but in my opinion, the only people who are 100% ethical all the time are trust fund babies or fools

So never be ethical then? Never try to do better when you have the opportunity?

Perfection is the enemy of good.

https://projectfennec.org/

Took me 10 seconds to find that link. They explain why fennec is better.

Clearly you don’t really want to know or you would’ve done this search yourself, and spent the time reading it right from the source.

An alternative to Syncthing is Resilio.

I use both on Windows and iOS - Resilio does a better job syncing in the background.

Either one is a good answer though (and I generally prefer ST anyway).

Yes.

It eliminates risks.

For example I have a proper NAS, a server with one large drive, and 2 external drives.

Guess what I never have a problem with? The NAS or the internal drives. Occasionally one of the external drives will just disappear from the server, because they’re not really intended to be up 24/7. So I’ll have to power cycle it.

Also those external drives don’t have any active cooling - they weren’t designed for that use case. So I’ve found they tend to get warm if I’m copying anything to them, and now have an old case fan on them. Talk about janky.

Pi is a good option because of it’s low power draw.

However I find used mini pc’s and Small Form Factor desktops to be a better value and their idle power is similar to the latest Pi (while costing about the same as a new Pi).

I’d you just call it YADA without it being an acronym…

RustDesk is a great option too for just Remote Access. Though I find it’s performance a bit slow, and with VPN I can use any tool I need same as on the LAN (my workflow is unchanged).

I do use RustDesk for the adhoc situations (friend needs help/new machine, etc). It’s faster to setup for ad-hoc support vs adding a Tailscale client.

You’ll need port forwarding to expose RDP yo the internet

No. Do NOT do this. RDP isn’t designed for the internet, it’s a security hole, even more so in a small business where they aren’t going to use advanced security (2FA, certs, etc).

Remote access should always be over a secure connection, such as a VPN.

Never port-forward RDP - you’re just begging to get owned.

Ooh, I’d forgotten about Netbird!

Thanks for the reminder to test it as an alternative to Tailscale.

It sounds like what you really need is a mesh VPN not really KVM.

Install Tailscale on all the machines and you’re set.

Alternatively Hamachi.

Edit: You could also install Tailscale on a single dedicated device on your destination network (such as a Raspberry Pi or mini PC) and configure it as a Tailscale router. This would enable you to access any IP-based device on the network without that device having Tailscale installed on it.

With any of this you could access machines just like on the local network, using VNC or RDP.

Others have mentioned power - you may want to do some math on drive cost vs power consumption. There’ll be a drive size point that is worth the cost because you’ll use fewer drives which consume less power than more drives.

Having built a number of systems, I’m a LOT more conscious of power draw today for things that will run 24/7. Like my ancient NAS draws about 15 watts at idle with 5 drives (It will spin down drives).

More drives will always mean more power, so maybe fewer but larger drives makes sense. You may pay more up front, but monthly power costs never go away.

Also, I’ve built a 10 drive n NAS like this (because I had the drives and the case, mono and ram). It can produce a lot if heat while doing anything, and it was a significant power hog - like 200w when running. And it really didn’t idle very well (I’ve run it with UnRaid, TruNAS and Proxmox).

And while more drives means more failure opportunity, it also means when a failed drive is replaced, it’s likely of a different manufacture period.

I have a 5-drive NAS that I’ve been upgrading single drives every 6 months. This has the benefit of slowly increasing capacity while also ensuring drives are of different ages so less likely to fail simultaneously. (Now I’m waiting for prices to come back down, dammit).

I’ve never run into issues running desktop hardware without ECC as servers - since the 90’s.

I just don’t think the extra cost is worthwhile - I’m not running systems/services that will have catastrophic failures without ECC (or have weird bitflips that would corrupt some transaction).

Yea, that’s a challenging part for sure, one that I still deal with.

It can be done, but you need to configure the sync jobs “just so”. Send only from the phone, don’t sync deletions, etc.

In the past I’ve setup a master folder on my phone and used subfolders for “upload only” Syncthing shares. Then wherever I put a file on my phone it gets synced to the appropriate folder on my server.

Its really to compensate for the lack of framers.

Five years ago the average age of a framer was 55.

This is what happens when you don’t have a new generation of people trained to do something - constructors have no choice but to use automation.

I’m not blaming anyone - its just an observation of pressures. Framing’s a tough job.

There will be massive outlays for the systems, they’ll probably be leased or you’ll have companies that specialise in managing the system, and as a GC you’ll contract them to implement the design.

Does it have to be SFTP?

I use both Syncthing and Resiliosync - both are better on battery than conventional file transfer mechanisms, and they don’t require babysitting. They simply sync files as you define.

Alternatively if you must have FTP/SFTP, I have used FolderSync (Play store or Apk Mirror) since about 2010 - I’ve even bought it twice because it’s such a great app. Though I haven’t upgraded in a while because I don’t like the new UI.

The free version does pretty much everything the paid version does, and the devs have always been great.

But I’d use Syncthing, you can even set it to only sync on your wifi and while charging, though I’ve found even syncing a few gigs doesn’t impact my battery (I probably sync 10GB a day while on battery).

Even without a VPS Tailscale will work fine after the router resets.

The more open ports, the larger the attack surface.

That’s all.

And today with the script kiddies out there, port scans happen all the time.

I’ve had a consumer router become almost useless from all the attempted connections on an open port someone found that I had up for a week.

Months later I’d still get hits on that port though it had been closed.

Yea, Tailscale would work even if the router was fully reset.

Without a secondary internet connection this isn’t possible.

The router is the connection - its the gateway (a term we don’t hear much these days).

You could setup an independent connection via a cell modem - becoming a secondary connection. This is common for remote locations or even small businesses that need a failover just for management.

You could even have it on a single machine and have a vpn there. Then you could RDP/VNC to that one machine and manage things from there. I’ve done the VPN this way with Tailscale. One machine has it (I’ve even done it with a Raspberry Pi), then you can RDP/VNC to other machines from there.

But there’s not much I could see you doing if the gateway is down anyway.

Its not “targeted at old school”, it’s an open, extensible protocol.

If devs focused on extending the protocol instead of building an app to handle things like this, it could do it, everywhere.

There are currently over 100 extensions.