Search results

About backup encryption abuse, see this: https://forum.proxmox.com/threads/verification-of-encryption-integrity.168204/

Of course I have offline backups, a management network that's not the same as the users network, restricted access (you need a vpn to access the management from the LAN), etc. Still I'm thinking of the issues if someone somehow becomes root on the PVE hosts. As of today I see two scenarios...

Thanks a lot for the explanation, it's very clear and I like the fact that this protects the best part of the backup chain of hardware and software. This means that if the PVE host does not corrupt data, then any further corruption, even in the moment the backup is written to PBS for the first...

I'm looking for an information I cannot find. When a backup is made to PBS, I understand that all the blocks have an hash that allows for integrity checks to be done later, and they indeed are done on the PBS host multiple times. (there is a schedule for that) But the part I miss is this: is...

Setting an alert on the PBS side is indeed a good idea. If the threat actor has compromised the PVE server (the host, I mean) but for some reason not the PBS server, then we can get an alert for this anomaly in the backup chain. While I'm sure that a good attack is IMPOSSIBLE to stop, let's at...

Sorry for picking up this thread after a long time, but I have just had the same issue. I have noticed that the "VM only" bridges, that I do not intend to be used to reach the PVE host itself, have a link local v6 address and that I can actually connect to the host (ssh for example) from any...

It seems that the HP microserver gen8 is really becoming obsolete. Max RAM is only 16 GB and every day we find more issues...

This is interesting indeed, please keep us informed. Did it run smoothly on Debian 11?

I'm happy that it worked on the first try. What's missing in the web UI (or maybe there is now but I have not found it) is a way to mount a disk with data already on it and preserve such data. If you had a completely empty disk, not formatted, not partitioned, you could have added it as a...

A word of warning: I had (a long time ago) a win2003 that was p2v-ed (how do you make "p2v" a verb?) and using the IDE controller on PVE it seemed to work fine, but every time I ran a backup of the VM, the Windows guest had timeouts (could see them in the event viewer) and it corrupted the file...

backups should show up in the GUI if the usb hard disk is set up properly in the new PVE installation. The issue is that "properly" is not always simple. It's simple for a Linux expert of course. Let me try to help you... On the new PVE host, do the following: On the web interface, click on...

No, with different VMs. The same VM was fine on a 7.x server which I cannot reach right now (it's switced off and not here). This is the config of the problematic VM. I have just switched off iothread, I will see if the issue is still there as soon as it crashes again. It was enabled until...

I have pve-qemu-kvm Version: 8.1.5-5 on my problematic server, so it should not be that specific issue. I have an older 8.1.2-4 on another server that has no issues at all...

I'm trying to debug this issue: I have an old Debian VM with kernel 2.6.26 (i386) than has been converted from physical to virtual on a PVE 7.x temporary installation. It worked flawlessly on that PVE until it was moved to a new machine with pve-manager/8.1.4/ec5affc9e41f1d79 (running kernel...

That's really incredible because I have seen the exact opposite behaviour, with KVM memory space heavily swapped out.

It seems to me that swappiness is ignored or that it works in a way no one comprehends (or at least I don't). My much smaller server, with 16 GB RAM and just 4 VMs using about 7 GB RAM total for themselves is swapping too much. I have 5 GB swapped out with vm.swappiness at 60 (default) and more...

I also have a standard installation, only addition I installed is openvpn that I use for management. Everything else is standard PVE, single host with local LVM storage and no ceph. When this happens, I see that these values are zero and not 1 as they should...

Happened to me too. Firewall stopped working for all VMs but was still working for the pve host itself. I don't have ceph. I don't know what made the firewall stop working. This is A VERY VERY VERY BAD BUG. I will switch to firewall rules configured inside the VMs.

I am modernizing a situation that I inherited, and wanted to p2v the elderly server (17 years) before it breaks down, to be able to migrate everything to a newer software later. It seems that the old hardware will stay in production until I'm able to configure a new server and move everything to it.

I have tried (and rolled back) a P2V of a win2003r2 server. Everything seemed fine with IDE virtual disks, but when backup task (snapshot) started on the VM, I got a lot of IDE timeouts in the windows guest log, then the VM crashed. I found the VM simply switched off. Restarted it, found the...