I'm running Calyx OS (which for my device is on Android 13 at the moment). I would like to have better control over which Bluetooth-connections my phones attempts to connect to when enabled and which it does not. Right now, it seems to try to connect to whatever it was connected to last, even though it is no where near me. I have to wait for the connection to fail before I can start another connection. This eats up about 10-15 seconds every time I want to connect to a Bluetooth-speaker if it wasn't that last device I connected to.

Is there any way of getting better control over this? Best case for me would be to define some devices it should always try to connect to and other devices that should require manual connection.

I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would've thought that it would be reflected in /var/log/auth.log. Instead, it shows up as failed password entry. Is this intended?

What I've done is to uncomment the PermitRootLogin no line in /etc/ssh/sshd_config. Rest of the config file is left at default.

Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?

This is not strictly a Linux-issue as I reproduce this issue under Windows 10 as well (but can not reproduce under Android or macOS), but I will be using Linux for any troubleshooting and I wasn't sure where else to post this.

I have a pair of Sony WH1000MX5 that acts like an expensive piece of garbage so far. I will eventually (usually within 2-10 minutes usually) hear crackling noises when using the headset via Bluetooth in high-fidelity mode on my Linux machine (and as mentioned above, this is reproduced on two other machines running Windows 10). The crackling noises are there regardless of whether active noise canceling is active or not. It is not constant, but it is enough to significantly reduce the listening experience, especially for tracks where not too much is going on, such as quiet piano pieces.

On my Linux machine, I can choose between three codecs: SBC, SBC-XQ and LDAC. It tends to be less pronounced using the LDAC codec over SBC (right now I've had a longer period with no issue). SBC-XQ also seems better. However, I have experienced it for all choices of codecs before. Also, under Windows (which I must use for work), this does not seem to be a choice at all. But I wonder if the problem lies here? I don't know much about Bluetooth codecs.

Ideally, as in addition to these issues, they are not very comfortable, I would like to return them and get a refund (should be possible under local laws), but I am having some issues with the retailer claiming they can't find anything wrong with them after two trips to a repair shop. The first time they factory reset it and updated the firmware, the second time they did nothing. I don't think local Sony support will be of much help, and the local laws relate to to the buyer/seller contract, so for the refund or repair they will anyway refer me to the retailer.

So I am trying to get a better understanding of the issue before pursuing this further, and if I fail to get a refund, I would like to fix the issue if possible. So if anyone is familiar with this and could help point me in the right directions to fix these issues, I would be very grateful.

I ran across this post on the Home Assistant forum, which shows something very similar to what I want to achieve. However, there is something that is unclear to me: with Snapdroid, will I able to stream all audio from my Android device to the Snapcast server so that it doesn't matter which app I use, or is this just some control device? I couldn't make that clearly out from the GitHub repo of Snapdroid.

My desired use case is to use this in the same way I would with AirPlay on an iPhone, and be able to use my music player connected to my Jellyfin server, my podcast application or my YouTube frontend application to play audio that is cast to the Snapcast server.

I have a fairly new laptop where the audio has become increasingly janky - it can work fine for a while, and then suddenly descend into white noise before being completely gone until I bend the laptop ever so slightly for it to come back. Obviously a physical problem.

I contacted the vendor (until my dialogue with them is concluded, I will not name them), and was told that from my description, this sounded like an issue with a subboard where the audio port and sound chip is located. They wanted me to send it in, but this would require sending it out of the country for a 48 hour repair (+ shipping time) which I was not too keen to do, and especially as I am quite dependent on the laptop in my daily life, I wouldn't want to be without it for that long.

However, the problem has since gotten worse, and I recently contacted them again in preparation for finally sending it in, in fear of this become ever worse. However, now it has been more than 6 months since my purchase and they won't prioritize the repair anymore, bumping the repair time up to 2-3 weeks. This is way too long for me to consider at this point, so I am now looking at options to have it replaced locally instead, in case we cannot find a suitable solution.

However, I don't really know how to proceed with this, as I am quite clueless about hardware. Would such a repair be possible by someone not having the proper schematics? Would it be easy to identify the correct subboard to order if I am unable to get the information from the vendor?

It was also difficult to assess the quality of the local repair shops - some of them give the impression that they are quite competent, but rather seem like they might specialize in helping grandmothers set up their e-mail client. How would I determine if I can trust them with my device?

I am using ProtonVPN, and have (or so I thought) set up qBittorrent to bind to the network interface that ProtonVPN is using (tun0). The connection symbol turns red if I turn off the VPN, and downloads will stop. However, when checking the torrent address on ipleak.net, it seems that this bind is not working properly - my real IP shows up after I have disconnected my VPN. I thought that there shouldn't be any connections made when traffic is not via the tun0 interface, so that my real IP should never be known by the detection tool. Am I wrong?

I have not configured the kill switch, but perhaps I should do so?

I am running Pop_OS! and want to set up an old WiiMote I have lying around as a mouse. I have a USB-sensor bar, and I don't have any issues connecting the remote to the computer, and the inputs seems to register just fine when running xwiishow 1 after the remote is connected. I am also able to use it perfectly fine as a WiiMote in the Dolphin emulator.

Now, I want it to function as a mouse, and being a fairly new Linux user, this is where I get confused. I am not entirely sure what I need to have happen in order to make this work, but I realize there must be some translation of the IR-sensor data and some way for Pop_OS! to understand that this should be a mouse.

When searching for it, a lot of different names are thrown around, so I am not entirely sure what I should be looking for. However, from the ArchWiki (https://wiki.archlinux.org/title/Wiimote) it seems I have three choices:

1. MoltenGamepad (https://github.com/jgeumlek/MoltenGamepad), but this seems to only handle button presses? This is also something I would like, i.e. mapping buttons to Pause/Play media. But it is not the only thing I want, and mouse movement + clicks is higher in priority.

2. An X11 input driver - this I have tried to install according to the instructions on their GitHub-page (https://github.com/xwiimote/xf86-input-xwiimote), but failed to do so. The last commit to this project was back in 2014. The ArchWiki states:

"xf86-input-xwiimote has support for mouse-emulation via IR using the Option "MotionSource" "ir""

... which is what I want, but then also directly underneath:

"There is currently no user-space application that enables mouse-emulation with the IR-sensor. If you need that, you should consider using the no longer supported cwiid approach. However, the xwiimote tools are under heavy development and will soon support IR mouse-emulation, too. "

... which confuses me.

3. cwiid is also listed as an approach on the ArchWiki, but they also say that it should not be used since it is discontinued.

I'm sure the main issue here is a knowledge gap on my part, so if there is a solution that seems obvious to any of you, I would greatly appreciate the help in both getting this to work and in understanding my system better.

For some time now I have been trying to clean up my digital footprint by requesting deletion of accounts and associated data for unused accounts, and being critical about which accounts I actually benefit from keeping. This turned out to be far more time consuming than I imagined beforehand.

I've been using a password manager for about a decade, so I have a fairly good overview of a lot of the accounts I've opened over the years. However, while privacy has always been important to me, I was more concerned with increasing governmental surveillance rather than corporate surveillance for many years. So over the years I've signed up uncritically to a large number of services. Most of these do not have much data about me, but my username has generally been reused, along with e-mail and sometimes phone number and other more sensitive data. This of course doesn't take into account all those minor services I've signed up for with e-mail + reused password. I have no control over those...

Now GDPR thankfully makes the job of cleaning up the accounts I do have control over a lot easier, because I doubt many of these services would even let me delete my account if not for it. However, it does not regulate enough how easy this process should be, and there are so many different ways companies implement this. From extremely convenient and easy ways of exporting all data and deleting the account, such as implemented by Strava (kudos to these companies!), to the worst offender of them all: British Airways... Until recently you would have to send an actual letter to their data protection offer with a copy of your passport (yeah right...). Sometime this year they've changed this, so now you just have to upload a picture of a letter to their document's portal, but since that is borked, I can't even access it to complete the deletion request. Apple also rejected my deletion request for an unknown reason, and I had to spend 45 minutes on the phone with them to understand that a cancelled, but still active subscription (a 1-year subscription that had not expired yet) from the app store, was blocking the deletion. Most are in between these two extremes, and either require that I actively follow up that I get a reply when I send an e-mail to their data protection officer with my request, or have processes that take up to a month to complete.

Of course, cleaning up 10-15 years of uncritical online presence would take a long time anyway, but companies making it hard on purpose to delete your account and data is infuriating, and a testament to a status quo that should burn in hell.

On the plus side: I no longer have accounts with Microsoft and Twitter, accounts with Apple and Amazon should soon be closed. My goal is to have completely phased out Meta and Google by the end of this year, although the communication lock-in of Meta and the fact that my primary e-mail was Gmail for 15 years (I've switched two years ago to Proton), makes these transitions a bit more difficult.

If nothing else, this process has made me very conscious about platform lock-in and the "joys" of ecosystems...

I've been self-hosting Nextcloud for sometime on Linode. At some point in the not too distant future, I plan on hosting it locally on a server in my home as I would like to save on the money I spend on hosting. I find the use of Nextcloud to suit my needs perfectly, and would like to continue using the service.

However, I am not so knowledgeable when it comes to security, and I'm not too sure whether I have done sufficient to secure my instance against potential attacks, and what additional things I should consider when moving the hosting from a VPS to my own server. So that's where I am hoping from some input from this community. Wherever it shines through that I have no idea what I'm talking about, please let me know. I have no reason to believe that I am being specifically targeted, but I do store sensitive things there that could potentially compromise my security elsewhere.

Here is the basic gist of my setup:

• My Linode account has a strong password (>20 characters, randomly generated) and I have 2FA enabled. It required security questions to set up 2FA, but the answers are all random answers that has no relation to the question themselves.
• I've disabled ssh login for root. I have instead a new user that is in the sudo usergroup with a custom name. This is also protected by a different, strong password. I imagine this makes automated brute-force attacks a lot more difficult.
• I have set up fail2ban for sshd. Default settings.
• I update the system at the latest bi-weekly.
• Nextcloud is installed with the AIO Docker container. It gets a security rating A from the Nextcloud scan, and fails on not being on the latest patch level as these are released slower for the AIO container. However, updates for the container is applied automatically, and maintaining the container is a breeze (except for a couple of problems I had early on).
• I have server-side encryption enabled. Not client-side as my impression is that the module is not working properly.
• I have daily backups with borg. These are encrypted.
• Images of the server are also daily backed up on Linode.
• It is served by an Apache web server that is exposed to outside traffic with HTTPS with DNS records handled by Cloudflare.
• I would've wanted to use a reverse proxy, but I did not figure out how to use it together with the Apache server. I have previously set up Nginx Reverse Proxy on a test server, but then I used a regular Docker image for Nextcloud, and not the AIO.
• I don't use the server to host anything else.

I'm still a fairly new Linux-user (on Tuxedo OS), and I just ran into an issue that is new to me. If I try to update my system, either via command line or Discover, the apt update command fails. This is the output:

E: Could not get lock /var/lib/apt/lists/lock. It is held by process 1635 (apt-get)
N: Be aware that removing the lock file is not a solution and may break your system.
E: Unable to lock directory /var/lib/apt/lists/

Process 1635 is apt-get update run by root, and persists through restart. I am tempted to try to kill it (kill 1635), but I'm not sure if anything could break from that, so I thought I'd try to ask for help first before I do something stupid.

EDIT:

I have managed to update my system by killing the process, which releases the lock, and then going on to do normal sudo apt update and sudo apt upgrade. For the sake of troubleshooting, I tried to add back my third-party repos one by one, and none of them caused any problem. However, when rebooting the same issue as described above happens again. Software updates is set to "Manually" in the System settings.

In addition, everytime I ran sudo apt upgrade, at the end some update related to initramfs fails. My disk is encrypted using cryptsetup, and as I’ve come to understand, I should be very careful doing anything related to initramfs when that is the case. Here is the output:

Processing triggers for initramfs-tools (0.140ubuntu13.2) ...
update-initramfs: Generating /boot/initrd.img-6.2.0-10018-tuxedo
I: The initramfs will attempt to resume from /dev/dm-2
I: (/dev/mapper/system-swap)
I: Set the RESUME variable to override this.
zstd: error 25 : Write error : No space left on device (cannot write compressed block) 
E: mkinitramfs failure zstd -q -1 -T0 25
update-initramfs: failed for /boot/initrd.img-6.2.0-10018-tuxedo with 1.
dpkg: error processing package initramfs-tools (--configure):
 installed initramfs-tools package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 initramfs-tools
E: Sub-process /usr/bin/dpkg returned an error code (1)

EDIT 2:

The issue seems to have been narrowed down to a failure of Tuxedo's driver configuration service that runs at boot. It is this process that calls apt-get (and something I should've seen earlier...), and systemctl status reveals some errors:

aug. 08 15:33:56 laptop systemd[1]: Starting Tomte-daemon, finishes tasks that could not be accomplished before...
aug. 08 15:34:06 laptop tuxedo-tomte[1393]: no network found!! some fixes might not be applied correctly
aug. 08 15:34:06 laptop tuxedo-tomte[1393]: systemctlCmd: systemd-run --on-active="30sec" tuxedo-tomte configure all >/dev/null 2>&1

I really appreciate the help from everyone so far. It's a good experience asking for help here, and I've learned a lot from your answers. Makes being a Linux newbie a lot easier. So thank you :)

Since this seems to be a very specific issue related to Tuxedo's own services, I will contact their support to get their input on what to do next.