OpenSSH CVE-2023-48795 mitigation

If you cannot upgrade your OpenSSH client and/or server to fix CVE-2023-48795, also known as the Terrapin attack, the way to mitigate it is to disable the vulnerable ciphers as Red Hat explains very well. If you have a recent OpenSSH version, you can disable the the ciphers by adding “-” before them in the Ciphers and MACs options. This works for both the ssh client config (/etc/ssh/ssh_config by default) and the ssh server config (/etc/ssh/sshd_config)....

December 21, 2023

Using generative AI to learn vocabulary

I wanted to help a friend learning English who has trouble learning new vocabulary. She often gets new list of words at school and it’s difficult for her to know how to use them, or remember what they mean. She usually gets one exercise about the topic where she must fill blanks with words from a list. Why not use generative AI for that? I could not achieve good results using a single large prompt, so I decided to explicitly break it into different steps and refer to the whole process later, with “OK” results....

November 21, 2023

Contabo: A great cloud for personal use

I’m a personal user of Contabo’s cloud services, and I’ve been delighted with them. They offer a wide range of services to choose from, including VPS, dedicated servers, and cloud storage. I’m currently using a VPS to host my personal website and email, and I have also used their Storage VPS and object storage in the past. I have had no issue with my VPS over the years. I’ve also been impressed with Contabo’s customer support....

October 30, 2023

SDXL 1.0 is out!

And voilà! SDXL 1.0 is out. After tinkering a bit, I think it’s working pretty well. As with SDXL 0.9, I must use both base and refiner models to get good pictures, but they are of excellent quality. Use the pipeline from ComfyUI and put the models at the right place: https://comfyanonymous.github.io/ComfyUI_examples/sdxl/ Note that it’s really slow with an AMD Radeon RX 6700 XT, especially because of the 2 models....

July 28, 2023

ComfyUI: remove metadata from image files

When you generate a file using ComfyUI, metadata are added to the image automatically. Amongst the metadata, there is the full workflow including the prompt. If you want to remove those data, you can use ImageMagick convert with the --strip option. convert image.png --strip image_strip.png If you want to alter the original file, use mogrify: mogrify --strip image.png

July 23, 2023

ComfyUI: batch run from command line with API

While AUTOMATIC1111 can generate images based on prompt variations, I haven’t found the same possibility in ComfyUI. However, you can achieve the same result thanks to ComfyUI API and curl. When you click “queue prompt” in ComfyUI, it actually sends a POST request with the whole workflow as JSON data to http://127.0.0.1:8188/prompt . To get the workflow as JSON, go to the UI and click on the settings icon, then enable Dev mode Options and click close....

July 22, 2023

ComfyUI custom node Impact Pack

I mostly use the FaceDetailer node to fix eyes and mouths, it really makes a difference, especially with models on CivitAI. You will find the workflow below. Note that on Nvidia GPU, I can use the SAMLoader node with “GPU” but on AMD GPU (RX 6700 XT), I must use “CPU”.

July 21, 2023

ComfyUI for dummies: a comprehensive guide for Stable Diffusion

ComfyUI is a web UI to run Stable Diffusion and similar models. It is an alternative to Automatic1111 and SDNext. One interesting thing about ComfyUI is that it shows exactly what is happening. The disadvantage is it looks much more complicated than its alternatives. In this post, I will describe the base installation and all the optional assets I use. I will provide workflows for models you find on CivitAI and also for SDXL 0....

July 21, 2023

Open source document search engines

Some websites post lists the best of open source document search engines available, unfortunately, they don’t seem up to date or they don’t care about unmaintained projects. Here’s my updated list as of July 2023, in no particular order. Note: there are some document management systems included because they also include a search feature. Open Semantic Search https://github.com/opensemanticsearch/open-semantic-search Last update: March 2023 IResearch search engine https://github.com/iresearch-toolkit/iresearch Last update: June 2023 OpenSearch https://opensearch....

July 11, 2023

Suricata and fail2ban

In case you want to ban IP addresses based on Suricata fast.log, here is the filter you need: [INCLUDES] before = common.conf [DEFAULT] _daemon = suricata [Definition] datepattern = ^%%m/%%d/%%Y-%%H:%%M:%%S failregex = <HOST>:[0-9]* -> ignoreregex = In the jail configuration, I suggest you change the default blocktype from REJECT to DROP. Edit 2023-03-24: you may want to use the action iptables-ipset-proto6-allports which leverages ipset. It will make your iptables rules much more readable and according to some sources, faster....

March 23, 2023