tinyssh VS tarsnap

While on topic of sshd having minimal dependencies, shout-out to Jan Mojžíš and his minimalist implementation:

https://github.com/janmojzis/tinyssh/

> [after] hardening steps [...] most of the bots can't even negotiate a connection

Yep, same here, except I'm using [tinyssh], which organically does not support anything other than ed25519/curve25519, sha256, and chacha-poly.

[tinyssh] https://tinyssh.org/

djb suggested that for openssh instead of the tinydns kex, so tinydns switched also:

https://github.com/janmojzis/tinyssh/issues/50

Tarsnap for configs and critical stuff (password database, emails).

Someone does :)

https://tarsnap.com

> Tarsnap uses a prepaid model based on actual usage:

> Storage: 250 picodollars / byte-month of encoded data

Colin Percival's tarsnap

In past threads, people have mentioned enjoying my Tarsnap (https://github.com/Tarsnap/tarsnap) code. I personally think that the spiped (https://github.com/Tarsnap/spiped) code is even better.

I prefer Vorta myself ( https://github.com/borgbase/vorta ) as it also has incremental and encrypted backups, as well as being a fraction of the price, but tarsnap seems to still be in very-slow development: https://github.com/Tarsnap/tarsnap , so I'd say from a quick look it's still trustworthy.

Each server also upload their configs and « important » data (my mails and git repos) to tarsnap 3. Tarsnap storage is not as cheap as B2, so I try not to upload too much data there, but it's reliable and easy to use. It was also my first backup solution, and barely cost me 10$ a year so I keep it as a secondary backup.

Not foolish! The Tarsnap client code is open source, but the license file prohibits anyone from using the code: https://github.com/Tarsnap/tarsnap/blob/master/COPYING

> Redistribution and use in source and binary forms, without modification,

Yes. For the curious,

https://github.com/Tarsnap/tarsnap/graphs/contributors