17:50:20.483423Z
       
       0 likes, 0 repeats
       
       @emory oh wow, so they have a tool in their repo that does this but they don&#39;t build it or include it in the yggdrasil binary which is kinda ridiculous. It also just keeps generating keys until you stop the process. This can very easily be forked to do what we want...
       
 (DIR) Post #AupNKKEDWITinWBb5k by mint@ryona.agency
       2025-06-05T17:51:55.024901Z
       
       0 likes, 1 repeats
       
       @feld @emory I think there used to be a CUDA accelerated address miner but it&#39;s broken now since address generation got changed in 0.4.
       
 (DIR) Post #AupNYpxgKi13GrN6Gm by mint@ryona.agency
       2025-06-05T17:54:40.440354Z
       
       1 likes, 1 repeats
       
       @feld @emory https://notabug.org/frodo_buggins/ygg-bruteAddresses with higher first octets are harder to brute and thus are more desirable since there&#39;s less chance someone would get a collision for assigned /64 subnet in 300::/8.
       
 (DIR) Post #AupPQTiLMe2FrbL5o8 by feld@friedcheese.us
       2025-06-05T18:13:58.359846Z
       
       2 likes, 0 repeats
       
       @mint @emory I made a yggkeygen projectgod bless LLMs for making it quick to iterate on their code and add JSON output, -help, etchttps://github.com/feld/yggkeygen