"Stop being a jerk and cooperate with the owners of the machine you are renting or take your data elsewhere."

Apparently it's not their machine either, as they lease the hardware from someone else. I asked them to pull the primary drive in the system and overnight it to me and bill me for it, and they refused, stating that it is leased equipment and they do not own it.

Basically I am leasing a physical server from company (A) who is leasing it from company (B), and that too may not be the end of the line. (B) may not own it either, and they may be colocating hardware from company (C) or (D) somewhere in there.

So whose TOS am I subject to here? Who is violating whose laws? It gets curiouser and curiouser the more I dig into it.

"If you want full control over your hardware, you need to talk to the sales team and tell them that you want an unmanaged plan. The trade-off, of course, is that you have to deal with your own "WTF" problems from then on."

This IS an unmanaged plan. All the provide is ping and power, I do the rest. I manage the OS, the configuration and everything else. This is not VPS, I lease a physical server, and they don't touch it.

"I trust the techs of the company I'm hosting with so I don't mind giving up root access to chase this problem down. What I do after that is change the root pass again and I'm done."

How am I expected to change the root password to let them in, when they've denied me access to the server unless I hand over the current root password? They're not asking for logs, they're demanding the root password; those are two very-different issues entirely.

They're also denying me KVM access, unless I pay $35.00 for it, so I can go in and fix the networking they changed when they moved my drive to a completely different chassis without my knowledge or approval.

"Give them an account with limited sudo access to view your logs."

I can't do that, since they are now prohibiting me access to my server unless I hand over the root password. They're not asking for logs, they're asking for the password to the 'root' account.

"If that won't do, then provide them with the necessary logs. If that's not good enough, don't expect support and move your stuff to some place that doesn't provide the level of support you're paying for."

I pay several thousand dollars a year for their disgusting service, and am going to be migrating away ASAP. Again, they're not asking for logs, they're demanding root. Two very different things.

Right now, they won't give me KVM access so I can log in remotely and fix the networking they broke, so I can get my server back online. It's been down 2 days now because of this.

"Switch providers. Plenty offer remote reboot and serial console or KVM for both VMs or physical servers, which would allow you to go crazy with custom encrypted partitions etc."

They offer KVM access, at $35.00/day, which in this case I refuse to pay to fix what they broke, outside of the context of the server. They migrated me from one chassis to another with completely different hardware, causing my machine to go offline. They want me to pay $35.00 for 24-hours of KVM access to reconfigure the network to support the hardware they moved things to.

Alternately, they want me to hand over the root password (not a privileged account, but THE root password), so they can do it themselves. Since I installed, configured and manage the OS entirely on this machine, and they've demonstrated their ineptitude before, I'm not giving them root. Ever.

"I'd also like to know how you *know* it's a hardware or network issue outside of your server. How do you know it's not your NIC driver hanging up? Older e1000 drivers (super common card in the hosting industry) are quite flaky. What research have you done outside of your internal monitoring?"

Because this server has been running 24x7 for about 3 years without a single outstanding issue. When they migrated it from Savvis to some datacenter in Dallas 2 months ago, I've had no less than 20 separate outages , while the underlying OS and application stack itself has not changed in any way to facilitate those outages.

In every single case, they demand that I give them the root password, so they can diagnose the issues on the machine. In every single case, I've shown them nagios, ntop, hotsanic, sar, etc. logs demonstrating that the OS itself is not the cause of the outages.

For example, since this migration to Dallas, every other Sunday between 7:00am and 8:00am EST, my server's load goes over 100 as incoming connections spike over 700/sec., sendmail refuses connections due to the load, and the box seizes up. The logs show that the connections are established and then hang. NOTHING on the machine triggers every other Sunday between these hours that would cause that.

Only a few days ago, they indicated that the NIC on the server may be causing the issues. I'm down 2-3 hours every other Sunday because of this.

They're not asking for the logs, they're asking for root. That's a completely separate (and unacceptable) solution to their own problems outside of the box itself.

"How do they root your box? If your company is like mine, they can't simply reboot the box and log in via singles to gain root access, so how is it possible that they even get in? Are you suggesting that they hack it somehow to gain root access?"

They have KVM access and forcibly reboot the server, and when it comes back up, they enter it in single-user mode. They've done this at least 3 times before, while I was logged into it, and when the server came back up about 15 minutes later, the lastlog for my own login was missing from the logs. They attempted to clean up the logs to hide their own activities.

"I would assume any reasonable host would be willing to get you a similar sort of hookup."

In this case, it appears the PSU failed, and they moved my drive to a different chassis, with completely different hardware, and are asking for the root password so they can reconfigure everything to coincide with that hardware change.

They want to charge me $35.00/24-hour acccess to a KVM, so I can go in and fix the networking they broke by changing the hardware around the leased server in the dc. I flatly refused to take ownership of that, since they did not tell me beforehand that they'd be swapping out the entire physical chassis, and I don't think I should have to pay $35.00 for 24-hours of KVM use when it'll take me less than 2 minutes to fix it.

They caused the problem, they "downgraded" the hardware to a different chassis, and they're holding my data hostage until I either give them root to go poking around (which I flatly refuse to do, as it violates my company policy), or pay them to fix what they broke.

...except setting the important data partitions to be dm-crypt, which means they can root the machine all they want, but without the passphrase to the dm-crypt partitions, they won't get to any client, customer or confidential data (i.e. transactions in the SQL db)

"As the above poster said, either create a limited account for them with only log file access, or else man up and just give them a full login."

I can't give them a limited account, because they've locked me out of accessing my own machine, demanding I give them the root password before they hand access back to me.

I find these to be unacceptable terms.

Bzzt... NTFS can't handle filenames that ext3, XFS and other Linux-based filesystems can handle. I went through this dance with my Drobo (incidentally, do not EVER buy a Drobo, not if you care about your data; it's dangerous to store data on that device)

ext3 and the Windows-side e2fs-explorer style packages are fine, or use Samba/CIFS and serve it up that way. I use rsnapshot on Linux to back up my Linux and Windows machines to my NAS, which is ext3-formatted.

NTFS is fine, if you're only ever backing up or storing data that can be created on Windows machines, but not if you want to store data from other machines (i.e. back up a Linux machine for example).

There's plenty of people working on this at the DIY Book Scanning site, but what they all lack... is page turning. I found this great project some students came up with that is simplistic and doesn't require you to preload pages at all.

Incorporate that, with the glass/plexi platen of the stock DIY book scanning projects, and you have a 100% complete, automatic, turn-it-on-and-walk-away book scanner from beginning to end.

"For example, a password to log in to a website does not need to be able to handle 4 million guesses a second.... it will be rate limited by the website way before that happens."

You're making a HUGE mistake, if you believe that assumption. With a warrant (or enough pressure without a warrant), the federal government will have direct access to the backend storage that the website uses, and just brute-force the password offline.

That assume of course, that the website itself is using sufficiently strong encryption and not just using ROT13 on the server-side.

Your website logins should be more secure than those you use on your local system, because more people could potentially have access to it. It also validates the need to never reuse a password anywhere you use on the web, ever. Anywhere.

That's the asinine thing about the ID fetish that all the apparatchiki are pushing. The 9/11 perps weren't using fake IDs, even. They had genuine passports and credit cards.

Including the fact that after the entire plane, fuselage, wings and passengers completely vaporized in the 9/11 event, the undamaged, unburned passports of those terrorists were found cleanly on the ground below, in the rubble of the aftermath.

Yes, they may have used legitimate passports, but... were they actually dropped by those people?