For some reason, OpenVPN has an IP leak problem when no IPv6 routes are specified. This means that if using OpenVPN to what I assume to be purely IPv4 VPN servers (looking at you, ProtonVPN), but you're on a network with both IPv4 and IPv6, ip leak services detect the local IPv6, but the VPN IPv4. This is mildly annoying, because using an OpenVPN client instead of the ProtonVPN client is far more convenient.
Let's talk about dependency bundling on Linux, and why it isn't always a bad thing. ... With some asterisks.
Ubuntu Server has some garbage defaults, at least for certain installation options, that prevents you from disabling password auth the standard way.
Normally, which you still have to do, disabling password auth is done in /etc/ssh/sshd_config by changing PasswordAuthentication from yes to no:
PasswordAuthentication no
Make sure it isn't also set to yes in that same file.
But on Ubuntu Server, at least if you enable sshd as part of the installation process and without importing a key for any reason, they add a file that prevents this. Specifically, they add /etc/ssh/sshd_config.d/50-cloud-init.conf, which sets PasswordAuthentication yes.
In all fairness, it has been more than a week, but due to messing around with logging and accidentally clearing it a few times (whoops!), I didn't have a week worth of data until yesterday.
For the past week, I've been tinkering a bit with Pi-hole, including working with stuff there's no official guides for. There's quite a few things I noticed while messing around with Pi-hole, so I figured I'd write a post about it.
This post aims to present an alternative way to generate SSL certificates for your pihole web interface. This is specifically targeted at people without a FQDN (Fully Qualified Domain Name), regardless of whether pihole is hosted locally or on a VPS. Note that this has only tested on a locally hosted pihole instance, running on a Raspberry Pi 3B+. As usual, apply common sense before running commands from strangers on the internet - just because it worked on my system, doesn't necessarily mean it'll work in general. While we're at it, if this is properly configured, it shouldn't cause any problems. Even an invalid SSL certificate would just affect your connection, and not something like SSH or pihole in general.